xref: /illumos-gate/usr/src/lib/libipadm/common/ipadm_addr.c (revision 96b6509c49b81cb0d89ec222d92d421d946caa0c)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
23  * Copyright (c) 2013 by Delphix. All rights reserved.
24  * Copyright (c) 2016-2017, Chris Fraire <cfraire@me.com>.
25  */
26 
27 /*
28  * This file contains functions for address management such as creating
29  * an address, deleting an address, enabling an address, disabling an
30  * address, bringing an address down or up, setting/getting properties
31  * on an address object and listing address information
32  * for all addresses in active as well as persistent configuration.
33  */
34 #include <sys/types.h>
35 #include <sys/socket.h>
36 #include <sys/param.h>
37 #include <netdb.h>
38 #include <inet/ip.h>
39 #include <string.h>
40 #include <strings.h>
41 #include <assert.h>
42 #include <sys/sockio.h>
43 #include <errno.h>
44 #include <unistd.h>
45 #include <stropts.h>
46 #include <zone.h>
47 #include <netinet/in.h>
48 #include <arpa/inet.h>
49 #include <fcntl.h>
50 #include <ctype.h>
51 #include <dhcpagent_util.h>
52 #include <dhcpagent_ipc.h>
53 #include <dhcp_inittab.h>
54 #include <dhcp_symbol.h>
55 #include <ipadm_ndpd.h>
56 #include <libdladm.h>
57 #include <libdllink.h>
58 #include <libdliptun.h>
59 #include <ifaddrs.h>
60 #include "libipadm_impl.h"
61 
62 #define	SIN6(a)		((struct sockaddr_in6 *)a)
63 #define	SIN(a)		((struct sockaddr_in *)a)
64 
65 static ipadm_status_t	i_ipadm_create_addr(ipadm_handle_t, ipadm_addrobj_t,
66 			    uint32_t);
67 static ipadm_status_t	i_ipadm_create_dhcp(ipadm_handle_t, ipadm_addrobj_t,
68 			    uint32_t);
69 static ipadm_status_t	i_ipadm_delete_dhcp(ipadm_handle_t, ipadm_addrobj_t,
70 			    boolean_t);
71 static ipadm_status_t	i_ipadm_refresh_dhcp(ipadm_addrobj_t);
72 static ipadm_status_t	i_ipadm_get_db_addr(ipadm_handle_t, const char *,
73 			    const char *, nvlist_t **);
74 static ipadm_status_t	i_ipadm_op_dhcp(ipadm_addrobj_t, dhcp_ipc_type_t,
75 			    int *);
76 static ipadm_status_t	i_ipadm_dhcp_status(ipadm_addrobj_t addr,
77 			    dhcp_status_t *status, int *dhcperror);
78 static ipadm_status_t	i_ipadm_validate_create_addr(ipadm_handle_t,
79 			    ipadm_addrobj_t, uint32_t);
80 static ipadm_status_t	i_ipadm_addr_persist_nvl(ipadm_handle_t, nvlist_t *,
81 			    uint32_t);
82 static ipadm_status_t	i_ipadm_get_default_prefixlen(struct sockaddr_storage *,
83 			    uint32_t *);
84 static ipadm_status_t	i_ipadm_get_static_addr_db(ipadm_handle_t,
85 			    ipadm_addrobj_t);
86 static boolean_t	i_ipadm_is_user_aobjname_valid(const char *);
87 static ipadm_prop_desc_t	*i_ipadm_get_addrprop_desc(const char *pname);
88 
89 /*
90  * Callback functions to retrieve property values from the kernel. These
91  * functions, when required, translate the values from the kernel to a format
92  * suitable for printing. They also retrieve DEFAULT, PERM and POSSIBLE values
93  * for a given property.
94  */
95 static ipadm_pd_getf_t	i_ipadm_get_prefixlen, i_ipadm_get_addr_flag,
96 			i_ipadm_get_zone, i_ipadm_get_broadcast,
97 			i_ipadm_get_primary, i_ipadm_get_reqhost;
98 
99 /*
100  * Callback functions to set property values. These functions translate the
101  * values to a format suitable for kernel consumption, allocate the necessary
102  * ioctl buffers and then invoke ioctl(); or in the case of reqhost, get the
103  * collaborating agent to set the value.
104  */
105 static ipadm_pd_setf_t	i_ipadm_set_prefixlen, i_ipadm_set_addr_flag,
106 			i_ipadm_set_zone, i_ipadm_set_reqhost;
107 
108 static ipadm_status_t	i_ipadm_set_aobj_addrprop(ipadm_handle_t iph,
109     ipadm_addrobj_t ipaddr, uint_t flags, const char *propname);
110 
111 /* address properties description table */
112 ipadm_prop_desc_t ipadm_addrprop_table[] = {
113 	{ "broadcast", NULL, IPADMPROP_CLASS_ADDR, MOD_PROTO_NONE, 0,
114 	    NULL, NULL, i_ipadm_get_broadcast },
115 
116 	{ "deprecated", NULL, IPADMPROP_CLASS_ADDR, MOD_PROTO_NONE, 0,
117 	    i_ipadm_set_addr_flag, i_ipadm_get_onoff,
118 	    i_ipadm_get_addr_flag },
119 
120 	{ IPADM_NVP_PREFIXLEN, NULL, IPADMPROP_CLASS_ADDR, MOD_PROTO_NONE, 0,
121 	    i_ipadm_set_prefixlen, i_ipadm_get_prefixlen,
122 	    i_ipadm_get_prefixlen },
123 
124 	/*
125 	 * primary is read-only because there is no operation to un-set
126 	 * DHCP_IF_PRIMARY in dhcpagent except to delete-addr and then
127 	 * re-create-addr.
128 	 */
129 	{ "primary", NULL, IPADMPROP_CLASS_ADDR, MOD_PROTO_NONE, 0,
130 		NULL, NULL, i_ipadm_get_primary },
131 
132 	{ "private", NULL, IPADMPROP_CLASS_ADDR, MOD_PROTO_NONE, 0,
133 	    i_ipadm_set_addr_flag, i_ipadm_get_onoff, i_ipadm_get_addr_flag },
134 
135 	{ IPADM_NVP_REQHOST, NULL, IPADMPROP_CLASS_ADDR, MOD_PROTO_NONE, 0,
136 	    i_ipadm_set_reqhost, NULL, i_ipadm_get_reqhost },
137 
138 	{ "transmit", NULL, IPADMPROP_CLASS_ADDR, MOD_PROTO_NONE, 0,
139 	    i_ipadm_set_addr_flag, i_ipadm_get_onoff, i_ipadm_get_addr_flag },
140 
141 	{ "zone", NULL, IPADMPROP_CLASS_ADDR, MOD_PROTO_NONE, 0,
142 	    i_ipadm_set_zone, NULL, i_ipadm_get_zone },
143 
144 	{ NULL, NULL, 0, 0, 0, NULL, NULL, NULL }
145 };
146 
147 static ipadm_prop_desc_t up_addrprop = { "up", NULL, IPADMPROP_CLASS_ADDR,
148 					MOD_PROTO_NONE, 0, NULL, NULL, NULL };
149 
150 /*
151  * Helper function that initializes the `ipadm_ifname', `ipadm_aobjname', and
152  * `ipadm_atype' fields of the given `ipaddr'.
153  */
154 void
155 i_ipadm_init_addr(ipadm_addrobj_t ipaddr, const char *ifname,
156     const char *aobjname, ipadm_addr_type_t atype)
157 {
158 	bzero(ipaddr, sizeof (struct ipadm_addrobj_s));
159 	(void) strlcpy(ipaddr->ipadm_ifname, ifname,
160 	    sizeof (ipaddr->ipadm_ifname));
161 	(void) strlcpy(ipaddr->ipadm_aobjname, aobjname,
162 	    sizeof (ipaddr->ipadm_aobjname));
163 	ipaddr->ipadm_atype = atype;
164 }
165 
166 /*
167  * Determine the permission of the property depending on whether it has a
168  * set() and/or get() callback functions.
169  */
170 static ipadm_status_t
171 i_ipadm_pd2permstr(ipadm_prop_desc_t *pdp, char *buf, uint_t *bufsize)
172 {
173 	uint_t	perm;
174 	size_t	nbytes;
175 
176 	perm = 0;
177 	if (pdp->ipd_set != NULL)
178 		perm |= MOD_PROP_PERM_WRITE;
179 	if (pdp->ipd_get != NULL)
180 		perm |= MOD_PROP_PERM_READ;
181 
182 	nbytes = snprintf(buf, *bufsize, "%c%c",
183 	    ((perm & MOD_PROP_PERM_READ) != 0) ? 'r' : '-',
184 	    ((perm & MOD_PROP_PERM_WRITE) != 0) ? 'w' : '-');
185 
186 	if (nbytes >= *bufsize) {
187 		/* insufficient buffer space */
188 		*bufsize = nbytes + 1;
189 		return (IPADM_NO_BUFS);
190 	}
191 	return (IPADM_SUCCESS);
192 }
193 
194 /*
195  * Given an addrobj with `ipadm_aobjname' filled in, i_ipadm_get_addrobj()
196  * retrieves the information necessary for any operation on the object,
197  * such as delete-addr, enable-addr, disable-addr, up-addr, down-addr,
198  * refresh-addr, get-addrprop or set-addrprop. The information include
199  * the logical interface number, address type, address family,
200  * the interface id (if the address type is IPADM_ADDR_IPV6_ADDRCONF) and
201  * the ipadm_flags that indicate if the address is present in
202  * active configuration or persistent configuration or both. If the address
203  * is not found, IPADM_NOTSUP is returned.
204  */
205 ipadm_status_t
206 i_ipadm_get_addrobj(ipadm_handle_t iph, ipadm_addrobj_t ipaddr)
207 {
208 	ipmgmt_aobjop_arg_t	larg;
209 	ipmgmt_aobjop_rval_t	rval, *rvalp;
210 	int			err = 0;
211 
212 	/* populate the door_call argument structure */
213 	larg.ia_cmd = IPMGMT_CMD_AOBJNAME2ADDROBJ;
214 	(void) strlcpy(larg.ia_aobjname, ipaddr->ipadm_aobjname,
215 	    sizeof (larg.ia_aobjname));
216 
217 	rvalp = &rval;
218 	err = ipadm_door_call(iph, &larg, sizeof (larg), (void **)&rvalp,
219 	    sizeof (rval), B_FALSE);
220 	if (err != 0)
221 		return (ipadm_errno2status(err));
222 	(void) strlcpy(ipaddr->ipadm_ifname, rval.ir_ifname,
223 	    sizeof (ipaddr->ipadm_ifname));
224 	ipaddr->ipadm_lifnum = rval.ir_lnum;
225 	ipaddr->ipadm_atype = rval.ir_atype;
226 	ipaddr->ipadm_af = rval.ir_family;
227 	ipaddr->ipadm_flags = rval.ir_flags;
228 	switch (rval.ir_atype) {
229 	case IPADM_ADDR_IPV6_ADDRCONF:
230 		ipaddr->ipadm_intfid = rval.ipmgmt_ir_intfid;
231 		break;
232 	case IPADM_ADDR_DHCP:
233 		if (strlcpy(ipaddr->ipadm_reqhost, rval.ipmgmt_ir_reqhost,
234 		    sizeof (ipaddr->ipadm_reqhost)) >=
235 		    sizeof (ipaddr->ipadm_reqhost)) {
236 			/*
237 			 * shouldn't get here as the buffers are defined
238 			 * with same length, MAX_NAME_LEN
239 			 */
240 			return (IPADM_FAILURE);
241 		}
242 		break;
243 	default:
244 		break;
245 	}
246 
247 	return (IPADM_SUCCESS);
248 }
249 
250 /*
251  * Retrieves the static address (IPv4 or IPv6) for the given address object
252  * in `ipaddr' from persistent DB.
