1 /* $FreeBSD: src/sys/netinet6/in6_src.c,v 1.1.2.3 2002/02/26 18:02:06 ume Exp $ */
2 /* $KAME: in6_src.c,v 1.37 2001/03/29 05:34:31 itojun Exp $ */
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * Copyright (c) 1982, 1986, 1991, 1993
35 * The Regents of the University of California. All rights reserved.
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. All advertising materials mentioning features or use of this software
46 * must display the following acknowledgement:
47 * This product includes software developed by the University of
48 * California, Berkeley and its contributors.
49 * 4. Neither the name of the University nor the names of its contributors
50 * may be used to endorse or promote products derived from this software
51 * without specific prior written permission.
53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
65 * @(#)in_pcb.c 8.2 (Berkeley) 1/4/94
69 #include "opt_inet6.h"
71 #include <sys/param.h>
72 #include <sys/systm.h>
74 #include <sys/kernel.h>
75 #include <sys/malloc.h>
77 #include <sys/protosw.h>
78 #include <sys/socket.h>
79 #include <sys/socketvar.h>
80 #include <sys/sockio.h>
81 #include <sys/sysctl.h>
82 #include <sys/errno.h>
88 #include <net/route.h>
90 #include <netinet/in.h>
91 #include <netinet/in_var.h>
92 #include <netinet/in_systm.h>
93 #include <netinet/ip.h>
94 #include <netinet/in_pcb.h>
95 #include <netinet6/in6_var.h>
96 #include <netinet/ip6.h>
97 #include <netinet6/in6_pcb.h>
98 #include <netinet6/ip6_var.h>
99 #include <netinet6/nd6.h>
100 #ifdef ENABLE_DEFAULT_SCOPE
101 #include <netinet6/scope6_var.h>
104 #include <net/net_osdep.h>
106 #define ADDR_LABEL_NOTAPP (-1)
107 struct in6_addrpolicy defaultaddrpolicy
;
109 static void init_policy_queue(void);
110 static int add_addrsel_policyent(struct in6_addrpolicy
*);
111 static int delete_addrsel_policyent(struct in6_addrpolicy
*);
112 static int walk_addrsel_policy(int (*)(struct in6_addrpolicy
*, void *),
114 static int dump_addrsel_policyent(struct in6_addrpolicy
*, void *);
118 * Return an IPv6 address, which is the most appropriate for a given
119 * destination and user specified options.
120 * If necessary, this function lookups the routing table and returns
121 * an entry to the caller for later use.
124 in6_selectsrc(struct sockaddr_in6
*dstsock
, struct ip6_pktopts
*opts
,
125 struct ip6_moptions
*mopts
, struct route_in6
*ro
,
126 struct in6_addr
*laddr
, int *errorp
, struct thread
*td
)
128 struct sockaddr_in6 jsin6
;
129 struct ucred
*cred
= NULL
;
130 struct in6_addr
*dst
;
131 struct in6_ifaddr
*ia6
= NULL
;
132 struct in6_pktinfo
*pi
= NULL
;
135 if (td
&& td
->td_proc
&& td
->td_proc
->p_ucred
)
136 cred
= td
->td_proc
->p_ucred
;
137 if (cred
&& cred
->cr_prison
)
139 jsin6
.sin6_family
= AF_INET6
;
140 dst
= &dstsock
->sin6_addr
;
144 * If the source address is explicitly specified by the caller,
147 if (opts
&& (pi
= opts
->ip6po_pktinfo
) &&
148 !IN6_IS_ADDR_UNSPECIFIED(&pi
->ipi6_addr
)) {
149 jsin6
.sin6_addr
= pi
->ipi6_addr
;
150 if (jailed
&& !jailed_ip(cred
->cr_prison
,
151 (struct sockaddr
*)&jsin6
)) {
154 return (&pi
->ipi6_addr
);
159 * If the source address is not specified but the socket(if any)
160 * is already bound, use the bound address.
