net/lwip/ifaddr.c

*ef8d499eSDavid van Moolenbroek/* LWIP service - ifaddr.c - network interface address management */
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * This module is an exception to the regular source organization of this
*ef8d499eSDavid van Moolenbroek * service, in that it manages part of another module's data structures, namely
*ef8d499eSDavid van Moolenbroek * ifdev.  As such, it should be seen as logically part of ifdev.  It is
*ef8d499eSDavid van Moolenbroek * separated only to keep the source code more manageable.  Still, this module
*ef8d499eSDavid van Moolenbroek * may use direct access only on the address-related fields of the ifdev
*ef8d499eSDavid van Moolenbroek * structure, so that those one day may be move into an ifaddr-specific
*ef8d499eSDavid van Moolenbroek * substructure within ifdev.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * We manage three types of addresses here: IPv4 addresses (ifaddr_v4),
*ef8d499eSDavid van Moolenbroek * IPv6 addresses (ifaddr_v6), and link-layer a.k.a. MAC addresses (ifaddr_dl).
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * Managing IPv4 addresses is easy.  lwIP supports only one IPv4 address per
*ef8d499eSDavid van Moolenbroek * netif.  While it would be possible to construct a model where one ifdev
*ef8d499eSDavid van Moolenbroek * consists of multiple netifs (with one IPv4 address each), we not support
*ef8d499eSDavid van Moolenbroek * this--mostly because it is a pain to keep state synchronized between the
*ef8d499eSDavid van Moolenbroek * netifs in that case.  Such support can still be added later; the IPv4 API
*ef8d499eSDavid van Moolenbroek * exposed from here does support multiple IPv4 addresses already just in case,
*ef8d499eSDavid van Moolenbroek * as does much of the code using the API.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * For IPv4 addresses we maintain only one extra piece of information here,
*ef8d499eSDavid van Moolenbroek * which is whether an IPv4 address has been set at all.  This is because for
*ef8d499eSDavid van Moolenbroek * our userland (DHCP clients in particular), we must allow assigning 0.0.0.0
*ef8d499eSDavid van Moolenbroek * as address to an interface.  We do not use the lwIP per-netif IPv4 gateway
*ef8d499eSDavid van Moolenbroek * field, nor the concept of a "default netif", in both cases because we
*ef8d499eSDavid van Moolenbroek * override all (routing) decisions that would use those settings.  lwIP does
*ef8d499eSDavid van Moolenbroek * not allow a broadcast address to be set, so support for broadcast addresses
*ef8d499eSDavid van Moolenbroek * is botched here: we disregard custom broadcast addresses given to us, and
*ef8d499eSDavid van Moolenbroek * instead expose the broadcast address that is used within lwIP.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * Managing IPv6 addresses is much more complicated.  First of all, even though
*ef8d499eSDavid van Moolenbroek * lwIP supports stateless address autoconfiguration (SLAAC) as per RFC 4862,
*ef8d499eSDavid van Moolenbroek * we disable that and instead make dhcpcd(8) responsible for all IPv6 address
*ef8d499eSDavid van Moolenbroek * configuration.  dhcpcd(8) will set addresses and routes as necessary, the
*ef8d499eSDavid van Moolenbroek * latter of which are used in lwIP through our routing hooks (in the route
*ef8d499eSDavid van Moolenbroek * module).  This approach, which is in line with where NetBSD is headed,
*ef8d499eSDavid van Moolenbroek * allows us to work around a number of lwIP limitations.  As a result we do
*ef8d499eSDavid van Moolenbroek * differ in this respect from NetBSD, which may switch between kernel-only,
*ef8d499eSDavid van Moolenbroek * dhcpcd-only, and hybrid autoconfiguration, mainly throught the accept_rtadv
*ef8d499eSDavid van Moolenbroek * sysctl(7) node.  Writing to this node has no real effect on MINIX 3.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * All IPv6 addresses have a prefix length, which is almost but not quite the
*ef8d499eSDavid van Moolenbroek * same as IPv4's subnet masks (see RFC 5942).  We must maintain the per-
*ef8d499eSDavid van Moolenbroek * address prefix length ourselves, as lwIP supports IPv6 prefix lengths of 64
*ef8d499eSDavid van Moolenbroek * bits only.  Our dhcpcd(8)-based approach allows us to work around that.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * All IPv6 addresses also have a state and a lifetime, both of which are
*ef8d499eSDavid van Moolenbroek * managed by lwIP.  Unlike for IPv4, address-derived routes and routing socket
*ef8d499eSDavid van Moolenbroek * messages are only created for addresses that are "valid", which means that
*ef8d499eSDavid van Moolenbroek * they are in either PREFERRED or DEPRECATED state.  This means that we have
*ef8d499eSDavid van Moolenbroek * to be aware of all address state transitions between "valid" and "not
*ef8d499eSDavid van Moolenbroek * valid", some of which (namely address duplication detection and lifetime
*ef8d499eSDavid van Moolenbroek * expirations) are initiated by lwIP.  As such, we need to keep shadow state
*ef8d499eSDavid van Moolenbroek * for each address, and use a callback to detect whether state has changed.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * For understanding of this module as well as lwIP, it is important to note
*ef8d499eSDavid van Moolenbroek * that "valid" is not the opposite of "invalid" in this context: "not valid"
*ef8d499eSDavid van Moolenbroek * includes the address states INVALID, DUPLICATED, and TENTATIVE, while
*ef8d499eSDavid van Moolenbroek * "invalid"/INVALID simply means that the address slot is free.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * Each IPv6 address also has associated flags.  We support an AUTOCONF flag
*ef8d499eSDavid van Moolenbroek * which indicates that no subnet route should be added for the address; on
*ef8d499eSDavid van Moolenbroek * MINIX 3, dhcpcd(8) is modified to pass in that flag when appropriate, thus
*ef8d499eSDavid van Moolenbroek * solving a problem that NetBSD suffers from, namely that it does not know
*ef8d499eSDavid van Moolenbroek * whether a userland-given route is static (implying a subnet) or auto-
*ef8d499eSDavid van Moolenbroek * configured (implying no subnet, again as per RFC 5942), leading to it doing
*ef8d499eSDavid van Moolenbroek * the wrong thing in dhcpcd-only autoconfiguration mode.  The TEMPORARY flag,
*ef8d499eSDavid van Moolenbroek * for privacy addresses (RFC 4941) should be the same as on NetBSD; it is
*ef8d499eSDavid van Moolenbroek * currently used only in source address selection (RFC 6724).  We override
*ef8d499eSDavid van Moolenbroek * lwIP's IPv6 source address selection algorithm to include support for not
*ef8d499eSDavid van Moolenbroek * just this flag, but also label and proper longest-common-prefix comparisons.
*ef8d499eSDavid van Moolenbroek * Finally, there is an HWBASED flag to make sure that when the link-layer
*ef8d499eSDavid van Moolenbroek * address is changed, the IPv6 link-local address is changed accordingly only
*ef8d499eSDavid van Moolenbroek * if the previous link-local address was also autogenerated from a link-layer
*ef8d499eSDavid van Moolenbroek * address and not set manually by userland.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * Finally, we support multiple link-layer addresses per interface, but only
*ef8d499eSDavid van Moolenbroek * because NetBSD's ifconfig(8) uses an API that expects such multi-address
*ef8d499eSDavid van Moolenbroek * support.  At any time, only one of the addresses is marked as "active",
*ef8d499eSDavid van Moolenbroek * which means it is used as MAC address in outgoing packets.  We support only
*ef8d499eSDavid van Moolenbroek * one MAC address per device driver, so the support for additional, inactive
*ef8d499eSDavid van Moolenbroek * link-layer addresses is there exclusively for ifconfig(8) interoperability.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * All interfaces, including those that do not have MAC addresses at all (e.g.,
*ef8d499eSDavid van Moolenbroek * loopback interfaces), do have one link-layer address.  This is expected in
*ef8d499eSDavid van Moolenbroek * particular by getifaddrs(3), which only recognizes interfaces that have a
*ef8d499eSDavid van Moolenbroek * link-layer address.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * Many features are still missing here, especially for IP addresses.  For
*ef8d499eSDavid van Moolenbroek * example, we do not yet support destination addresses at all yet, simply
*ef8d499eSDavid van Moolenbroek * because there is no interface type that uses them.  For IPv6, more work is
*ef8d499eSDavid van Moolenbroek * to be done to support proper netif status transitions versus address states,
*ef8d499eSDavid van Moolenbroek * fallout from address duplication, and various ND6_IFF_ flags.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek#include "lwip.h"
*ef8d499eSDavid van Moolenbroek#include "rtsock.h"
*ef8d499eSDavid van Moolenbroek#include "route.h"
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek#include "lwip/etharp.h"
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek#include <netinet6/in6_var.h>
*ef8d499eSDavid van Moolenbroek#include <netinet6/nd6.h>
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Routing flags for local address and local network routing entries.  This
*ef8d499eSDavid van Moolenbroek * may later have to be refined, for example in order not to set RTF_CLONING
*ef8d499eSDavid van Moolenbroek * for routes on interfaces that do not have link-layer addressing.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * IMPORTANT: as of NetBSD 8, RTF_CLONING has been renamed to RTF_CONNECTED.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroek#define IFADDR_HOST_RTFLAGS	(RTF_UP | RTF_HOST | RTF_LOCAL)
*ef8d499eSDavid van Moolenbroek#define IFADDR_NET_RTFLAGS	(RTF_UP | RTF_CLONING)
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/* Address-related sysctl(7) settings. */
*ef8d499eSDavid van Moolenbroekint ifaddr_auto_linklocal = 1;	/* different from NetBSD, see its usage */
*ef8d499eSDavid van Moolenbroekint ifaddr_accept_rtadv = 0;	/* settable but completely disregarded */
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Initialize the local address administration for an interface that is in the
*ef8d499eSDavid van Moolenbroek * process of being created.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_init(struct ifdev * ifdev)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	unsigned int i;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ifdev->ifdev_v4set = FALSE;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (i = 0; i < LWIP_IPV6_NUM_ADDRESSES; i++)
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_v6state[i] = IP6_ADDR_INVALID;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (i = 0; i < __arraycount(ifdev->ifdev_hwlist); i++)
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_hwlist[i].ifhwa_flags = 0;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Find an IPv4 address locally assigned to a interface.  The IPv4 address is
*ef8d499eSDavid van Moolenbroek * given as 'addr'.  The interface is given as 'ifdev'.  On success, return OK,
*ef8d499eSDavid van Moolenbroek * with the IPv4 address number stored in 'num'.  On failure, return a negative
*ef8d499eSDavid van Moolenbroek * error code.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v4_find(struct ifdev * ifdev, const struct sockaddr_in * addr,
*ef8d499eSDavid van Moolenbroek	ifaddr_v4_num_t * num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ip_addr_t ipaddr;
*ef8d499eSDavid van Moolenbroek	int r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if ((r = addr_get_inet((const struct sockaddr *)addr, sizeof(*addr),
*ef8d499eSDavid van Moolenbroek	    IPADDR_TYPE_V4, &ipaddr, TRUE /*kame*/, NULL /*port*/)) != OK)
*ef8d499eSDavid van Moolenbroek		return r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (!ifdev->ifdev_v4set ||
*ef8d499eSDavid van Moolenbroek	    !ip_addr_cmp(netif_ip_addr4(ifdev_get_netif(ifdev)), &ipaddr))
*ef8d499eSDavid van Moolenbroek		return EADDRNOTAVAIL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	*num = 0;
*ef8d499eSDavid van Moolenbroek	return OK;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Enumerate IPv4 addresses locally assigned to the given interface 'ifdev'.
*ef8d499eSDavid van Moolenbroek * The caller should set 'nump' to 0 initially, and increase it by one between
*ef8d499eSDavid van Moolenbroek * a successful call and the next enumeration call.  Return TRUE on success,
*ef8d499eSDavid van Moolenbroek * meaning that starting from the given value of 'nump' there is at least one
*ef8d499eSDavid van Moolenbroek * IPv4 address, of which the number is stored in 'nump' on return.  Return
*ef8d499eSDavid van Moolenbroek * FALSE if there are no more IPv4 addresses locally assigned to the interface.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v4_enum(struct ifdev * ifdev, ifaddr_v4_num_t * num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * For now, we support only up to one IPv4 address per interface.
*ef8d499eSDavid van Moolenbroek	 * set if we are to return it.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	return (*num == 0 && ifdev->ifdev_v4set);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Obtain information about the IPv4 address 'num' assigned to the interface
*ef8d499eSDavid van Moolenbroek * 'ifdev'.  On success, return OK, with the IPv4 address stored in 'addr', the
*ef8d499eSDavid van Moolenbroek * network mask stored in 'mask', the broadcast stored in 'bcast', and the
*ef8d499eSDavid van Moolenbroek * destination address stored in 'dest'.  Each of these pointers may be NULL.
*ef8d499eSDavid van Moolenbroek * The interface may not have a broadcast and/or destination address; in that
*ef8d499eSDavid van Moolenbroek * case, their corresponding structures are not filled in at all, and thus must
*ef8d499eSDavid van Moolenbroek * be preinitialized by the caller to a default state.  The reason for not
*ef8d499eSDavid van Moolenbroek * zeroing them is that some callers use the same buffer for both.  On failure,
*ef8d499eSDavid van Moolenbroek * return a negative error code.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v4_get(struct ifdev * ifdev, ifaddr_v4_num_t num,
*ef8d499eSDavid van Moolenbroek	struct sockaddr_in * addr, struct sockaddr_in * mask,
*ef8d499eSDavid van Moolenbroek	struct sockaddr_in * bcast, struct sockaddr_in * dest)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	const ip_addr_t *ipaddr, *netmask;
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	ip_addr_t broad;
*ef8d499eSDavid van Moolenbroek	socklen_t addr_len;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (!ifaddr_v4_enum(ifdev, &num))
*ef8d499eSDavid van Moolenbroek		return EADDRNOTAVAIL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (addr != NULL) {
*ef8d499eSDavid van Moolenbroek		addr_len = sizeof(*addr);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		addr_put_inet((struct sockaddr *)addr, &addr_len,
*ef8d499eSDavid van Moolenbroek		    netif_ip_addr4(netif), TRUE /*kame*/, 0 /*port*/);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (mask != NULL) {
*ef8d499eSDavid van Moolenbroek		addr_len = sizeof(*mask);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Do not bother using addr_put_netmask() here, as we would
*ef8d499eSDavid van Moolenbroek		 * then first have to compute the prefix length..
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		addr_put_inet((struct sockaddr *)mask, &addr_len,
*ef8d499eSDavid van Moolenbroek		    netif_ip_netmask4(netif), TRUE /*kame*/, 0 /*port*/);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (bcast != NULL) {
*ef8d499eSDavid van Moolenbroek		if (netif->flags & NETIF_FLAG_BROADCAST) {
*ef8d499eSDavid van Moolenbroek			/* Fake a broadcast address. */
*ef8d499eSDavid van Moolenbroek			ipaddr = netif_ip_addr4(netif);
*ef8d499eSDavid van Moolenbroek			netmask = netif_ip_netmask4(netif);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			ip_addr_set_ip4_u32(&broad,
*ef8d499eSDavid van Moolenbroek			    ip_addr_get_ip4_u32(ipaddr) |
*ef8d499eSDavid van Moolenbroek			    ~ip_addr_get_ip4_u32(netmask));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			addr_len = sizeof(*bcast);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			addr_put_inet((struct sockaddr *)bcast, &addr_len,
*ef8d499eSDavid van Moolenbroek			    &broad, TRUE /*kame*/, 0 /*port*/);
*ef8d499eSDavid van Moolenbroek		} else {
*ef8d499eSDavid van Moolenbroek			bcast->sin_len = 0;
*ef8d499eSDavid van Moolenbroek			bcast->sin_family = AF_UNSPEC;
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (dest != NULL) {
*ef8d499eSDavid van Moolenbroek		/* TODO: dest */
*ef8d499eSDavid van Moolenbroek		dest->sin_len = 0;
*ef8d499eSDavid van Moolenbroek		dest->sin_family = AF_UNSPEC;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return OK;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Obtain NetBSD-style state flags (IN_IFF_) for the given local IPv4 address.