253  */
254 static ipadm_status_t
255 i_ipadm_get_static_addr_db(ipadm_handle_t iph, ipadm_addrobj_t ipaddr)
256 {
257 	ipadm_status_t		status;
258 	nvlist_t		*onvl;
259 	nvlist_t		*anvl = NULL;
260 	nvlist_t		*nvladdr;
261 	nvpair_t		*nvp;
262 	char			*name;
263 	char			*aobjname = ipaddr->ipadm_aobjname;
264 	char			*sname;
265 	sa_family_t		af = AF_UNSPEC;
266 
267 	/*
268 	 * Get the address line in the nvlist `onvl' from ipmgmtd daemon.
269 	 */
270 	status = i_ipadm_get_db_addr(iph, NULL, aobjname, &onvl);
271 	if (status != IPADM_SUCCESS)
272 		return (status);
273 	/*
274 	 * Walk through the nvlist `onvl' to extract the IPADM_NVP_IPV4ADDR
275 	 * or the IPADM_NVP_IPV6ADDR name-value pair.
276 	 */
277 	for (nvp = nvlist_next_nvpair(onvl, NULL); nvp != NULL;
278 	    nvp = nvlist_next_nvpair(onvl, NULL)) {
279 		if (nvpair_value_nvlist(nvp, &anvl) != 0)
280 			continue;
281 		if (nvlist_exists(anvl, IPADM_NVP_IPV4ADDR) ||
282 		    nvlist_exists(anvl, IPADM_NVP_IPV6ADDR))
283 			break;
284 	}
285 	if (nvp == NULL)
286 		goto fail;
287 	for (nvp = nvlist_next_nvpair(anvl, NULL);
288 	    nvp != NULL; nvp = nvlist_next_nvpair(anvl, nvp)) {
289 		name = nvpair_name(nvp);
290 		if (strcmp(name, IPADM_NVP_IPV4ADDR) == 0) {
291 			af = AF_INET;
292 			break;
293 		} else if (strcmp(name, IPADM_NVP_IPV6ADDR) == 0) {
294 			af = AF_INET6;
295 			break;
296 		}
297 	}
298 	assert(af != AF_UNSPEC);
299 	if (nvpair_value_nvlist(nvp, &nvladdr) != 0 ||
300 	    nvlist_lookup_string(nvladdr, IPADM_NVP_IPADDRHNAME, &sname) != 0 ||
301 	    ipadm_set_addr(ipaddr, sname, af) != IPADM_SUCCESS) {
302 		goto fail;
303 	}
304 	nvlist_free(onvl);
305 	return (IPADM_SUCCESS);
306 fail:
307 	nvlist_free(onvl);
308 	return (IPADM_NOTFOUND);
309 }
310 
311 /*
312  * For the given `addrobj->ipadm_lifnum' and `addrobj->ipadm_af', this function
313  * fills in the address objname, the address type and the ipadm_flags.
314  */
315 ipadm_status_t
316 i_ipadm_get_lif2addrobj(ipadm_handle_t iph, ipadm_addrobj_t addrobj)
317 {
318 	ipmgmt_aobjop_arg_t	larg;
319 	ipmgmt_aobjop_rval_t	rval, *rvalp;
320 	int			err;
321 
322 	larg.ia_cmd = IPMGMT_CMD_LIF2ADDROBJ;
323 	(void) strlcpy(larg.ia_ifname, addrobj->ipadm_ifname,
324 	    sizeof (larg.ia_ifname));
325 	larg.ia_lnum = addrobj->ipadm_lifnum;
326 	larg.ia_family = addrobj->ipadm_af;
327 
328 	rvalp = &rval;
329 	err = ipadm_door_call(iph, &larg, sizeof (larg), (void **)&rvalp,
330 	    sizeof (rval), B_FALSE);
331 	if (err != 0)
332 		return (ipadm_errno2status(err));
333 	(void) strlcpy(addrobj->ipadm_aobjname, rval.ir_aobjname,
334 	    sizeof (addrobj->ipadm_aobjname));
335 	addrobj->ipadm_atype = rval.ir_atype;
336 	addrobj->ipadm_flags = rval.ir_flags;
337 
338 	return (IPADM_SUCCESS);
339 }
340 
341 /*
342  * Adds an addrobj to ipmgmtd daemon's aobjmap (active configuration).
343  * with the given name and logical interface number.
344  * This API is called by in.ndpd to add addrobjs when new prefixes or
345  * dhcpv6 addresses are configured.
346  */
347 ipadm_status_t
348 ipadm_add_aobjname(ipadm_handle_t iph, const char *ifname, sa_family_t af,
349     const char *aobjname, ipadm_addr_type_t atype, int lnum)
350 {
351 	ipmgmt_aobjop_arg_t	larg;
352 	int			err;
353 
354 	larg.ia_cmd = IPMGMT_CMD_ADDROBJ_ADD;
355 	(void) strlcpy(larg.ia_ifname, ifname, sizeof (larg.ia_ifname));
356 	(void) strlcpy(larg.ia_aobjname, aobjname, sizeof (larg.ia_aobjname));
357 	larg.ia_atype = atype;
358 	larg.ia_lnum = lnum;
359 	larg.ia_family = af;
360 	err = ipadm_door_call(iph, &larg, sizeof (larg), NULL, 0, B_FALSE);
361 	return (ipadm_errno2status(err));
362 }
363 
364 /*
365  * Deletes an address object with given name and logical number from ipmgmtd
366  * daemon's aobjmap (active configuration). This API is called by in.ndpd to
367  * remove addrobjs when auto-configured prefixes or dhcpv6 addresses are
368  * removed.
369  */
370 ipadm_status_t
371 ipadm_delete_aobjname(ipadm_handle_t iph, const char *ifname, sa_family_t af,
372     const char *aobjname, ipadm_addr_type_t atype, int lnum)
373 {
374 	struct ipadm_addrobj_s	aobj;
375 
376 	i_ipadm_init_addr(&aobj, ifname, aobjname, atype);
377 	aobj.ipadm_af = af;
378 	aobj.ipadm_lifnum = lnum;
379 	return (i_ipadm_delete_addrobj(iph, &aobj, IPADM_OPT_ACTIVE));
380 }
381 
382 /*
383  * Gets all the addresses from active configuration and populates the
384  * address information in `addrinfo'.
385  */
386 static ipadm_status_t
387 i_ipadm_active_addr_info(ipadm_handle_t iph, const char *ifname,
388     ipadm_addr_info_t **addrinfo, uint32_t ipadm_flags, int64_t lifc_flags)
389 {
390 	ipadm_status_t		status;
391 	struct ifaddrs		*ifap, *ifa;
392 	ipadm_addr_info_t	*curr, *prev = NULL;
393 	struct ifaddrs		*cifaddr;
394 	struct lifreq		lifr;
395 	int			sock;
396 	uint64_t		flags;
397 	char			cifname[LIFNAMSIZ];
398 	struct sockaddr_in6	*sin6;
399 	struct ipadm_addrobj_s	ipaddr;
400 	char			*sep;
401 	int			lnum;
402 
403 retry:
404 	*addrinfo = NULL;
405 
406 	/* Get all the configured addresses */
407 	if (getallifaddrs(AF_UNSPEC, &ifa, lifc_flags) < 0)
408 		return (ipadm_errno2status(errno));
409 	/* Return if there is nothing to process. */
410 	if (ifa == NULL)
411 		return (IPADM_SUCCESS);
412 	bzero(&lifr, sizeof (lifr));
413 	for (ifap = ifa; ifap != NULL; ifap = ifap->ifa_next) {
414 		struct sockaddr_storage data;
415 
416 		(void) strlcpy(cifname, ifap->ifa_name, sizeof (cifname));
417 		lnum = 0;
418 		if ((sep = strrchr(cifname, ':')) != NULL) {
419 			*sep++ = '\0';
420 			lnum = atoi(sep);
421 		}
422 		if (ifname != NULL && strcmp(cifname, ifname) != 0)
423 			continue;
424 		if (!(ipadm_flags & IPADM_OPT_ZEROADDR) &&
425 		    sockaddrunspec(ifap->ifa_addr) &&
426 		    !(ifap->ifa_flags & IFF_DHCPRUNNING))
427 			continue;
428 
429 		/* Allocate and populate the current node in the list. */
430 		if ((curr = calloc(1, sizeof (ipadm_addr_info_t))) == NULL)
431 			goto fail;
432 
433 		/* Link to the list in `addrinfo'. */
434 		if (prev != NULL)
435 			prev->ia_ifa.ifa_next = &curr->ia_ifa;
436 		else
437 			*addrinfo = curr;
438 		prev = curr;
439 
440 		cifaddr = &curr->ia_ifa;
441 		if ((cifaddr->ifa_name = strdup(ifap->ifa_name)) == NULL)
442 			goto fail;
443 		cifaddr->ifa_flags = ifap->ifa_flags;
444 		cifaddr->ifa_addr = malloc(sizeof (struct sockaddr_storage));
445 		if (cifaddr->ifa_addr == NULL)
446 			goto fail;
447 		(void) memcpy(cifaddr->ifa_addr, ifap->ifa_addr,
448 		    sizeof (struct sockaddr_storage));
449 		cifaddr->ifa_netmask = malloc(sizeof (struct sockaddr_storage));
450 		if (cifaddr->ifa_netmask == NULL)
451 			goto fail;
452 		(void) memcpy(cifaddr->ifa_netmask, ifap->ifa_netmask,
453 		    sizeof (struct sockaddr_storage));
454 		if (ifap->ifa_flags & IFF_POINTOPOINT) {
455 			cifaddr->ifa_dstaddr = malloc(
456 			    sizeof (struct sockaddr_storage));
457 			if (cifaddr->ifa_dstaddr == NULL)
458 				goto fail;
459 			(void) memcpy(cifaddr->ifa_dstaddr, ifap->ifa_dstaddr,
460 			    sizeof (struct sockaddr_storage));
461 		} else if (ifap->ifa_flags & IFF_BROADCAST) {
462 			cifaddr->ifa_broadaddr = malloc(
463 			    sizeof (struct sockaddr_storage));
464 			if (cifaddr->ifa_broadaddr == NULL)
465 				goto fail;
466 			(void) memcpy(cifaddr->ifa_broadaddr,
467 			    ifap->ifa_broadaddr,
468 			    sizeof (struct sockaddr_storage));
469 		}
470 		/* Get the addrobj name stored for this logical interface. */
471 		ipaddr.ipadm_aobjname[0] = '\0';
472 		(void) strlcpy(ipaddr.ipadm_ifname, cifname,
473 		    sizeof (ipaddr.ipadm_ifname));
474 		ipaddr.ipadm_lifnum = lnum;
475 		ipaddr.ipadm_af = ifap->ifa_addr->sa_family;
476 		status = i_ipadm_get_lif2addrobj(iph, &ipaddr);
477 
478 		/*
479 		 * Find address type from ifa_flags, if we could not get it
480 		 * from daemon.