162 if (laddr
&& !IN6_IS_ADDR_UNSPECIFIED(laddr
)) {
163 jsin6
.sin6_addr
= *laddr
;
164 if (jailed
&& !jailed_ip(cred
->cr_prison
,
165 (struct sockaddr
*)&jsin6
)) {
173 * If the caller doesn't specify the source address but
174 * the outgoing interface, use an address associated with
177 if (pi
&& pi
->ipi6_ifindex
) {
178 /* XXX boundary check is assumed to be already done. */
179 ia6
= in6_ifawithscope(ifindex2ifnet
[pi
->ipi6_ifindex
],
183 jsin6
.sin6_addr
= (&ia6
->ia_addr
)->sin6_addr
;
184 if (!jailed_ip(cred
->cr_prison
,
185 (struct sockaddr
*)&jsin6
))
190 *errorp
= EADDRNOTAVAIL
;
193 return (&satosin6(&ia6
->ia_addr
)->sin6_addr
);
197 * If the destination address is a link-local unicast address or
198 * a multicast address, and if the outgoing interface is specified
199 * by the sin6_scope_id filed, use an address associated with the
201 * XXX: We're now trying to define more specific semantics of
202 * sin6_scope_id field, so this part will be rewritten in
205 if ((IN6_IS_ADDR_LINKLOCAL(dst
) || IN6_IS_ADDR_MULTICAST(dst
)) &&
206 dstsock
->sin6_scope_id
) {
208 * I'm not sure if boundary check for scope_id is done
211 if (dstsock
->sin6_scope_id
< 0 ||
212 if_index
< dstsock
->sin6_scope_id
) {
213 *errorp
= ENXIO
; /* XXX: better error? */
216 ia6
= in6_ifawithscope(ifindex2ifnet
[dstsock
->sin6_scope_id
],
220 jsin6
.sin6_addr
= (&ia6
->ia_addr
)->sin6_addr
;
221 if (!jailed_ip(cred
->cr_prison
,
222 (struct sockaddr
*)&jsin6
))
227 *errorp
= EADDRNOTAVAIL
;
230 return (&satosin6(&ia6
->ia_addr
)->sin6_addr
);
234 * If the destination address is a multicast address and
235 * the outgoing interface for the address is specified
236 * by the caller, use an address associated with the interface.
237 * There is a sanity check here; if the destination has node-local
238 * scope, the outgoing interfacde should be a loopback address.
239 * Even if the outgoing interface is not specified, we also
240 * choose a loopback interface as the outgoing interface.
242 if (!jailed
&& IN6_IS_ADDR_MULTICAST(dst
)) {
243 struct ifnet
*ifp
= mopts
? mopts
->im6o_multicast_ifp
: NULL
;
245 if (ifp
== NULL
&& IN6_IS_ADDR_MC_NODELOCAL(dst
)) {
250 ia6
= in6_ifawithscope(ifp
, dst
);
252 *errorp
= EADDRNOTAVAIL
;
255 return (&satosin6(&ia6
->ia_addr
)->sin6_addr
);
260 * If the next hop address for the packet is specified
261 * by caller, use an address associated with the route
265 struct sockaddr_in6
*sin6_next
;
268 if (opts
&& opts
->ip6po_nexthop
) {
269 sin6_next
= satosin6(opts
->ip6po_nexthop
);
270 rt
= nd6_lookup(&sin6_next
->sin6_addr
, 1, NULL
);
272 ia6
= in6_ifawithscope(rt
->rt_ifp
, dst
);
274 ia6
= ifatoia6(rt
->rt_ifa
);
277 jsin6
.sin6_addr
= (&ia6
->ia_addr
)->sin6_addr
;
278 if (!jailed_ip(cred
->cr_prison
,
279 (struct sockaddr
*)&jsin6
))
284 *errorp
= EADDRNOTAVAIL
;
287 return (&satosin6(&ia6
->ia_addr
)->sin6_addr
);
292 * If route is known or can be allocated now,
293 * our src addr is taken from the i/f, else punt.
297 (!(ro
->ro_rt
->rt_flags
& RTF_UP
) ||
298 satosin6(&ro
->ro_dst
)->sin6_family
!= AF_INET6
||
299 !IN6_ARE_ADDR_EQUAL(&satosin6(&ro
->ro_dst
)->sin6_addr
,
304 if (ro
->ro_rt
== NULL
|| ro
->ro_rt
->rt_ifp
== NULL
) {
305 struct sockaddr_in6
*sa6
;
307 /* No route yet, so try to acquire one */
308 bzero(&ro
->ro_dst
, sizeof(struct sockaddr_in6
));
310 sa6
->sin6_family
= AF_INET6
;
311 sa6
->sin6_len
= sizeof(struct sockaddr_in6
);
312 sa6
->sin6_addr
= *dst
;
313 sa6
->sin6_scope_id
= dstsock
->sin6_scope_id
;
314 if (!jailed
&& IN6_IS_ADDR_MULTICAST(dst
)) {
316 rtpurelookup((struct sockaddr
*)&ro
->ro_dst
);
318 rtalloc((struct route
*)ro
);
323 * in_pcbconnect() checks out IFF_LOOPBACK to skip using
324 * the address. But we don't know why it does so.
325 * It is necessary to ensure the scope even for lo0
326 * so doesn't check out IFF_LOOPBACK.