*ef8d499eSDavid van Moolenbroek * The given number must identify an existing address.  Return the flags.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v4_get_flags(struct ifdev * ifdev, ifaddr_v4_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* IPv4 per-address flags are not supported yet. */
*ef8d499eSDavid van Moolenbroek	return 0;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Determine whether there should be a local subnet route for the given
*ef8d499eSDavid van Moolenbroek * assigned IPv4 address, and if so, compute the subnet mask to add.  Return
*ef8d499eSDavid van Moolenbroek * TRUE if a local subnet route should be added, and return the network base
*ef8d499eSDavid van Moolenbroek * address in 'netbase' and the number of prefix bits in 'prefixp'.  Return
*ef8d499eSDavid van Moolenbroek * FALSE if no subnet route should be added for the assigned address.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic unsigned int
*ef8d499eSDavid van Moolenbroekifaddr_v4_netroute(struct ifdev * ifdev, ifaddr_v4_num_t num,
*ef8d499eSDavid van Moolenbroek	ip_addr_t * netbase, unsigned int * prefixp)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	const ip_addr_t *ipaddr, *netmask;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek	uint32_t val;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Do not add subnet masks for loopback interfaces. */
*ef8d499eSDavid van Moolenbroek	if (ifdev_is_loopback(ifdev))
*ef8d499eSDavid van Moolenbroek		return FALSE;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(num == 0);
*ef8d499eSDavid van Moolenbroek	assert(ifdev->ifdev_v4set);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ipaddr = netif_ip_addr4(ifdev_get_netif(ifdev));
*ef8d499eSDavid van Moolenbroek	netmask = netif_ip_netmask4(ifdev_get_netif(ifdev));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * If the subnet is a /32, skip adding a local host route: not only
*ef8d499eSDavid van Moolenbroek	 * would it not be useful, it would fail anyway because we currently do
*ef8d499eSDavid van Moolenbroek	 * not support adding a host-type route and a full-width net-type route
*ef8d499eSDavid van Moolenbroek	 * for the same IP address.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ip_addr_get_ip4_u32(netmask) == PP_HTONL(0xffffffffUL))
*ef8d499eSDavid van Moolenbroek		return FALSE;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Compute the network base address. */
*ef8d499eSDavid van Moolenbroek	ip_addr_set_ip4_u32(netbase,
*ef8d499eSDavid van Moolenbroek	    ip_addr_get_ip4_u32(ipaddr) & ip_addr_get_ip4_u32(netmask));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Find the number of prefix bits of the netmask.  TODO: improve.. */
*ef8d499eSDavid van Moolenbroek	val = ntohl(ip_addr_get_ip4_u32(netmask));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (prefix = 0; prefix < IP4_BITS; prefix++)
*ef8d499eSDavid van Moolenbroek		if (!(val & (1 << (IP4_BITS - prefix - 1))))
*ef8d499eSDavid van Moolenbroek			break;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	*prefixp = prefix;
*ef8d499eSDavid van Moolenbroek	return TRUE;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * A local IPv4 address has been added to an interface.  The interface is given
*ef8d499eSDavid van Moolenbroek * as 'ifdev', and the number of the just-added IPv4 address is given as 'num'.
*ef8d499eSDavid van Moolenbroek * Generate a routing socket message and add local routes as appropriate.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic void
*ef8d499eSDavid van Moolenbroekifaddr_v4_added(struct ifdev * ifdev, ifaddr_v4_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	const ip_addr_t *ipaddr;
*ef8d499eSDavid van Moolenbroek	ip_addr_t netbase;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(num == 0);
*ef8d499eSDavid van Moolenbroek	assert(ifdev->ifdev_v4set);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Report the addition of the interface address. */
*ef8d499eSDavid van Moolenbroek	rtsock_msg_addr_v4(ifdev, RTM_NEWADDR, num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Add the local host route.  This will always succeed: for addition,
*ef8d499eSDavid van Moolenbroek	 * we just checked with route_can_add(); when updating, we first remove
*ef8d499eSDavid van Moolenbroek	 * the exact same route.  For now, we forbid users from messing with
*ef8d499eSDavid van Moolenbroek	 * RTF_LOCAL routes directly, since nothing good (and a whole lot of
*ef8d499eSDavid van Moolenbroek	 * bad) can come out of that, so the routes will not change under us.
*ef8d499eSDavid van Moolenbroek	 *
*ef8d499eSDavid van Moolenbroek	 * Why are we not using lo0 for this route, like the BSDs do?  Because
*ef8d499eSDavid van Moolenbroek	 * that approach is not compatible with link-local addresses.  Instead,
*ef8d499eSDavid van Moolenbroek	 * we intercept outgoing traffic to the local address, and redirect it
*ef8d499eSDavid van Moolenbroek	 * over lo0, bypassing routing.  If we did not do this, we would never
*ef8d499eSDavid van Moolenbroek	 * know the originally intended zone of the outgoing packet.  As an
*ef8d499eSDavid van Moolenbroek	 * intended side effect, the traffic does show up on lo0 with BPF, just
*ef8d499eSDavid van Moolenbroek	 * like on BSDs.  Similarly, we do not need to set a gateway here.
*ef8d499eSDavid van Moolenbroek	 *
*ef8d499eSDavid van Moolenbroek	 * We currently do not use the routing tables for lookups on local
*ef8d499eSDavid van Moolenbroek	 * addresses - see ifaddr_v6_map() as to why.  If we ever do, that adds
*ef8d499eSDavid van Moolenbroek	 * another reason that the interface associated with the route must be
*ef8d499eSDavid van Moolenbroek	 * the interface that owns the address (and not, say, lo0).
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	ipaddr = netif_ip_addr4(ifdev_get_netif(ifdev));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	(void)route_add(ipaddr, IP4_BITS, NULL /*gateway*/, ifdev,
*ef8d499eSDavid van Moolenbroek	    IFADDR_HOST_RTFLAGS, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Add the local network route, if the rules say that we should.  Even
*ef8d499eSDavid van Moolenbroek	 * then, adding the route may fail for various reasons, but this route
*ef8d499eSDavid van Moolenbroek	 * is not essential and so we ignore failures here.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ifaddr_v4_netroute(ifdev, num, &netbase, &prefix))
*ef8d499eSDavid van Moolenbroek		(void)route_add(&netbase, prefix, NULL /*gateway*/, ifdev,
*ef8d499eSDavid van Moolenbroek		    IFADDR_NET_RTFLAGS, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * A particular local IPv4 address is being deleted.  See if there is another
*ef8d499eSDavid van Moolenbroek * local IPv4 address assigned to another interface that should have the same
*ef8d499eSDavid van Moolenbroek * local subnet route (but didn't, as such duplicate routes can obviously not
*ef8d499eSDavid van Moolenbroek * be added), and if so, readd the route for that other address.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic void
*ef8d499eSDavid van Moolenbroekifaddr_v4_dupcheck(struct ifdev * oifdev, const ip_addr_t * onetbase,
*ef8d499eSDavid van Moolenbroek	unsigned int oprefix)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct ifdev *ifdev;
*ef8d499eSDavid van Moolenbroek	ip_addr_t netbase;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (ifdev = NULL; (ifdev = ifdev_enum(ifdev)) != NULL; ) {
*ef8d499eSDavid van Moolenbroek		if (ifdev == oifdev || !ifdev->ifdev_v4set)
*ef8d499eSDavid van Moolenbroek			continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		if (ifaddr_v4_netroute(ifdev, (ifaddr_v4_num_t)0, &netbase,
*ef8d499eSDavid van Moolenbroek		    &prefix) && prefix == oprefix &&
*ef8d499eSDavid van Moolenbroek		    ip_addr_cmp(&netbase, onetbase)) {
*ef8d499eSDavid van Moolenbroek			(void)route_add(&netbase, prefix, NULL /*gateway*/,
*ef8d499eSDavid van Moolenbroek			    ifdev, IFADDR_NET_RTFLAGS, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			return;
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * A local IPv4 address is about to be deleted from an interface, or the
*ef8d499eSDavid van Moolenbroek * interface itself is about to be destroyed.  Generate a routing socket
*ef8d499eSDavid van Moolenbroek * message about this and delete local routes as appropriate.  The interface is
*ef8d499eSDavid van Moolenbroek * given as 'ifdev', and the number of the IPv4 address that is about to be
*ef8d499eSDavid van Moolenbroek * deleted is given as 'num'.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic void
*ef8d499eSDavid van Moolenbroekifaddr_v4_deleted(struct ifdev * ifdev, ifaddr_v4_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct route_entry *route;
*ef8d499eSDavid van Moolenbroek	ip_addr_t netbase;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(num == 0);
*ef8d499eSDavid van Moolenbroek	assert(ifdev->ifdev_v4set);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Delete the local network route, if we tried adding it at all. */
*ef8d499eSDavid van Moolenbroek	if (ifaddr_v4_netroute(ifdev, num, &netbase, &prefix) &&
*ef8d499eSDavid van Moolenbroek	    (route = route_find(&netbase, prefix,
*ef8d499eSDavid van Moolenbroek	    FALSE /*is_host*/)) != NULL &&
*ef8d499eSDavid van Moolenbroek	    route_get_flags(route) == IFADDR_NET_RTFLAGS) {
*ef8d499eSDavid van Moolenbroek		route_delete(route, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Readd the local network route for another interface, if that
*ef8d499eSDavid van Moolenbroek		 * interface has a local address on the very same network.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		ifaddr_v4_dupcheck(ifdev, &netbase, prefix);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Delete the local host route. */
*ef8d499eSDavid van Moolenbroek	if ((route = route_find(netif_ip_addr4(ifdev_get_netif(ifdev)),
*ef8d499eSDavid van Moolenbroek	    IP4_BITS, TRUE /*is_host*/)) != NULL)
*ef8d499eSDavid van Moolenbroek		route_delete(route, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Report the deletion of the interface address. */
*ef8d499eSDavid van Moolenbroek	rtsock_msg_addr_v4(ifdev, RTM_DELADDR, num);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Add or update an IPv4 address on an interface.  The interface is given as
*ef8d499eSDavid van Moolenbroek * 'ifdev'.  The address to add or update is pointed to by 'addr', which must
*ef8d499eSDavid van Moolenbroek * always be a pointer to a valid address.  For DHCP clients it must be
*ef8d499eSDavid van Moolenbroek * possible to add the 'any' address (0.0.0.0).  The network mask, broadcast
*ef8d499eSDavid van Moolenbroek * address, and destination address parameters 'mask', 'bcast', and 'dest'
*ef8d499eSDavid van Moolenbroek * (respectively) may be NULL pointers or pointers to AF_UNSPEC addresses, and
*ef8d499eSDavid van Moolenbroek * will be disregarded if they are.  If 'mask' and/or 'bcast' are NULL when
*ef8d499eSDavid van Moolenbroek * adding an address, default values will be computed for them.  The 'flags'
*ef8d499eSDavid van Moolenbroek * field may contain NetBSD-style address flags (IN_IFF_).  Return OK if the
*ef8d499eSDavid van Moolenbroek * address was successfully added or updated, or a negative error code if not.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v4_add(struct ifdev * ifdev, const struct sockaddr_in * addr,
*ef8d499eSDavid van Moolenbroek	const struct sockaddr_in * mask, const struct sockaddr_in * bcast,
*ef8d499eSDavid van Moolenbroek	const struct sockaddr_in * dest, int flags)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ip_addr_t ipaddr, netmask, broad;
*ef8d499eSDavid van Moolenbroek	ip4_addr_t ip4zero;
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	unsigned int dummy;
*ef8d499eSDavid van Moolenbroek	uint32_t val;
*ef8d499eSDavid van Moolenbroek	int r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(addr != NULL);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if ((r = addr_get_inet((const struct sockaddr *)addr, sizeof(*addr),
*ef8d499eSDavid van Moolenbroek	    IPADDR_TYPE_V4, &ipaddr, TRUE /*kame*/, NULL /*port*/)) != OK)
*ef8d499eSDavid van Moolenbroek		return r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Forbid multicast (class D) and experimental (class E) addresses. */
*ef8d499eSDavid van Moolenbroek	val = ntohl(ip_addr_get_ip4_u32(&ipaddr));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (ip_addr_ismulticast(&ipaddr) || IP_EXPERIMENTAL(val))
*ef8d499eSDavid van Moolenbroek		return EINVAL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (mask != NULL && mask->sin_family != AF_UNSPEC) {
*ef8d499eSDavid van Moolenbroek		if ((r = addr_get_netmask((const struct sockaddr *)mask,
*ef8d499eSDavid van Moolenbroek		    sizeof(*mask), IPADDR_TYPE_V4, &dummy, &netmask)) != OK)
*ef8d499eSDavid van Moolenbroek			return r;
*ef8d499eSDavid van Moolenbroek	} else {
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Generate a netmask based on IP class.  Old, obsolete stuff,
*ef8d499eSDavid van Moolenbroek		 * but we can't have no netmask.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (IN_CLASSA(val))
*ef8d499eSDavid van Moolenbroek			ip_addr_set_ip4_u32(&netmask, PP_HTONL(IN_CLASSA_NET));
*ef8d499eSDavid van Moolenbroek		else if (IN_CLASSB(val))
*ef8d499eSDavid van Moolenbroek			ip_addr_set_ip4_u32(&netmask, PP_HTONL(IN_CLASSB_NET));
*ef8d499eSDavid van Moolenbroek		else if (IN_CLASSC(val))
*ef8d499eSDavid van Moolenbroek			ip_addr_set_ip4_u32(&netmask, PP_HTONL(IN_CLASSC_NET));
*ef8d499eSDavid van Moolenbroek		else /* should not trigger */
*ef8d499eSDavid van Moolenbroek			ip_addr_set_ip4_u32(&netmask, PP_HTONL(IN_CLASSD_NET));
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (bcast != NULL && bcast->sin_family != AF_UNSPEC) {
*ef8d499eSDavid van Moolenbroek		if ((r = addr_get_inet((const struct sockaddr *)bcast,
*ef8d499eSDavid van Moolenbroek		    sizeof(*bcast), IPADDR_TYPE_V4, &broad, TRUE /*kame*/,
*ef8d499eSDavid van Moolenbroek		    NULL /*port*/)) != OK)
*ef8d499eSDavid van Moolenbroek			return r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * lwIP does not allow setting the broadcast address, so we
*ef8d499eSDavid van Moolenbroek		 * must ensure that the given address is what lwIP uses anyway.