481 		 */
482 		(void) memcpy(&data, ifap->ifa_addr,
483 		    sizeof (struct sockaddr_in6));
484 		sin6 = SIN6(&data);
485 		flags = ifap->ifa_flags;
486 		if (status == IPADM_SUCCESS) {
487 			(void) strlcpy(curr->ia_aobjname, ipaddr.ipadm_aobjname,
488 			    sizeof (curr->ia_aobjname));
489 			curr->ia_atype = ipaddr.ipadm_atype;
490 		} else if ((flags & IFF_DHCPRUNNING) && (!(flags & IFF_IPV6) ||
491 		    !IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr))) {
492 			curr->ia_atype = IPADM_ADDR_DHCP;
493 		} else if (flags & IFF_ADDRCONF) {
494 			curr->ia_atype = IPADM_ADDR_IPV6_ADDRCONF;
495 		} else {
496 			curr->ia_atype = IPADM_ADDR_STATIC;
497 		}
498 		/*
499 		 * Populate the flags for the active configuration from the
500 		 * `ifa_flags'.
501 		 */
502 		if (!(flags & IFF_UP)) {
503 			if (flags & IFF_DUPLICATE)
504 				curr->ia_state = IFA_DUPLICATE;
505 			else
506 				curr->ia_state = IFA_DOWN;
507 		} else {
508 			curr->ia_cflags |= IA_UP;
509 			if (flags & IFF_RUNNING) {
510 				(void) strlcpy(lifr.lifr_name, ifap->ifa_name,
511 				    sizeof (lifr.lifr_name));
512 				sock = (ifap->ifa_addr->sa_family == AF_INET) ?
513 				    iph->iph_sock : iph->iph_sock6;
514 				if (ioctl(sock, SIOCGLIFDADSTATE,
515 				    (caddr_t)&lifr) < 0) {
516 					if (errno == ENXIO) {
517 						freeifaddrs(ifa);
518 						ipadm_free_addr_info(*addrinfo);
519 						goto retry;
520 					}
521 					goto fail;
522 				}
523 				if (lifr.lifr_dadstate == DAD_IN_PROGRESS)
524 					curr->ia_state = IFA_TENTATIVE;
525 				else
526 					curr->ia_state = IFA_OK;
527 			} else {
528 				curr->ia_state = IFA_INACCESSIBLE;
529 			}
530 		}
531 		if (flags & IFF_UNNUMBERED)
532 			curr->ia_cflags |= IA_UNNUMBERED;
533 		if (flags & IFF_PRIVATE)
534 			curr->ia_cflags |= IA_PRIVATE;
535 		if (flags & IFF_TEMPORARY)
536 			curr->ia_cflags |= IA_TEMPORARY;
537 		if (flags & IFF_DEPRECATED)
538 			curr->ia_cflags |= IA_DEPRECATED;
539 
540 	}
541 
542 	freeifaddrs(ifa);
543 	return (IPADM_SUCCESS);
544 
545 fail:
546 	/* On error, cleanup everything and return. */
547 	ipadm_free_addr_info(*addrinfo);
548 	*addrinfo = NULL;
549 	freeifaddrs(ifa);
550 	return (ipadm_errno2status(errno));
551 }
552 
553 /*
554  * From the given `name', i_ipadm_name2atype() deduces the address type
555  * and address family. If the `name' implies an address, it returns B_TRUE.
556  * Else, returns B_FALSE and leaves the output parameters unchanged.
557  */
558 boolean_t
559 i_ipadm_name2atype(const char *name, sa_family_t *af, ipadm_addr_type_t *type)
560 {
561 	boolean_t	is_addr = B_TRUE;
562 
563 	if (strcmp(name, IPADM_NVP_IPV4ADDR) == 0) {
564 		*af = AF_INET;
565 		*type = IPADM_ADDR_STATIC;
566 	} else if (strcmp(name, IPADM_NVP_IPV6ADDR) == 0) {
567 		*af = AF_INET6;
568 		*type = IPADM_ADDR_STATIC;
569 	} else if (strcmp(name, IPADM_NVP_DHCP) == 0) {
570 		*af = AF_INET;
571 		*type = IPADM_ADDR_DHCP;
572 	} else if (strcmp(name, IPADM_NVP_INTFID) == 0) {
573 		*af = AF_INET6;
574 		*type = IPADM_ADDR_IPV6_ADDRCONF;
575 	} else {
576 		is_addr = B_FALSE;
577 	}
578 
579 	return (is_addr);
580 }
581 
582 /*
583  * Parses the given nvlist `nvl' for an address or an address property.
584  * The input nvlist must contain either an address or an address property.
585  * `ainfo' is an input as well as output parameter. When an address or an
586  * address property is found, `ainfo' is updated with the information found.
587  * Some of the fields may be already filled in by the calling function.
588  *
589  * The fields that will be filled/updated by this function are `ia_pflags',
590  * `ia_sname' and `ia_dname'. Values for `ia_pflags' are obtained if the `nvl'
591  * contains an address property. `ia_sname', `ia_dname', and `ia_pflags' are
592  * obtained if `nvl' contains an address.
593  */
594 static ipadm_status_t
595 i_ipadm_nvl2ainfo_common(nvlist_t *nvl, ipadm_addr_info_t *ainfo)
596 {
597 	nvlist_t		*nvladdr;
598 	char			*name;
599 	char			*propstr = NULL;
600 	char			*sname, *dname;
601 	nvpair_t		*nvp;
602 	sa_family_t		af;
603 	ipadm_addr_type_t	atype;
604 	boolean_t		is_addr = B_FALSE;
605 	int			err;
606 
607 	for (nvp = nvlist_next_nvpair(nvl, NULL); nvp != NULL;
608 	    nvp = nvlist_next_nvpair(nvl, nvp)) {
609 		name = nvpair_name(nvp);
610 		if (i_ipadm_name2atype(name, &af, &atype)) {
611 			err = nvpair_value_nvlist(nvp, &nvladdr);
612 			is_addr = B_TRUE;
613 		} else if (IPADM_PRIV_NVP(name)) {
614 			continue;
615 		} else {
616 			err = nvpair_value_string(nvp, &propstr);
617 		}
618 		if (err != 0)
619 			return (ipadm_errno2status(err));
620 	}
621 
622 	if (is_addr) {
623 		/*
624 		 * We got an address from the nvlist `nvl'.
625 		 * Parse `nvladdr' and populate relevant information
626 		 * in `ainfo'.
627 		 */
628 		switch (atype) {
629 		case IPADM_ADDR_STATIC:
630 			if (strcmp(name, "up") == 0 &&
631 			    strcmp(propstr, "yes") == 0) {
632 				ainfo->ia_pflags |= IA_UP;
633 			}
634 			/*
635 			 * For static addresses, we need to get the hostnames.
636 			 */
637 			err = nvlist_lookup_string(nvladdr,
638 			    IPADM_NVP_IPADDRHNAME, &sname);
639 			if (err != 0)
640 				return (ipadm_errno2status(err));
641 			(void) strlcpy(ainfo->ia_sname, sname,
642 			    sizeof (ainfo->ia_sname));
643 			err = nvlist_lookup_string(nvladdr,
644 			    IPADM_NVP_IPDADDRHNAME, &dname);
645 			if (err == 0) {
646 				(void) strlcpy(ainfo->ia_dname, dname,
647 				    sizeof (ainfo->ia_dname));
648 			}
649 			break;
650 		case IPADM_ADDR_DHCP:
651 		case IPADM_ADDR_IPV6_ADDRCONF:
652 			/*
653 			 * dhcp and addrconf address objects are always
654 			 * marked up when re-enabled.
655 			 */
656 			ainfo->ia_pflags |= IA_UP;
657 			break;
658 		default:
659 			return (IPADM_FAILURE);
660 		}
661 	} else {
662 		/*
663 		 * We got an address property from `nvl'. Parse the
664 		 * name and the property value. Update the `ainfo->ia_pflags'
665 		 * for the flags.
666 		 */
667 		if (strcmp(name, "deprecated") == 0) {
668 			if (strcmp(propstr, IPADM_ONSTR) == 0)
669 				ainfo->ia_pflags |= IA_DEPRECATED;
670 		} else if (strcmp(name, "private") == 0) {
671 			if (strcmp(propstr, IPADM_ONSTR) == 0)
672 				ainfo->ia_pflags |= IA_PRIVATE;
673 		}
674 	}
675 
676 	return (IPADM_SUCCESS);
677 }
678 
679 /*
680  * Parses the given nvlist `nvl' for an address or an address property.
681  * The input nvlist must contain either an address or an address property.
682  * `ainfo' is an input as well as output parameter. When an address or an
683  * address property is found, `ainfo' is updated with the information found.
684  * Some of the fields may be already filled in by the calling function,
685  * because of previous calls to i_ipadm_nvl2ainfo_active().
686  *
687  * Since the address object in `nvl' is also in the active configuration, the
688  * fields that will be filled/updated by this function are `ia_pflags',
689  * `ia_sname' and `ia_dname'.
690  *
691  * If this function returns an error, the calling function will take
692  * care of freeing the fields in `ainfo'.
693  */
694 static ipadm_status_t
695 i_ipadm_nvl2ainfo_active(nvlist_t *nvl, ipadm_addr_info_t *ainfo)
696 {
697 	return (i_ipadm_nvl2ainfo_common(nvl, ainfo));
698 }
699 
700 /*
701  * Parses the given nvlist `nvl' for an address or an address property.
702  * The input nvlist must contain either an address or an address property.
703  * `ainfo' is an input as well as output parameter. When an address or an
704  * address property is found, `ainfo' is updated with the information found.
705  * Some of the fields may be already filled in by the calling function,
706  * because of previous calls to i_ipadm_nvl2ainfo_persist().
707  *
708  * All the relevant fields in `ainfo' will be filled by this function based
709  * on what we find in `nvl'.
710  *
711  * If this function returns an error, the calling function will take
712  * care of freeing the fields in `ainfo'.