330 ia6
= in6_ifawithscope(ro
->ro_rt
->rt_ifa
->ifa_ifp
, dst
);
332 jsin6
.sin6_addr
= (&ia6
->ia_addr
)->sin6_addr
;
333 if (!jailed_ip(cred
->cr_prison
,
334 (struct sockaddr
*)&jsin6
))
338 if (ia6
== NULL
) /* xxx scope error ?*/
339 ia6
= ifatoia6(ro
->ro_rt
->rt_ifa
);
342 jsin6
.sin6_addr
= (&ia6
->ia_addr
)->sin6_addr
;
343 if (!jailed_ip(cred
->cr_prison
,
344 (struct sockaddr
*)&jsin6
))
350 * xxx The followings are necessary? (kazu)
352 * It's for SO_DONTROUTE option in IPv4.(jinmei)
355 struct sockaddr_in6 sin6
= {sizeof(sin6
), AF_INET6
, 0};
357 sin6
->sin6_addr
= *dst
;
359 ia6
= ifatoia6(ifa_ifwithdstaddr(sin6tosa(&sin6
)));
361 ia6
= ifatoia6(ifa_ifwithnet(sin6tosa(&sin6
)));
364 return (&satosin6(&ia6
->ia_addr
)->sin6_addr
);
368 *errorp
= EHOSTUNREACH
; /* no route */
371 return (&satosin6(&ia6
->ia_addr
)->sin6_addr
);
374 *errorp
= EADDRNOTAVAIL
;
379 * Default hop limit selection. The precedence is as follows:
380 * 1. Hoplimit value specified via ioctl.
381 * 2. (If the outgoing interface is detected) the current
382 * hop limit of the interface specified by router advertisement.
383 * 3. The system default hoplimit.
386 in6_selecthlim(struct in6pcb
*in6p
, struct ifnet
*ifp
)
388 if (in6p
&& in6p
->in6p_hops
>= 0)
389 return (in6p
->in6p_hops
);
391 return (ND_IFINFO(ifp
)->chlim
);
393 return (ip6_defhlim
);
397 * XXX: this is borrowed from in6_pcbbind(). If possible, we should
398 * share this function by all *bsd*...
401 in6_pcbsetport(struct in6_addr
*laddr
, struct inpcb
*inp
, struct thread
*td
)
403 struct socket
*so
= inp
->inp_socket
;
404 u_int16_t lport
= 0, first
, last
, *lastport
;
405 int count
, error
= 0, wild
= 0;
406 struct inpcbinfo
*pcbinfo
= inp
->inp_pcbinfo
;
407 struct ucred
*cred
= NULL
;
409 /* XXX: this is redundant when called from in6_pcbbind */
410 if ((so
->so_options
& (SO_REUSEADDR
|SO_REUSEPORT
)) == 0)
411 wild
= INPLOOKUP_WILDCARD
;
412 if (td
->td_proc
&& td
->td_proc
->p_ucred
)
413 cred
= td
->td_proc
->p_ucred
;
415 inp
->inp_flags
|= INP_ANONPORT
;
417 if (inp
->inp_flags
& INP_HIGHPORT
) {
418 first
= ipport_hifirstauto
; /* sysctl */
419 last
= ipport_hilastauto
;
420 lastport
= &pcbinfo
->lasthi
;
421 } else if (inp
->inp_flags
& INP_LOWPORT
) {
422 if ((error
= priv_check(td
, PRIV_ROOT
)) != 0)
424 first
= ipport_lowfirstauto
; /* 1023 */
425 last
= ipport_lowlastauto
; /* 600 */
426 lastport
= &pcbinfo
->lastlow
;
428 first
= ipport_firstauto
; /* sysctl */
429 last
= ipport_lastauto
;
430 lastport
= &pcbinfo
->lastport
;
433 * Simple check to ensure all ports are not used up causing
436 * We split the two cases (up and down) so that the direction
437 * is not being tested on each round of the loop.
443 count
= first
- last
;
446 if (count
-- < 0) { /* completely used? */
448 * Undo any address bind that may have
451 inp
->in6p_laddr
= kin6addr_any
;
455 if (*lastport
> first
|| *lastport
< last
)
457 lport
= htons(*lastport
);
458 } while (in6_pcblookup_local(pcbinfo
, &inp
->in6p_laddr
,
464 count
= last
- first
;
467 if (count
-- < 0) { /* completely used? */
469 * Undo any address bind that may have
472 inp
->in6p_laddr
= kin6addr_any
;
476 if (*lastport
< first
|| *lastport
> last
)
478 lport
= htons(*lastport
);
479 } while (in6_pcblookup_local(pcbinfo
, &inp
->in6p_laddr
,
483 inp
->inp_lport
= lport
;
484 if (in_pcbinsporthash(inp
) != 0) {
485 inp
->in6p_laddr
= kin6addr_any
;
494 * generate kernel-internal form (scopeid embedded into s6_addr16[1]).