*ef8d499eSDavid van Moolenbroek		 * No need to perform byte order swaps here.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (ip_addr_get_ip4_u32(&broad) !=
*ef8d499eSDavid van Moolenbroek		    (ip_addr_get_ip4_u32(&ipaddr) |
*ef8d499eSDavid van Moolenbroek		    ~ip_addr_get_ip4_u32(&netmask)))
*ef8d499eSDavid van Moolenbroek			return EINVAL;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* TODO: dest (note: may be NULL) */
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * We currently do not support any IPv4 address flags.  Even though
*ef8d499eSDavid van Moolenbroek	 * supporting them would make maintaining dhcpcd(8) easier, lwIP does
*ef8d499eSDavid van Moolenbroek	 * not offers the means to implement them properly.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (flags != 0)
*ef8d499eSDavid van Moolenbroek		return EINVAL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Should we add a new address, or update an existing one? */
*ef8d499eSDavid van Moolenbroek	if (!ifdev->ifdev_v4set ||
*ef8d499eSDavid van Moolenbroek	    !ip_addr_cmp(netif_ip_addr4(netif), &ipaddr)) {
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Add a new address.  lwIP supports only one IPv4 address per
*ef8d499eSDavid van Moolenbroek		 * netif.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (ifdev->ifdev_v4set)
*ef8d499eSDavid van Moolenbroek			return ENOBUFS; /* TODO: a better error code */
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * It must be possible to add the address to the routing table,
*ef8d499eSDavid van Moolenbroek		 * so make sure that we can add such a route later on.  The
*ef8d499eSDavid van Moolenbroek		 * error code should be accurate for most real-world cases.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (!route_can_add(&ipaddr, IP4_BITS, TRUE /*is_host*/))
*ef8d499eSDavid van Moolenbroek			return EEXIST;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		ip4_addr_set_zero(&ip4zero);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		netif_set_addr(netif, ip_2_ip4(&ipaddr), ip_2_ip4(&netmask),
*ef8d499eSDavid van Moolenbroek		    &ip4zero);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_v4set = TRUE;
*ef8d499eSDavid van Moolenbroek	} else {
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Update an existing address.  First report the address as
*ef8d499eSDavid van Moolenbroek		 * deleted.  Do not actually delete the address in netif,
*ef8d499eSDavid van Moolenbroek		 * because that would cause problems with its changing IP
*ef8d499eSDavid van Moolenbroek		 * addresses on existing sockets.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		ifaddr_v4_deleted(ifdev, (ifaddr_v4_num_t)0);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/* Update the one part that may have actually changed. */
*ef8d499eSDavid van Moolenbroek		netif_set_netmask(netif, ip_2_ip4(&netmask));
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* In both cases, we now need to report the address as added. */
*ef8d499eSDavid van Moolenbroek	ifaddr_v4_added(ifdev, (ifaddr_v4_num_t)0);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return OK;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Delete an IPv4 address from an interface.  The given address number 'num'
*ef8d499eSDavid van Moolenbroek * must have been obtained from ifaddr_v4_find() or ifaddr_v4_enum() on the
*ef8d499eSDavid van Moolenbroek * same interface just before.  This function always succeeds.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v4_del(struct ifdev * ifdev, ifaddr_v4_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ip4_addr_t ip4zero;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(num == 0);
*ef8d499eSDavid van Moolenbroek	assert(ifdev->ifdev_v4set);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Report the address as deleted.  Always do this first, because the
*ef8d499eSDavid van Moolenbroek	 * reporting requires that the address is still there.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	ifaddr_v4_deleted(ifdev, num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Then actually delete the address. */
*ef8d499eSDavid van Moolenbroek	ip4_addr_set_zero(&ip4zero);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	netif_set_addr(ifdev_get_netif(ifdev), &ip4zero, &ip4zero, &ip4zero);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ifdev->ifdev_v4set = FALSE;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Announce all IPv4 addresses associated with the given interface as deleted,
*ef8d499eSDavid van Moolenbroek * Used (only) right before the interface is destroyed.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v4_clear(struct ifdev * ifdev)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_v4set)
*ef8d499eSDavid van Moolenbroek		ifaddr_v4_deleted(ifdev, (ifaddr_v4_num_t)0);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Return the first interface device that owns the given IPv4 address, or NULL
*ef8d499eSDavid van Moolenbroek * if it is not a valid local IPv4 address.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstruct ifdev *
*ef8d499eSDavid van Moolenbroekifaddr_v4_map_by_addr(const ip4_addr_t * ip4addr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct ifdev *ifdev;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * It would be nice to be able to do a route lookup on an RTF_LOCAL
*ef8d499eSDavid van Moolenbroek	 * entry here, but we do not do this for IPv6 either - see the comment
*ef8d499eSDavid van Moolenbroek	 * in ifaddr_v6_map() - and it is much less needed here, because each
*ef8d499eSDavid van Moolenbroek	 * interface has at most one IPv4 address.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	for (ifdev = NULL; (ifdev = ifdev_enum(ifdev)) != NULL; ) {
*ef8d499eSDavid van Moolenbroek		if (ifdev->ifdev_v4set &&
*ef8d499eSDavid van Moolenbroek		    ip4_addr_cmp(netif_ip4_addr(ifdev_get_netif(ifdev)),
*ef8d499eSDavid van Moolenbroek		    ip4addr))
*ef8d499eSDavid van Moolenbroek			return ifdev;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return NULL;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Return the first interface device for which the given IPv4 address is on a
*ef8d499eSDavid van Moolenbroek * configured local subnet, or NULL if no match was found.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic struct ifdev *
*ef8d499eSDavid van Moolenbroekifaddr_v4_map_by_subnet(const ip4_addr_t * ip4addr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct ifdev *ifdev;
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	uint32_t addr1, addr2, mask;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	addr1 = ip4_addr_get_u32(ip4addr);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Here, we must never do a route lookup, because this routine is used
*ef8d499eSDavid van Moolenbroek	 * for SO_DONTROUTE/MSG_DONTROUTE.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	for (ifdev = NULL; (ifdev = ifdev_enum(ifdev)) != NULL; ) {
*ef8d499eSDavid van Moolenbroek		if (!ifdev->ifdev_v4set)
*ef8d499eSDavid van Moolenbroek			continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		addr2 = ip4_addr_get_u32(netif_ip4_addr(netif));
*ef8d499eSDavid van Moolenbroek		mask = ip4_addr_get_u32(netif_ip4_netmask(netif));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		if ((addr1 & mask) == (addr2 & mask))
*ef8d499eSDavid van Moolenbroek			return ifdev;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return NULL;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Return TRUE if the given local IPv6 interface address is valid (= preferred
*ef8d499eSDavid van Moolenbroek * or deprecated), or FALSE if it is not (= tentative or duplicated).  The
*ef8d499eSDavid van Moolenbroek * address slot must be in use, that is, it must not be free (= invalid).
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic int
*ef8d499eSDavid van Moolenbroekifaddr_v6_isvalid(struct ifdev * ifdev, ifaddr_v6_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	int state;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	state = ifdev->ifdev_v6state[num];
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Note that 'valid' and 'invalid' are not each other's inverse! */
*ef8d499eSDavid van Moolenbroek	assert(!ip6_addr_isinvalid(state));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return ip6_addr_isvalid(state);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Find an IPv6 address assigned to the given interface that matches the given
*ef8d499eSDavid van Moolenbroek * IPv6 address.  Return TRUE if a match was found, with its number stored in
*ef8d499eSDavid van Moolenbroek * 'nump'.  Return FALSE if the address is not assigned to the interface.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic int
*ef8d499eSDavid van Moolenbroekifaddr_v6_match(struct ifdev * ifdev, const ip_addr_t * ipaddr,
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t * nump)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	int8_t i;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(IP_IS_V6(ipaddr));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	i = netif_get_ip6_addr_match(ifdev_get_netif(ifdev), ip_2_ip6(ipaddr));
*ef8d499eSDavid van Moolenbroek	if (i < 0)
*ef8d499eSDavid van Moolenbroek		return FALSE;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	*nump = i;
*ef8d499eSDavid van Moolenbroek	return TRUE;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Find an IPv6 address locally assigned to a interface.  The IPv6 address is
*ef8d499eSDavid van Moolenbroek * given as 'addr6', and must use KAME-style embedding for zones.  The
*ef8d499eSDavid van Moolenbroek * interface is given as 'ifdev'.  On success, return OK, with the IPv6 address
*ef8d499eSDavid van Moolenbroek * number stored in 'num'.  On failure, return a negative error code.  This
*ef8d499eSDavid van Moolenbroek * function also returns tentative and duplicated addresses.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v6_find(struct ifdev * ifdev, const struct sockaddr_in6 * addr6,
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t * nump)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ip_addr_t ipaddr;
*ef8d499eSDavid van Moolenbroek	int r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if ((r = addr_get_inet((const struct sockaddr *)addr6, sizeof(*addr6),
*ef8d499eSDavid van Moolenbroek	    IPADDR_TYPE_V6, &ipaddr, TRUE /*kame*/, NULL /*port*/)) != OK)
*ef8d499eSDavid van Moolenbroek		return r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (ip6_addr_has_zone(ip_2_ip6(&ipaddr)) &&
*ef8d499eSDavid van Moolenbroek	    ip6_addr_zone(ip_2_ip6(&ipaddr)) != ifdev_get_index(ifdev))
*ef8d499eSDavid van Moolenbroek		return EADDRNOTAVAIL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (!ifaddr_v6_match(ifdev, &ipaddr, nump))
*ef8d499eSDavid van Moolenbroek		return EADDRNOTAVAIL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return OK;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Enumerate IPv6 addresses locally assigned to the given interface 'ifdev'.
*ef8d499eSDavid van Moolenbroek * The caller should set 'nump' to 0 initially, and increase it by one between
*ef8d499eSDavid van Moolenbroek * a successful call and the next enumeration call.  Return TRUE on success,
*ef8d499eSDavid van Moolenbroek * meaning that starting from the given value of 'nump' there is at least one
*ef8d499eSDavid van Moolenbroek * IPv6 address, of which the number is stored in 'nump' on return.  Return
*ef8d499eSDavid van Moolenbroek * FALSE if there are no more IPv6 addresses locally assigned to the interface.
*ef8d499eSDavid van Moolenbroek * This function also returns tentative and duplicated address entries.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v6_enum(struct ifdev * ifdev, ifaddr_v6_num_t * nump)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t num;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (num = *nump; num < LWIP_IPV6_NUM_ADDRESSES; num++) {
*ef8d499eSDavid van Moolenbroek		if (!ip6_addr_isinvalid(ifdev->ifdev_v6state[num])) {
*ef8d499eSDavid van Moolenbroek			*nump = num;
*ef8d499eSDavid van Moolenbroek			return TRUE;
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return FALSE;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Obtain information about the IPv6 address 'num' assigned to the interface
*ef8d499eSDavid van Moolenbroek * 'ifdev'.  Store the IPv6 address in 'addr6', the network mask in 'mask6',
*ef8d499eSDavid van Moolenbroek * and the destination address in 'dest6'.  Each of these pointers may be NULL.
*ef8d499eSDavid van Moolenbroek * The returned addresses use KAME-style embedding for zones.  This function
*ef8d499eSDavid van Moolenbroek * also returns tentative and duplicated addresses.  It always succeeds.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v6_get(struct ifdev * ifdev, ifaddr_v6_num_t num,
*ef8d499eSDavid van Moolenbroek	struct sockaddr_in6 * addr6, struct sockaddr_in6 * mask6,
*ef8d499eSDavid van Moolenbroek	struct sockaddr_in6 * dest6)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	socklen_t addr_len;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Due to route message generation upon address addition and deletion,
*ef8d499eSDavid van Moolenbroek	 * either the ifdev_v6state or the netif state may not yet have been
*ef8d499eSDavid van Moolenbroek	 * updated here.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	assert(!ip6_addr_isinvalid(ifdev->ifdev_v6state[num]) ||
*ef8d499eSDavid van Moolenbroek	    !ip6_addr_isinvalid(netif_ip6_addr_state(ifdev_get_netif(ifdev),
*ef8d499eSDavid van Moolenbroek	    (int)num)));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (addr6 != NULL) {
*ef8d499eSDavid van Moolenbroek		addr_len = sizeof(*addr6);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		(void)addr_put_inet((struct sockaddr *)addr6, &addr_len,
*ef8d499eSDavid van Moolenbroek		    netif_ip_addr6(netif, (int)num), TRUE /*kame*/,
*ef8d499eSDavid van Moolenbroek		    0 /*port*/);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (mask6 != NULL) {
*ef8d499eSDavid van Moolenbroek		addr_len = sizeof(*mask6);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		addr_put_netmask((struct sockaddr *)mask6, &addr_len,
*ef8d499eSDavid van Moolenbroek		    IPADDR_TYPE_V6, ifdev->ifdev_v6prefix[num]);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (dest6 != NULL) {
*ef8d499eSDavid van Moolenbroek		/* TODO: dest6 */
*ef8d499eSDavid van Moolenbroek		dest6->sin6_len = 0;
*ef8d499eSDavid van Moolenbroek		dest6->sin6_family = AF_UNSPEC;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Obtain NetBSD-style state flags (IN6_IFF_) for the given local IPv6 address.
*ef8d499eSDavid van Moolenbroek * The given number must identify an existing address.  Return the flags.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v6_get_flags(struct ifdev * ifdev, ifaddr_v6_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	int state, flags;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	state = ifdev->ifdev_v6state[num];
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(!ip6_addr_isinvalid(state));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	flags = 0;
*ef8d499eSDavid van Moolenbroek	if (ip6_addr_isduplicated(state))
*ef8d499eSDavid van Moolenbroek		flags |= IN6_IFF_DUPLICATED;
*ef8d499eSDavid van Moolenbroek	if (ip6_addr_istentative(state))
*ef8d499eSDavid van Moolenbroek		flags |= IN6_IFF_TENTATIVE;
*ef8d499eSDavid van Moolenbroek	if (ip6_addr_isdeprecated(state))
*ef8d499eSDavid van Moolenbroek		flags |= IN6_IFF_DEPRECATED;
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_v6flags[num] & IFADDR_V6F_AUTOCONF)
*ef8d499eSDavid van Moolenbroek		flags |= IN6_IFF_AUTOCONF;
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_v6flags[num] & IFADDR_V6F_TEMPORARY)
*ef8d499eSDavid van Moolenbroek		flags |= IN6_IFF_TEMPORARY;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return flags;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Obtain lifetime information about the given local IPv6 address.  The given
*ef8d499eSDavid van Moolenbroek * 'lifetime' structure is filled as a result.  This function always succeeds.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v6_get_lifetime(struct ifdev * ifdev, ifaddr_v6_num_t num,
*ef8d499eSDavid van Moolenbroek	struct in6_addrlifetime * lifetime)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	uint32_t valid_life, pref_life;
*ef8d499eSDavid van Moolenbroek	time_t now;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(!ip6_addr_isinvalid(ifdev->ifdev_v6state[num]));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	valid_life = netif_ip6_addr_valid_life(netif, (int)num);
*ef8d499eSDavid van Moolenbroek	pref_life = netif_ip6_addr_pref_life(netif, (int)num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Represent 'static' as 'infinite' to userland.  This applies only to
*ef8d499eSDavid van Moolenbroek	 * link-local addresses, which do not have lifetimes at all.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ip6_addr_life_isstatic(valid_life)) {
*ef8d499eSDavid van Moolenbroek		valid_life = IP6_ADDR_LIFE_INFINITE;
*ef8d499eSDavid van Moolenbroek		pref_life = IP6_ADDR_LIFE_INFINITE;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	now = clock_time(NULL);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * TODO: the _vltime and _pltime values filled in here are not correct.
