1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 24 * Copyright 2018 Joyent, Inc. 25 * Copyright 2016 Argo Technologie SA. 26 * Copyright (c) 2016-2017, Chris Fraire <cfraire@me.com>. 27 */ 28 29 /* 30 * Contains DB walker functions, which are of type `db_wfunc_t'; 31 * 32 * typedef boolean_t db_wfunc_t(void *cbarg, nvlist_t *db_nvl, char *buf, 33 * size_t bufsize, int *errp); 34 * 35 * ipadm_rw_db() walks through the data store, one line at a time and calls 36 * these call back functions with: 37 * `cbarg' - callback argument 38 * `db_nvl' - representing a line from DB in nvlist_t form 39 * `buf' - character buffer to hold modified line 40 * `bufsize'- size of the buffer 41 * `errp' - captures any error inside the walker function. 42 * 43 * All the 'write' callback functions modify `db_nvl' based on `cbarg' and 44 * copy string representation of `db_nvl' (using ipadm_nvlist2str()) into `buf'. 45 * To delete a line from the DB, buf[0] is set to `\0'. Inside ipadm_rw_db(), 46 * the modified `buf' is written back into DB. 47 * 48 * All the 'read' callback functions, retrieve the information from the DB, by 49 * reading `db_nvl' and then populate the `cbarg'. 50 */ 51 52 #include <stdlib.h> 53 #include <strings.h> 54 #include <errno.h> 55 #include <assert.h> 56 #include <sys/types.h> 57 #include <sys/socket.h> 58 #include <netinet/in.h> 59 #include <arpa/inet.h> 60 #include <unistd.h> 61 #include "ipmgmt_impl.h" 62 63 /* SCF related property group names and property names */ 64 #define IPMGMTD_APP_PG "ipmgmtd" 65 #define IPMGMTD_PROP_FBD "first_boot_done" 66 #define IPMGMTD_PROP_DBVER "datastore_version" 67 #define IPMGMTD_TRUESTR "true" 68 69 #define ATYPE "_atype" /* name of the address type nvpair */ 70 #define FLAGS "_flags" /* name of the flags nvpair */ 71 72 /* 73 * flag used by ipmgmt_persist_aobjmap() to indicate address type is 74 * IPADM_ADDR_IPV6_ADDRCONF. 75 */ 76 #define IPMGMT_ATYPE_V6ACONF 0x1 77 78 extern pthread_rwlock_t ipmgmt_dbconf_lock; 79 80 /* signifies whether volatile copy of data store is in use */ 81 static boolean_t ipmgmt_rdonly_root = B_FALSE; 82 83 /* 84 * Checks if the database nvl, `db_nvl' contains and matches ALL of the passed 85 * in private nvpairs `proto', `ifname' & `aobjname'. 86 */ 87 static boolean_t 88 ipmgmt_nvlist_match(nvlist_t *db_nvl, const char *proto, const char *ifname, 89 const char *aobjname) 90 { 91 char *db_proto = NULL, *db_ifname = NULL; 92 char *db_aobjname = NULL; 93 nvpair_t *nvp; 94 char *name; 95 96 /* walk through db_nvl and retrieve all its private nvpairs */ 97 for (nvp = nvlist_next_nvpair(db_nvl, NULL); nvp != NULL; 98 nvp = nvlist_next_nvpair(db_nvl, nvp)) { 99 name = nvpair_name(nvp); 100 if (strcmp(IPADM_NVP_PROTONAME, name) == 0) 101 (void) nvpair_value_string(nvp, &db_proto); 102 else if (strcmp(IPADM_NVP_IFNAME, name) == 0) 103 (void) nvpair_value_string(nvp, &db_ifname); 104 else if (strcmp(IPADM_NVP_AOBJNAME, name) == 0) 105 (void) nvpair_value_string(nvp, &db_aobjname); 106 } 107 108 if (proto != NULL && proto[0] == '\0') 109 proto = NULL; 110 if (ifname != NULL && ifname[0] == '\0') 111 ifname = NULL; 112 if (aobjname != NULL && aobjname[0] == '\0') 113 aobjname = NULL; 114 115 if ((proto == NULL && db_proto != NULL) || 116 (proto != NULL && db_proto == NULL) || 117 (proto != NULL && db_proto != NULL && 118 strcmp(proto, db_proto) != 0)) { 119 /* no intersection - different protocols. */ 120 return (B_FALSE); 121 } 122 if ((ifname == NULL && db_ifname != NULL) || 123 (ifname != NULL && db_ifname == NULL) || 124 (ifname != NULL && db_ifname != NULL && 125 strcmp(ifname, db_ifname) != 0)) { 126 /* no intersection - different interfaces. */ 127 return (B_FALSE); 128 } 129 if ((aobjname == NULL && db_aobjname != NULL) || 130 (aobjname != NULL && db_aobjname == NULL) || 131 (aobjname != NULL && db_aobjname != NULL && 132 strcmp(aobjname, db_aobjname) != 0)) { 133 /* no intersection - different address objects */ 134 return (B_FALSE); 135 } 136 137 return (B_TRUE); 138 } 139 140 /* 141 * Checks if the database nvl, `db_nvl' and the input nvl, `in_nvl' intersects. 142 */ 143 static boolean_t 144 ipmgmt_nvlist_intersects(nvlist_t *db_nvl, nvlist_t *in_nvl) 145 { 146 nvpair_t *nvp; 147 char *name; 148 char *proto = NULL, *ifname = NULL, *aobjname = NULL; 149 150 /* walk through in_nvl and retrieve all its private nvpairs */ 151 for (nvp = nvlist_next_nvpair(in_nvl, NULL); nvp != NULL; 152 nvp = nvlist_next_nvpair(in_nvl, nvp)) { 153 name = nvpair_name(nvp); 154 if (strcmp(IPADM_NVP_PROTONAME, name) == 0) 155 (void) nvpair_value_string(nvp, &proto); 156 else if (strcmp(IPADM_NVP_IFNAME, name) == 0) 157 (void) nvpair_value_string(nvp, &ifname); 158 else if (strcmp(IPADM_NVP_AOBJNAME, name) == 0) 159 (void) nvpair_value_string(nvp, &aobjname); 160 } 161 162 return (ipmgmt_nvlist_match(db_nvl, proto, ifname, aobjname)); 163 } 164 165 /* 166 * Checks if the database nvl, `db_nvl', contains and matches ANY of the passed 167 * in private nvpairs `proto', `ifname' & `aobjname'. 168 */ 169 static boolean_t 170 ipmgmt_nvlist_contains(nvlist_t *db_nvl, const char *proto, 171 const char *ifname, char *aobjname) 172 { 173 char *db_ifname = NULL, *db_proto = NULL; 174 char *db_aobjname = NULL; 175 nvpair_t *nvp; 176 char *name; 177 178 /* walk through db_nvl and retrieve all private nvpairs */ 179 for (nvp = nvlist_next_nvpair(db_nvl, NULL); nvp != NULL; 180 nvp = nvlist_next_nvpair(db_nvl, nvp)) { 181 name = nvpair_name(nvp); 182 if (strcmp(IPADM_NVP_PROTONAME, name) == 0) 183 (void) nvpair_value_string(nvp, &db_proto); 184 else if (strcmp(IPADM_NVP_IFNAME, name) == 0) 185 (void) nvpair_value_string(nvp, &db_ifname); 186 else if (strcmp(IPADM_NVP_AOBJNAME, name) == 0) 187 (void) nvpair_value_string(nvp, &db_aobjname); 188 } 189 190 if (proto != NULL && proto[0] != '\0') { 191 if ((db_proto == NULL || strcmp(proto, db_proto) != 0)) 192 return (B_FALSE); 193 } 194 if (ifname != NULL && ifname[0] != '\0') { 195 if ((db_ifname == NULL || strcmp(ifname, db_ifname) != 0)) 196 return (B_FALSE); 197 } 198 if (aobjname != NULL && aobjname[0] != '\0') { 199 if ((db_aobjname == NULL || strcmp(aobjname, db_aobjname) != 0)) 200 return (B_FALSE); 201 } 202 203 return (B_TRUE); 204 } 205 206 /* 207 * Retrieves the property value from the DB. The property whose value is to be 208 * retrieved is in `pargp->ia_pname'. 