713  */
714 static ipadm_status_t
715 i_ipadm_nvl2ainfo_persist(nvlist_t *nvl, ipadm_addr_info_t *ainfo)
716 {
717 	nvlist_t		*nvladdr;
718 	struct ifaddrs		*ifa;
719 	char			*name;
720 	char			*ifname = NULL;
721 	char			*aobjname = NULL;
722 	char			*propstr = NULL;
723 	nvpair_t		*nvp;
724 	sa_family_t		af;
725 	ipadm_addr_type_t	atype;
726 	boolean_t		is_addr = B_FALSE;
727 	size_t			size = sizeof (struct sockaddr_storage);
728 	uint32_t		plen = 0;
729 	int			err;
730 	ipadm_status_t		status;
731 
732 	status = i_ipadm_nvl2ainfo_common(nvl, ainfo);
733 	if (status != IPADM_SUCCESS)
734 		return (status);
735 
736 	for (nvp = nvlist_next_nvpair(nvl, NULL); nvp != NULL;
737 	    nvp = nvlist_next_nvpair(nvl, nvp)) {
738 		name = nvpair_name(nvp);
739 		if (strcmp(name, IPADM_NVP_IFNAME) == 0) {
740 			err = nvpair_value_string(nvp, &ifname);
741 		} else if (strcmp(name, IPADM_NVP_AOBJNAME) == 0) {
742 			err = nvpair_value_string(nvp, &aobjname);
743 		} else if (i_ipadm_name2atype(name, &af, &atype)) {
744 			err = nvpair_value_nvlist(nvp, &nvladdr);
745 			is_addr = B_TRUE;
746 		} else {
747 			err = nvpair_value_string(nvp, &propstr);
748 		}
749 		if (err != 0)
750 			return (ipadm_errno2status(err));
751 	}
752 
753 	ifa = &ainfo->ia_ifa;
754 	(void) strlcpy(ainfo->ia_aobjname, aobjname,
755 	    sizeof (ainfo->ia_aobjname));
756 	if (ifa->ifa_name == NULL && (ifa->ifa_name = strdup(ifname)) == NULL)
757 		return (IPADM_NO_MEMORY);
758 	if (is_addr) {
759 		struct sockaddr_in6 data;
760 
761 		/*
762 		 * We got an address from the nvlist `nvl'.
763 		 * Parse `nvladdr' and populate `ifa->ifa_addr'.
764 		 */
765 		ainfo->ia_atype = atype;
766 		if ((ifa->ifa_addr = calloc(1, size)) == NULL)
767 			return (IPADM_NO_MEMORY);
768 		switch (atype) {
769 		case IPADM_ADDR_STATIC:
770 			ifa->ifa_addr->sa_family = af;
771 			break;
772 		case IPADM_ADDR_DHCP:
773 			ifa->ifa_addr->sa_family = AF_INET;
774 			break;
775 		case IPADM_ADDR_IPV6_ADDRCONF:
776 			data.sin6_family = AF_INET6;
777 			if (i_ipadm_nvl2in6_addr(nvladdr, IPADM_NVP_IPNUMADDR,
778 			    &data.sin6_addr) != IPADM_SUCCESS)
779 				return (IPADM_NO_MEMORY);
780 			err = nvlist_lookup_uint32(nvladdr, IPADM_NVP_PREFIXLEN,
781 			    &plen);
782 			if (err != 0)
783 				return (ipadm_errno2status(err));
784 			if ((ifa->ifa_netmask = malloc(size)) == NULL)
785 				return (IPADM_NO_MEMORY);
786 			if ((err = plen2mask(plen, af, ifa->ifa_netmask)) != 0)
787 				return (ipadm_errno2status(err));
788 			(void) memcpy(ifa->ifa_addr, &data, sizeof (data));
789 			break;
790 		default:
791 			return (IPADM_FAILURE);
792 		}
793 	} else {
794 		if (strcmp(name, "prefixlen") == 0) {
795 			/*
796 			 * If a prefixlen was found, update the
797 			 * `ainfo->ia_ifa.ifa_netmask'.
798 			 */
799 
800 			if ((ifa->ifa_netmask = malloc(size)) == NULL)
801 				return (IPADM_NO_MEMORY);
802 			/*
803 			 * Address property lines always follow the address
804 			 * line itself in the persistent db. We must have
805 			 * found a valid `ainfo->ia_ifa.ifa_addr' by now.
806 			 */
807 			assert(ifa->ifa_addr != NULL);
808 			err = plen2mask(atoi(propstr), ifa->ifa_addr->sa_family,
809 			    ifa->ifa_netmask);
810 			if (err != 0)
811 				return (ipadm_errno2status(err));
812 		}
813 	}
814 
815 	return (IPADM_SUCCESS);
816 }
817 
818 /*
819  * Retrieves all addresses from active config and appends to it the
820  * addresses that are found only in persistent config. In addition,
821  * it updates the persistent fields for each address from information
822  * found in persistent config. The output parameter `addrinfo' contains
823  * complete information regarding all addresses in active as well as
824  * persistent config.
825  */
826 static ipadm_status_t
827 i_ipadm_get_all_addr_info(ipadm_handle_t iph, const char *ifname,
828     ipadm_addr_info_t **addrinfo, uint32_t ipadm_flags, int64_t lifc_flags)
829 {
830 	nvlist_t		*nvladdr = NULL;
831 	nvlist_t		*onvl = NULL;
832 	nvpair_t		*nvp;
833 	ipadm_status_t		status;
834 	ipadm_addr_info_t	*ainfo = NULL;
835 	ipadm_addr_info_t	*curr;
836 	ipadm_addr_info_t	*last = NULL;
837 	char			*aobjname;
838 
839 	/* Get all addresses from active config. */
840 	status = i_ipadm_active_addr_info(iph, ifname, &ainfo, ipadm_flags,
841 	    lifc_flags);
842 	if (status != IPADM_SUCCESS)
843 		goto fail;
844 
845 	/* Get all addresses from persistent config. */
846 	status = i_ipadm_get_db_addr(iph, ifname, NULL, &onvl);
847 	/*
848 	 * If no address was found in persistent config, just
849 	 * return what we found in active config.
850 	 */
851 	if (status == IPADM_NOTFOUND) {
852 		/*
853 		 * If nothing was found neither active nor persistent
854 		 * config, this means that the interface does not exist,
855 		 * if one was provided in `ifname'.
856 		 */
857 		if (ainfo == NULL && ifname != NULL)
858 			return (IPADM_ENXIO);
859 		*addrinfo = ainfo;
860 		return (IPADM_SUCCESS);
861 	}
862 	/* In case of any other error, cleanup and return. */
863 	if (status != IPADM_SUCCESS)
864 		goto fail;
865 	/* we append to make sure, loopback addresses are first */
866 	if (ainfo != NULL) {
867 		for (curr = ainfo; IA_NEXT(curr) != NULL; curr = IA_NEXT(curr))
868 			;
869 		last = curr;
870 	}
871 
872 	/*
873 	 * `onvl' will contain all the address lines from the db. Each line
874 	 * could contain the address itself or an address property. Addresses
875 	 * and address properties are found in separate lines.
876 	 *
877 	 * If an address A was found in active, we will already have `ainfo',
878 	 * and it is present in persistent configuration as well, we need to
879 	 * update `ainfo' with persistent information (`ia_pflags).
880 	 * For each address B found only in persistent configuration,
881 	 * append the address to the list with the address info for B from
882 	 * `onvl'.
883 	 */
884 	for (nvp = nvlist_next_nvpair(onvl, NULL); nvp != NULL;
885 	    nvp = nvlist_next_nvpair(onvl, nvp)) {
886 		if (nvpair_value_nvlist(nvp, &nvladdr) != 0)
887 			continue;
888 		if (nvlist_lookup_string(nvladdr, IPADM_NVP_AOBJNAME,
889 		    &aobjname) != 0)
890 			continue;
891 		for (curr = ainfo; curr != NULL; curr = IA_NEXT(curr)) {
892 			if (strcmp(curr->ia_aobjname, aobjname) == 0)
893 				break;
894 		}
895 		if (curr == NULL) {
896 			/*
897 			 * We did not find this address object in `ainfo'.
898 			 * This means that the address object exists only
899 			 * in the persistent configuration. Get its
900 			 * details and append to `ainfo'.
901 			 */
902 			curr = calloc(1, sizeof (ipadm_addr_info_t));
903 			if (curr == NULL)
904 				goto fail;
905 			curr->ia_state = IFA_DISABLED;
906 			if (last != NULL)
907 				last->ia_ifa.ifa_next = &curr->ia_ifa;
908 			else
909 				ainfo = curr;
910 			last = curr;
911 		}
912 		/*
913 		 * Fill relevant fields of `curr' from the persistent info
914 		 * in `nvladdr'. Call the appropriate function based on the
915 		 * `ia_state' value.
916 		 */
917 		if (curr->ia_state == IFA_DISABLED)
918 			status = i_ipadm_nvl2ainfo_persist(nvladdr, curr);
919 		else
920 			status = i_ipadm_nvl2ainfo_active(nvladdr, curr);
921 		if (status != IPADM_SUCCESS)
922 			goto fail;
923 	}
924 	*addrinfo = ainfo;
925 	nvlist_free(onvl);
926 	return (status);
927 fail:
928 	/* On error, cleanup and return. */
929 	nvlist_free(onvl);
930 	ipadm_free_addr_info(ainfo);
931 	*addrinfo = NULL;
932 	return (status);
933 }
934 
935 /*
936  * Callback function that sets the property `prefixlen' on the address
937  * object in `arg' to the value in `pval'.
938  */
939 /* ARGSUSED */
940 static ipadm_status_t
941 i_ipadm_set_prefixlen(ipadm_handle_t iph, const void *arg,
942     ipadm_prop_desc_t *pdp, const void *pval, uint_t af, uint_t flags)
943 {
944 	struct sockaddr_storage	netmask;
945 	struct lifreq		lifr;
946 	int			err, s;
947 	unsigned long		prefixlen, abits;
948 	char			*end;
949 	ipadm_addrobj_t		ipaddr = (ipadm_addrobj_t)arg;
950 
951 	if (ipaddr->ipadm_atype == IPADM_ADDR_DHCP)
952 		return (IPADM_NOTSUP);
953 
954 	errno = 0;
955 	prefixlen = strtoul(pval, &end, 10);
956 	if (errno != 0 || *end != '\0')
957 		return (IPADM_INVALID_ARG);
958 
959 	abits = (af == AF_INET ? IP_ABITS : IPV6_ABITS);
960 	if (prefixlen == 0 || prefixlen == (abits - 1))
961 		return (IPADM_INVALID_ARG);
962 
963 	if ((err = plen2mask(prefixlen, af, (struct sockaddr *)&netmask)) != 0)
964 		return (ipadm_errno2status(err));
965 
966 	s = (af == AF_INET ? iph->iph_sock : iph->iph_sock6);
967 
968 	bzero(&lifr, sizeof (lifr));
969 	i_ipadm_addrobj2lifname(ipaddr, lifr.lifr_name,
970 	    sizeof (lifr.lifr_name));
971 	(void) memcpy(&lifr.lifr_addr, &netmask, sizeof (netmask));
972 	if (ioctl(s, SIOCSLIFNETMASK, (caddr_t)&lifr) < 0)
973 		return (ipadm_errno2status(errno));
974 
975 	/* now, change the broadcast address to reflect the prefixlen */
976 	if (af == AF_INET) {
977 		/*
978 		 * get the interface address and set it, this should reset
979 		 * the broadcast address.