*ef8d499eSDavid van Moolenbroek	 * They should be set to the originally assigned values rather than the
*ef8d499eSDavid van Moolenbroek	 * current ones.  Getting this right would mean we'd have to save the
*ef8d499eSDavid van Moolenbroek	 * original values.  So far it does not look like userland needs that..
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	memset(lifetime, 0, sizeof(*lifetime));
*ef8d499eSDavid van Moolenbroek	lifetime->ia6t_vltime = valid_life;
*ef8d499eSDavid van Moolenbroek	lifetime->ia6t_pltime = pref_life;
*ef8d499eSDavid van Moolenbroek	if (!ip6_addr_life_isinfinite(valid_life))
*ef8d499eSDavid van Moolenbroek		lifetime->ia6t_expire = now + valid_life;
*ef8d499eSDavid van Moolenbroek	if (!ip6_addr_life_isinfinite(pref_life))
*ef8d499eSDavid van Moolenbroek		lifetime->ia6t_preferred = now + pref_life;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Determine whether there should be a local subnet route for the given
*ef8d499eSDavid van Moolenbroek * assigned IPv6 address, and if so, compute the subnet mask to add.  Return
*ef8d499eSDavid van Moolenbroek * TRUE if a local subnet route should be added, and return the network base
*ef8d499eSDavid van Moolenbroek * address in 'netbase' and the number of prefix bits in 'prefixp'.  Return
*ef8d499eSDavid van Moolenbroek * FALSE if no subnet route should be added for the assigned address.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic unsigned int
*ef8d499eSDavid van Moolenbroekifaddr_v6_netroute(struct ifdev * ifdev, ifaddr_v6_num_t num,
*ef8d499eSDavid van Moolenbroek	ip_addr_t * netbase, unsigned int * prefixp)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	const ip_addr_t *ipaddr;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ipaddr = netif_ip_addr6(ifdev_get_netif(ifdev), (int)num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * A local network route should be added only if all of the following
*ef8d499eSDavid van Moolenbroek	 * conditions are met:
*ef8d499eSDavid van Moolenbroek	 *
*ef8d499eSDavid van Moolenbroek	 * 1) The address is not auto-configured.  Autoconfigured addresses do
*ef8d499eSDavid van Moolenbroek	 *    not have an implied subnet, as explained in RFC 5942.
*ef8d499eSDavid van Moolenbroek	 *    Consistency with respect to subnet routes is why we do not allow
*ef8d499eSDavid van Moolenbroek	 *    changing the AUTOCONF flag after an address has been added.
*ef8d499eSDavid van Moolenbroek	 * 2) The subnet assignment is not a /128 prefix.  Not only would such
*ef8d499eSDavid van Moolenbroek	 *    a route not be useful, adding it would fail anyway because we
*ef8d499eSDavid van Moolenbroek	 *    currently do not support adding a host-type route and a
*ef8d499eSDavid van Moolenbroek	 *    full-width net-type route for the same IP address.
*ef8d499eSDavid van Moolenbroek	 * 3) If the interface is a loopback device, the address is not a link-
*ef8d499eSDavid van Moolenbroek	 *    local address.  This appears to be what NetBSD does, but
*ef8d499eSDavid van Moolenbroek	 *    additional loopback-related exceptions may be needed here.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if ((ifdev->ifdev_v6flags[num] & IFADDR_V6F_AUTOCONF) ||
*ef8d499eSDavid van Moolenbroek	    ifdev->ifdev_v6prefix[num] == IP6_BITS ||
*ef8d499eSDavid van Moolenbroek	    (ifdev_is_loopback(ifdev) &&
*ef8d499eSDavid van Moolenbroek	    ip6_addr_islinklocal(ip_2_ip6(ipaddr))))
*ef8d499eSDavid van Moolenbroek		return FALSE;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	addr_normalize(netbase, ipaddr, ifdev->ifdev_v6prefix[num]);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	*prefixp = ifdev->ifdev_v6prefix[num];
*ef8d499eSDavid van Moolenbroek	return TRUE;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * A local IPv6 has become valid (preferred or deprecated) after previously
*ef8d499eSDavid van Moolenbroek * being invalid (tentative, duplicated, or free).  Report the addition of the
*ef8d499eSDavid van Moolenbroek * now-usable address, and add appropriate routes to the IPv6 routing table.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * This function is *not* called immediately when an address is added, but
*ef8d499eSDavid van Moolenbroek * rather when the address becomes valid (meaning it is no longer tentative,
*ef8d499eSDavid van Moolenbroek * and thus supposedly collision-free).  For that reason, unlike for IPv4, this
*ef8d499eSDavid van Moolenbroek * function is only ever called indirectly, through the netif status callback.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic void
*ef8d499eSDavid van Moolenbroekifaddr_v6_added(struct ifdev * ifdev, ifaddr_v6_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	const ip_addr_t *ipaddr;
*ef8d499eSDavid van Moolenbroek	ip_addr_t base;
*ef8d499eSDavid van Moolenbroek	ip6_addr_t *base6;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Check the netif as ifdev_v6state is not yet updated here. */
*ef8d499eSDavid van Moolenbroek	assert(!ip6_addr_isinvalid(netif_ip6_addr_state(ifdev_get_netif(ifdev),
*ef8d499eSDavid van Moolenbroek	    (int)num)));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Report the addition of the interface address. */
*ef8d499eSDavid van Moolenbroek	rtsock_msg_addr_v6(ifdev, RTM_NEWADDR, num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Add the local host route.  This will always succeed.  See the IPv4
*ef8d499eSDavid van Moolenbroek	 * version of this code for more information.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	ipaddr = netif_ip_addr6(ifdev_get_netif(ifdev), (int)num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	(void)route_add(ipaddr, IP6_BITS, NULL /*gateway*/, ifdev,
*ef8d499eSDavid van Moolenbroek	    IFADDR_HOST_RTFLAGS, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Add the local network route, if the rules say that we should.  Even
*ef8d499eSDavid van Moolenbroek	 * then, adding the route may fail for various reasons, but this route
*ef8d499eSDavid van Moolenbroek	 * is not essential and so we ignore failures here.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ifaddr_v6_netroute(ifdev, num, &base, &prefix))
*ef8d499eSDavid van Moolenbroek		(void)route_add(&base, prefix, NULL /*gateway*/, ifdev,
*ef8d499eSDavid van Moolenbroek		    IFADDR_NET_RTFLAGS, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Add the node-local and link-local scope multicast routes.  These are
*ef8d499eSDavid van Moolenbroek	 * interface-specific rather than address-specific.  They are (re)added
*ef8d499eSDavid van Moolenbroek	 * for every address, and never deleted until interface destruction.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	ip_addr_set_zero_ip6(&base);
*ef8d499eSDavid van Moolenbroek	base6 = ip_2_ip6(&base);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	base6->addr[0] = htonl(0xff010000UL | ifdev_get_index(ifdev));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	(void)route_add(&base, 32, NULL /*gateway*/, ifdev, IFADDR_NET_RTFLAGS,
*ef8d499eSDavid van Moolenbroek	    NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	base6->addr[0] = htonl(0xff020000UL | ifdev_get_index(ifdev));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	(void)route_add(&base, 32, NULL /*gateway*/, ifdev, IFADDR_NET_RTFLAGS,
*ef8d499eSDavid van Moolenbroek	    NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * A particular local IPv6 address is being deleted.  See if there is another
*ef8d499eSDavid van Moolenbroek * local IPv6 address assigned that should have the same local subnet route
*ef8d499eSDavid van Moolenbroek * (but didn't, as such duplicate routes can obviously not be added), and if
*ef8d499eSDavid van Moolenbroek * so, readd the route for that other address, possibly for the same interface.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic void
*ef8d499eSDavid van Moolenbroekifaddr_v6_dupcheck(struct ifdev * oifdev, const ip_addr_t * onetbase,
*ef8d499eSDavid van Moolenbroek	unsigned int oprefix)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct ifdev *ifdev;
*ef8d499eSDavid van Moolenbroek	ip_addr_t netbase;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t num;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (ifdev = NULL; (ifdev = ifdev_enum(ifdev)) != NULL; ) {
*ef8d499eSDavid van Moolenbroek		if (ifdev == oifdev)
*ef8d499eSDavid van Moolenbroek			continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		for (num = 0; num < LWIP_IPV6_NUM_ADDRESSES; num++) {
*ef8d499eSDavid van Moolenbroek			if (ip6_addr_isinvalid(ifdev->ifdev_v6state[num]) ||
*ef8d499eSDavid van Moolenbroek			    !ifaddr_v6_isvalid(ifdev, num))
*ef8d499eSDavid van Moolenbroek				continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			if (!ifaddr_v6_netroute(ifdev, num, &netbase, &prefix))
*ef8d499eSDavid van Moolenbroek				continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			if (prefix != oprefix ||
*ef8d499eSDavid van Moolenbroek			    !ip_addr_cmp(&netbase, onetbase))
*ef8d499eSDavid van Moolenbroek				continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			(void)route_add(&netbase, prefix, NULL /*gateway*/,
*ef8d499eSDavid van Moolenbroek			    ifdev, IFADDR_NET_RTFLAGS, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			return;
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * A local IPv6 has become invalid (tentative, duplicated, or free) after
*ef8d499eSDavid van Moolenbroek * previously being valid (preferred or deprecated).  Report the deletion of
*ef8d499eSDavid van Moolenbroek * the previously-usable address, and remove previously added routes from the
*ef8d499eSDavid van Moolenbroek * IPv6 routing table.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * This function is not always called for every deleted address: instead, it is
*ef8d499eSDavid van Moolenbroek * called only when the address was previously valid, meaning that
*ef8d499eSDavid van Moolenbroek * ifaddr_v6_added() was invoked on it before as well.  Unlike for IPv4, this
*ef8d499eSDavid van Moolenbroek * function is typically called indirectly, through the netif status callback.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic void
*ef8d499eSDavid van Moolenbroekifaddr_v6_deleted(struct ifdev * ifdev, ifaddr_v6_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct route_entry *route;
*ef8d499eSDavid van Moolenbroek	const ip_addr_t *ipaddr;
*ef8d499eSDavid van Moolenbroek	ip_addr_t netbase;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(!ip6_addr_isinvalid(ifdev->ifdev_v6state[num]));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ipaddr = netif_ip_addr6(ifdev_get_netif(ifdev), (int)num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Delete the local network route, if we tried adding it at all. */
*ef8d499eSDavid van Moolenbroek	if (ifaddr_v6_netroute(ifdev, num, &netbase, &prefix) &&
*ef8d499eSDavid van Moolenbroek	    (route = route_find(&netbase, prefix,
*ef8d499eSDavid van Moolenbroek	    FALSE /*is_host*/)) != NULL &&
*ef8d499eSDavid van Moolenbroek	    route_get_flags(route) == IFADDR_NET_RTFLAGS) {
*ef8d499eSDavid van Moolenbroek		route_delete(route, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Readd the local network route for another interface, if that
*ef8d499eSDavid van Moolenbroek		 * interface has a local address on the very same network.
*ef8d499eSDavid van Moolenbroek		 * Skip scoped (e.g., link-local) addresses, for which the
*ef8d499eSDavid van Moolenbroek		 * routes are unique anyway.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (!ip6_addr_has_scope(ip_2_ip6(ipaddr), IP6_UNICAST))
*ef8d499eSDavid van Moolenbroek			ifaddr_v6_dupcheck(ifdev, &netbase, prefix);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Delete the local host route. */
*ef8d499eSDavid van Moolenbroek	if ((route = route_find(ipaddr, IP6_BITS, TRUE /*is_host*/)) != NULL)
*ef8d499eSDavid van Moolenbroek		route_delete(route, NULL /*rtr*/);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Report the deletion of the interface address. */
*ef8d499eSDavid van Moolenbroek	rtsock_msg_addr_v6(ifdev, RTM_DELADDR, num);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Add or update an IPv6 address on an interface.  The interface is given as
*ef8d499eSDavid van Moolenbroek * 'ifdev'.  The IPv6 address to add or update is pointed to by 'addr6', which
*ef8d499eSDavid van Moolenbroek * must always be a pointer to a valid address.  The network mask is given as
*ef8d499eSDavid van Moolenbroek * 'mask6', but may be NULL when updating an address.  The same applies to the
*ef8d499eSDavid van Moolenbroek * destination address 'dest6'.  The given IPv6 address and destination address
*ef8d499eSDavid van Moolenbroek * must use KAME-style embedding for zones.  The flags field 'flags' contains
*ef8d499eSDavid van Moolenbroek * a set of NetBSD-style address flags (IN6_IFF_).  The 'lifetime' parameter
*ef8d499eSDavid van Moolenbroek * always points to lifetime information to be set or updated.  Return OK if
*ef8d499eSDavid van Moolenbroek * the address was successfully added or updated, or a negative error code
*ef8d499eSDavid van Moolenbroek * otherwise.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_v6_add(struct ifdev * ifdev, const struct sockaddr_in6 * addr6,
*ef8d499eSDavid van Moolenbroek	const struct sockaddr_in6 * mask6, const struct sockaddr_in6 * dest6,
*ef8d499eSDavid van Moolenbroek	int flags, const struct in6_addrlifetime * lifetime)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ip_addr_t ipaddr;
*ef8d499eSDavid van Moolenbroek	ip6_addr_t *ip6addr;
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t num;
*ef8d499eSDavid van Moolenbroek	uint32_t valid_life;
*ef8d499eSDavid van Moolenbroek	int r, state;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Somewhat curiously, NetBSD ignores the zone ID for these requests,
*ef8d499eSDavid van Moolenbroek	 * rather than rejecting requests with a zone ID that does not match
*ef8d499eSDavid van Moolenbroek	 * the associated interface's.  We have no reason to be stricter, and
*ef8d499eSDavid van Moolenbroek	 * so we overwrite whatever zone was given..