209 */ 210 /* ARGSUSED */ 211 boolean_t 212 ipmgmt_db_getprop(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 213 int *errp) 214 { 215 ipmgmt_prop_arg_t *pargp = arg; 216 boolean_t cont = B_TRUE; 217 char *pval; 218 int err = 0; 219 220 *errp = 0; 221 222 if (!ipmgmt_nvlist_match(db_nvl, pargp->ia_module, 223 pargp->ia_ifname, pargp->ia_aobjname)) 224 return (B_TRUE); 225 226 if ((err = nvlist_lookup_string(db_nvl, pargp->ia_pname, 227 &pval)) == 0) { 228 (void) strlcpy(pargp->ia_pval, pval, sizeof (pargp->ia_pval)); 229 /* 230 * We have retrieved what we are looking for. 231 * Stop the walker. 232 */ 233 cont = B_FALSE; 234 } else { 235 if (err == ENOENT) 236 err = 0; 237 *errp = err; 238 } 239 240 return (cont); 241 } 242 243 /* 244 * Removes the property value from the DB. The property whose value is to be 245 * removed is in `pargp->ia_pname'. 246 */ 247 /* ARGSUSED */ 248 boolean_t 249 ipmgmt_db_resetprop(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 250 int *errp) 251 { 252 ipmgmt_prop_arg_t *pargp = arg; 253 254 *errp = 0; 255 if (!ipmgmt_nvlist_match(db_nvl, pargp->ia_module, 256 pargp->ia_ifname, pargp->ia_aobjname)) 257 return (B_TRUE); 258 259 if (!nvlist_exists(db_nvl, pargp->ia_pname)) 260 return (B_TRUE); 261 262 /* 263 * We found the property in the DB. If IPMGMT_REMOVE is not set then 264 * delete the entry from the db. If it is set, then the property is a 265 * multi-valued property so just remove the specified values from DB. 266 */ 267 if (pargp->ia_flags & IPMGMT_REMOVE) { 268 char *dbpval = NULL; 269 char *inpval = pargp->ia_pval; 270 char pval[MAXPROPVALLEN]; 271 char *val, *lasts; 272 273 *errp = nvlist_lookup_string(db_nvl, pargp->ia_pname, &dbpval); 274 if (*errp != 0) 275 return (B_FALSE); 276 277 /* 278 * multi-valued properties are represented as comma separated 279 * values. Use string tokenizer functions to split them and 280 * search for the value to be removed. 281 */ 282 bzero(pval, sizeof (pval)); 283 if ((val = strtok_r(dbpval, ",", &lasts)) != NULL) { 284 if (strcmp(val, inpval) != 0) 285 (void) strlcat(pval, val, MAXPROPVALLEN); 286 while ((val = strtok_r(NULL, ",", &lasts)) != NULL) { 287 if (strcmp(val, inpval) != 0) { 288 if (pval[0] != '\0') 289 (void) strlcat(pval, ",", 290 MAXPROPVALLEN); 291 (void) strlcat(pval, val, 292 MAXPROPVALLEN); 293 } 294 } 295 } else { 296 if (strcmp(dbpval, inpval) != 0) 297 *errp = ENOENT; 298 else 299 buf[0] = '\0'; 300 return (B_FALSE); 301 } 302 *errp = nvlist_add_string(db_nvl, pargp->ia_pname, pval); 303 if (*errp != 0) 304 return (B_FALSE); 305 306 (void) memset(buf, 0, buflen); 307 if (ipadm_nvlist2str(db_nvl, buf, buflen) == 0) { 308 /* buffer overflow */ 309 *errp = ENOBUFS; 310 } 311 } else { 312 buf[0] = '\0'; 313 } 314 315 /* stop the search */ 316 return (B_FALSE); 317 } 318 319 /* 320 * Input arguments can have IPADM_NVP_AOBJNAME or IPADM_NVP_IFNAME. A match is 321 * found, when one of the following occurs first. 322 * - the input aobjname matches the db aobjname. Return the db address. 323 * - the input interface matches the db interface. Return all the 324 * matching db lines with addresses. 325 */ 326 /* ARGSUSED */ 327 boolean_t 328 ipmgmt_db_getaddr(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 329 int *errp) 330 { 331 ipmgmt_getaddr_cbarg_t *cbarg = arg; 332 char *db_aobjname = NULL; 333 char *db_ifname = NULL; 334 nvlist_t *db_addr = NULL; 335 char name[IPMGMT_STRSIZE]; 336 nvpair_t *nvp; 337 boolean_t add_nvl = B_FALSE; 338 339 /* Parse db nvlist */ 340 for (nvp = nvlist_next_nvpair(db_nvl, NULL); nvp != NULL; 341 nvp = nvlist_next_nvpair(db_nvl, nvp)) { 342 if (nvpair_type(nvp) == DATA_TYPE_NVLIST) 343 (void) nvpair_value_nvlist(nvp, &db_addr); 344 else if (strcmp(nvpair_name(nvp), IPADM_NVP_IFNAME) == 0) 345 (void) nvpair_value_string(nvp, &db_ifname); 346 else if (strcmp(nvpair_name(nvp), IPADM_NVP_AOBJNAME) == 0) 347 (void) nvpair_value_string(nvp, &db_aobjname); 348 } 349 350 if (db_aobjname == NULL) /* Not an address */ 351 return (B_TRUE); 352 353 /* Check for a match between the aobjnames or the interface name */ 354 if (cbarg->cb_aobjname[0] != '\0') { 355 if (strcmp(cbarg->cb_aobjname, db_aobjname) == 0) 356 add_nvl = B_TRUE; 357 } else if (cbarg->cb_ifname[0] != '\0') { 358 if (strcmp(cbarg->cb_ifname, db_ifname) == 0) 359 add_nvl = B_TRUE; 360 } else { 361 add_nvl = B_TRUE; 362 } 363 364 if (add_nvl) { 365 (void) snprintf(name, sizeof (name), "%s_%d", db_ifname, 366 cbarg->cb_ocnt); 367 *errp = nvlist_add_nvlist(cbarg->cb_onvl, name, db_nvl); 368 if (*errp == 0) 369 cbarg->cb_ocnt++; 370 } 371 return (B_TRUE); 372 } 373 374 /* 375 * This function only gets called if a volatile filesystem version 376 * of the configuration file has been created. This only happens in the 377 * extremely rare case that a request has been made to update the configuration 378 * file at boottime while the root filesystem was read-only. This is 379 * really a rare occurrence now that we don't support UFS root filesystems 380 * any longer. This function will periodically attempt to write the 381 * configuration back to its location on the root filesystem. Success 382 * will indicate that the filesystem is no longer read-only. 383 */ 384 /* ARGSUSED */ 385 static void * 386 ipmgmt_db_restore_thread(void *arg) 387 { 388 int err; 389 390 for (;;) { 391 (void) sleep(5); 392 (void) pthread_rwlock_wrlock(&ipmgmt_dbconf_lock); 393 if (!ipmgmt_rdonly_root) 394 break; 395 err = ipmgmt_cpfile(IPADM_VOL_DB_FILE, IPADM_DB_FILE, B_FALSE); 396 if (err == 0) { 397 ipmgmt_rdonly_root = B_FALSE; 398 break; 399 } 400 (void) pthread_rwlock_unlock(&ipmgmt_dbconf_lock); 401 } 402 (void) pthread_rwlock_unlock(&ipmgmt_dbconf_lock); 403 return (NULL); 404 } 405 406 /* 407 * This function takes the appropriate lock, read or write, based on the 408 * `db_op' and then calls DB walker ipadm_rw_db(). The code is complicated 409 * by the fact that we are not always guaranteed to have a writable root 410 * filesystem since it is possible that we are reading or writing during 411 * bootime while the root filesystem is still read-only. This is, by far, 412 * the exception case. Normally, this function will be called when the 413 * root filesystem is writable. In the unusual case where this is not 414 * true, the configuration file is copied to the volatile file system 415 * and is updated there until the root filesystem becomes writable. At 416 * that time the file will be moved back to its proper location by 417 * ipmgmt_db_restore_thread(). 