Darwin: Add initial support for macOS

[rsmarples]

Apple route(4) has some limitations as does getifaddrs(3). Basically there is no means of being notified of carrier state because Apple only reports this via media state which is an ioctl.

The good news is that we can build macOS on github so we can get some BSD traceability at least.

Fixes #524

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

Walkthrough

This PR enables dhcpcd compilation and operation on macOS by adding platform detection in the build system, defining Apple-specific RFC 3542 support across network files, updating the BSD interface driver with Apple-specific logic for carrier polling and link-state detection, and adjusting privilege separation and header inclusion patterns for cross-BSD compatibility.

Changes

macOS Support Implementation

Layer / File(s)	Summary
CI workflow and platform configuration .github/workflows/build.yml, configure	GitHub Actions adds macOS test matrix with macos-26 and updates checkout to v6; configure adds darwin platform detection with PREFIX defaults and ELF linker handling.
Configure script feature detection and cleanup configure	Privilege separation user detection switches from getent passwd validation to id availability checks; probe cleanup changes from targeted rm -f removal to glob-based rm -rf _name.* _name patterns; setproctitle handling explicitly defines HAVE_SETPROCTITLE in config.h.
Apple RFC 3542 feature configuration and header guards src/dhcp6.c, src/if.c, src/ipv6nd.c, compat/crypt/sha256.c, src/ipv4.h	Adds __APPLE_USE_RFC_3542 macro to DHCPv6, interface, and IPv6 files for Apple RFC behavior; broadens BSD conditional in SHA256 compat code; guards IPv4 macros IN_ARE_ADDR_EQUAL and IN_IS_ADDR_UNSPECIFIED to prevent redefinition.
Interface struct and header support src/if.h, src/sa.h	Expands struct priv member guards in if.h to include SIOCGIFSTATUS platforms; reintroduces a commented sockaddr_storage member line in sa.h.
BSD interface driver Apple portability src/if-bsd.c	Includes Apple-specific headers, adds vlanreq struct variant, adjusts RT_ROUNDUP alignment for Apple, expands filtered interface names; refactors if_carrier() with LINK_STATE_UP and SIOCGIFMEDIA fallbacks and a compile-time warning path; adjusts SSID/VIMaster/VLAN gating and changes if_sysctl() parameter to non-const; compiles if_announce() only when available.
Carrier polling on Apple src/dhcpcd.c	Adds timer-driven periodic polling function iterating active interfaces to refresh carrier state via if_carrier() and dispatch to dhcpcd_handlecarrier, rescheduling every second until shutdown; starts polling at program startup on Apple.
Privilege separation conditional compilation src/privsep-bpf.c, src/privsep-bsd.c	Refactors proctitle preparation to compute address lazily within HAVE_SETPROCTITLE guard; adjusts BSD-specific header includes for VLAN and IEEE80211 ioctl definitions across Apple, NetBSD, and DragonFly platforms.
Test pipe initialization tests/eloop-bench/eloop-bench.c	Replaces `pipe2(..., O_CLOEXEC

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	⚠️ Warning	All changes are scoped to macOS platform support: CI workflow, platform detection, header guards, if-bsd adaptations, Apple-specific defines, and carrier polling. The pipe2→pipe change in eloop-bench.c appears out of scope and unrelated to macOS support.	Clarify or remove the pipe2 to pipe change in tests/eloop-bench/eloop-bench.c as it is not directly related to macOS support and removes O_CLOEXEC/O_NONBLOCK flags without documented reason.
Docstring Coverage	⚠️ Warning	Docstring coverage is 5.88% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely describes the main change: adding macOS support to dhcpcd, which aligns with the substantial changes across build config, platform-specific code, and the linked issue.
Description check	✅ Passed	The description explains the technical motivation (Apple route/getifaddrs limitations and carrier state polling via ioctl) and references the linked issue #524, clearly relating to the changeset.
Linked Issues check	✅ Passed	The PR addresses issue #524 objectives: macOS builds on GitHub CI [.github/workflows/build.yml], platform detection improved [configure, compat/crypt/sha256.c], macOS headers defined [src/dhcp6.c, src/if.c, src/ipv6nd.c], if-bsd.c adapted for macOS [src/if-bsd.c], guard macro conditionals [src/ipv4.h], carrier polling implemented [src/dhcpcd.c], setproctitle gated [src/privsep-bpf.c], and configuration cleanup applied [configure].