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if ((r = addr_get_inet((const struct sockaddr *)addr6, sizeof(*addr6),
*ef8d499eSDavid van Moolenbroek	    IPADDR_TYPE_V6, &ipaddr, TRUE /*kame*/, NULL /*port*/)) != OK)
*ef8d499eSDavid van Moolenbroek		return r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Forbid locally-assigned multicast addresses.  Not only are those
*ef8d499eSDavid van Moolenbroek	 * absolutely disallowed in theory, we also assume all locally assigned
*ef8d499eSDavid van Moolenbroek	 * addresses are unicast in various places in practice.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ip_addr_ismulticast(&ipaddr))
*ef8d499eSDavid van Moolenbroek		return EINVAL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ip6_addr_assign_zone(ip_2_ip6(&ipaddr), IP6_UNICAST, netif);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * The netmask needs to be there only when adding a new address, but if
*ef8d499eSDavid van Moolenbroek	 * a netmask is given, it must be valid.  Note that lwIP itself
*ef8d499eSDavid van Moolenbroek	 * supports only /64 subnets; however, due to our custom routing hooks,
*ef8d499eSDavid van Moolenbroek	 * combined with giving lifetimes to all addresses (except the primary
*ef8d499eSDavid van Moolenbroek	 * link-local address, which is a /64), we control all routing
*ef8d499eSDavid van Moolenbroek	 * decisions that would otherwise be affected by that lwIP limitation.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (mask6 != NULL && mask6->sin6_family != AF_UNSPEC) {
*ef8d499eSDavid van Moolenbroek		if ((r = addr_get_netmask((const struct sockaddr *)mask6,
*ef8d499eSDavid van Moolenbroek		    sizeof(*mask6), IPADDR_TYPE_V6, &prefix,
*ef8d499eSDavid van Moolenbroek		    NULL /*ipaddr*/)) != OK)
*ef8d499eSDavid van Moolenbroek			return r;
*ef8d499eSDavid van Moolenbroek	} else
*ef8d499eSDavid van Moolenbroek		prefix = 0;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* TODO: dest6 (note: may be NULL) */
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* TODO: support for IN6_IFF_ANYCAST and IN6_IFF_DETACHED. */
*ef8d499eSDavid van Moolenbroek	if (flags & ~(IN6_IFF_TENTATIVE | IN6_IFF_DEPRECATED | IN6_IFF_NODAD |
*ef8d499eSDavid van Moolenbroek	    IN6_IFF_AUTOCONF | IN6_IFF_TEMPORARY))
*ef8d499eSDavid van Moolenbroek		return EINVAL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Should we add a new address, or update an existing one? */
*ef8d499eSDavid van Moolenbroek	ip6addr = ip_2_ip6(&ipaddr);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (!ifaddr_v6_match(ifdev, &ipaddr, &num)) {
*ef8d499eSDavid van Moolenbroek		/* Add a new address. */
*ef8d499eSDavid van Moolenbroek		if (prefix == 0)
*ef8d499eSDavid van Moolenbroek			return EINVAL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * It must be possible to add the address to the routing table,
*ef8d499eSDavid van Moolenbroek		 * so make sure that we can add such a route later on.  The
*ef8d499eSDavid van Moolenbroek		 * error code should be accurate for most real-world cases.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (!route_can_add(&ipaddr, IP6_BITS, TRUE /*is_host*/))
*ef8d499eSDavid van Moolenbroek			return EEXIST;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * As an exception, if the given address is a link-local
*ef8d499eSDavid van Moolenbroek		 * address and there is no link-local address in slot 0, use
*ef8d499eSDavid van Moolenbroek		 * slot 0 to store this address.  This requires a /64 prefix
*ef8d499eSDavid van Moolenbroek		 * length, because lwIP will use an implied /64 subnet for it.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (ip6_addr_isinvalid(ifdev->ifdev_v6state[0]) &&
*ef8d499eSDavid van Moolenbroek		    ip6_addr_islinklocal(ip6addr) && prefix == 64) {
*ef8d499eSDavid van Moolenbroek			num = (ifaddr_v6_num_t)0;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			/*
*ef8d499eSDavid van Moolenbroek			 * Such link-local addresses are not considered to be
*ef8d499eSDavid van Moolenbroek			 * autoconfigured, because they always have an implied
*ef8d499eSDavid van Moolenbroek			 * subnet.  Therefore, clear that flag.
*ef8d499eSDavid van Moolenbroek			 */
*ef8d499eSDavid van Moolenbroek			flags &= ~IN6_IFF_AUTOCONF;
*ef8d499eSDavid van Moolenbroek		} else {
*ef8d499eSDavid van Moolenbroek			/*
*ef8d499eSDavid van Moolenbroek			 * Find a free slot.  We bypass netif_ip6_addr_add() as
*ef8d499eSDavid van Moolenbroek			 * it makes things more, rather than less, complicated
*ef8d499eSDavid van Moolenbroek			 * for us here.
*ef8d499eSDavid van Moolenbroek			 */
*ef8d499eSDavid van Moolenbroek			for (num = 1; num < LWIP_IPV6_NUM_ADDRESSES; num++) {
*ef8d499eSDavid van Moolenbroek				state = ifdev->ifdev_v6state[num];
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek				if (ip6_addr_isinvalid(state))
*ef8d499eSDavid van Moolenbroek					break;
*ef8d499eSDavid van Moolenbroek			}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			if (num == LWIP_IPV6_NUM_ADDRESSES)
*ef8d499eSDavid van Moolenbroek				return ENOBUFS;	/* TODO: a better error code */
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		assert(ip6_addr_isinvalid(netif_ip6_addr_state(netif, num)));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * We bypass the standard netif IPv6 address assignment
*ef8d499eSDavid van Moolenbroek		 * functions here, because we may want to change the state of
*ef8d499eSDavid van Moolenbroek		 * the address to something particular (rather than always
*ef8d499eSDavid van Moolenbroek		 * tentative) and set the state only when we're otherwise done.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		netif->ip6_addr[num] = ipaddr;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_v6prefix[num] = prefix;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * New addresses are always DAD-tested for collisions first,
*ef8d499eSDavid van Moolenbroek		 * except on loopback interfaces, which will simply get back
*ef8d499eSDavid van Moolenbroek		 * its own DAD request and conclude there is a collision..
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (flags & IN6_IFF_TENTATIVE)
*ef8d499eSDavid van Moolenbroek			state = IP6_ADDR_TENTATIVE;
*ef8d499eSDavid van Moolenbroek		else if (flags & IN6_IFF_DEPRECATED)
*ef8d499eSDavid van Moolenbroek			state = IP6_ADDR_VALID;
*ef8d499eSDavid van Moolenbroek		else if (ifdev_is_loopback(ifdev) || (flags & IN6_IFF_NODAD))
*ef8d499eSDavid van Moolenbroek			state = IP6_ADDR_PREFERRED;
*ef8d499eSDavid van Moolenbroek		else
*ef8d499eSDavid van Moolenbroek			state = IP6_ADDR_TENTATIVE;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_v6flags[num] = 0;
*ef8d499eSDavid van Moolenbroek		if (flags & IN6_IFF_AUTOCONF)
*ef8d499eSDavid van Moolenbroek			ifdev->ifdev_v6flags[num] |= IFADDR_V6F_AUTOCONF;
*ef8d499eSDavid van Moolenbroek		if (flags & IN6_IFF_TEMPORARY)
*ef8d499eSDavid van Moolenbroek			ifdev->ifdev_v6flags[num] |= IFADDR_V6F_TEMPORARY;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/* Precompute the address scope as well. */
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_v6scope[num] =
*ef8d499eSDavid van Moolenbroek		    addrpol_get_scope(&ipaddr, TRUE /*is_src*/);
*ef8d499eSDavid van Moolenbroek	} else {
*ef8d499eSDavid van Moolenbroek		/* Update an existing address. */
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Since no fundamental aspects about the address may change
*ef8d499eSDavid van Moolenbroek		 * we also do not need to delete and readd the address here.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (prefix != 0 && prefix != ifdev->ifdev_v6prefix[num])
*ef8d499eSDavid van Moolenbroek			return EINVAL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/* TODO: figure out exactly what userland wants here.. */
*ef8d499eSDavid van Moolenbroek		if (flags & IN6_IFF_TENTATIVE)
*ef8d499eSDavid van Moolenbroek			state = IP6_ADDR_TENTATIVE;
*ef8d499eSDavid van Moolenbroek		else if (flags & IN6_IFF_DEPRECATED)
*ef8d499eSDavid van Moolenbroek			state = IP6_ADDR_VALID;
*ef8d499eSDavid van Moolenbroek		else
*ef8d499eSDavid van Moolenbroek			state = IP6_ADDR_PREFERRED;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Leave the AUTOCONF flag as is, because otherwise we might
*ef8d499eSDavid van Moolenbroek		 * also have to add or delete a subnet route here.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (flags & IN6_IFF_TEMPORARY)
*ef8d499eSDavid van Moolenbroek			ifdev->ifdev_v6flags[num] |= IFADDR_V6F_TEMPORARY;
*ef8d499eSDavid van Moolenbroek		else
*ef8d499eSDavid van Moolenbroek			ifdev->ifdev_v6flags[num] &= ~IFADDR_V6F_TEMPORARY;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * In our implementation, all addresses except the first link-local
*ef8d499eSDavid van Moolenbroek	 * address (which is always stored in slot 0) have a lifetime and are
*ef8d499eSDavid van Moolenbroek	 * thus not static as far as lwIP is concerned.  The result is that all
*ef8d499eSDavid van Moolenbroek	 * those addresses are considered to be /128 assignments, leaving the
*ef8d499eSDavid van Moolenbroek	 * routing decisions entirely to us, which is exactly what we want.  As
*ef8d499eSDavid van Moolenbroek	 * such we have to be careful not to assign a valid lifetime of 0
*ef8d499eSDavid van Moolenbroek	 * ("static").  For preferred lifetimes, 0 is not a special value,
*ef8d499eSDavid van Moolenbroek	 * though.  Either value may be 0xffffffff, which denotes "infinite".
*ef8d499eSDavid van Moolenbroek	 *
*ef8d499eSDavid van Moolenbroek	 * As for those routing decisions: we use the AUTOCONF flag as the
*ef8d499eSDavid van Moolenbroek	 * indication whether or not to add a subnet (= on-link prefix) route
*ef8d499eSDavid van Moolenbroek	 * for the address.  See also ifaddr_v6_added().
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (num != 0) {
*ef8d499eSDavid van Moolenbroek		valid_life = lifetime->ia6t_vltime;
*ef8d499eSDavid van Moolenbroek		if (ip6_addr_life_isstatic(valid_life))
*ef8d499eSDavid van Moolenbroek			valid_life++;
*ef8d499eSDavid van Moolenbroek		netif_ip6_addr_set_valid_life(netif, (int)num, valid_life);
*ef8d499eSDavid van Moolenbroek		netif_ip6_addr_set_pref_life(netif, (int)num,
*ef8d499eSDavid van Moolenbroek		    lifetime->ia6t_pltime);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * The lifetime of address slot 0 is initialized to, and remains at all
*ef8d499eSDavid van Moolenbroek	 * times, zero ("static").  All other slots have an actual lifetime.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	assert(netif_ip6_addr_isstatic(netif, (int)num) == !num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Change the address state last, as this may immediately trigger
*ef8d499eSDavid van Moolenbroek	 * reports and route addition etc, although usually it will not:
*ef8d499eSDavid van Moolenbroek	 * addresses are typically added as tentative, and ifaddr_v6_added()
*ef8d499eSDavid van Moolenbroek	 * will be called only once the address is valid.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	netif_ip6_addr_set_state(netif, (int)num, state);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return OK;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Delete an IPv6 address from an interface.  The given address number must
*ef8d499eSDavid van Moolenbroek * have been obtained through ifaddr_v6_find() or ifaddr_v6_enum().
*ef8d499eSDavid van Moolenbroek * This function always succeeds.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v6_del(struct ifdev * ifdev, ifaddr_v6_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(num <= LWIP_IPV6_NUM_ADDRESSES);
*ef8d499eSDavid van Moolenbroek	assert(!ip6_addr_isinvalid(ifdev->ifdev_v6state[num]));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* The state change will also trigger ifaddr_v6_deleted() if needed. */
*ef8d499eSDavid van Moolenbroek	netif_ip6_addr_set_state(ifdev_get_netif(ifdev), (int)num,
*ef8d499eSDavid van Moolenbroek	    IP6_ADDR_INVALID);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Announce all IPv6 addresses associated with the given interface as deleted.
*ef8d499eSDavid van Moolenbroek * Used (only) right before the interface is destroyed.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v6_clear(struct ifdev * ifdev)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t num;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (num = 0; ifaddr_v6_enum(ifdev, &num); num++) {
*ef8d499eSDavid van Moolenbroek		if (ifaddr_v6_isvalid(ifdev, num))
*ef8d499eSDavid van Moolenbroek			ifaddr_v6_deleted(ifdev, num);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Check state changes on local IPv6 addresses and update shadow state
*ef8d499eSDavid van Moolenbroek * accordingly.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v6_check(struct ifdev * ifdev)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t num;
*ef8d499eSDavid van Moolenbroek	int old_state, new_state, was_valid, is_valid;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (num = 0; num < LWIP_IPV6_NUM_ADDRESSES; num++) {
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Since we compile lwIP without support for stateless
*ef8d499eSDavid van Moolenbroek		 * autoconfiguration, there will be no cases where new
*ef8d499eSDavid van Moolenbroek		 * addresses appear out of nowhere.  As such, we can rely on
*ef8d499eSDavid van Moolenbroek		 * all necessary fields already being initialized here.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		old_state = ifdev->ifdev_v6state[num];
*ef8d499eSDavid van Moolenbroek		new_state = netif_ip6_addr_state(netif, num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		if (old_state == new_state)
*ef8d499eSDavid van Moolenbroek			continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		was_valid = ip6_addr_isvalid(old_state);
*ef8d499eSDavid van Moolenbroek		is_valid = ip6_addr_isvalid(new_state);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		if (was_valid != is_valid) {
*ef8d499eSDavid van Moolenbroek			if (is_valid)
*ef8d499eSDavid van Moolenbroek				ifaddr_v6_added(ifdev, num);
*ef8d499eSDavid van Moolenbroek			else
*ef8d499eSDavid van Moolenbroek				ifaddr_v6_deleted(ifdev, num);
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_v6state[num] = new_state;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * TODO: implement the requirements for dealing with duplicated
*ef8d499eSDavid van Moolenbroek		 * addresses, in particular the link-local address, as
*ef8d499eSDavid van Moolenbroek		 * specified by RFC 4862 Sec. 5.4.5.  NetBSD uses the
*ef8d499eSDavid van Moolenbroek		 * ND6_IFF_IFDISABLED flag for this, essentially disabling
*ef8d499eSDavid van Moolenbroek		 * the interface completely when that flag is set.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * A change in the interface and/or link status has resulted in both now being
*ef8d499eSDavid van Moolenbroek * up.  Set the link-local address, if any, to tentative state.  Exempt
*ef8d499eSDavid van Moolenbroek * loopback interfaces, which would just see their own requests as collisions.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * TODO: the current implementation is the absolute minimum required for
*ef8d499eSDavid van Moolenbroek * dhcpcd(8) to function somewhat properly, but there is much more to be
*ef8d499eSDavid van Moolenbroek * decided and done when it comes to dealing with status changes..
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v6_set_up(struct ifdev * ifdev)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (!ifdev_is_loopback(ifdev) &&
*ef8d499eSDavid van Moolenbroek	    !ip6_addr_isinvalid(ifdev->ifdev_v6state[0]))
*ef8d499eSDavid van Moolenbroek		netif_ip6_addr_set_state(ifdev_get_netif(ifdev), 0,
*ef8d499eSDavid van Moolenbroek		    IP6_ADDR_TENTATIVE);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Check whether all conditions are met for (re)assigning a link-local IPv6
*ef8d499eSDavid van Moolenbroek * address, and if so, do just that.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_v6_set_linklocal(struct ifdev * ifdev)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * A few conditions must be met for link-local address assignment.