980 		 */
981 		(void) ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr);
982 		(void) ioctl(s, SIOCSLIFADDR, (caddr_t)&lifr);
983 	}
984 
985 	return (IPADM_SUCCESS);
986 }
987 
988 
989 /*
990  * Callback function that sets the given value `pval' to one of the
991  * properties among `deprecated', `private', and `transmit' as defined in
992  * `pdp', on the address object in `arg'.
993  */
994 /* ARGSUSED */
995 static ipadm_status_t
996 i_ipadm_set_addr_flag(ipadm_handle_t iph, const void *arg,
997     ipadm_prop_desc_t *pdp, const void *pval, uint_t af, uint_t flags)
998 {
999 	char		lifname[LIFNAMSIZ];
1000 	uint64_t	on_flags = 0, off_flags = 0;
1001 	boolean_t	on;
1002 	ipadm_addrobj_t	ipaddr = (ipadm_addrobj_t)arg;
1003 
1004 	if (ipaddr->ipadm_atype == IPADM_ADDR_DHCP &&
1005 	    strcmp(pdp->ipd_name, "deprecated") == 0)
1006 		return (IPADM_NOTSUP);
1007 
1008 	if (strcmp(pval, IPADM_ONSTR) == 0)
1009 		on = B_TRUE;
1010 	else if (strcmp(pval, IPADM_OFFSTR) == 0)
1011 		on = B_FALSE;
1012 	else
1013 		return (IPADM_INVALID_ARG);
1014 
1015 	if (strcmp(pdp->ipd_name, "private") == 0) {
1016 		if (on)
1017 			on_flags = IFF_PRIVATE;
1018 		else
1019 			off_flags = IFF_PRIVATE;
1020 	} else if (strcmp(pdp->ipd_name, "transmit") == 0) {
1021 		if (on)
1022 			off_flags = IFF_NOXMIT;
1023 		else
1024 			on_flags = IFF_NOXMIT;
1025 	} else if (strcmp(pdp->ipd_name, "deprecated") == 0) {
1026 		if (on)
1027 			on_flags = IFF_DEPRECATED;
1028 		else
1029 			off_flags = IFF_DEPRECATED;
1030 	} else {
1031 		return (IPADM_PROP_UNKNOWN);
1032 	}
1033 
1034 	i_ipadm_addrobj2lifname(ipaddr, lifname, sizeof (lifname));
1035 	return (i_ipadm_set_flags(iph, lifname, af, on_flags, off_flags));
1036 }
1037 
1038 /*
1039  * Callback function that sets the property `zone' on the address
1040  * object in `arg' to the value in `pval'.
1041  */
1042 /* ARGSUSED */
1043 static ipadm_status_t
1044 i_ipadm_set_zone(ipadm_handle_t iph, const void *arg,
1045     ipadm_prop_desc_t *pdp, const void *pval, uint_t af, uint_t flags)
1046 {
1047 	struct lifreq	lifr;
1048 	zoneid_t	zoneid;
1049 	int		s;
1050 
1051 	/*
1052 	 * To modify the zone assignment such that it persists across
1053 	 * reboots, zonecfg(1M) must be used.
1054 	 */
1055 	if (flags & IPADM_OPT_PERSIST) {
1056 		return (IPADM_NOTSUP);
1057 	} else if (flags & IPADM_OPT_ACTIVE) {
1058 		/* put logical interface into all zones */
1059 		if (strcmp(pval, "all-zones") == 0) {
1060 			zoneid = ALL_ZONES;
1061 		} else {
1062 			/* zone must be ready or running */
1063 			if ((zoneid = getzoneidbyname(pval)) == -1)
1064 				return (ipadm_errno2status(errno));
1065 		}
1066 	} else {
1067 		return (IPADM_INVALID_ARG);
1068 	}
1069 
1070 	s = (af == AF_INET ? iph->iph_sock : iph->iph_sock6);
1071 	bzero(&lifr, sizeof (lifr));
1072 	i_ipadm_addrobj2lifname((ipadm_addrobj_t)arg, lifr.lifr_name,
1073 	    sizeof (lifr.lifr_name));
1074 	lifr.lifr_zoneid = zoneid;
1075 	if (ioctl(s, SIOCSLIFZONE, (caddr_t)&lifr) < 0)
1076 		return (ipadm_errno2status(errno));
1077 
1078 	return (IPADM_SUCCESS);
1079 }
1080 
1081 /*
1082  * Callback function that sets the property `reqhost' on the address
1083  * object in `arg' to the value in `pval'.
1084  */
1085 /* ARGSUSED */
1086 static ipadm_status_t
1087 i_ipadm_set_reqhost(ipadm_handle_t iph, const void *arg,
1088     ipadm_prop_desc_t *pdp, const void *pval, uint_t af, uint_t flags)
1089 {
1090 	ipadm_status_t		status;
1091 	ipadm_addrobj_t		ipaddr = (ipadm_addrobj_t)arg;
1092 
1093 	if (ipaddr->ipadm_atype != IPADM_ADDR_DHCP)
1094 		return (IPADM_NOTSUP);
1095 
1096 	/*
1097 	 * If requested to set reqhost just from active config but the
1098 	 * address is not in active config, return error.
1099 	 */
1100 	if (!(ipaddr->ipadm_flags & IPMGMT_ACTIVE) &&
1101 	    (flags & IPADM_OPT_ACTIVE) && !(flags & IPADM_OPT_PERSIST)) {
1102 		return (IPADM_NOTFOUND);
1103 	}
1104 
1105 	status = ipadm_set_reqhost(ipaddr, pval);
1106 	if (status != IPADM_SUCCESS)
1107 		return (status);
1108 
1109 	if (ipaddr->ipadm_flags & IPMGMT_ACTIVE) {
1110 		status = i_ipadm_refresh_dhcp(ipaddr);
1111 
1112 		/*
1113 		 * We do not report a problem for IPADM_DHCP_IPC_TIMEOUT since
1114 		 * it is only a soft error to indicate the caller that the
1115 		 * lease might be renewed after the function returns.
1116 		 */
1117 		if (status != IPADM_SUCCESS && status != IPADM_DHCP_IPC_TIMEOUT)
1118 			return (status);
1119 	}
1120 
1121 	status = i_ipadm_set_aobj_addrprop(iph, ipaddr, flags,
1122 	    IPADM_NVP_REQHOST);
1123 	return (status);
1124 }
1125 
1126 /*
1127  * Used by address object property callback functions that need to do a
1128  * two-stage update because the addrprop is cached on the address object.
1129  */
1130 static ipadm_status_t
1131 i_ipadm_set_aobj_addrprop(ipadm_handle_t iph, ipadm_addrobj_t ipaddr,
1132     uint_t flags, const char *propname)
1133 {
1134 	ipadm_status_t	status;
1135 	uint32_t	two_stage_flags;
1136 
1137 	/*
1138 	 * Send the updated address object information to ipmgmtd, since the
1139 	 * cached version of an addrprop resides on an aobjmap, but do
1140 	 * not change the ACTIVE/PERSIST state of the aobjmap. Instead, request
1141 	 * a two-stage, SET_PROPS update with ACTIVE/PERSIST as the first stage
1142 	 * per the existing aobjmap flags and a second stage encoded in
1143 	 * IPADM_OPT_PERSIST_PROPS.
1144 	 */
1145 	two_stage_flags = (flags | IPADM_OPT_SET_PROPS)
1146 	    & ~(IPADM_OPT_ACTIVE | IPADM_OPT_PERSIST);
1147 	if (ipaddr->ipadm_flags & IPMGMT_ACTIVE)
1148 		two_stage_flags |= IPADM_OPT_ACTIVE;
1149 	if (ipaddr->ipadm_flags & IPMGMT_PERSIST)
1150 		two_stage_flags |= IPADM_OPT_PERSIST;
1151 	if (flags & IPADM_OPT_PERSIST)
1152 		two_stage_flags |= IPADM_OPT_PERSIST_PROPS;
1153 
1154 	status = i_ipadm_addr_persist(iph, ipaddr, B_FALSE, two_stage_flags,
1155 	    propname);
1156 	return (status);
1157 }
1158 
1159 /*
1160  * Callback function that gets the property `broadcast' for the address
1161  * object in `arg'.
1162  */
1163 /* ARGSUSED */
1164 static ipadm_status_t
1165 i_ipadm_get_broadcast(ipadm_handle_t iph, const void *arg,
1166     ipadm_prop_desc_t *pdp, char *buf, uint_t *bufsize, uint_t af,
1167     uint_t valtype)
1168 {
1169 	struct sockaddr_in	*sin;
1170 	struct lifreq		lifr;
1171 	char			lifname[LIFNAMSIZ];
1172 	ipadm_addrobj_t		ipaddr = (ipadm_addrobj_t)arg;
1173 	ipadm_status_t		status;
1174 	size_t			nbytes = 0;
1175 	uint64_t		ifflags = 0;
1176 
1177 	i_ipadm_addrobj2lifname(ipaddr, lifname, sizeof (lifname));
1178 	if (ipaddr->ipadm_flags & IPMGMT_ACTIVE) {
1179 		status = i_ipadm_get_flags(iph, lifname, af, &ifflags);
1180 		if (status != IPADM_SUCCESS)
1181 			return (status);
1182 		if (!(ifflags & IFF_BROADCAST)) {
1183 			buf[0] = '\0';
1184 			return (IPADM_SUCCESS);
1185 		}
1186 	}
1187 
1188 	switch (valtype) {
1189 	case MOD_PROP_DEFAULT: {
1190 		struct sockaddr_storage	mask;
1191 		struct in_addr		broadaddr;
1192 		uint_t			plen;
1193 		in_addr_t		addr, maddr;
1194 		char			val[MAXPROPVALLEN];
1195 		uint_t			valsz = MAXPROPVALLEN;
1196 		ipadm_status_t		status;
1197 		int			err;
1198 		struct sockaddr_in	*sin;
1199 
1200 		if (!(ipaddr->ipadm_flags & IPMGMT_ACTIVE)) {
1201 			/*
1202 			 * Since the address is unknown we cannot
1203 			 * obtain default prefixlen
1204 			 */
1205 			if (ipaddr->ipadm_atype == IPADM_ADDR_DHCP ||
1206 			    ipaddr->ipadm_af == AF_INET6) {
1207 				buf[0] = '\0';
1208 				return (IPADM_SUCCESS);
1209 			}
1210 			/*
1211 			 * For the static address, we get the address from the
1212 			 * persistent db.
1213 			 */
1214 			status = i_ipadm_get_static_addr_db(iph, ipaddr);
1215 			if (status != IPADM_SUCCESS)
1216 				return (status);
1217 			sin = SIN(&ipaddr->ipadm_static_addr);
1218 			addr = sin->sin_addr.s_addr;
1219 		} else {
1220 			/*
1221 			 * If the address object is active, we retrieve the
1222 			 * address from kernel.