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch darwin

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/if-bsd.c (1)

1263-1281: ⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

Align if_announce call-site guards with its definition guard.

if_announce is compiled only when IFAN_ARRIVAL is defined (Line 1263), but the dispatch call is guarded only by RTM_IFANNOUNCE (Lines 1582-1585). That can produce an undefined symbol/implicit declaration build failure.

Suggested fix

-#ifdef RTM_IFANNOUNCE
+#if defined(RTM_IFANNOUNCE) && defined(IFAN_ARRIVAL)
 	case RTM_IFANNOUNCE:
 		return if_announce(ctx, (const void *)rtm);
 `#endif`

Also applies to: 1582-1585

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/if-bsd.c` around lines 1263 - 1281, The if_announce function is only
defined when IFAN_ARRIVAL is set but the call-site (RTM_IFANNOUNCE case in the
netlink/route message dispatch) is not similarly guarded, which can cause
undefined symbol errors; wrap the RTM_IFANNOUNCE dispatch branch in the same
`#ifdef` IFAN_ARRIVAL (or alternatively undefine the function guard and always
compile if_announce) so that the call to if_announce and the function definition
are compiled under the same condition (reference: function if_announce, macro
IFAN_ARRIVAL, dispatch RTM_IFANNOUNCE, and handler dhcpcd_handleinterface).

🧹 Nitpick comments (1)

.github/workflows/build.yml (1)

14-30: ⚖️ Poor tradeoff

Consider adding explicit permissions and pinning action references.

Static analysis flagged security improvements:

1. No permissions: block - consider adding minimal permissions (e.g., contents: read)
2. Actions not pinned to SHA - consider using full commit SHA for reproducibility

These are optional security hardening measures.

Example permissions block

jobs:
  macos:
    permissions:
      contents: read
    strategy:
      ...

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/build.yml around lines 14 - 30, The workflow's macos job
is missing an explicit permissions block and uses unpinned action references;
update the job definition for the "macos" matrix job to add a minimal
permissions block (e.g., set contents: read) and replace loose action refs like
actions/checkout@v6 with pinned commit SHAs (use the full commit SHA for the
checkout action and any other third-party actions in the steps) so the "macos"
job's steps (the uses: actions/checkout and any other uses) are reproducible and
run with least privilege.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/build.yml:
- Line 13: The comment in the workflow contains a typo: change "plaform" to
"platform" in the comment line that currently reads "macos is a good plaform as
we know it ships with a sanitier we can use" so it correctly reads "macos is a
good platform as we know it ships with a sanitier we can use".

In `@src/if-bsd.c`:
- Around line 438-448: The preprocessor guard is mismatched: the block is
enabled by SIOCGIFXMEDIA but the code uses SIOCGIFMEDIA/struct ifmediareq/ifmr
and checks ifmr.ifm_status against IFM_AVALID/IFM_ACTIVE, causing platforms that
only define SIOCGIFMEDIA to skip this carrier detection and return LINK_UNKNOWN;
change the `#elif` defined(SIOCGIFXMEDIA) to `#elif` defined(SIOCGIFMEDIA) (or add
an || defined(SIOCGIFMEDIA)) so the ioctl(ctx->pf_inet_fd, SIOCGIFMEDIA, &ifmr)
call and subsequent IFM_AVALID/IFM_ACTIVE checks run on platforms that only
expose SIOCGIFMEDIA and thus return LINK_UP or LINK_DOWN instead of
LINK_UNKNOWN.