418 */ 419 extern int 420 ipmgmt_db_walk(db_wfunc_t *db_walk_func, void *db_warg, ipadm_db_op_t db_op) 421 { 422 int err; 423 boolean_t writeop; 424 mode_t mode; 425 pthread_t tid; 426 pthread_attr_t attr; 427 428 writeop = (db_op != IPADM_DB_READ); 429 if (writeop) { 430 (void) pthread_rwlock_wrlock(&ipmgmt_dbconf_lock); 431 mode = IPADM_FILE_MODE; 432 } else { 433 (void) pthread_rwlock_rdlock(&ipmgmt_dbconf_lock); 434 mode = 0; 435 } 436 437 /* 438 * Did a previous write attempt fail? If so, don't even try to 439 * read/write to IPADM_DB_FILE. 440 */ 441 if (!ipmgmt_rdonly_root) { 442 err = ipadm_rw_db(db_walk_func, db_warg, IPADM_DB_FILE, 443 mode, db_op); 444 if (err != EROFS) 445 goto done; 446 } 447 448 /* 449 * If we haven't already copied the file to the volatile 450 * file system, do so. This should only happen on a failed 451 * writeop(i.e., we have acquired the write lock above). 452 */ 453 if (access(IPADM_VOL_DB_FILE, F_OK) != 0) { 454 assert(writeop); 455 err = ipmgmt_cpfile(IPADM_DB_FILE, IPADM_VOL_DB_FILE, B_TRUE); 456 if (err != 0) 457 goto done; 458 (void) pthread_attr_init(&attr); 459 (void) pthread_attr_setdetachstate(&attr, 460 PTHREAD_CREATE_DETACHED); 461 (void) pthread_attr_setname_np(&attr, "db_restore"); 462 err = pthread_create(&tid, &attr, ipmgmt_db_restore_thread, 463 NULL); 464 (void) pthread_attr_destroy(&attr); 465 if (err != 0) { 466 (void) unlink(IPADM_VOL_DB_FILE); 467 goto done; 468 } 469 ipmgmt_rdonly_root = B_TRUE; 470 } 471 472 /* 473 * Read/write from the volatile copy. 474 */ 475 err = ipadm_rw_db(db_walk_func, db_warg, IPADM_VOL_DB_FILE, 476 mode, db_op); 477 done: 478 (void) pthread_rwlock_unlock(&ipmgmt_dbconf_lock); 479 return (err); 480 } 481 482 /* 483 * Used to add an entry towards the end of DB. It just returns B_TRUE for 484 * every line of the DB. When we reach the end, ipadm_rw_db() adds the 485 * line at the end. 486 */ 487 /* ARGSUSED */ 488 boolean_t 489 ipmgmt_db_add(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, int *errp) 490 { 491 return (B_TRUE); 492 } 493 494 /* 495 * This function is used to update or create an entry in DB. The nvlist_t, 496 * `in_nvl', represents the line we are looking for. Once we ensure the right 497 * line from DB, we update that entry. 498 */ 499 boolean_t 500 ipmgmt_db_update(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 501 int *errp) 502 { 503 ipadm_dbwrite_cbarg_t *cb = arg; 504 uint_t flags = cb->dbw_flags; 505 nvlist_t *in_nvl = cb->dbw_nvl; 506 nvpair_t *nvp; 507 char *name, *instrval = NULL, *dbstrval = NULL; 508 char pval[MAXPROPVALLEN]; 509 510 *errp = 0; 511 if (!ipmgmt_nvlist_intersects(db_nvl, in_nvl)) 512 return (B_TRUE); 513 514 for (nvp = nvlist_next_nvpair(in_nvl, NULL); nvp != NULL; 515 nvp = nvlist_next_nvpair(in_nvl, nvp)) { 516 name = nvpair_name(nvp); 517 if (!IPADM_PRIV_NVP(name) && nvlist_exists(db_nvl, name)) 518 break; 519 } 520 521 if (nvp == NULL) 522 return (B_TRUE); 523 524 assert(nvpair_type(nvp) == DATA_TYPE_STRING); 525 526 if ((*errp = nvpair_value_string(nvp, &instrval)) != 0) 527 return (B_FALSE); 528 529 /* 530 * If IPMGMT_APPEND is set then we are dealing with multi-valued 531 * properties. We append to the entry from the db, with the new value. 532 */ 533 if (flags & IPMGMT_APPEND) { 534 if ((*errp = nvlist_lookup_string(db_nvl, name, 535 &dbstrval)) != 0) 536 return (B_FALSE); 537 (void) snprintf(pval, MAXPROPVALLEN, "%s,%s", dbstrval, 538 instrval); 539 if ((*errp = nvlist_add_string(db_nvl, name, pval)) != 0) 540 return (B_FALSE); 541 } else { 542 /* case of in-line update of a db entry */ 543 if ((*errp = nvlist_add_string(db_nvl, name, instrval)) != 0) 544 return (B_FALSE); 545 } 546 547 (void) memset(buf, 0, buflen); 548 if (ipadm_nvlist2str(db_nvl, buf, buflen) == 0) { 549 /* buffer overflow */ 550 *errp = ENOBUFS; 551 } 552 553 /* we updated the DB entry, so do not continue */ 554 return (B_FALSE); 555 } 556 557 /* 558 * For the given `cbarg->cb_ifname' interface, retrieves any persistent 559 * interface information (used in 'ipadm show-if') 560 */ 561 /* ARGSUSED */ 562 boolean_t 563 ipmgmt_db_getif(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 564 int *errp) 565 { 566 ipmgmt_getif_cbarg_t *cbarg = arg; 567 char *ifname = cbarg->cb_ifname; 568 char *intf = NULL; 569 ipadm_if_info_t *ifp = NULL; 570 sa_family_t af; 571 char *afstr; 572 573 *errp = 0; 574 if (nvlist_lookup_string(db_nvl, IPADM_NVP_FAMILY, &afstr) != 0 || 575 nvlist_lookup_string(db_nvl, IPADM_NVP_IFNAME, &intf) != 0 || 576 (ifname[0] != '\0' && strcmp(ifname, intf) != 0)) { 577 return (B_TRUE); 578 } 579 af = atoi(afstr); 580 for (ifp = cbarg->cb_ifinfo; ifp != NULL; ifp = ifp->ifi_next) { 581 if (strcmp(ifp->ifi_name, intf) == 0) 582 break; 583 } 584 if (ifp == NULL) { 585 ipadm_if_info_t *new; 586 587 if ((new = calloc(1, sizeof (*new))) == NULL) { 588 *errp = ENOMEM; 589 return (B_FALSE); /* don't continue the walk */ 590 } 591 new->ifi_next = cbarg->cb_ifinfo; 592 cbarg->cb_ifinfo = new; 593 ifp = new; 594 (void) strlcpy(ifp->ifi_name, intf, sizeof (ifp->ifi_name)); 595 } 596 597 if (af == AF_INET) { 598 ifp->ifi_pflags |= IFIF_IPV4; 599 } else { 600 assert(af == AF_INET6); 601 ifp->ifi_pflags |= IFIF_IPV6; 602 } 603 604 /* Terminate the walk if we found both v4 and v6 interfaces. */ 605 if (ifname[0] != '\0' && (ifp->ifi_pflags & IFIF_IPV4) && 606 (ifp->ifi_pflags & IFIF_IPV6)) 607 return (B_FALSE); 608 609 return (B_TRUE); 610 } 611 612 /* 613 * Deletes those entries from the database for which interface name 614 * matches with the given `cbarg->cb_ifname' 615 */ 616 /* ARGSUSED */ 617 boolean_t 618 ipmgmt_db_resetif(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 619 int *errp) 620 { 621 ipmgmt_if_cbarg_t *cbarg = arg; 622 boolean_t isv6 = (cbarg->cb_family == AF_INET6); 623 char *ifname = cbarg->cb_ifname; 624 char *modstr = NULL; 625 char *afstr; 626 char *aobjname; 627 uint_t proto; 628 ipmgmt_aobjmap_t *head; 629 boolean_t aobjfound = B_FALSE; 630 631 *errp = 0; 632 633 if (!ipmgmt_nvlist_contains(db_nvl, NULL, ifname, NULL)) 634 return (B_TRUE); 635 636 if (nvlist_lookup_string(db_nvl, IPADM_NVP_FAMILY, &afstr) == 0) { 637 if (atoi(afstr) == cbarg->cb_family) 638 goto delete; 639 return (B_TRUE); 640 } 641 642 /* Reset all the interface configurations for 'ifname' */ 643 if (isv6 && (nvlist_exists(db_nvl, IPADM_NVP_IPV6ADDR) || 644 nvlist_exists(db_nvl, IPADM_NVP_INTFID))) { 645 goto delete; 646 } 647 if (!isv6 && 648 (nvlist_exists(db_nvl, IPADM_NVP_IPV4ADDR) || 649 nvlist_exists(db_nvl, IPADM_NVP_DHCP))) { 650 goto delete; 651 } 652 653 if (nvlist_lookup_string(db_nvl, IPADM_NVP_AOBJNAME, &aobjname) == 0) { 654 /* 655 * This must be an address property. Delete this 656 * line if there is a match in the address family. 