*ef8d499eSDavid van Moolenbroek	 * First of all, link-local address assignment must be enabled both
*ef8d499eSDavid van Moolenbroek	 * globally and on the interface.  The BSDs use the global setting as
*ef8d499eSDavid van Moolenbroek	 * an initial value for the link-local setting, but if we do this, it
*ef8d499eSDavid van Moolenbroek	 * would basically be impossible to change the global setting and have
*ef8d499eSDavid van Moolenbroek	 * any effect.  Thus, we use the global setting as an additional
*ef8d499eSDavid van Moolenbroek	 * requirement, with as reasoning that people will typically disable
*ef8d499eSDavid van Moolenbroek	 * the global setting in order to assign no IPv6 addresses at all.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (!(ifdev_get_nd6flags(ifdev) & ND6_IFF_AUTO_LINKLOCAL) ||
*ef8d499eSDavid van Moolenbroek	    !ifaddr_auto_linklocal)
*ef8d499eSDavid van Moolenbroek		return;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Second, the interface must be up.  This is an artificial requirement
*ef8d499eSDavid van Moolenbroek	 * that allows for the above settings to be changed at all: if we
*ef8d499eSDavid van Moolenbroek	 * assigned a link-local address as soon as we could (see below), this
*ef8d499eSDavid van Moolenbroek	 * would leave virtually no opportunity to change the settings.  Once
*ef8d499eSDavid van Moolenbroek	 * assigned, a link-local address is never removed automatically.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (!ifdev_is_up(ifdev))
*ef8d499eSDavid van Moolenbroek		return;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * A proper (48-bit) hardware address must be set.  Interfaces without
*ef8d499eSDavid van Moolenbroek	 * hardware addresses (e.g., loopback devices) do not have this kind of
*ef8d499eSDavid van Moolenbroek	 * auto-assignment.  It may take a while for the driver to get back to
*ef8d499eSDavid van Moolenbroek	 * us with its initial hardware address, so wait for at least that.
*ef8d499eSDavid van Moolenbroek	 * Also update the link-local address upon subsequent (user-initiated)
*ef8d499eSDavid van Moolenbroek	 * changes to the hardware address, as long as if the IPv6 address has
*ef8d499eSDavid van Moolenbroek	 * not been overridden by userland by then.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ifdev_get_hwlen(ifdev) != ETHARP_HWADDR_LEN ||
*ef8d499eSDavid van Moolenbroek	    !(ifdev->ifdev_hwlist[0].ifhwa_flags & IFHWAF_VALID))
*ef8d499eSDavid van Moolenbroek		return;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (!ip6_addr_isinvalid(ifdev->ifdev_v6state[0]) &&
*ef8d499eSDavid van Moolenbroek	    (ifdev->ifdev_v6flags[0] & IFADDR_V6F_HWBASED))
*ef8d499eSDavid van Moolenbroek		return;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * All conditions are met.  Set or replace the interface's IPv6
*ef8d499eSDavid van Moolenbroek	 * link-local address.  This uses the first IPv6 address slot, which
*ef8d499eSDavid van Moolenbroek	 * will be skipped when adding non-link-local addresses.  We first
*ef8d499eSDavid van Moolenbroek	 * delete the old address if any, in order to force invalidation of
*ef8d499eSDavid van Moolenbroek	 * bound sockets, because setting the new address does not (currently)
*ef8d499eSDavid van Moolenbroek	 * consider sockets.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (!ip6_addr_isinvalid(ifdev->ifdev_v6state[0]))
*ef8d499eSDavid van Moolenbroek		ifaddr_v6_del(ifdev, (ifaddr_v6_num_t)0);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek#ifdef INET6
*ef8d499eSDavid van Moolenbroek	ifdev->ifdev_v6flags[0] = IFADDR_V6F_HWBASED;
*ef8d499eSDavid van Moolenbroek	ifdev->ifdev_v6prefix[0] = 64;
*ef8d499eSDavid van Moolenbroek	netif_create_ip6_linklocal_address(ifdev_get_netif(ifdev),
*ef8d499eSDavid van Moolenbroek	    1 /*from_mac_48bit*/);
*ef8d499eSDavid van Moolenbroek	assert(!ip6_addr_isinvalid(ifdev->ifdev_v6state[0]));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ifdev->ifdev_v6scope[0] =
*ef8d499eSDavid van Moolenbroek	    addrpol_get_scope(netif_ip_addr6(ifdev_get_netif(ifdev), 0),
*ef8d499eSDavid van Moolenbroek	      TRUE /*is_src*/);
*ef8d499eSDavid van Moolenbroek#endif /* INET6 */
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Return the first interface device that owns the given (non-any) IPv6
*ef8d499eSDavid van Moolenbroek * address, or NULL if it is not a valid local IPv6 address.  Addresses that
*ef8d499eSDavid van Moolenbroek * exist but are not usable ("usually assigned" in the RFC4862 sense) are
*ef8d499eSDavid van Moolenbroek * considered not valid in this context.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstruct ifdev *
*ef8d499eSDavid van Moolenbroekifaddr_v6_map_by_addr(const ip6_addr_t * ip6addr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct ifdev *ifdev;
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t num;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * It would be nice to be able to do a route lookup on an RTF_LOCAL
*ef8d499eSDavid van Moolenbroek	 * entry here, but this approach would currently have two problems.
*ef8d499eSDavid van Moolenbroek	 *
*ef8d499eSDavid van Moolenbroek	 * 1) link-local addresses would require a lookup with a different
*ef8d499eSDavid van Moolenbroek	 *    embedded zone for each possible interface, requiring a loop over
*ef8d499eSDavid van Moolenbroek	 *    all interfaces after all; we could do a route lookup for global
*ef8d499eSDavid van Moolenbroek	 *    addresses only, but then there's also the issue that..
*ef8d499eSDavid van Moolenbroek	 * 2) once we get the interface from the route, we still have to check
*ef8d499eSDavid van Moolenbroek	 *    check the state of the address, as done below, and that requires
*ef8d499eSDavid van Moolenbroek	 *    us to go through all the interface addresses after all; we could
*ef8d499eSDavid van Moolenbroek	 *    embed the local address number in the RTF_LOCAL routing entry but
*ef8d499eSDavid van Moolenbroek	 *    that would get rather messy API-wise.
*ef8d499eSDavid van Moolenbroek	 *
*ef8d499eSDavid van Moolenbroek	 * Still, if it turns out that this function is a bottleneck, the above
*ef8d499eSDavid van Moolenbroek	 * workarounds should offer a way forward for the common case.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	for (ifdev = NULL; (ifdev = ifdev_enum(ifdev)) != NULL; ) {
*ef8d499eSDavid van Moolenbroek		netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		for (num = 0; num < LWIP_IPV6_NUM_ADDRESSES; num++) {
*ef8d499eSDavid van Moolenbroek			if (ip6_addr_isinvalid(ifdev->ifdev_v6state[num]))
*ef8d499eSDavid van Moolenbroek				continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			/*
*ef8d499eSDavid van Moolenbroek			 * An address may be used as a local address only if it
*ef8d499eSDavid van Moolenbroek			 * is preferred or deprecated, not if it is tentative
*ef8d499eSDavid van Moolenbroek			 * or duplicated.
*ef8d499eSDavid van Moolenbroek			 */
*ef8d499eSDavid van Moolenbroek			if (!ifaddr_v6_isvalid(ifdev, num))
*ef8d499eSDavid van Moolenbroek				continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			/*
*ef8d499eSDavid van Moolenbroek			 * Ignore the zone if the given address does not have
*ef8d499eSDavid van Moolenbroek			 * one set.  Otherwise, the zone must match.
*ef8d499eSDavid van Moolenbroek			 */
*ef8d499eSDavid van Moolenbroek			if (ip6_addr_cmp_zoneless(netif_ip6_addr(netif, num),
*ef8d499eSDavid van Moolenbroek			    ip6addr) && (!ip6_addr_has_zone(ip6addr) ||
*ef8d499eSDavid van Moolenbroek			    ip6_addr_test_zone(ip6addr, netif)))
*ef8d499eSDavid van Moolenbroek				return ifdev;
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return NULL;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Return the first interface device for which the given IPv6 address is on a
*ef8d499eSDavid van Moolenbroek * configured local subnet, or NULL if no match was found.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic struct ifdev *
*ef8d499eSDavid van Moolenbroekifaddr_v6_map_by_subnet(const ip_addr_t * ipaddr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	const ip_addr_t *addr;
*ef8d499eSDavid van Moolenbroek	struct ifdev *ifdev;
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t num;
*ef8d499eSDavid van Moolenbroek	unsigned int prefix;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(IP_IS_V6(ipaddr));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (ifdev = NULL; (ifdev = ifdev_enum(ifdev)) != NULL; ) {
*ef8d499eSDavid van Moolenbroek		netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		if (ip6_addr_has_zone(ip_2_ip6(ipaddr)) &&
*ef8d499eSDavid van Moolenbroek		    !ip6_addr_test_zone(ip_2_ip6(ipaddr), netif))
*ef8d499eSDavid van Moolenbroek			continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		for (num = 0; num < LWIP_IPV6_NUM_ADDRESSES; num++) {
*ef8d499eSDavid van Moolenbroek			if (ip6_addr_isinvalid(ifdev->ifdev_v6state[num]))
*ef8d499eSDavid van Moolenbroek				continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			if (!ifaddr_v6_isvalid(ifdev, num))
*ef8d499eSDavid van Moolenbroek				continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			addr = netif_ip_addr6(netif, num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			/*
*ef8d499eSDavid van Moolenbroek			 * For addresses with no implied subnet, check against
*ef8d499eSDavid van Moolenbroek			 * the full address, so as to match only that address.
*ef8d499eSDavid van Moolenbroek			 */
*ef8d499eSDavid van Moolenbroek			if (ifdev->ifdev_v6flags[num] & IFADDR_V6F_AUTOCONF)
*ef8d499eSDavid van Moolenbroek				prefix = IP6_BITS;
*ef8d499eSDavid van Moolenbroek			else
*ef8d499eSDavid van Moolenbroek				prefix = ifdev->ifdev_v6prefix[num];
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			if (addr_get_common_bits(ipaddr, addr, prefix) ==
*ef8d499eSDavid van Moolenbroek			    prefix)
*ef8d499eSDavid van Moolenbroek				return ifdev;
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return NULL;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Select an IPv6 source address for communication to the given destination
*ef8d499eSDavid van Moolenbroek * address on the given interface.  Return the selected source address, or NULL
*ef8d499eSDavid van Moolenbroek * if no appropriate source address could be found.  This function implements
*ef8d499eSDavid van Moolenbroek * RFC 6724 Sec. 5, and is very close to a drop-in replacement for lwIP's own
*ef8d499eSDavid van Moolenbroek * ip6_select_source_address() function.  We can do a slightly better job
*ef8d499eSDavid van Moolenbroek * because we have more information (for Rules 6 and 7) and can offer a more
*ef8d499eSDavid van Moolenbroek * complete, less lightweight implementation (for Rule 8).
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * In summary, this is the implementation status of the rules:
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * - Rules 1, 2, 3: fully implemented
*ef8d499eSDavid van Moolenbroek * - Rules 4, 5, 5.5: not applicable
*ef8d499eSDavid van Moolenbroek * - Rules 6, 7, 8: fully implemented
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * Note that for rule 2, scope decisions are left to the addrpol module, which
*ef8d499eSDavid van Moolenbroek * makes a deliberate exception from the RFC for Unique-Local Addresses.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * The given destination address may not be properly zoned.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic const ip_addr_t *
*ef8d499eSDavid van Moolenbroekifaddr_v6_select(struct ifdev * ifdev, const ip_addr_t * dest_addr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	const ip_addr_t *cand_addr, *best_addr;
*ef8d499eSDavid van Moolenbroek	int dest_scope, cand_scope, best_scope;
*ef8d499eSDavid van Moolenbroek	int dest_label, cand_label, best_label = 0 /*gcc*/;
*ef8d499eSDavid van Moolenbroek	uint8_t cand_pref, best_pref = 0 /*gcc*/;
*ef8d499eSDavid van Moolenbroek	uint8_t cand_temp, best_temp = 0 /*gcc*/;
*ef8d499eSDavid van Moolenbroek	int cand_bits, best_bits = 0 /*gcc*/;
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_num_t num, best_num;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(ifdev != NULL);
*ef8d499eSDavid van Moolenbroek	assert(IP_IS_V6(dest_addr));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	dest_scope = addrpol_get_scope(dest_addr, FALSE /*is_src*/);
*ef8d499eSDavid van Moolenbroek	dest_label = -1; /* obtain only when necessary */
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	best_addr = NULL;
*ef8d499eSDavid van Moolenbroek	best_num = -1;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (num = 0; num < LWIP_IPV6_NUM_ADDRESSES; num++) {
*ef8d499eSDavid van Moolenbroek		/* Consider only valid (preferred and deprecated) addresses. */
*ef8d499eSDavid van Moolenbroek		if (!ip6_addr_isvalid(ifdev->ifdev_v6state[num]))
*ef8d499eSDavid van Moolenbroek			continue;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		cand_addr = netif_ip_addr6(ifdev_get_netif(ifdev), (int)num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/* Rule 1 */
*ef8d499eSDavid van Moolenbroek		if (ip6_addr_cmp_zoneless(ip_2_ip6(cand_addr),
*ef8d499eSDavid van Moolenbroek		    ip_2_ip6(dest_addr)))
*ef8d499eSDavid van Moolenbroek			return cand_addr;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		cand_scope = ifdev->ifdev_v6scope[num];
*ef8d499eSDavid van Moolenbroek		cand_pref = ip6_addr_ispreferred(ifdev->ifdev_v6state[num]);
*ef8d499eSDavid van Moolenbroek		cand_temp = (ifdev->ifdev_v6flags[num] & IFADDR_V6F_TEMPORARY);
*ef8d499eSDavid van Moolenbroek		cand_label = -1;
*ef8d499eSDavid van Moolenbroek		cand_bits = -1;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * The following monster of an if-condition relies on order of
*ef8d499eSDavid van Moolenbroek		 * evaluation to obtain the more expensive-to-compute values
*ef8d499eSDavid van Moolenbroek		 * only when strictly necessary.  We use a shortcut for Rule 6:
*ef8d499eSDavid van Moolenbroek		 * labels are computed based on longest matching prefix, so if
*ef8d499eSDavid van Moolenbroek		 * Rule 6 prefers the candidate address, Rule 8 would have
*ef8d499eSDavid van Moolenbroek		 * preferred the candidate address as well.  Therefore, skip
*ef8d499eSDavid van Moolenbroek		 * even computing labels when Rule 7 would not prefer either
*ef8d499eSDavid van Moolenbroek		 * address, i.e. the "temporary" state of the candidate and the
*ef8d499eSDavid van Moolenbroek		 * best address are equal.  For complete ties (which exist,
*ef8d499eSDavid van Moolenbroek		 * because Rule 8 - longest common prefix - checks up to the
*ef8d499eSDavid van Moolenbroek		 * subnet size), as "policy" we always pick the first address.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek#define ADDRPOL_GET_LABEL(addr, label) \
*ef8d499eSDavid van Moolenbroek	(label != -1 || (label = addrpol_get_label(addr), 1))
*ef8d499eSDavid van Moolenbroek#define ADDR_GET_COMMON_BITS(addr1, addr2, num, bits) \
*ef8d499eSDavid van Moolenbroek	(bits != -1 || (bits = (int) \
*ef8d499eSDavid van Moolenbroek	addr_get_common_bits(addr1, addr2, ifdev->ifdev_v6prefix[num]), 1))
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		if (best_addr == NULL || /* no alternative yet */
*ef8d499eSDavid van Moolenbroek		    /* Rule 2 */
*ef8d499eSDavid van Moolenbroek		    (cand_scope < best_scope && cand_scope >= dest_scope) ||
*ef8d499eSDavid van Moolenbroek		    (cand_scope > best_scope && best_scope < dest_scope) ||
*ef8d499eSDavid van Moolenbroek		    (cand_scope == best_scope &&
*ef8d499eSDavid van Moolenbroek		    /* Rule 3 */
*ef8d499eSDavid van Moolenbroek		    (cand_pref > best_pref || (cand_pref == best_pref &&
*ef8d499eSDavid van Moolenbroek		    /* Rule 6 */
*ef8d499eSDavid van Moolenbroek		    ((cand_temp != best_temp && /* shortcut, part 1 */
*ef8d499eSDavid van Moolenbroek		    ADDRPOL_GET_LABEL(dest_addr, dest_label) &&
*ef8d499eSDavid van Moolenbroek		    ADDRPOL_GET_LABEL(cand_addr, cand_label) &&
*ef8d499eSDavid van Moolenbroek		    ADDRPOL_GET_LABEL(best_addr, best_label) &&
*ef8d499eSDavid van Moolenbroek		    cand_label == dest_label && best_label != dest_label) ||
*ef8d499eSDavid van Moolenbroek		    ((cand_temp == best_temp || /* shortcut, part 2 */
*ef8d499eSDavid van Moolenbroek		    ((cand_label == dest_label) ==
*ef8d499eSDavid van Moolenbroek		      (best_label == dest_label))) &&
*ef8d499eSDavid van Moolenbroek		    /* Rule 7 */
*ef8d499eSDavid van Moolenbroek		    (cand_temp > best_temp || (cand_temp == best_temp &&
*ef8d499eSDavid van Moolenbroek		    /* Rule 8 */
*ef8d499eSDavid van Moolenbroek		    ADDR_GET_COMMON_BITS(cand_addr, dest_addr, num,
*ef8d499eSDavid van Moolenbroek		      cand_bits) &&
*ef8d499eSDavid van Moolenbroek		    ADDR_GET_COMMON_BITS(best_addr, dest_addr, best_num,
*ef8d499eSDavid van Moolenbroek		      best_bits) &&
*ef8d499eSDavid van Moolenbroek		    cand_bits > best_bits)))))))) {
*ef8d499eSDavid van Moolenbroek			/* We found a new "winning" candidate. */
*ef8d499eSDavid van Moolenbroek			best_addr = cand_addr;
*ef8d499eSDavid van Moolenbroek			best_scope = cand_scope;
*ef8d499eSDavid van Moolenbroek			best_pref = cand_pref;
*ef8d499eSDavid van Moolenbroek			best_temp = cand_temp;
*ef8d499eSDavid van Moolenbroek			best_label = cand_label;
*ef8d499eSDavid van Moolenbroek			best_bits = cand_bits;
*ef8d499eSDavid van Moolenbroek			best_num = num;
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Return the best candidate, if any. */
*ef8d499eSDavid van Moolenbroek	return best_addr;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Pick an IPv6 source address locally assigned to the given interface, for use
*ef8d499eSDavid van Moolenbroek * with the given IPv6 destination address.  See ifaddr_v6_select() on why we
*ef8d499eSDavid van Moolenbroek * override lwIP's version of this function.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * This is a full replacement of the corresponding lwIP function, which should
*ef8d499eSDavid van Moolenbroek * be overridden with weak symbols, using patches against the lwIP source code.