1223 			 */
1224 			bzero(&lifr, sizeof (lifr));
1225 			(void) strlcpy(lifr.lifr_name, lifname,
1226 			    sizeof (lifr.lifr_name));
1227 			if (ioctl(iph->iph_sock, SIOCGLIFADDR,
1228 			    (caddr_t)&lifr) < 0)
1229 				return (ipadm_errno2status(errno));
1230 
1231 			addr = (SIN(&lifr.lifr_addr))->sin_addr.s_addr;
1232 		}
1233 		/*
1234 		 * For default broadcast address, get the address and the
1235 		 * default prefixlen for that address and then compute the
1236 		 * broadcast address.
1237 		 */
1238 		status = i_ipadm_get_prefixlen(iph, arg, NULL, val, &valsz, af,
1239 		    MOD_PROP_DEFAULT);
1240 		if (status != IPADM_SUCCESS)
1241 			return (status);
1242 
1243 		plen = atoi(val);
1244 		if ((err = plen2mask(plen, AF_INET,
1245 		    (struct sockaddr *)&mask)) != 0)
1246 			return (ipadm_errno2status(err));
1247 		maddr = (SIN(&mask))->sin_addr.s_addr;
1248 		broadaddr.s_addr = (addr & maddr) | ~maddr;
1249 		nbytes = snprintf(buf, *bufsize, "%s", inet_ntoa(broadaddr));
1250 		break;
1251 	}
1252 	case MOD_PROP_ACTIVE:
1253 		bzero(&lifr, sizeof (lifr));
1254 		(void) strlcpy(lifr.lifr_name, lifname,
1255 		    sizeof (lifr.lifr_name));
1256 		if (ioctl(iph->iph_sock, SIOCGLIFBRDADDR,
1257 		    (caddr_t)&lifr) < 0) {
1258 			return (ipadm_errno2status(errno));
1259 		} else {
1260 			sin = SIN(&lifr.lifr_addr);
1261 			nbytes = snprintf(buf, *bufsize, "%s",
1262 			    inet_ntoa(sin->sin_addr));
1263 		}
1264 		break;
1265 	default:
1266 		return (IPADM_INVALID_ARG);
1267 	}
1268 	if (nbytes >= *bufsize) {
1269 		/* insufficient buffer space */
1270 		*bufsize = nbytes + 1;
1271 		return (IPADM_NO_BUFS);
1272 	}
1273 	return (IPADM_SUCCESS);
1274 }
1275 
1276 /*
1277  * Callback function that retrieves the value of the property `prefixlen'
1278  * for the address object in `arg'.
1279  */
1280 /* ARGSUSED */
1281 static ipadm_status_t
1282 i_ipadm_get_prefixlen(ipadm_handle_t iph, const void *arg,
1283     ipadm_prop_desc_t *pdp, char *buf, uint_t *bufsize, uint_t af,
1284     uint_t valtype)
1285 {
1286 	struct lifreq	lifr;
1287 	ipadm_addrobj_t	ipaddr = (ipadm_addrobj_t)arg;
1288 	char		lifname[LIFNAMSIZ];
1289 	int		s;
1290 	uint32_t	prefixlen;
1291 	size_t		nbytes;
1292 	ipadm_status_t	status;
1293 	uint64_t	lifflags;
1294 
1295 	i_ipadm_addrobj2lifname(ipaddr, lifname, sizeof (lifname));
1296 	if (ipaddr->ipadm_flags & IPMGMT_ACTIVE) {
1297 		status = i_ipadm_get_flags(iph, lifname, af, &lifflags);
1298 		if (status != IPADM_SUCCESS) {
1299 			return (status);
1300 		} else if (lifflags & IFF_POINTOPOINT) {
1301 			buf[0] = '\0';
1302 			return (status);
1303 		}
1304 	}
1305 
1306 	s = (af == AF_INET ? iph->iph_sock : iph->iph_sock6);
1307 	bzero(&lifr, sizeof (lifr));
1308 	(void) strlcpy(lifr.lifr_name, lifname, sizeof (lifr.lifr_name));
1309 	switch (valtype) {
1310 	case MOD_PROP_POSSIBLE:
1311 		if (af == AF_INET)
1312 			nbytes = snprintf(buf, *bufsize, "1-30,32");
1313 		else
1314 			nbytes = snprintf(buf, *bufsize, "1-126,128");
1315 		break;
1316 	case MOD_PROP_DEFAULT:
1317 		if (ipaddr->ipadm_flags & IPMGMT_ACTIVE) {
1318 			/*
1319 			 * For static addresses, we retrieve the address
1320 			 * from kernel if it is active.
1321 			 */
1322 			if (ioctl(s, SIOCGLIFADDR, (caddr_t)&lifr) < 0)
1323 				return (ipadm_errno2status(errno));
1324 			status = i_ipadm_get_default_prefixlen(
1325 			    &lifr.lifr_addr, &prefixlen);
1326 			if (status != IPADM_SUCCESS)
1327 				return (status);
1328 		} else if ((ipaddr->ipadm_flags & IPMGMT_PERSIST) &&
1329 		    ipaddr->ipadm_atype == IPADM_ADDR_DHCP) {
1330 			/*
1331 			 * Since the address is unknown we cannot
1332 			 * obtain default prefixlen
1333 			 */
1334 			buf[0] = '\0';
1335 			return (IPADM_SUCCESS);
1336 		} else {
1337 			/*
1338 			 * If not in active config, we use the address
1339 			 * from persistent store.
1340 			 */
1341 			status = i_ipadm_get_static_addr_db(iph, ipaddr);
1342 			if (status != IPADM_SUCCESS)
1343 				return (status);
1344 			status = i_ipadm_get_default_prefixlen(
1345 			    &ipaddr->ipadm_static_addr, &prefixlen);
1346 			if (status != IPADM_SUCCESS)
1347 				return (status);
1348 		}
1349 		nbytes = snprintf(buf, *bufsize, "%u", prefixlen);
1350 		break;
1351 	case MOD_PROP_ACTIVE:
1352 		if (ioctl(s, SIOCGLIFNETMASK, (caddr_t)&lifr) < 0)
1353 			return (ipadm_errno2status(errno));
1354 		prefixlen = lifr.lifr_addrlen;
1355 		nbytes = snprintf(buf, *bufsize, "%u", prefixlen);
1356 		break;
1357 	default:
1358 		return (IPADM_INVALID_ARG);
1359 	}
1360 	if (nbytes >= *bufsize) {
1361 		/* insufficient buffer space */
1362 		*bufsize = nbytes + 1;
1363 		return (IPADM_NO_BUFS);
1364 	}
1365 	return (IPADM_SUCCESS);
1366 }
1367 
1368 /*
1369  * Callback function that retrieves the value of one of the properties
1370  * among `deprecated', `private', and `transmit' for the address object
1371  * in `arg'.
1372  */
1373 /* ARGSUSED */
1374 static ipadm_status_t
1375 i_ipadm_get_addr_flag(ipadm_handle_t iph, const void *arg,
1376     ipadm_prop_desc_t *pdp, char *buf, uint_t *bufsize, uint_t af,
1377     uint_t valtype)
1378 {
1379 	boolean_t	on = B_FALSE;
1380 	char		lifname[LIFNAMSIZ];
1381 	ipadm_status_t	status = IPADM_SUCCESS;
1382 	uint64_t	ifflags;
1383 	size_t		nbytes;
1384 	ipadm_addrobj_t	ipaddr = (ipadm_addrobj_t)arg;
1385 
1386 	switch (valtype) {
1387 	case MOD_PROP_DEFAULT:
1388 		if (strcmp(pdp->ipd_name, "private") == 0 ||
1389 		    strcmp(pdp->ipd_name, "deprecated") == 0) {
1390 			on = B_FALSE;
1391 		} else if (strcmp(pdp->ipd_name, "transmit") == 0) {
1392 			on = B_TRUE;
1393 		} else {
1394 			return (IPADM_PROP_UNKNOWN);
1395 		}
1396 		break;
1397 	case MOD_PROP_ACTIVE:
1398 		/*
1399 		 * If the address is present in active configuration, we
1400 		 * retrieve it from kernel to get the property value.
1401 		 * Else, there is no value to return.
1402 		 */
1403 		i_ipadm_addrobj2lifname(ipaddr, lifname, sizeof (lifname));
1404 		status = i_ipadm_get_flags(iph, lifname, af, &ifflags);
1405 		if (status != IPADM_SUCCESS)
1406 			return (status);
1407 		if (strcmp(pdp->ipd_name, "private") == 0)
1408 			on = (ifflags & IFF_PRIVATE);
1409 		else if (strcmp(pdp->ipd_name, "transmit") == 0)
1410 			on = !(ifflags & IFF_NOXMIT);
1411 		else if (strcmp(pdp->ipd_name, "deprecated") == 0)
1412 			on = (ifflags & IFF_DEPRECATED);
1413 		break;
1414 	default:
1415 		return (IPADM_INVALID_ARG);
1416 	}
1417 	nbytes = snprintf(buf, *bufsize, "%s",
1418 	    (on ? IPADM_ONSTR : IPADM_OFFSTR));
1419 	if (nbytes >= *bufsize) {
1420 		/* insufficient buffer space */
1421 		*bufsize = nbytes + 1;
1422 		status = IPADM_NO_BUFS;
1423 	}
1424 
1425 	return (status);
1426 }
1427 
1428 /*
1429  * Callback function that retrieves the value of the property `zone'
1430  * for the address object in `arg'.
1431  */
1432 /* ARGSUSED */
1433 static ipadm_status_t
1434 i_ipadm_get_zone(ipadm_handle_t iph, const void *arg,
1435     ipadm_prop_desc_t *pdp, char *buf, uint_t *bufsize, uint_t af,
1436     uint_t valtype)
1437 {
1438 	struct lifreq	lifr;
1439 	char		zone_name[ZONENAME_MAX];
1440 	int		s;
1441 	size_t		nbytes = 0;
1442 
1443 	if (iph->iph_zoneid != GLOBAL_ZONEID) {
1444 		buf[0] = '\0';
1445 		return (IPADM_SUCCESS);
1446 	}
1447 
1448 	/*
1449 	 * we are in global zone. See if the lifname is assigned to shared-ip
1450 	 * zone or global zone.
1451 	 */
1452 	switch (valtype) {
1453 	case MOD_PROP_DEFAULT:
1454 		if (getzonenamebyid(GLOBAL_ZONEID, zone_name,
1455 		    sizeof (zone_name)) > 0)
1456 			nbytes = snprintf(buf, *bufsize, "%s", zone_name);
1457 		else
1458 			return (ipadm_errno2status(errno));
1459 		break;
1460 	case MOD_PROP_ACTIVE:
1461 		bzero(&lifr, sizeof (lifr));
1462 		i_ipadm_addrobj2lifname((ipadm_addrobj_t)arg, lifr.lifr_name,
1463 		    sizeof (lifr.lifr_name));
1464 		s = (af == AF_INET ? iph->iph_sock : iph->iph_sock6);
1465 
1466 		if (ioctl(s, SIOCGLIFZONE, (caddr_t)&lifr) == -1)
1467 			return (ipadm_errno2status(errno));
1468 
1469 		if (lifr.lifr_zoneid == ALL_ZONES) {
1470 			nbytes = snprintf(buf, *bufsize, "%s", "all-zones");
1471 		} else if (getzonenamebyid(lifr.lifr_zoneid, zone_name,
1472 		    sizeof (zone_name)) < 0) {
1473 			return (ipadm_errno2status(errno));
1474 		} else {
1475 			nbytes = snprintf(buf, *bufsize, "%s", zone_name);
1476 		}
1477 		break;
1478 	default:
1479 		return (IPADM_INVALID_ARG);
1480 	}
1481 	if (nbytes >= *bufsize) {
1482 		/* insufficient buffer space */
1483 		*bufsize = nbytes + 1;
1484 		return (IPADM_NO_BUFS);
1485 	}
1486 
1487 	return (IPADM_SUCCESS);
1488 }
1489 
1490 /*
1491  * Callback function that retrieves the value of the property `primary'
1492  * for the address object in `arg'.