657 */ 658 head = aobjmap.aobjmap_head; 659 while (head != NULL) { 660 if (strcmp(head->am_aobjname, aobjname) == 0) { 661 aobjfound = B_TRUE; 662 if (head->am_family == cbarg->cb_family) 663 goto delete; 664 } 665 head = head->am_next; 666 } 667 /* 668 * If aobjfound = B_FALSE, then this address is not 669 * available in active configuration. We should go ahead 670 * and delete it. 671 */ 672 if (!aobjfound) 673 goto delete; 674 } 675 676 /* 677 * If we are removing both v4 and v6 interface, then we get rid of 678 * all the properties for that interface. On the other hand, if we 679 * are deleting only v4 instance of an interface, then we delete v4 680 * properties only. 681 */ 682 if (nvlist_lookup_string(db_nvl, IPADM_NVP_PROTONAME, &modstr) == 0) { 683 proto = ipadm_str2proto(modstr); 684 switch (proto) { 685 case MOD_PROTO_IPV6: 686 if (isv6) 687 goto delete; 688 break; 689 case MOD_PROTO_IPV4: 690 if (!isv6) 691 goto delete; 692 break; 693 case MOD_PROTO_IP: 694 /* this should never be the case, today */ 695 assert(0); 696 break; 697 } 698 } 699 /* Not found a match yet. Continue processing the db */ 700 return (B_TRUE); 701 delete: 702 /* delete the line from the db */ 703 buf[0] = '\0'; 704 return (B_TRUE); 705 } 706 707 /* 708 * Deletes those entries from the database for which address object name 709 * matches with the given `cbarg->cb_aobjname' 710 */ 711 /* ARGSUSED */ 712 boolean_t 713 ipmgmt_db_resetaddr(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 714 int *errp) 715 { 716 ipmgmt_resetaddr_cbarg_t *cbarg = arg; 717 char *aobjname = cbarg->cb_aobjname; 718 719 *errp = 0; 720 if (!ipmgmt_nvlist_contains(db_nvl, NULL, NULL, aobjname)) 721 return (B_TRUE); 722 723 /* delete the line from the db */ 724 buf[0] = '\0'; 725 return (B_TRUE); 726 } 727 728 /* 729 * Retrieves all interface props, including addresses, for given interface(s). 730 * `invl' contains the list of interfaces, for which information need to be 731 * retrieved. 732 */ 733 /* ARGSUSED */ 734 boolean_t 735 ipmgmt_db_initif(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 736 int *errp) 737 { 738 ipmgmt_initif_cbarg_t *cbarg = arg; 739 nvlist_t *onvl = cbarg->cb_onvl; 740 nvlist_t *invl = cbarg->cb_invl; 741 sa_family_t in_af = cbarg->cb_family; 742 char *db_ifname; 743 744 *errp = 0; 745 if (nvlist_lookup_string(db_nvl, IPADM_NVP_IFNAME, &db_ifname) == 0 && 746 nvlist_exists(invl, db_ifname)) { 747 char name[IPMGMT_STRSIZE]; 748 sa_family_t db_af = in_af; 749 uint_t proto; 750 char *pstr; 751 752 if (in_af != AF_UNSPEC) { 753 if (nvlist_lookup_string(db_nvl, IPADM_NVP_PROTONAME, 754 &pstr) == 0) { 755 proto = ipadm_str2proto(pstr); 756 if (proto == MOD_PROTO_IPV4) 757 db_af = AF_INET; 758 else if (proto == MOD_PROTO_IPV6) 759 db_af = AF_INET6; 760 else 761 db_af = in_af; 762 } else { 763 if (nvlist_exists(db_nvl, IPADM_NVP_IPV4ADDR) || 764 nvlist_exists(db_nvl, IPADM_NVP_DHCP)) 765 db_af = AF_INET; 766 else 767 db_af = AF_INET6; 768 } 769 } 770 if (in_af == db_af) { 771 (void) snprintf(name, sizeof (name), "%s_%d", db_ifname, 772 cbarg->cb_ocnt); 773 *errp = nvlist_add_nvlist(onvl, name, db_nvl); 774 if (*errp == 0) 775 cbarg->cb_ocnt++; 776 } 777 } 778 return (B_TRUE); 779 } 780 781 /* 782 * helper function for ipmgmt_aobjmap_op(). Adds the node pointed by `nodep' 783 * into `aobjmap' structure. 784 */ 785 static int 786 i_ipmgmt_add_amnode(ipmgmt_aobjmap_t *nodep) 787 { 788 ipmgmt_aobjmap_t *new, *head; 789 790 head = aobjmap.aobjmap_head; 791 if ((new = malloc(sizeof (ipmgmt_aobjmap_t))) == NULL) 792 return (ENOMEM); 793 *new = *nodep; 794 new->am_next = NULL; 795 796 /* Add the node at the beginning of the list */ 797 if (head == NULL) { 798 aobjmap.aobjmap_head = new; 799 } else { 800 new->am_next = aobjmap.aobjmap_head; 801 aobjmap.aobjmap_head = new; 802 } 803 return (0); 804 } 805 806 /* 807 * A recursive function to generate alphabetized number given a decimal number. 808 * Decimal 0 to 25 maps to 'a' to 'z' and then the counting continues with 'aa', 809 * 'ab', 'ac', et al. 810 */ 811 static void 812 i_ipmgmt_num2priv_aobjname(uint32_t num, char **cp, char *endp) 813 { 814 if (num >= 26) 815 i_ipmgmt_num2priv_aobjname(num / 26 - 1, cp, endp); 816 if (*cp != endp) { 817 *cp[0] = 'a' + (num % 26); 818 (*cp)++; 819 } 820 } 821 822 /* 823 * This function generates an `aobjname', when required, and then does 824 * lookup-add. If `nodep->am_aobjname' is not an empty string, then it walks 825 * through the `aobjmap' to check if an address object with the same 826 * `nodep->am_aobjname' exists. If it exists, EEXIST is returned as duplicate 827 * `aobjname's are not allowed. 828 * 829 * If `nodep->am_aobjname' is an empty string then the daemon generates an 830 * `aobjname' using the `am_nextnum', which contains the next number to be 831 * used to generate `aobjname'. `am_nextnum' is converted to base26 using 832 * `a-z' alphabets in i_ipmgmt_num2priv_aobjname(). 833 * 834 * `am_nextnum' will be 0 to begin with. Every time an address object that 835 * needs `aobjname' is added it's incremented by 1. So for the first address 836 * object on net0 the `am_aobjname' will be net0/_a and `am_nextnum' will be 1. 837 * For the second address object on that interface `am_aobjname' will be net0/_b 838 * and `am_nextnum' will incremented to 2. 839 */ 840 static int 841 i_ipmgmt_lookupadd_amnode(ipmgmt_aobjmap_t *nodep) 842 { 843 ipmgmt_aobjmap_t *head; 844 uint32_t nextnum; 845 846 for (head = aobjmap.aobjmap_head; head != NULL; head = head->am_next) 847 if (strcmp(head->am_ifname, nodep->am_ifname) == 0) 848 break; 849 nextnum = (head == NULL ? 0 : head->am_nextnum); 850 851 /* 852 * if `aobjname' is empty, then the daemon has to generate the 853 * next `aobjname' for the given interface and family. 