*ef8d499eSDavid van Moolenbroek * As such, the lwIP headers should already provide the correct prototype for
*ef8d499eSDavid van Moolenbroek * this function.  If not, something will have changed in the lwIP
*ef8d499eSDavid van Moolenbroek * implementation, and this code must be revised accordingly.
*ef8d499eSDavid van Moolenbroek *
*ef8d499eSDavid van Moolenbroek * Important: there are currently no tests that will detect that overriding is
*ef8d499eSDavid van Moolenbroek * broken, since our test code (necessarily) uses the code path that calls
*ef8d499eSDavid van Moolenbroek * ifaddr_v6_select() directly, even though there are other places in the lwIP
*ef8d499eSDavid van Moolenbroek * source code that explicitly call this functions.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekconst ip_addr_t *
*ef8d499eSDavid van Moolenbroekip6_select_source_address(struct netif * netif, const ip6_addr_t * dest_addr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ip_addr_t ipaddr;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ip_addr_copy_from_ip6(ipaddr, *dest_addr);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return ifaddr_v6_select(netif_get_ifdev(netif), &ipaddr);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Find and return the interface to which the given address is assigned as a
*ef8d499eSDavid van Moolenbroek * local (source) address, or NULL if the given address is not a local address
*ef8d499eSDavid van Moolenbroek * for any interface.  The 'any' address as well as IPv4-mapped IPv6 addresses
*ef8d499eSDavid van Moolenbroek * are not supported and will yield NULL.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstruct ifdev *
*ef8d499eSDavid van Moolenbroekifaddr_map_by_addr(const ip_addr_t * ipaddr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	switch (IP_GET_TYPE(ipaddr)) {
*ef8d499eSDavid van Moolenbroek	case IPADDR_TYPE_V4:
*ef8d499eSDavid van Moolenbroek		return ifaddr_v4_map_by_addr(ip_2_ip4(ipaddr));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	case IPADDR_TYPE_V6:
*ef8d499eSDavid van Moolenbroek		if (ip6_addr_isipv4mappedipv6(ip_2_ip6(ipaddr)))
*ef8d499eSDavid van Moolenbroek			return NULL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		return ifaddr_v6_map_by_addr(ip_2_ip6(ipaddr));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	case IPADDR_TYPE_ANY:
*ef8d499eSDavid van Moolenbroek		return NULL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	default:
*ef8d499eSDavid van Moolenbroek		panic("unknown IP address type: %u", IP_GET_TYPE(ipaddr));
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Find and return an interface that has a local network configured that
*ef8d499eSDavid van Moolenbroek * contains the given address, or NULL if there is no match.  If there are
*ef8d499eSDavid van Moolenbroek * multiple matches, an arbitrary one is returned.  The 'any' address as well
*ef8d499eSDavid van Moolenbroek * as IPv4-mapped IPv6 addresses are not supported and will yield NULL.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstruct ifdev *
*ef8d499eSDavid van Moolenbroekifaddr_map_by_subnet(const ip_addr_t * ipaddr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	switch (IP_GET_TYPE(ipaddr)) {
*ef8d499eSDavid van Moolenbroek	case IPADDR_TYPE_V4:
*ef8d499eSDavid van Moolenbroek		return ifaddr_v4_map_by_subnet(ip_2_ip4(ipaddr));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	case IPADDR_TYPE_V6:
*ef8d499eSDavid van Moolenbroek		if (ip6_addr_isipv4mappedipv6(ip_2_ip6(ipaddr)))
*ef8d499eSDavid van Moolenbroek			return NULL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		return ifaddr_v6_map_by_subnet(ipaddr);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	case IPADDR_TYPE_ANY:
*ef8d499eSDavid van Moolenbroek		return NULL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	default:
*ef8d499eSDavid van Moolenbroek		panic("unknown IP address type: %u", IP_GET_TYPE(ipaddr));
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Select a local address to use as source address for the given destination
*ef8d499eSDavid van Moolenbroek * address.  If 'ifdev' is not NULL, it points to the interface from which to
*ef8d499eSDavid van Moolenbroek * select a source address.  If 'ifdev' is NULL, this function will attempt to
*ef8d499eSDavid van Moolenbroek * select an interface as well.  On success, return the selected source
*ef8d499eSDavid van Moolenbroek * address, and if 'ifdevp' is not NULL, store the selected interface in it.
*ef8d499eSDavid van Moolenbroek * On failure, return NULL.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekconst ip_addr_t *
*ef8d499eSDavid van Moolenbroekifaddr_select(const ip_addr_t * dst_addr, struct ifdev * ifdev,
*ef8d499eSDavid van Moolenbroek	struct ifdev ** ifdevp)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct route_entry *route;
*ef8d499eSDavid van Moolenbroek	const ip6_addr_t *ip6addr;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * If no interface is provided yet, start by determining the interface.
*ef8d499eSDavid van Moolenbroek	 * If the destination address has a zone, this step is easy.  Otherwise
*ef8d499eSDavid van Moolenbroek	 * we have to do a routing query on the destination address.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ifdev == NULL) {
*ef8d499eSDavid van Moolenbroek		ip6addr = ip_2_ip6(dst_addr);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		if (IP_IS_V6(dst_addr) && ip6_addr_has_zone(ip6addr)) {
*ef8d499eSDavid van Moolenbroek			ifdev = ifdev_get_by_index(ip6_addr_zone(ip6addr));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			if (ifdev == NULL)
*ef8d499eSDavid van Moolenbroek				return NULL;
*ef8d499eSDavid van Moolenbroek		} else {
*ef8d499eSDavid van Moolenbroek			if ((route = route_lookup(dst_addr)) == NULL)
*ef8d499eSDavid van Moolenbroek				return NULL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			ifdev = route_get_ifdev(route);
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (ifdevp != NULL)
*ef8d499eSDavid van Moolenbroek		*ifdevp = ifdev;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * We have found an interface.  Now select an IP address assigned to
*ef8d499eSDavid van Moolenbroek	 * that interface.  For IPv4, this is easy: each interface has only one
*ef8d499eSDavid van Moolenbroek	 * local address (if that).  For IPv6, we may have to select one of the
*ef8d499eSDavid van Moolenbroek	 * locally assigned addresses: global, link-local, etc.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	switch (IP_GET_TYPE(dst_addr)) {
*ef8d499eSDavid van Moolenbroek	case IPADDR_TYPE_V4:
*ef8d499eSDavid van Moolenbroek		/* Use the IPv4 source address if one is set at all. */
*ef8d499eSDavid van Moolenbroek		if (!ifdev->ifdev_v4set)
*ef8d499eSDavid van Moolenbroek			return FALSE;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		return netif_ip_addr4(ifdev_get_netif(ifdev));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	case IPADDR_TYPE_V6:
*ef8d499eSDavid van Moolenbroek		return ifaddr_v6_select(ifdev, dst_addr);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	default:
*ef8d499eSDavid van Moolenbroek		panic("unknown IP address type: %u", IP_GET_TYPE(dst_addr));
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Check the given IPv6 address for a zone violation against the given
*ef8d499eSDavid van Moolenbroek * interface--that is, a scoped address leaving its original zone if used in
*ef8d499eSDavid van Moolenbroek * the context of the interface.  Return TRUE if the address is zone-
*ef8d499eSDavid van Moolenbroek * incompatible with the interface, and thus must not be used in packets sent
*ef8d499eSDavid van Moolenbroek * to that interface.  Return FALSE if there is no such zone incompatibility.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_is_zone_mismatch(const ip6_addr_t * ipaddr, struct ifdev * ifdev)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * The IPv6 loopback address (::1) has an implicit link-local scope,
*ef8d499eSDavid van Moolenbroek	 * with a zone corresponding to the interface it is assigned to.  We
*ef8d499eSDavid van Moolenbroek	 * take a shortcut by assuming that the loopback address is assigned to
*ef8d499eSDavid van Moolenbroek	 * the primary loopback interface.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ip6_addr_isloopback(ipaddr))
*ef8d499eSDavid van Moolenbroek		return (ifdev != ifdev_get_loopback());
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Zoned addresses must not leave their zone. */
*ef8d499eSDavid van Moolenbroek	if (ip6_addr_has_zone(ipaddr))
*ef8d499eSDavid van Moolenbroek		return !ip6_addr_test_zone(ipaddr, ifdev_get_netif(ifdev));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return FALSE;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Find a data link (hardware) address locally assigned to a interface.  The
*ef8d499eSDavid van Moolenbroek * address is given as 'addr', and the length of the memory area that contains
*ef8d499eSDavid van Moolenbroek * 'addr' is given as 'addr_len'.  The interface is given as 'ifdev'.  On
*ef8d499eSDavid van Moolenbroek * success, return OK, with the data link address number stored in 'num'.  For
*ef8d499eSDavid van Moolenbroek * interfaces that do not support hardware addresses, if the given address
*ef8d499eSDavid van Moolenbroek * provides a zero-length hardware address, always return successfully with 0
*ef8d499eSDavid van Moolenbroek * stored in 'nump'.  On failure, return a negative error code.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_dl_find(struct ifdev * ifdev, const struct sockaddr_dlx * addr,
*ef8d499eSDavid van Moolenbroek	socklen_t addr_len, ifaddr_dl_num_t * nump)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	uint8_t hwaddr[NETIF_MAX_HWADDR_LEN];
*ef8d499eSDavid van Moolenbroek	ifaddr_dl_num_t num;
*ef8d499eSDavid van Moolenbroek	int r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if ((r = addr_get_link((const struct sockaddr *)addr, addr_len,
*ef8d499eSDavid van Moolenbroek	    NULL /*name*/, 0 /*name_max*/, hwaddr,
*ef8d499eSDavid van Moolenbroek	    ifdev_get_hwlen(ifdev))) != OK)
*ef8d499eSDavid van Moolenbroek		return r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * For interfaces without hardware addresses, after passing the above
*ef8d499eSDavid van Moolenbroek	 * sanity checks (which guarantee that the searched-for address is of
*ef8d499eSDavid van Moolenbroek	 * zero length), return the pseudo-entry zero, which yields an entry
*ef8d499eSDavid van Moolenbroek	 * with a zero-sized hardware address once obtained.  This is required
*ef8d499eSDavid van Moolenbroek	 * for at least ifconfig(8).
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_ops->iop_set_hwaddr == NULL) {
*ef8d499eSDavid van Moolenbroek		*nump = 0;
*ef8d499eSDavid van Moolenbroek		return OK;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (num = 0; (size_t)num < __arraycount(ifdev->ifdev_hwlist); num++) {
*ef8d499eSDavid van Moolenbroek		if ((ifdev->ifdev_hwlist[num].ifhwa_flags & IFHWAF_VALID) &&
*ef8d499eSDavid van Moolenbroek		    !memcmp(ifdev->ifdev_hwlist[num].ifhwa_addr, hwaddr,
*ef8d499eSDavid van Moolenbroek		    ifdev_get_hwlen(ifdev))) {
*ef8d499eSDavid van Moolenbroek			*nump = num;
*ef8d499eSDavid van Moolenbroek			return OK;
*ef8d499eSDavid van Moolenbroek		}
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return EADDRNOTAVAIL;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Enumerate data link (hardware) addresses locally assigned to the given
*ef8d499eSDavid van Moolenbroek * interface 'ifdev'.  The caller should set 'nump' to 0 initially, and
*ef8d499eSDavid van Moolenbroek * increase it by one between a successful call and the next enumeration call.
*ef8d499eSDavid van Moolenbroek * Return TRUE on success, meaning that starting from the given value of 'nump'
*ef8d499eSDavid van Moolenbroek * there is at least one data link address, of which the number is stored in
*ef8d499eSDavid van Moolenbroek * 'nump' on return.  Return FALSE if there are no more data link addresses
*ef8d499eSDavid van Moolenbroek * locally assigned to the interface.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_dl_enum(struct ifdev * ifdev, ifaddr_dl_num_t * num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * If hardware addresses are not supported, or if no hardware address
*ef8d499eSDavid van Moolenbroek	 * has been added to this interface yet (this shouldn't happen but
*ef8d499eSDavid van Moolenbroek	 * still), there is always one entry with a (zero-sized) address.
*ef8d499eSDavid van Moolenbroek	 * That is required for the IFP (name) entry as used by getifaddrs(3).