1493  */
1494 /* ARGSUSED */
1495 static ipadm_status_t
1496 i_ipadm_get_primary(ipadm_handle_t iph, const void *arg,
1497     ipadm_prop_desc_t *pdp, char *buf, uint_t *bufsize, uint_t af,
1498     uint_t valtype)
1499 {
1500 	ipadm_addrobj_t	ipaddr = (ipadm_addrobj_t)arg;
1501 	const char		*onoff = "";
1502 	size_t			nbytes;
1503 
1504 	switch (valtype) {
1505 	case MOD_PROP_DEFAULT:
1506 		if (ipaddr->ipadm_atype == IPADM_ADDR_DHCP)
1507 			onoff = IPADM_OFFSTR;
1508 		break;
1509 	case MOD_PROP_ACTIVE:
1510 		if (ipaddr->ipadm_atype == IPADM_ADDR_DHCP) {
1511 			dhcp_status_t	dhcp_status;
1512 			ipadm_status_t	ipc_status;
1513 			int			error;
1514 
1515 			ipc_status = i_ipadm_dhcp_status(ipaddr, &dhcp_status,
1516 			    &error);
1517 			if (ipc_status != IPADM_SUCCESS &&
1518 			    ipc_status != IPADM_NOTFOUND)
1519 				return (ipc_status);
1520 
1521 			onoff = dhcp_status.if_dflags & DHCP_IF_PRIMARY ?
1522 			    IPADM_ONSTR : IPADM_OFFSTR;
1523 		}
1524 		break;
1525 	default:
1526 		return (IPADM_INVALID_ARG);
1527 	}
1528 
1529 	nbytes = strlcpy(buf, onoff, *bufsize);
1530 	if (nbytes >= *bufsize) {
1531 		/* insufficient buffer space */
1532 		*bufsize = nbytes + 1;
1533 		return (IPADM_NO_BUFS);
1534 	}
1535 
1536 	return (IPADM_SUCCESS);
1537 }
1538 
1539 /*
1540  * Callback function that retrieves the value of the property `reqhost'
1541  * for the address object in `arg'.
1542  */
1543 /* ARGSUSED */
1544 static ipadm_status_t
1545 i_ipadm_get_reqhost(ipadm_handle_t iph, const void *arg,
1546     ipadm_prop_desc_t *pdp, char *buf, uint_t *bufsize, uint_t af,
1547     uint_t valtype)
1548 {
1549 	ipadm_addrobj_t	ipaddr = (ipadm_addrobj_t)arg;
1550 	const char	*reqhost = "";
1551 	size_t		nbytes;
1552 
1553 	switch (valtype) {
1554 	case MOD_PROP_DEFAULT:
1555 		break;
1556 	case MOD_PROP_ACTIVE:
1557 		if (ipaddr->ipadm_atype == IPADM_ADDR_DHCP)
1558 			reqhost = ipaddr->ipadm_reqhost;
1559 		break;
1560 	default:
1561 		return (IPADM_INVALID_ARG);
1562 	}
1563 
1564 	nbytes = strlcpy(buf, reqhost, *bufsize);
1565 	if (nbytes >= *bufsize) {
1566 		/* insufficient buffer space */
1567 		*bufsize = nbytes + 1;
1568 		return (IPADM_NO_BUFS);
1569 	}
1570 
1571 	return (IPADM_SUCCESS);
1572 }
1573 
1574 static ipadm_prop_desc_t *
1575 i_ipadm_get_addrprop_desc(const char *pname)
1576 {
1577 	int i;
1578 
1579 	for (i = 0; ipadm_addrprop_table[i].ipd_name != NULL; i++) {
1580 		if (strcmp(pname, ipadm_addrprop_table[i].ipd_name) == 0 ||
1581 		    (ipadm_addrprop_table[i].ipd_old_name != NULL &&
1582 		    strcmp(pname, ipadm_addrprop_table[i].ipd_old_name) == 0))
1583 			return (&ipadm_addrprop_table[i]);
1584 	}
1585 	return (NULL);
1586 }
1587 
1588 /*
1589  * Gets the value of the given address property `pname' for the address
1590  * object with name `aobjname'.
1591  */
1592 ipadm_status_t
1593 ipadm_get_addrprop(ipadm_handle_t iph, const char *pname, char *buf,
1594     uint_t *bufsize, const char *aobjname, uint_t valtype)
1595 {
1596 	struct ipadm_addrobj_s	ipaddr;
1597 	ipadm_status_t		status = IPADM_SUCCESS;
1598 	sa_family_t		af;
1599 	ipadm_prop_desc_t	*pdp = NULL;
1600 
1601 	if (iph == NULL || pname == NULL || buf == NULL ||
1602 	    bufsize == NULL || *bufsize == 0 || aobjname == NULL) {
1603 		return (IPADM_INVALID_ARG);
1604 	}
1605 
1606 	/* find the property in the property description table */
1607 	if ((pdp = i_ipadm_get_addrprop_desc(pname)) == NULL)
1608 		return (IPADM_PROP_UNKNOWN);
1609 
1610 	/*
1611 	 * For the given aobjname, get the addrobj it represents and
1612 	 * retrieve the property value for that object.
1613 	 */
1614 	i_ipadm_init_addr(&ipaddr, "", aobjname, IPADM_ADDR_NONE);
1615 	if ((status = i_ipadm_get_addrobj(iph, &ipaddr)) != IPADM_SUCCESS)
1616 		return (status);
1617 
1618 	if (ipaddr.ipadm_atype == IPADM_ADDR_IPV6_ADDRCONF)
1619 		return (IPADM_NOTSUP);
1620 	af = ipaddr.ipadm_af;
1621 
1622 	/*
1623 	 * Call the appropriate callback function to based on the field
1624 	 * that was asked for.
1625 	 */
1626 	switch (valtype) {
1627 	case IPADM_OPT_PERM:
1628 		status = i_ipadm_pd2permstr(pdp, buf, bufsize);
1629 		break;
1630 	case IPADM_OPT_ACTIVE:
1631 		if (!(ipaddr.ipadm_flags & IPMGMT_ACTIVE)) {
1632 			buf[0] = '\0';
1633 		} else {
1634 			status = pdp->ipd_get(iph, &ipaddr, pdp, buf, bufsize,
1635 			    af, MOD_PROP_ACTIVE);
1636 		}
1637 		break;
1638 	case IPADM_OPT_DEFAULT:
1639 		status = pdp->ipd_get(iph, &ipaddr, pdp, buf, bufsize,
1640 		    af, MOD_PROP_DEFAULT);
1641 		break;
1642 	case IPADM_OPT_POSSIBLE:
1643 		if (pdp->ipd_get_range != NULL) {
1644 			status = pdp->ipd_get_range(iph, &ipaddr, pdp, buf,
1645 			    bufsize, af, MOD_PROP_POSSIBLE);
1646 			break;
1647 		}
1648 		buf[0] = '\0';
1649 		break;
1650 	case IPADM_OPT_PERSIST:
1651 		status = i_ipadm_get_persist_propval(iph, pdp, buf, bufsize,
1652 		    &ipaddr);
1653 		break;
1654 	default:
1655 		status = IPADM_INVALID_ARG;
1656 		break;
1657 	}
1658 
1659 	return (status);
1660 }
1661 
1662 /*
1663  * Sets the value of the given address property `pname' to `pval' for the
1664  * address object with name `aobjname'.
1665  */
1666 ipadm_status_t
1667 ipadm_set_addrprop(ipadm_handle_t iph, const char *pname,
1668     const char *pval, const char *aobjname, uint_t pflags)
1669 {
1670 	struct ipadm_addrobj_s	ipaddr;
1671 	sa_family_t		af;
1672 	ipadm_prop_desc_t	*pdp = NULL;
1673 	char			defbuf[MAXPROPVALLEN];
1674 	uint_t			defbufsize = MAXPROPVALLEN;
1675 	boolean_t 		reset = (pflags & IPADM_OPT_DEFAULT);
1676 	ipadm_status_t		status = IPADM_SUCCESS;
1677 
1678 	/* Check for solaris.network.interface.config authorization */
1679 	if (!ipadm_check_auth())
1680 		return (IPADM_EAUTH);
1681 
1682 	if (iph == NULL || pname == NULL || aobjname == NULL || pflags == 0 ||
1683 	    pflags == IPADM_OPT_PERSIST ||
1684 	    (pflags & ~(IPADM_COMMON_OPT_MASK|IPADM_OPT_DEFAULT)) ||
1685 	    (!reset && pval == NULL)) {
1686 		return (IPADM_INVALID_ARG);
1687 	}
1688 
1689 	/* find the property in the property description table */
1690 	if ((pdp = i_ipadm_get_addrprop_desc(pname)) == NULL)
1691 		return (IPADM_PROP_UNKNOWN);
1692 
1693 	if (pdp->ipd_set == NULL || (reset && pdp->ipd_get == NULL))
1694 		return (IPADM_NOTSUP);
1695 
1696 	if (!(pdp->ipd_flags & IPADMPROP_MULVAL) &&
1697 	    (pflags & (IPADM_OPT_APPEND|IPADM_OPT_REMOVE))) {
1698 		return (IPADM_INVALID_ARG);
1699 	}
1700 
1701 	/*
1702 	 * For the given aobjname, get the addrobj it represents and
1703 	 * set the property value for that object.
1704 	 */
1705 	i_ipadm_init_addr(&ipaddr, "", aobjname, IPADM_ADDR_NONE);
1706 	if ((status = i_ipadm_get_addrobj(iph, &ipaddr)) != IPADM_SUCCESS)
1707 		return (status);
1708 
1709 	if (!(ipaddr.ipadm_flags & IPMGMT_ACTIVE))
1710 		return (IPADM_OP_DISABLE_OBJ);
1711 
1712 	/* Persistent operation not allowed on a temporary object. */
1713 	if ((pflags & IPADM_OPT_PERSIST) &&
1714 	    !(ipaddr.ipadm_flags & IPMGMT_PERSIST))
1715 		return (IPADM_TEMPORARY_OBJ);
1716 
1717 	/*
1718 	 * Currently, setting an address property on an address object of type
1719 	 * IPADM_ADDR_IPV6_ADDRCONF is not supported. Supporting it involves
1720 	 * in.ndpd retrieving the address properties from ipmgmtd for given
1721 	 * address object and then setting them on auto-configured addresses,
1722 	 * whenever in.ndpd gets a new prefix. This will be supported in
1723 	 * future releases.