854 */ 855 if (nodep->am_aobjname[0] == '\0') { 856 char tmpstr[IPADM_AOBJ_USTRSIZ - 1]; /* 1 for leading '_' */ 857 char *cp = tmpstr; 858 char *endp = tmpstr + sizeof (tmpstr); 859 860 i_ipmgmt_num2priv_aobjname(nextnum, &cp, endp); 861 862 if (cp == endp) 863 return (EINVAL); 864 cp[0] = '\0'; 865 866 if (snprintf(nodep->am_aobjname, IPADM_AOBJSIZ, "%s/_%s", 867 nodep->am_ifname, tmpstr) >= IPADM_AOBJSIZ) { 868 return (EINVAL); 869 } 870 nodep->am_nextnum = ++nextnum; 871 } else { 872 for (head = aobjmap.aobjmap_head; head != NULL; 873 head = head->am_next) { 874 if (strcmp(head->am_aobjname, nodep->am_aobjname) == 0) 875 return (EEXIST); 876 } 877 nodep->am_nextnum = nextnum; 878 } 879 return (i_ipmgmt_add_amnode(nodep)); 880 } 881 882 /* 883 * Performs following operations on the global `aobjmap' linked list. 884 * (a) ADDROBJ_ADD: add or update address object in `aobjmap' 885 * (b) ADDROBJ_DELETE: delete address object from `aobjmap' 886 * (c) ADDROBJ_LOOKUPADD: place a stub address object in `aobjmap' 887 * (d) ADDROBJ_SETLIFNUM: Sets the lifnum for an address object in `aobjmap' 888 */ 889 int 890 ipmgmt_aobjmap_op(ipmgmt_aobjmap_t *nodep, uint32_t op) 891 { 892 ipmgmt_aobjmap_t *head, *prev, *matched = NULL; 893 boolean_t update = B_TRUE; 894 int err = 0; 895 ipadm_db_op_t db_op; 896 897 (void) pthread_rwlock_wrlock(&aobjmap.aobjmap_rwlock); 898 899 head = aobjmap.aobjmap_head; 900 switch (op) { 901 case ADDROBJ_ADD: 902 /* 903 * check for stub nodes (added by ADDROBJ_LOOKUPADD) and 904 * update, else add the new node. 905 */ 906 for (; head != NULL; head = head->am_next) { 907 /* 908 * For IPv6, we need to distinguish between the 909 * linklocal and non-linklocal nodes 910 */ 911 if (strcmp(head->am_aobjname, 912 nodep->am_aobjname) == 0 && 913 (head->am_atype != IPADM_ADDR_IPV6_ADDRCONF || 914 head->ipmgmt_am_linklocal == 915 nodep->ipmgmt_am_linklocal)) 916 break; 917 } 918 919 if (head != NULL) { 920 /* update the node */ 921 (void) strlcpy(head->am_ifname, nodep->am_ifname, 922 sizeof (head->am_ifname)); 923 head->am_lnum = nodep->am_lnum; 924 head->am_family = nodep->am_family; 925 head->am_flags = nodep->am_flags; 926 head->am_atype = nodep->am_atype; 927 head->am_atype_cache = nodep->am_atype_cache; 928 } else { 929 for (head = aobjmap.aobjmap_head; head != NULL; 930 head = head->am_next) { 931 if (strcmp(head->am_ifname, 932 nodep->am_ifname) == 0) 933 break; 934 } 935 nodep->am_nextnum = (head == NULL ? 0 : 936 head->am_nextnum); 937 err = i_ipmgmt_add_amnode(nodep); 938 } 939 db_op = IPADM_DB_WRITE; 940 break; 941 case ADDROBJ_DELETE: 942 prev = head; 943 while (head != NULL) { 944 if (strcmp(head->am_aobjname, 945 nodep->am_aobjname) == 0) { 946 nodep->am_atype = head->am_atype; 947 /* 948 * There could be multiple IPV6_ADDRCONF nodes, 949 * with same address object name, so check for 950 * logical number also. 951 */ 952 if (head->am_atype != 953 IPADM_ADDR_IPV6_ADDRCONF || 954 nodep->am_lnum == head->am_lnum) 955 break; 956 } 957 prev = head; 958 head = head->am_next; 959 } 960 if (head != NULL) { 961 /* 962 * If the address object is in both active and 963 * persistent configuration and the user is deleting it 964 * only from active configuration then mark this node 965 * for deletion by reseting IPMGMT_ACTIVE bit. 966 * With this the same address object name cannot 967 * be reused until it is permanently removed. 968 */ 969 if (head->am_flags == (IPMGMT_ACTIVE|IPMGMT_PERSIST) && 970 nodep->am_flags == IPMGMT_ACTIVE) { 971 /* Update flags in the in-memory map. */ 972 head->am_flags &= ~IPMGMT_ACTIVE; 973 head->am_lnum = -1; 974 975 /* Update info in file. */ 976 db_op = IPADM_DB_WRITE; 977 *nodep = *head; 978 } else { 979 (void) strlcpy(nodep->am_ifname, 980 head->am_ifname, 981 sizeof (nodep->am_ifname)); 982 /* otherwise delete the node */ 983 if (head == aobjmap.aobjmap_head) 984 aobjmap.aobjmap_head = head->am_next; 985 else 986 prev->am_next = head->am_next; 987 free(head); 988 db_op = IPADM_DB_DELETE; 989 } 990 } else { 991 err = ENOENT; 992 } 993 break; 994 case ADDROBJ_LOOKUPADD: 995 err = i_ipmgmt_lookupadd_amnode(nodep); 996 update = B_FALSE; 997 break; 998 case ADDROBJ_SETLIFNUM: 999 update = B_FALSE; 1000 for (; head != NULL; head = head->am_next) { 1001 if (strcmp(head->am_ifname, 1002 nodep->am_ifname) == 0 && 1003 head->am_family == nodep->am_family && 1004 head->am_lnum == nodep->am_lnum) { 1005 err = EEXIST; 1006 break; 1007 } 1008 if (strcmp(head->am_aobjname, 1009 nodep->am_aobjname) == 0) { 1010 matched = head; 1011 } 1012 } 1013 if (err == EEXIST) 1014 break; 1015 if (matched != NULL) { 1016 /* update the lifnum */ 1017 matched->am_lnum = nodep->am_lnum; 1018 } else { 1019 err = ENOENT; 1020 } 1021 break; 1022 default: 1023 assert(0); 1024 } 1025 1026 if (err == 0 && update) 1027 err = ipmgmt_persist_aobjmap(nodep, db_op); 1028 1029 (void) pthread_rwlock_unlock(&aobjmap.aobjmap_rwlock); 1030 1031 return (err); 1032 } 1033 1034 /* 1035 * Given a node in `aobjmap', this function converts it into nvlist_t structure. 1036 * The content to be written to DB must be represented as nvlist_t. 1037 */ 1038 static int 1039 i_ipmgmt_node2nvl(nvlist_t **nvl, ipmgmt_aobjmap_t *np) 1040 { 1041 int err; 1042 char strval[IPMGMT_STRSIZE]; 1043 1044 *nvl = NULL; 1045 if ((err = nvlist_alloc(nvl, NV_UNIQUE_NAME, 0)) != 0) 1046 goto fail; 1047 1048 if ((err = nvlist_add_string(*nvl, IPADM_NVP_AOBJNAME, 1049 np->am_aobjname)) != 0) 1050 goto fail; 1051 1052 if ((err = nvlist_add_string(*nvl, IPADM_NVP_IFNAME, 1053 np->am_ifname)) != 0) 1054 goto fail; 1055 1056 (void) snprintf(strval, IPMGMT_STRSIZE, "%d", np->am_lnum); 1057 if ((err = nvlist_add_string(*nvl, IPADM_NVP_LIFNUM, strval)) != 0) 1058 goto fail; 1059 1060 (void) snprintf(strval, IPMGMT_STRSIZE, "%d", np->am_family); 1061 if ((err = nvlist_add_string(*nvl, IPADM_NVP_FAMILY, strval)) != 0) 1062 goto fail; 1063 1064 (void) snprintf(strval, IPMGMT_STRSIZE, "%d", np->am_flags); 1065 if ((err = nvlist_add_string(*nvl, FLAGS, strval)) != 0) 1066 goto fail; 1067 1068 (void) snprintf(strval, IPMGMT_STRSIZE, "%d", np->am_atype); 1069 if ((err = nvlist_add_string(*nvl, ATYPE, strval)) != 0) 1070 goto fail; 1071 1072 switch (np->am_atype) { 1073 case IPADM_ADDR_IPV6_ADDRCONF: { 1074 struct sockaddr_in6 *in6; 1075 1076 in6 = &np->ipmgmt_am_ifid; 1077 if (np->ipmgmt_am_linklocal && 1078 IN6_IS_ADDR_UNSPECIFIED(&in6->sin6_addr)) { 1079 if ((err = nvlist_add_string(*nvl, 1080 IPADM_NVP_IPNUMADDR, "default")) != 0) { 1081 goto fail; 1082 } 1083 } else { 1084 if (inet_ntop(AF_INET6, &in6->sin6_addr, strval, 1085 IPMGMT_STRSIZE) == NULL) { 1086 err = errno; 1087 goto fail; 1088 } 1089 if ((err = nvlist_add_string(*nvl, 1090 IPADM_NVP_IPNUMADDR, strval)) != 0) { 1091 goto fail; 1092 } 1093 } 1094 } 1095 break; 1096 case IPADM_ADDR_DHCP: { 1097 if (np->ipmgmt_am_reqhost && 1098 *np->ipmgmt_am_reqhost != '\0' && 1099 (err = nvlist_add_string(*nvl, IPADM_NVP_REQHOST, 1100 np->ipmgmt_am_reqhost)) != 0) 1101 goto fail; 1102 } 1103 /* FALLTHRU */ 1104 default: 1105 if ((err = nvlist_add_string(*nvl, IPADM_NVP_IPNUMADDR, 1106 "")) != 0) 1107 goto fail; 1108 break; 1109 } 1110 return (err); 1111 fail: 1112 nvlist_free(*nvl); 1113 return (err); 1114 } 1115 1116 /* 1117 * Read the aobjmap data store and build the in-memory representation 1118 * of the aobjmap. We don't need to hold any locks while building this as 1119 * we do this in very early stage of daemon coming up, even before the door 1120 * is opened. 