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_ops->iop_set_hwaddr == NULL ||
*ef8d499eSDavid van Moolenbroek	    !(ifdev->ifdev_hwlist[0].ifhwa_flags & IFHWAF_VALID))
*ef8d499eSDavid van Moolenbroek		return (*num == 0);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (; (size_t)*num < __arraycount(ifdev->ifdev_hwlist); (*num)++) {
*ef8d499eSDavid van Moolenbroek		if (ifdev->ifdev_hwlist[*num].ifhwa_flags & IFHWAF_VALID)
*ef8d499eSDavid van Moolenbroek			return TRUE;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return FALSE;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Retrieve a data link (hardware) address for an interface.  For interfaces
*ef8d499eSDavid van Moolenbroek * that support hardware addresses, 'num' must be a number returned by
*ef8d499eSDavid van Moolenbroek * ifaddr_dl_find() or ifaddr_dl_enum().  For others, 'num' must be zero, and a
*ef8d499eSDavid van Moolenbroek * pseudo-address of zero size will be returned.  The address will be stored in
*ef8d499eSDavid van Moolenbroek * 'addr'.  This function always succeeds.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_dl_get(struct ifdev * ifdev, ifaddr_dl_num_t num,
*ef8d499eSDavid van Moolenbroek	struct sockaddr_dlx * addr)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	const uint8_t *hwaddr;
*ef8d499eSDavid van Moolenbroek	size_t hwaddr_len;
*ef8d499eSDavid van Moolenbroek	socklen_t addr_len;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if ((hwaddr_len = ifdev_get_hwlen(ifdev)) > 0) {
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * Note that if we have no hardware addresses yet (which should
*ef8d499eSDavid van Moolenbroek		 * not happen but still), the first entry may not be marked as
*ef8d499eSDavid van Moolenbroek		 * valid yet.  Ignore it, and return an all-zeroes address.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		hwaddr = ifdev->ifdev_hwlist[num].ifhwa_addr;
*ef8d499eSDavid van Moolenbroek	} else
*ef8d499eSDavid van Moolenbroek		hwaddr = NULL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	addr_len = sizeof(*addr);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	addr_put_link((struct sockaddr *)addr, &addr_len,
*ef8d499eSDavid van Moolenbroek	    ifdev_get_index(ifdev), ifdev_get_iftype(ifdev),
*ef8d499eSDavid van Moolenbroek	    ifdev_get_name(ifdev), hwaddr, hwaddr_len);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Obtain NetBSD-style state flags (IFLR_) for the given local data link
*ef8d499eSDavid van Moolenbroek * address.  The given number may be 0, in which case that slot's state may not
*ef8d499eSDavid van Moolenbroek * be valid.  Otherwise, the given number must identify an existing address.
*ef8d499eSDavid van Moolenbroek * Return the flags, 0 if the slot was not valid.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_dl_get_flags(struct ifdev * ifdev, ifaddr_dl_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	int flags;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(num >= 0 && (size_t)num < __arraycount(ifdev->ifdev_hwlist));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (!(ifdev->ifdev_hwlist[num].ifhwa_flags & IFHWAF_VALID))
*ef8d499eSDavid van Moolenbroek		return 0;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	flags = (num == 0) ? IFLR_ACTIVE : 0;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_hwlist[num].ifhwa_flags & IFHWAF_FACTORY)
*ef8d499eSDavid van Moolenbroek		flags |= IFLR_FACTORY;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return flags;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Scan the list of hardware addresses of the given interface for a particular
*ef8d499eSDavid van Moolenbroek * hardware address, as well as for an available entry.  Return the entry found
*ef8d499eSDavid van Moolenbroek * or -1 if the given hardware address was not found.  Independently, return an
*ef8d499eSDavid van Moolenbroek * available entry in 'availp' or -1 if no entries are available.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic ifaddr_dl_num_t
*ef8d499eSDavid van Moolenbroekifaddr_dl_scan(struct ifdev * ifdev, const uint8_t * hwaddr,
*ef8d499eSDavid van Moolenbroek	ifaddr_dl_num_t * availp)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ifaddr_dl_num_t num, found, avail;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	found = avail = -1;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	for (num = 0; (size_t)num < __arraycount(ifdev->ifdev_hwlist); num++) {
*ef8d499eSDavid van Moolenbroek		if (!(ifdev->ifdev_hwlist[num].ifhwa_flags & IFHWAF_VALID)) {
*ef8d499eSDavid van Moolenbroek			if (avail == -1)
*ef8d499eSDavid van Moolenbroek				avail = num;
*ef8d499eSDavid van Moolenbroek		} else if (!memcmp(ifdev->ifdev_hwlist[num].ifhwa_addr, hwaddr,
*ef8d499eSDavid van Moolenbroek		    ifdev_get_hwlen(ifdev)))
*ef8d499eSDavid van Moolenbroek			found = num;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	*availp = avail;
*ef8d499eSDavid van Moolenbroek	return found;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Set a hardware address entry in the hardware address list of the given
*ef8d499eSDavid van Moolenbroek * interface.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic void
*ef8d499eSDavid van Moolenbroekifaddr_dl_set(struct ifdev * ifdev, ifaddr_dl_num_t num,
*ef8d499eSDavid van Moolenbroek	const uint8_t * hwaddr, int is_factory)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	memcpy(&ifdev->ifdev_hwlist[num].ifhwa_addr, hwaddr,
*ef8d499eSDavid van Moolenbroek	    ifdev_get_hwlen(ifdev));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ifdev->ifdev_hwlist[num].ifhwa_flags = IFHWAF_VALID;
*ef8d499eSDavid van Moolenbroek	if (is_factory)
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_hwlist[num].ifhwa_flags |= IFHWAF_FACTORY;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	rtsock_msg_addr_dl(ifdev, RTM_NEWADDR, num);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Mark a new hardware address as active, after it has already been activated
*ef8d499eSDavid van Moolenbroek * on the hardware and in local administration.  The active slot is always slot
*ef8d499eSDavid van Moolenbroek * zero, so swap slots if needed.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekstatic void
*ef8d499eSDavid van Moolenbroekifaddr_dl_activate(struct ifdev * ifdev, ifaddr_dl_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	struct ifdev_hwaddr tmp;
*ef8d499eSDavid van Moolenbroek	struct netif *netif;
*ef8d499eSDavid van Moolenbroek	size_t sz;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(num != -1);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* The given slot may be zero if this is the initial address. */
*ef8d499eSDavid van Moolenbroek	if (num != 0) {
*ef8d499eSDavid van Moolenbroek		sz = sizeof(tmp);
*ef8d499eSDavid van Moolenbroek		memcpy(&tmp, &ifdev->ifdev_hwlist[0], sz);
*ef8d499eSDavid van Moolenbroek		memcpy(&ifdev->ifdev_hwlist[0], &ifdev->ifdev_hwlist[num], sz);
*ef8d499eSDavid van Moolenbroek		memcpy(&ifdev->ifdev_hwlist[num], &tmp, sz);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	netif = ifdev_get_netif(ifdev);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* Tell lwIP and routing sockets. */
*ef8d499eSDavid van Moolenbroek	memcpy(&netif->hwaddr, &ifdev->ifdev_hwlist[0].ifhwa_addr,
*ef8d499eSDavid van Moolenbroek	    ifdev_get_hwlen(ifdev));
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	rtsock_msg_addr_dl(ifdev, RTM_CHGADDR, 0);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* See if we can and should generate a link-local IPv6 address now. */
*ef8d499eSDavid van Moolenbroek	ifaddr_v6_set_linklocal(ifdev);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Add a data link (hardware) address to an interface, or if it already exists,
*ef8d499eSDavid van Moolenbroek * update its associated flags (IFLR_).
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_dl_add(struct ifdev * ifdev, const struct sockaddr_dlx * addr,
*ef8d499eSDavid van Moolenbroek	socklen_t addr_len, int flags)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	uint8_t hwaddr[NETIF_MAX_HWADDR_LEN];
*ef8d499eSDavid van Moolenbroek	ifaddr_dl_num_t found, avail;
*ef8d499eSDavid van Moolenbroek	int r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * If this interface type does not support setting hardware addresses,
*ef8d499eSDavid van Moolenbroek	 * refuse the call.  If the interface type supports it but the
*ef8d499eSDavid van Moolenbroek	 * underlying hardware does not, we cannot report failure here, though.
*ef8d499eSDavid van Moolenbroek	 * In that case, attempts to activate an address will fail instead.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_ops->iop_set_hwaddr == NULL)
*ef8d499eSDavid van Moolenbroek		return EINVAL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if ((r = addr_get_link((const struct sockaddr *)addr, addr_len,
*ef8d499eSDavid van Moolenbroek	    NULL /*name*/, 0 /*name_max*/, hwaddr,
*ef8d499eSDavid van Moolenbroek	    ifdev_get_hwlen(ifdev))) != OK)
*ef8d499eSDavid van Moolenbroek		return r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Find the slot for the given hardware address.  Also find the slot of
*ef8d499eSDavid van Moolenbroek	 * the active address, and a free slot.  All of these may not exist.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	found = ifaddr_dl_scan(ifdev, hwaddr, &avail);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (found == -1) {
*ef8d499eSDavid van Moolenbroek		if (avail == -1)
*ef8d499eSDavid van Moolenbroek			return ENOBUFS;	/* TODO: a better error code */
*ef8d499eSDavid van Moolenbroek		found = avail;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * If we are asked to activate this address, try that first: this may
*ef8d499eSDavid van Moolenbroek	 * fail if the network device does not support setting addresses, in
*ef8d499eSDavid van Moolenbroek	 * which case we want to fail without causing routing socket noise.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if ((flags & IFLR_ACTIVE) && found != 0 &&
*ef8d499eSDavid van Moolenbroek	    (r = ifdev->ifdev_ops->iop_set_hwaddr(ifdev, hwaddr)) != OK)
*ef8d499eSDavid van Moolenbroek		return r;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * If this is a new address, add and announce it.  Otherwise, just
*ef8d499eSDavid van Moolenbroek	 * update its flags.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if (found == avail) {
*ef8d499eSDavid van Moolenbroek		ifaddr_dl_set(ifdev, found, hwaddr,
*ef8d499eSDavid van Moolenbroek		    (flags & IFLR_FACTORY));
*ef8d499eSDavid van Moolenbroek	} else {
*ef8d499eSDavid van Moolenbroek		ifdev->ifdev_hwlist[found].ifhwa_flags &= ~IFLR_FACTORY;
*ef8d499eSDavid van Moolenbroek		if (flags & IFLR_FACTORY)
*ef8d499eSDavid van Moolenbroek			ifdev->ifdev_hwlist[found].ifhwa_flags |= IFLR_FACTORY;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Activate the address if requested, swapping slots as needed.  It is
*ef8d499eSDavid van Moolenbroek	 * not possible to deactivate the active address by changing its flags.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	if ((flags & IFLR_ACTIVE) && found != 0)
*ef8d499eSDavid van Moolenbroek		ifaddr_dl_activate(ifdev, found);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return OK;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Delete a data link (hardware) address from an interface.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekint
*ef8d499eSDavid van Moolenbroekifaddr_dl_del(struct ifdev * ifdev, ifaddr_dl_num_t num)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_ops->iop_set_hwaddr == NULL)
*ef8d499eSDavid van Moolenbroek		return EINVAL;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	assert(num >= 0 && (size_t)num < __arraycount(ifdev->ifdev_hwlist));
*ef8d499eSDavid van Moolenbroek	assert(ifdev->ifdev_hwlist[num].ifhwa_flags & IFHWAF_VALID);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* It is not possible to delete the active address. */
*ef8d499eSDavid van Moolenbroek	if (num == 0)
*ef8d499eSDavid van Moolenbroek		return EBUSY;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	rtsock_msg_addr_dl(ifdev, RTM_DELADDR, num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ifdev->ifdev_hwlist[num].ifhwa_flags = 0;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	return OK;
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Announce all data link (hardware) addresses associated with the given
*ef8d499eSDavid van Moolenbroek * interface as deleted, including the active address.  Used (only) right
*ef8d499eSDavid van Moolenbroek * before the interface is destroyed.
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_dl_clear(struct ifdev * ifdev)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ifaddr_dl_num_t num;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Do the active address last, because all announcements carry the
*ef8d499eSDavid van Moolenbroek	 * active address's hardware address as well.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	for (num = 1; ifaddr_dl_enum(ifdev, &num); num++)
*ef8d499eSDavid van Moolenbroek		rtsock_msg_addr_dl(ifdev, RTM_DELADDR, num);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (ifdev->ifdev_hwlist[0].ifhwa_flags & IFHWAF_VALID)
*ef8d499eSDavid van Moolenbroek		rtsock_msg_addr_dl(ifdev, RTM_DELADDR, (ifaddr_dl_num_t)0);
*ef8d499eSDavid van Moolenbroek}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek/*
*ef8d499eSDavid van Moolenbroek * Update the interface's active hardware address.  If the 'is_factory' flag is
*ef8d499eSDavid van Moolenbroek * set, the address is the factory (driver-given) address.  This function may
*ef8d499eSDavid van Moolenbroek * only be called from ifdev_update_hwaddr().
*ef8d499eSDavid van Moolenbroek */
*ef8d499eSDavid van Moolenbroekvoid
*ef8d499eSDavid van Moolenbroekifaddr_dl_update(struct ifdev * ifdev, const uint8_t * hwaddr, int is_factory)
*ef8d499eSDavid van Moolenbroek{
*ef8d499eSDavid van Moolenbroek	ifaddr_dl_num_t found, avail;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/*
*ef8d499eSDavid van Moolenbroek	 * Find the slot for the given hardware address.  Also find the slot of
*ef8d499eSDavid van Moolenbroek	 * the active address, and a free slot.  All of these may not exist.
*ef8d499eSDavid van Moolenbroek	 */
*ef8d499eSDavid van Moolenbroek	found = ifaddr_dl_scan(ifdev, hwaddr, &avail);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	/* If the given address is already the active one, do nothing. */
*ef8d499eSDavid van Moolenbroek	if (found == 0) {
*ef8d499eSDavid van Moolenbroek		/* Factory addresses are always added first! */
*ef8d499eSDavid van Moolenbroek		assert(!is_factory);
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		return;
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	if (found == -1) {
*ef8d499eSDavid van Moolenbroek		/*
*ef8d499eSDavid van Moolenbroek		 * If the given address is not in the list, add it.  If the
*ef8d499eSDavid van Moolenbroek		 * list is full, first remove any non-active address.  The user
*ef8d499eSDavid van Moolenbroek		 * won't like this, but it preserves correctness without too
*ef8d499eSDavid van Moolenbroek		 * many complications, because this case is unlikely to happen.
*ef8d499eSDavid van Moolenbroek		 */
*ef8d499eSDavid van Moolenbroek		if (avail == -1) {
*ef8d499eSDavid van Moolenbroek			found = 1;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek			(void)ifaddr_dl_del(ifdev, found);
*ef8d499eSDavid van Moolenbroek		} else
*ef8d499eSDavid van Moolenbroek			found = avail;
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek		ifaddr_dl_set(ifdev, found, hwaddr, is_factory);
*ef8d499eSDavid van Moolenbroek	}
*ef8d499eSDavid van Moolenbroek
*ef8d499eSDavid van Moolenbroek	ifaddr_dl_activate(ifdev, found);
*ef8d499eSDavid van Moolenbroek}