495 * If the address scope of is link-local, embed the interface index in the
496 * address. The routine determines our precedence
497 * between advanced API scope/interface specification and basic API
500 * this function should be nuked in the future, when we get rid of
501 * embedded scopeid thing.
503 * XXX actually, it is over-specification to return ifp against sin6_scope_id.
504 * there can be multiple interfaces that belong to a particular scope zone
505 * (in specification, we have 1:N mapping between a scope zone and interfaces).
506 * we may want to change the function to return something other than ifp.
509 in6_embedscope(struct in6_addr
*in6
,
510 const struct sockaddr_in6
*sin6
,
511 #ifdef HAVE_NRL_INPCB
513 #define in6p_outputopts inp_outputopts6
514 #define in6p_moptions inp_moptions6
520 struct ifnet
*ifp
= NULL
;
523 *in6
= sin6
->sin6_addr
;
524 scopeid
= sin6
->sin6_scope_id
;
529 * don't try to read sin6->sin6_addr beyond here, since the caller may
530 * ask us to overwrite existing sockaddr_in6
533 #ifdef ENABLE_DEFAULT_SCOPE
535 scopeid
= scope6_addr2default(in6
);
538 if (IN6_IS_SCOPE_LINKLOCAL(in6
)) {
539 struct in6_pktinfo
*pi
;
542 * KAME assumption: link id == interface id
545 if (in6p
&& in6p
->in6p_outputopts
&&
546 (pi
= in6p
->in6p_outputopts
->ip6po_pktinfo
) &&
548 ifp
= ifindex2ifnet
[pi
->ipi6_ifindex
];
549 in6
->s6_addr16
[1] = htons(pi
->ipi6_ifindex
);
550 } else if (in6p
&& IN6_IS_ADDR_MULTICAST(in6
) &&
551 in6p
->in6p_moptions
&&
552 in6p
->in6p_moptions
->im6o_multicast_ifp
) {
553 ifp
= in6p
->in6p_moptions
->im6o_multicast_ifp
;
554 in6
->s6_addr16
[1] = htons(ifp
->if_index
);
555 } else if (scopeid
) {
557 if (scopeid
< 0 || if_index
< scopeid
)
558 return ENXIO
; /* XXX EINVAL? */
559 ifp
= ifindex2ifnet
[scopeid
];
560 /*XXX assignment to 16bit from 32bit variable */
561 in6
->s6_addr16
[1] = htons(scopeid
& 0xffff);
570 #ifdef HAVE_NRL_INPCB
571 #undef in6p_outputopts
576 * generate standard sockaddr_in6 from embedded form.
577 * touches sin6_addr and sin6_scope_id only.
579 * this function should be nuked in the future, when we get rid of
580 * embedded scopeid thing.
583 in6_recoverscope(struct sockaddr_in6
*sin6
, const struct in6_addr
*in6
,
588 sin6
->sin6_addr
= *in6
;
591 * don't try to read *in6 beyond here, since the caller may
592 * ask us to overwrite existing sockaddr_in6
595 sin6
->sin6_scope_id
= 0;
596 if (IN6_IS_SCOPE_LINKLOCAL(in6
)) {
598 * KAME assumption: link id == interface id
600 scopeid
= ntohs(sin6
->sin6_addr
.s6_addr16
[1]);
603 if (scopeid
< 0 || if_index
< scopeid
)
605 if (ifp
&& ifp
->if_index
!= scopeid
)
607 sin6
->sin6_addr
.s6_addr16
[1] = 0;
608 sin6
->sin6_scope_id
= scopeid
;
616 * just clear the embedded scope identifer.
617 * XXX: currently used for bsdi4 only as a supplement function.
620 in6_clearscope(struct in6_addr
*addr
)
622 if (IN6_IS_SCOPE_LINKLOCAL(addr
))
623 addr
->s6_addr16
[1] = 0;
627 addrsel_policy_init(void)
632 /* initialize the "last resort" policy */
633 bzero(&defaultaddrpolicy
, sizeof(defaultaddrpolicy
));
634 defaultaddrpolicy
.label
= ADDR_LABEL_NOTAPP
;
638 * Subroutines to manage the address selection policy table via sysctl.