1121 */ 1122 /* ARGSUSED */ 1123 extern boolean_t 1124 ipmgmt_aobjmap_init(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 1125 int *errp) 1126 { 1127 nvpair_t *nvp = NULL; 1128 char *name, *strval = NULL; 1129 ipmgmt_aobjmap_t node; 1130 struct sockaddr_in6 *in6; 1131 1132 *errp = 0; 1133 node.am_next = NULL; 1134 for (nvp = nvlist_next_nvpair(db_nvl, NULL); nvp != NULL; 1135 nvp = nvlist_next_nvpair(db_nvl, nvp)) { 1136 name = nvpair_name(nvp); 1137 1138 if ((*errp = nvpair_value_string(nvp, &strval)) != 0) 1139 return (B_TRUE); 1140 if (strcmp(IPADM_NVP_AOBJNAME, name) == 0) { 1141 (void) strlcpy(node.am_aobjname, strval, 1142 sizeof (node.am_aobjname)); 1143 } else if (strcmp(IPADM_NVP_IFNAME, name) == 0) { 1144 (void) strlcpy(node.am_ifname, strval, 1145 sizeof (node.am_ifname)); 1146 } else if (strcmp(IPADM_NVP_LIFNUM, name) == 0) { 1147 node.am_lnum = atoi(strval); 1148 } else if (strcmp(IPADM_NVP_FAMILY, name) == 0) { 1149 node.am_family = (sa_family_t)atoi(strval); 1150 } else if (strcmp(FLAGS, name) == 0) { 1151 node.am_flags = atoi(strval); 1152 } else if (strcmp(ATYPE, name) == 0) { 1153 node.am_atype = (ipadm_addr_type_t)atoi(strval); 1154 } else if (strcmp(IPADM_NVP_IPNUMADDR, name) == 0) { 1155 if (node.am_atype == IPADM_ADDR_IPV6_ADDRCONF) { 1156 in6 = &node.ipmgmt_am_ifid; 1157 if (strcmp(strval, "default") == 0) { 1158 bzero(in6, 1159 sizeof (node.ipmgmt_am_ifid)); 1160 node.ipmgmt_am_linklocal = B_TRUE; 1161 } else { 1162 (void) inet_pton(AF_INET6, strval, 1163 &in6->sin6_addr); 1164 if (IN6_IS_ADDR_UNSPECIFIED( 1165 &in6->sin6_addr)) 1166 node.ipmgmt_am_linklocal = 1167 B_TRUE; 1168 } 1169 } 1170 } 1171 } 1172 1173 /* we have all the information we need, add the node */ 1174 *errp = i_ipmgmt_add_amnode(&node); 1175 1176 return (B_TRUE); 1177 } 1178 1179 /* 1180 * Updates an entry from the temporary cache file, which matches the given 1181 * address object name. 1182 */ 1183 /* ARGSUSED */ 1184 static boolean_t 1185 ipmgmt_update_aobjmap(void *arg, nvlist_t *db_nvl, char *buf, 1186 size_t buflen, int *errp) 1187 { 1188 ipadm_dbwrite_cbarg_t *cb = arg; 1189 nvlist_t *in_nvl = cb->dbw_nvl; 1190 uint32_t flags = cb->dbw_flags; 1191 char *db_lifnumstr = NULL, *in_lifnumstr = NULL; 1192 1193 *errp = 0; 1194 if (!ipmgmt_nvlist_intersects(db_nvl, in_nvl)) 1195 return (B_TRUE); 1196 1197 if (flags & IPMGMT_ATYPE_V6ACONF) { 1198 if (nvlist_lookup_string(db_nvl, IPADM_NVP_LIFNUM, 1199 &db_lifnumstr) != 0 || 1200 nvlist_lookup_string(in_nvl, IPADM_NVP_LIFNUM, 1201 &in_lifnumstr) != 0 || 1202 (atoi(db_lifnumstr) != -1 && atoi(in_lifnumstr) != -1 && 1203 strcmp(db_lifnumstr, in_lifnumstr) != 0)) 1204 return (B_TRUE); 1205 } 1206 1207 /* we found the match */ 1208 (void) memset(buf, 0, buflen); 1209 if (ipadm_nvlist2str(in_nvl, buf, buflen) == 0) { 1210 /* buffer overflow */ 1211 *errp = ENOBUFS; 1212 } 1213 1214 /* stop the walker */ 1215 return (B_FALSE); 1216 } 1217 1218 /* 1219 * Deletes an entry from the temporary cache file, which matches the given 1220 * address object name. 1221 */ 1222 /* ARGSUSED */ 1223 static boolean_t 1224 ipmgmt_delete_aobjmap(void *arg, nvlist_t *db_nvl, char *buf, 1225 size_t buflen, int *errp) 1226 { 1227 ipmgmt_aobjmap_t *nodep = arg; 1228 char *db_lifnumstr = NULL; 1229 1230 *errp = 0; 1231 if (!ipmgmt_nvlist_match(db_nvl, NULL, nodep->am_ifname, 1232 nodep->am_aobjname)) 1233 return (B_TRUE); 1234 1235 if (nodep->am_atype == IPADM_ADDR_IPV6_ADDRCONF) { 1236 if (nvlist_lookup_string(db_nvl, IPADM_NVP_LIFNUM, 1237 &db_lifnumstr) != 0 || atoi(db_lifnumstr) != nodep->am_lnum) 1238 return (B_TRUE); 1239 } 1240 1241 /* we found the match, delete the line from the db */ 1242 buf[0] = '\0'; 1243 1244 /* stop the walker */ 1245 return (B_FALSE); 1246 } 1247 1248 /* 1249 * Adds or deletes aobjmap node information into a temporary cache file. 1250 */ 1251 extern int 1252 ipmgmt_persist_aobjmap(ipmgmt_aobjmap_t *nodep, ipadm_db_op_t op) 1253 { 1254 int err; 1255 ipadm_dbwrite_cbarg_t cb; 1256 nvlist_t *nvl = NULL; 1257 1258 if (op == IPADM_DB_WRITE) { 1259 if ((err = i_ipmgmt_node2nvl(&nvl, nodep)) != 0) 1260 return (err); 1261 cb.dbw_nvl = nvl; 1262 if (nodep->am_atype == IPADM_ADDR_IPV6_ADDRCONF) 1263 cb.dbw_flags = IPMGMT_ATYPE_V6ACONF; 1264 else 1265 cb.dbw_flags = 0; 1266 1267 err = ipadm_rw_db(ipmgmt_update_aobjmap, &cb, 1268 ADDROBJ_MAPPING_DB_FILE, IPADM_FILE_MODE, IPADM_DB_WRITE); 1269 nvlist_free(nvl); 1270 } else { 1271 assert(op == IPADM_DB_DELETE); 1272 1273 err = ipadm_rw_db(ipmgmt_delete_aobjmap, nodep, 1274 ADDROBJ_MAPPING_DB_FILE, IPADM_FILE_MODE, IPADM_DB_DELETE); 1275 } 1276 return (err); 1277 } 1278 1279 /* 1280 * upgrades the ipadm data-store. It renames all the old private protocol 1281 * property names which start with leading protocol names to begin with 1282 * IPADM_PRIV_PROP_PREFIX. 1283 */ 1284 /* ARGSUSED */ 1285 boolean_t 1286 ipmgmt_db_upgrade(void *arg, nvlist_t *db_nvl, char *buf, size_t buflen, 1287 int *errp) 1288 { 1289 nvpair_t *nvp; 1290 char *name, *pname = NULL, *protostr = NULL, *pval = NULL; 1291 uint_t proto, nproto; 1292 char nname[IPMGMT_STRSIZE], tmpstr[IPMGMT_STRSIZE]; 1293 1294 *errp = 0; 1295 /* 1296 * We are interested in lines which contain protocol properties. We 1297 * walk through other lines in the DB. 1298 */ 1299 if (nvlist_exists(db_nvl, IPADM_NVP_IFNAME) || 1300 nvlist_exists(db_nvl, IPADM_NVP_AOBJNAME)) { 1301 return (B_TRUE); 1302 } 1303 assert(nvlist_exists(db_nvl, IPADM_NVP_PROTONAME)); 1304 1305 /* 1306 * extract the propname from the `db_nvl' and also extract the 1307 * protocol from the `db_nvl'. 