In `@src/privsep.c`:
- Line 130: The function ps_dropprivs contains an unconditional early "return 0"
that prevents executing the privilege-drop sequence; remove that early return in
ps_dropprivs so the subsequent chroot, chdir, group clearing, UID/GID drop and
RLIMIT hardening code runs, ensure calls like chroot(), chdir(), setgroups(0,
NULL), setresgid()/setegid()/setgid(), setresuid()/seteuid()/setuid() and
setrlimit() are performed in the intended order, propagate and handle errors
from those calls and only return 0 at the end of ps_dropprivs on success (or a
non-zero error on failure).

---

Outside diff comments:
In `@src/if-bsd.c`:
- Around line 1263-1281: The if_announce function is only defined when
IFAN_ARRIVAL is set but the call-site (RTM_IFANNOUNCE case in the netlink/route
message dispatch) is not similarly guarded, which can cause undefined symbol
errors; wrap the RTM_IFANNOUNCE dispatch branch in the same `#ifdef` IFAN_ARRIVAL
(or alternatively undefine the function guard and always compile if_announce) so
that the call to if_announce and the function definition are compiled under the
same condition (reference: function if_announce, macro IFAN_ARRIVAL, dispatch
RTM_IFANNOUNCE, and handler dhcpcd_handleinterface).

---

Nitpick comments:
In @.github/workflows/build.yml:
- Around line 14-30: The workflow's macos job is missing an explicit permissions
block and uses unpinned action references; update the job definition for the
"macos" matrix job to add a minimal permissions block (e.g., set contents: read)
and replace loose action refs like actions/checkout@v6 with pinned commit SHAs
(use the full commit SHA for the checkout action and any other third-party
actions in the steps) so the "macos" job's steps (the uses: actions/checkout and
any other uses) are reproducible and run with least privilege.

🪄 Autofix (Beta)

✅ Autofix completed

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 137c7d99-3a80-4711-953c-92143da77d52

📥 Commits

Reviewing files that changed from the base of the PR and between 162e68b and dcb4956.

📒 Files selected for processing (14)

• .github/workflows/build.yml
• compat/crypt/sha256.c
• configure
• src/dhcp6.c
• src/dhcpcd.c
• src/if-bsd.c
• src/if.c
• src/if.h
• src/ipv4.h
• src/ipv6nd.c
• src/privsep-bpf.c
• src/privsep-bsd.c
• src/privsep.c
• src/sa.h

[coderabbitai]

♻️ Duplicate comments (1)

.github/workflows/build.yml (1)

13-13: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Typo in comment: "sanitier" → "sanitizer".

The comment contains a typo that should be corrected.

📝 Fix the typo

-  # macos is a good platform as we know it ships with a sanitier we can use
+  # macos is a good platform as we know it ships with a sanitizer we can use

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/build.yml at line 13, Fix the typo in the inline comment
that reads "macos is a good platform as we know it ships with a sanitier we can
use" by changing "sanitier" to "sanitizer" so the comment reads "macos is a good
platform as we know it ships with a sanitizer we can use"; update the single
comment string accordingly.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Duplicate comments:
In @.github/workflows/build.yml:
- Line 13: Fix the typo in the inline comment that reads "macos is a good
platform as we know it ships with a sanitier we can use" by changing "sanitier"
to "sanitizer" so the comment reads "macos is a good platform as we know it
ships with a sanitizer we can use"; update the single comment string
accordingly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 6e5c678f-abc6-4fba-8c44-ab7ca967c77e

📥 Commits

Reviewing files that changed from the base of the PR and between dcb4956 and 66d4ee4.

📒 Files selected for processing (2)

• .github/workflows/build.yml
• src/if-bsd.c

[coderabbitai]

Note

Autofix is a beta feature. Expect some limitations and changes as we gather feedback and continue to improve it.

Fixes Applied Successfully

Fixed 1 file(s) based on 1 unresolved review comment.

Files modified:

• src/if-bsd.c

Commit: 354ecead2f9dd817a71dd7640604d14c53226806

The changes have been pushed to the darwin branch.

Time taken: 2m 23s