641 struct sysctl_req
*w_req
;
644 static int in6_src_sysctl(SYSCTL_HANDLER_ARGS
);
645 SYSCTL_DECL(_net_inet6_ip6
);
646 SYSCTL_NODE(_net_inet6_ip6
, IPV6CTL_ADDRCTLPOLICY
, addrctlpolicy
,
647 CTLFLAG_RD
, in6_src_sysctl
, "Address selection policy");
650 in6_src_sysctl(SYSCTL_HANDLER_ARGS
)
657 bzero(&w
, sizeof(w
));
660 return (walk_addrsel_policy(dump_addrsel_policyent
, &w
));
664 in6_src_ioctl(u_long cmd
, caddr_t data
)
667 struct in6_addrpolicy ent0
;
669 if (cmd
!= SIOCAADDRCTL_POLICY
&& cmd
!= SIOCDADDRCTL_POLICY
)
670 return (EOPNOTSUPP
); /* check for safety */
672 ent0
= *(struct in6_addrpolicy
*)data
;
674 if (ent0
.label
== ADDR_LABEL_NOTAPP
)
676 /* check if the prefix mask is consecutive. */
677 if (in6_mask2len(&ent0
.addrmask
.sin6_addr
, NULL
) < 0)
679 /* clear trailing garbages (if any) of the prefix address. */
680 for (i
= 0; i
< 4; i
++) {
681 ent0
.addr
.sin6_addr
.s6_addr32
[i
] &=
682 ent0
.addrmask
.sin6_addr
.s6_addr32
[i
];
687 case SIOCAADDRCTL_POLICY
:
688 return (add_addrsel_policyent(&ent0
));
689 case SIOCDADDRCTL_POLICY
:
690 return (delete_addrsel_policyent(&ent0
));
693 return (0); /* XXX: compromise compilers */
697 * The followings are implementation of the policy table using a
699 * XXX such details should be hidden.
700 * XXX implementation using binary tree should be more efficient.
702 struct addrsel_policyent
{
703 TAILQ_ENTRY(addrsel_policyent
) ape_entry
;
704 struct in6_addrpolicy ape_policy
;
707 TAILQ_HEAD(addrsel_policyhead
, addrsel_policyent
);
709 struct addrsel_policyhead addrsel_policytab
;
712 init_policy_queue(void)
714 TAILQ_INIT(&addrsel_policytab
);
718 add_addrsel_policyent(struct in6_addrpolicy
*newpolicy
)
720 struct addrsel_policyent
*new, *pol
;
722 /* duplication check */
723 for (pol
= TAILQ_FIRST(&addrsel_policytab
); pol
;
724 pol
= TAILQ_NEXT(pol
, ape_entry
)) {
725 if (SA6_ARE_ADDR_EQUAL(&newpolicy
->addr
,
726 &pol
->ape_policy
.addr
) &&
727 SA6_ARE_ADDR_EQUAL(&newpolicy
->addrmask
,
728 &pol
->ape_policy
.addrmask
)) {
729 return (EEXIST
); /* or override it? */
733 new = kmalloc(sizeof(*new), M_IFADDR
, M_WAITOK
| M_ZERO
);
735 /* XXX: should validate entry */
736 new->ape_policy
= *newpolicy
;
738 TAILQ_INSERT_TAIL(&addrsel_policytab
, new, ape_entry
);
744 delete_addrsel_policyent(struct in6_addrpolicy
*key
)
746 struct addrsel_policyent
*pol
;
748 /* search for the entry in the table */
749 for (pol
= TAILQ_FIRST(&addrsel_policytab
); pol
;
750 pol
= TAILQ_NEXT(pol
, ape_entry
)) {
751 if (SA6_ARE_ADDR_EQUAL(&key
->addr
, &pol
->ape_policy
.addr
) &&
752 SA6_ARE_ADDR_EQUAL(&key
->addrmask
,
753 &pol
->ape_policy
.addrmask
)) {
760 TAILQ_REMOVE(&addrsel_policytab
, pol
, ape_entry
);
761 kfree(pol
, M_IFADDR
);
767 walk_addrsel_policy(int(*callback
)(struct in6_addrpolicy
*, void *), void *w
)
769 struct addrsel_policyent
*pol
;
772 for (pol
= TAILQ_FIRST(&addrsel_policytab
); pol
;
773 pol
= TAILQ_NEXT(pol
, ape_entry
)) {
774 if ((error
= (*callback
)(&pol
->ape_policy
, w
)) != 0)
782 dump_addrsel_policyent(struct in6_addrpolicy
*pol
, void *arg
)
785 struct walkarg
*w
= arg
;
787 error
= SYSCTL_OUT(w
->w_req
, pol
, sizeof(*pol
));