1308 */ 1309 for (nvp = nvlist_next_nvpair(db_nvl, NULL); nvp != NULL; 1310 nvp = nvlist_next_nvpair(db_nvl, nvp)) { 1311 name = nvpair_name(nvp); 1312 if (strcmp(name, IPADM_NVP_PROTONAME) == 0) { 1313 if (nvpair_value_string(nvp, &protostr) != 0) 1314 return (B_TRUE); 1315 } else { 1316 assert(!IPADM_PRIV_NVP(name)); 1317 pname = name; 1318 if (nvpair_value_string(nvp, &pval) != 0) 1319 return (B_TRUE); 1320 } 1321 } 1322 1323 /* if the private property is in the right format return */ 1324 if (strncmp(pname, IPADM_PERSIST_PRIVPROP_PREFIX, 1325 strlen(IPADM_PERSIST_PRIVPROP_PREFIX)) == 0) { 1326 return (B_TRUE); 1327 } 1328 /* if it's a public property move onto the next property */ 1329 nproto = proto = ipadm_str2proto(protostr); 1330 if (ipadm_legacy2new_propname(pname, nname, sizeof (nname), 1331 &nproto) != 0) { 1332 return (B_TRUE); 1333 } 1334 1335 /* replace the old protocol with new protocol, if required */ 1336 if (nproto != proto) { 1337 protostr = ipadm_proto2str(nproto); 1338 if (nvlist_add_string(db_nvl, IPADM_NVP_PROTONAME, 1339 protostr) != 0) { 1340 return (B_TRUE); 1341 } 1342 } 1343 1344 /* replace the old property name with new property name, if required */ 1345 /* add the prefix to property name */ 1346 (void) snprintf(tmpstr, sizeof (tmpstr), "_%s", nname); 1347 if (nvlist_add_string(db_nvl, tmpstr, pval) != 0 || 1348 nvlist_remove(db_nvl, pname, DATA_TYPE_STRING) != 0) { 1349 return (B_TRUE); 1350 } 1351 (void) memset(buf, 0, buflen); 1352 if (ipadm_nvlist2str(db_nvl, buf, buflen) == 0) { 1353 /* buffer overflow */ 1354 *errp = ENOBUFS; 1355 } 1356 return (B_TRUE); 1357 } 1358 1359 /* 1360 * Called during boot. 1361 * 1362 * Walk through the DB and apply all the global module properties. We plow 1363 * through the DB even if we fail to apply property. 1364 */ 1365 /* ARGSUSED */ 1366 static boolean_t 1367 ipmgmt_db_init(void *cbarg, nvlist_t *db_nvl, char *buf, size_t buflen, 1368 int *errp) 1369 { 1370 ipadm_handle_t iph = cbarg; 1371 nvpair_t *nvp, *pnvp; 1372 char *strval = NULL, *name, *mod = NULL, *pname; 1373 char tmpstr[IPMGMT_STRSIZE]; 1374 uint_t proto; 1375 1376 /* 1377 * We could have used nvl_exists() directly, however we need several 1378 * calls to it and each call traverses the list. Since this codepath 1379 * is exercised during boot, let's traverse the list ourselves and do 1380 * the necessary checks. 1381 */ 1382 for (nvp = nvlist_next_nvpair(db_nvl, NULL); nvp != NULL; 1383 nvp = nvlist_next_nvpair(db_nvl, nvp)) { 1384 name = nvpair_name(nvp); 1385 if (IPADM_PRIV_NVP(name)) { 1386 if (strcmp(name, IPADM_NVP_IFNAME) == 0 || 1387 strcmp(name, IPADM_NVP_AOBJNAME) == 0) 1388 return (B_TRUE); 1389 else if (strcmp(name, IPADM_NVP_PROTONAME) == 0 && 1390 nvpair_value_string(nvp, &mod) != 0) 1391 return (B_TRUE); 1392 } else { 1393 /* possible a property */ 1394 pnvp = nvp; 1395 } 1396 } 1397 1398 /* if we are here than we found a global property */ 1399 assert(mod != NULL); 1400 assert(nvpair_type(pnvp) == DATA_TYPE_STRING); 1401 1402 proto = ipadm_str2proto(mod); 1403 name = nvpair_name(pnvp); 1404 if (nvpair_value_string(pnvp, &strval) == 0) { 1405 if (strncmp(name, IPADM_PERSIST_PRIVPROP_PREFIX, 1406 strlen(IPADM_PERSIST_PRIVPROP_PREFIX)) == 0) { 1407 /* private protocol property */ 1408 pname = &name[1]; 1409 } else if (ipadm_legacy2new_propname(name, tmpstr, 1410 sizeof (tmpstr), &proto) == 0) { 1411 pname = tmpstr; 1412 } else { 1413 pname = name; 1414 } 1415 if (ipadm_set_prop(iph, pname, strval, proto, 1416 IPADM_OPT_ACTIVE) != IPADM_SUCCESS) { 1417 ipmgmt_log(LOG_WARNING, "Failed to reapply property %s", 1418 pname); 1419 } 1420 } 1421 1422 return (B_TRUE); 1423 } 1424 1425 /* initialize global module properties */ 1426 void 1427 ipmgmt_init_prop() 1428 { 1429 ipadm_handle_t iph = NULL; 1430 1431 if (ipadm_open(&iph, IPH_INIT) != IPADM_SUCCESS) { 1432 ipmgmt_log(LOG_WARNING, "Could not reapply any of the " 1433 "persisted protocol properties"); 1434 return; 1435 } 1436 /* ipmgmt_db_init() logs warnings if there are any issues */ 1437 (void) ipmgmt_db_walk(ipmgmt_db_init, iph, IPADM_DB_READ); 1438 ipadm_close(iph); 1439 } 1440 1441 void 1442 ipmgmt_release_scf_resources(scf_resources_t *res) 1443 { 1444 scf_entry_destroy(res->sr_ent); 1445 scf_transaction_destroy(res->sr_tx); 1446 scf_value_destroy(res->sr_val); 1447 scf_property_destroy(res->sr_prop); 1448 scf_pg_destroy(res->sr_pg); 1449 scf_instance_destroy(res->sr_inst); 1450 (void) scf_handle_unbind(res->sr_handle); 1451 scf_handle_destroy(res->sr_handle); 1452 } 1453 1454 /* 1455 * It creates the necessary SCF handles and binds the given `fmri' to an 1456 * instance. These resources are required for retrieving property value, 1457 * creating property groups and modifying property values. 1458 */ 1459 int 1460 ipmgmt_create_scf_resources(const char *fmri, scf_resources_t *res) 1461 { 1462 res->sr_tx = NULL; 1463 res->sr_ent = NULL; 1464 res->sr_inst = NULL; 1465 res->sr_pg = NULL; 1466 res->sr_prop = NULL; 1467 res->sr_val = NULL; 1468 1469 if ((res->sr_handle = scf_handle_create(SCF_VERSION)) == NULL) 1470 return (-1); 1471 1472 if (scf_handle_bind(res->sr_handle) != 0) { 1473 scf_handle_destroy(res->sr_handle); 1474 return (-1); 1475 } 1476 if ((res->sr_inst = scf_instance_create(res->sr_handle)) == NULL) 1477 goto failure; 1478 if (scf_handle_decode_fmri(res->sr_handle, fmri, NULL, NULL, 1479 res->sr_inst, NULL, NULL, SCF_DECODE_FMRI_REQUIRE_INSTANCE) != 0) { 1480 goto failure; 1481 } 1482 /* we will create the rest of the resources on demand */ 1483 return (0); 1484 1485 failure: 1486 ipmgmt_log(LOG_WARNING, "failed to create scf resources: %s", 1487 scf_strerror(scf_error())); 1488 ipmgmt_release_scf_resources(res); 1489 return (-1); 1490 } 1491 1492 /* 1493 * persists the `pval' for a given property `pname' in SCF. The only supported 1494 * SCF property types are INTEGER and ASTRING. 1495 */ 1496 static int 1497 ipmgmt_set_scfprop_value(scf_resources_t *res, const char *pname, void *pval, 1498 scf_type_t ptype) 1499 { 1500 int result = -1; 1501 boolean_t new; 1502 1503 if ((res->sr_val = scf_value_create(res->sr_handle)) == NULL) 1504 goto failure; 1505 switch (ptype) { 1506 case SCF_TYPE_INTEGER: 1507 scf_value_set_integer(res->sr_val, *(int64_t *)pval); 1508 break; 1509 case SCF_TYPE_ASTRING: 1510 if (scf_value_set_astring(res->sr_val, (char *)pval) != 0) { 1511 ipmgmt_log(LOG_WARNING, "Error setting string value %s " 1512 "for property %s: %s", pval, pname, 1513 scf_strerror(scf_error())); 1514 goto failure; 1515 } 1516 break; 1517 default: 1518 goto failure; 1519 } 1520 1521 if ((res->sr_tx = scf_transaction_create(res->sr_handle)) == NULL) 1522 goto failure; 1523 if ((res->sr_ent = scf_entry_create(res->sr_handle)) == NULL) 1524 goto failure; 1525 if ((res->sr_prop = scf_property_create(res->sr_handle)) == NULL) 1526 goto failure; 1527 1528 retry: 1529 new = (scf_pg_get_property(res->sr_pg, pname, res->sr_prop) != 0); 1530 if (scf_transaction_start(res->sr_tx, res->sr_pg) == -1) 1531 goto failure; 1532 if (new) { 1533 if (scf_transaction_property_new(res->sr_tx, res->sr_ent, 1534 pname, ptype) == -1) { 1535 goto failure; 1536 } 1537 } else { 1538 if (scf_transaction_property_change(res->sr_tx, res->sr_ent, 1539 pname, ptype) == -1) { 1540 goto failure; 1541 } 1542 } 1543 1544 if (scf_entry_add_value(res->sr_ent, res->sr_val) != 0) 1545 goto failure; 1546 1547 result = scf_transaction_commit(res->sr_tx); 1548 if (result == 0) { 1549 scf_transaction_reset(res->sr_tx); 1550 if (scf_pg_update(res->sr_pg) == -1) { 1551 goto failure; 1552 } 1553 goto retry; 1554 } 1555 if (result == -1) 1556 goto failure; 1557 return (0); 1558 1559 failure: 1560 ipmgmt_log(LOG_WARNING, "failed to save the data in SCF: %s", 1561 scf_strerror(scf_error())); 1562 return (-1); 1563 } 1564 1565 /* 1566 * Given a `pgname'/`pname', it retrieves the value based on `ptype' and 1567 * places it in `pval'. 1568 */ 1569 static int 1570 ipmgmt_get_scfprop(scf_resources_t *res, const char *pgname, const char *pname, 1571 void *pval, scf_type_t ptype) 1572 { 1573 ssize_t numvals; 1574 scf_simple_prop_t *prop; 1575 1576 prop = scf_simple_prop_get(res->sr_handle, IPMGMTD_FMRI, pgname, pname); 1577 numvals = scf_simple_prop_numvalues(prop); 1578 if (numvals <= 0) 1579 goto ret; 1580 switch (ptype) { 1581 case SCF_TYPE_INTEGER: 1582 *(int64_t **)pval = scf_simple_prop_next_integer(prop); 1583 break; 1584 case SCF_TYPE_ASTRING: 1585 *(char **)pval = scf_simple_prop_next_astring(prop); 1586 break; 1587 } 1588 ret: 1589 scf_simple_prop_free(prop); 1590 return (numvals); 1591 } 1592 1593 /* 1594 * It stores the `pval' for given `pgname'/`pname' property group in SCF. 1595 */ 1596 static int 1597 ipmgmt_set_scfprop(scf_resources_t *res, const char *pgname, const char *pname, 1598 void *pval, scf_type_t ptype) 1599 { 1600 scf_error_t err; 1601 1602 if ((res->sr_pg = scf_pg_create(res->sr_handle)) == NULL) { 1603 ipmgmt_log(LOG_WARNING, "failed to create property group: %s", 1604 scf_strerror(scf_error())); 1605 return (-1); 1606 } 1607 1608 if (scf_instance_add_pg(res->sr_inst, pgname, SCF_GROUP_APPLICATION, 1609 0, res->sr_pg) != 0) { 1610 if ((err = scf_error()) != SCF_ERROR_EXISTS) { 1611 ipmgmt_log(LOG_WARNING, 1612 "Error adding property group '%s/%s': %s", 1613 pgname, pname, scf_strerror(err)); 1614 return (-1); 1615 } 1616 /* 1617 * if the property group already exists, then we get the 1618 * composed view of the property group for the given instance. 1619 */ 1620 if (scf_instance_get_pg_composed(res->sr_inst, NULL, pgname, 1621 res->sr_pg) != 0) { 1622 ipmgmt_log(LOG_WARNING, "Error getting composed view " 1623 "of the property group '%s/%s': %s", pgname, pname, 1624 scf_strerror(scf_error())); 1625 return (-1); 1626 } 1627 } 1628 1629 return (ipmgmt_set_scfprop_value(res, pname, pval, ptype)); 1630 } 1631 1632 /* 1633 * Returns B_TRUE, if the non-global zone is being booted for the first time 1634 * after being installed. This is required to setup the ipadm data-store for 1635 * the first boot of the non-global zone. Please see, PSARC 2010/166, 1636 * for more info. 1637 * 1638 * Note that, this API cannot be used to determine first boot post image-update. 1639 * 'pkg image-update' clones the current BE and the existing value of 1640 * ipmgmtd/first_boot_done will be carried forward and obviously it will be set 1641 * to B_TRUE. 1642 */ 1643 boolean_t 1644 ipmgmt_ngz_firstboot_postinstall() 1645 { 1646 scf_resources_t res; 1647 boolean_t bval = B_TRUE; 1648 char *strval; 1649 1650 /* we always err on the side of caution */ 1651 if (ipmgmt_create_scf_resources(IPMGMTD_FMRI, &res) != 0) 1652 return (bval); 1653 1654 if (ipmgmt_get_scfprop(&res, IPMGMTD_APP_PG, IPMGMTD_PROP_FBD, &strval, 1655 SCF_TYPE_ASTRING) > 0) { 1656 bval = (strcmp(strval, IPMGMTD_TRUESTR) == 0 ? 1657 B_FALSE : B_TRUE); 1658 } else { 1659 /* 1660 * IPMGMTD_PROP_FBD does not exist in the SCF. Lets create it. 1661 * Since we err on the side of caution, we ignore the return 1662 * error and return B_TRUE. 1663 */ 1664 (void) ipmgmt_set_scfprop(&res, IPMGMTD_APP_PG, 1665 IPMGMTD_PROP_FBD, IPMGMTD_TRUESTR, SCF_TYPE_ASTRING); 1666 } 1667 ipmgmt_release_scf_resources(&res); 1668 return (bval); 1669 } 1670 1671 /* 1672 * Returns B_TRUE, if the data-store needs upgrade otherwise returns B_FALSE. 1673 * Today we have to take care of, one case of, upgrading from version 0 to 1674 * version 1, so we will use boolean_t as means to decide if upgrade is needed 1675 * or not. Further, the upcoming projects might completely move the flatfile 1676 * data-store into SCF and hence we shall keep this interface simple. 1677 */ 1678 boolean_t 1679 ipmgmt_needs_upgrade(scf_resources_t *res) 1680 { 1681 boolean_t bval = B_TRUE; 1682 int64_t *verp; 1683 1684 if (ipmgmt_get_scfprop(res, IPMGMTD_APP_PG, IPMGMTD_PROP_DBVER, 1685 &verp, SCF_TYPE_INTEGER) > 0) { 1686 if (*verp == IPADM_DB_VERSION) 1687 bval = B_FALSE; 1688 } 1689 /* 1690 * 'datastore_version' doesn't exist. Which means that we need to 1691 * upgrade the datastore. We will create 'datastore_version' and set 1692 * the version value to IPADM_DB_VERSION, after we upgrade the file. 1693 */ 1694 return (bval); 1695 } 1696 1697 /* 1698 * This is called after the successful upgrade of the local data-store. With 1699 * the data-store upgraded to recent version we don't have to do anything on 1700 * subsequent reboots. 1701 */ 1702 void 1703 ipmgmt_update_dbver(scf_resources_t *res) 1704 { 1705 int64_t version = IPADM_DB_VERSION; 1706 1707 (void) ipmgmt_set_scfprop(res, IPMGMTD_APP_PG, 1708 IPMGMTD_PROP_DBVER, &version, SCF_TYPE_INTEGER); 1709 } 1710