1724 	 */
1725 	if (ipaddr.ipadm_atype == IPADM_ADDR_IPV6_ADDRCONF)
1726 		return (IPADM_NOTSUP);
1727 
1728 	/*
1729 	 * Setting an address property on an address object that is
1730 	 * not present in active configuration is not supported.
1731 	 */
1732 	if (!(ipaddr.ipadm_flags & IPMGMT_ACTIVE))
1733 		return (IPADM_NOTSUP);
1734 
1735 	af = ipaddr.ipadm_af;
1736 	if (reset) {
1737 		/*
1738 		 * If we were asked to reset the value, we need to fetch
1739 		 * the default value and set the default value.
1740 		 */
1741 		status = pdp->ipd_get(iph, &ipaddr, pdp, defbuf, &defbufsize,
1742 		    af, MOD_PROP_DEFAULT);
1743 		if (status != IPADM_SUCCESS)
1744 			return (status);
1745 		pval = defbuf;
1746 	}
1747 	/* set the user provided or default property value */
1748 	status = pdp->ipd_set(iph, &ipaddr, pdp, pval, af, pflags);
1749 	if (status != IPADM_SUCCESS)
1750 		return (status);
1751 
1752 	/*
1753 	 * If IPADM_OPT_PERSIST was set in `flags', we need to store
1754 	 * property and its value in persistent DB.
1755 	 */
1756 	if (pflags & IPADM_OPT_PERSIST) {
1757 		status = i_ipadm_persist_propval(iph, pdp, pval, &ipaddr,
1758 		    pflags);
1759 	}
1760 
1761 	return (status);
1762 }
1763 
1764 /*
1765  * Remove the address specified by the address object in `addr'
1766  * from kernel. If the address is on a non-zero logical interface, we do a
1767  * SIOCLIFREMOVEIF, otherwise we set the address to INADDR_ANY for IPv4 or
1768  * :: for IPv6.
1769  */
1770 ipadm_status_t
1771 i_ipadm_delete_addr(ipadm_handle_t iph, ipadm_addrobj_t addr)
1772 {
1773 	struct lifreq	lifr;
1774 	int		sock;
1775 	ipadm_status_t	status;
1776 
1777 	bzero(&lifr, sizeof (lifr));
1778 	i_ipadm_addrobj2lifname(addr, lifr.lifr_name, sizeof (lifr.lifr_name));
1779 	sock = (addr->ipadm_af == AF_INET ? iph->iph_sock : iph->iph_sock6);
1780 	if (addr->ipadm_lifnum == 0) {
1781 		/*
1782 		 * Fake the deletion of the 0'th address by
1783 		 * clearing IFF_UP and setting it to as 0.0.0.0 or ::.
1784 		 */
1785 		status = i_ipadm_set_flags(iph, addr->ipadm_ifname,
1786 		    addr->ipadm_af, 0, IFF_UP);
1787 		if (status != IPADM_SUCCESS)
1788 			return (status);
1789 		bzero(&lifr.lifr_addr, sizeof (lifr.lifr_addr));
1790 		lifr.lifr_addr.ss_family = addr->ipadm_af;
1791 		if (ioctl(sock, SIOCSLIFADDR, (caddr_t)&lifr) < 0)
1792 			return (ipadm_errno2status(errno));
1793 		if (ioctl(sock, SIOCSLIFDSTADDR, (caddr_t)&lifr) < 0)
1794 			return (ipadm_errno2status(errno));
1795 	} else if (ioctl(sock, SIOCLIFREMOVEIF, (caddr_t)&lifr) < 0) {
1796 		return (ipadm_errno2status(errno));
1797 	}
1798 
1799 	return (IPADM_SUCCESS);
1800 }
1801 
1802 /*
1803  * Extracts the IPv6 address from the nvlist in `nvl'.
1804  */
1805 ipadm_status_t
1806 i_ipadm_nvl2in6_addr(nvlist_t *nvl, char *addr_type, in6_addr_t *in6_addr)
1807 {
1808 	uint8_t	*addr6;
1809 	uint_t	n;
1810 
1811 	if (nvlist_lookup_uint8_array(nvl, addr_type, &addr6, &n) != 0)
1812 		return (IPADM_NOTFOUND);
1813 	assert(n == 16);
1814 	bcopy(addr6, in6_addr->s6_addr, n);
1815 	return (IPADM_SUCCESS);
1816 }
1817 
1818 /*
1819  * Used to validate the given addrobj name string. Length of `aobjname'
1820  * cannot exceed IPADM_AOBJ_USTRSIZ. `aobjname' should start with an
1821  * alphabetic character and it can only contain alphanumeric characters.
1822  */
1823 static boolean_t
1824 i_ipadm_is_user_aobjname_valid(const char *aobjname)
1825 {
1826 	const char	*cp;
1827 
1828 	if (aobjname == NULL || strlen(aobjname) >= IPADM_AOBJ_USTRSIZ ||
1829 	    !isalpha(*aobjname)) {
1830 		return (B_FALSE);
1831 	}
1832 	for (cp = aobjname + 1; *cp && isalnum(*cp); cp++)
1833 		;
1834 	return (*cp == '\0');
1835 }
1836 
1837 /*
1838  * Computes the prefixlen for the given `addr' based on the netmask found using
1839  * the order specified in /etc/nsswitch.conf. If not found, then the
1840  * prefixlen is computed using the Classful subnetting semantics defined
1841  * in RFC 791 for IPv4 and RFC 4291 for IPv6.
1842  */
1843 static ipadm_status_t
1844 i_ipadm_get_default_prefixlen(struct sockaddr_storage *addr, uint32_t *plen)
1845 {
1846 	sa_family_t af = addr->ss_family;
1847 	struct sockaddr_storage mask;
1848 	struct sockaddr_in *m = (struct sockaddr_in *)&mask;
1849 	struct sockaddr_in6 *sin6;
1850 	struct sockaddr_in *sin;
1851 	struct in_addr ia;
1852 	uint32_t prefixlen = 0;
1853 
1854 	switch (af) {
1855 	case AF_INET:
1856 		sin = SIN(addr);
1857 		ia.s_addr = ntohl(sin->sin_addr.s_addr);
1858 		get_netmask4(&ia, &m->sin_addr);
1859 		m->sin_addr.s_addr = htonl(m->sin_addr.s_addr);
1860 		m->sin_family = AF_INET;
1861 		prefixlen = mask2plen((struct sockaddr *)&mask);
1862 		break;
1863 	case AF_INET6:
1864 		sin6 = SIN6(addr);
1865 		if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr))
1866 			prefixlen = 10;
1867 		else
1868 			prefixlen = 64;
1869 		break;
1870 	default:
1871 		return (IPADM_INVALID_ARG);
1872 	}
1873 	*plen = prefixlen;
1874 	return (IPADM_SUCCESS);
1875 }
1876 
1877 ipadm_status_t
1878 i_ipadm_resolve_addr(const char *name, sa_family_t af,
1879     struct sockaddr_storage *ss)
1880 {
1881 	struct addrinfo hints, *ai;
1882 	int rc;
1883 	struct sockaddr_in6 *sin6;
1884 	struct sockaddr_in *sin;
1885 	boolean_t is_mapped;
1886 
1887 	(void) memset(&hints, 0, sizeof (hints));
1888 	hints.ai_family = af;
1889 	hints.ai_flags = (AI_ALL | AI_V4MAPPED);
1890 	rc = getaddrinfo(name, NULL, &hints, &ai);
1891 	if (rc != 0) {
1892 		if (rc == EAI_NONAME)
1893 			return (IPADM_BAD_ADDR);
1894 		else
1895 			return (IPADM_FAILURE);
1896 	}
1897 	if (ai->ai_next != NULL) {
1898 		/* maps to more than one hostname */
1899 		freeaddrinfo(ai);
1900 		return (IPADM_BAD_HOSTNAME);
1901 	}
1902 	/* LINTED E_BAD_PTR_CAST_ALIGN */
1903 	is_mapped = IN6_IS_ADDR_V4MAPPED(&(SIN6(ai->ai_addr))->sin6_addr);
1904 	if (is_mapped) {
1905 		sin = SIN(ss);
1906 		sin->sin_family = AF_INET;
1907 		/* LINTED E_BAD_PTR_CAST_ALIGN */
1908 		IN6_V4MAPPED_TO_INADDR(&(SIN6(ai->ai_addr))->sin6_addr,
1909 		    &sin->sin_addr);
1910 	} else {
1911 		sin6 = SIN6(ss);
1912 		sin6->sin6_family = AF_INET6;
1913 		bcopy(ai->ai_addr, sin6, sizeof (*sin6));
1914 	}
1915 	freeaddrinfo(ai);
1916 	return (IPADM_SUCCESS);
1917 }
1918 
1919 /*
1920  * This takes a static address string <addr>[/<mask>] or a hostname
1921  * and maps it to a single numeric IP address, consulting DNS if
1922  * hostname was provided. If a specific address family was requested,
1923  * an error is returned if the given hostname does not map to an address
1924  * of the given family. Note that this function returns failure
1925  * if the name maps to more than one IP address.
1926  */
1927 ipadm_status_t
1928 ipadm_set_addr(ipadm_addrobj_t ipaddr, const char *astr, sa_family_t af)
1929 {
1930 	char		*prefixlenstr;
1931 	uint32_t	prefixlen = 0;
1932 	char		*endp;
1933 	/*
1934 	 * We use (NI_MAXHOST + 5) because the longest possible
1935 	 * astr will have (NI_MAXHOST + '/' + {a maximum of 32 for IPv4
1936 	 * or a maximum of 128 for IPv6 + '\0') chars
1937 	 */
1938 	char		addrstr[NI_MAXHOST + 5];
1939 	ipadm_status_t	status;
1940 
1941 	(void) snprintf(addrstr, sizeof (addrstr), "%s", astr);
1942 	if ((prefixlenstr = strchr(addrstr, '/')) != NULL) {
1943 		*prefixlenstr++ = '\0';
1944 		errno = 0;
1945 		prefixlen = strtoul(prefixlenstr, &endp, 10);
1946 		if (errno != 0 || *endp != '\0')
1947 			return (IPADM_INVALID_ARG);
1948 		if ((af == AF_INET && prefixlen > IP_ABITS) ||
1949 		    (af == AF_INET6 && prefixlen > IPV6_ABITS))
1950 			return (IPADM_INVALID_ARG);
1951 	}
1952 
1953 	status = i_ipadm_resolve_addr(addrstr, af, &ipaddr->ipadm_static_addr);
1954 	if (status == IPADM_SUCCESS) {
1955 		(void) strlcpy(ipaddr->ipadm_static_aname, addrstr,
1956 		    sizeof (ipaddr->ipadm_static_aname));
1957 		ipaddr->ipadm_af = ipaddr->ipadm_static_addr.ss_family;
1958 		ipaddr->ipadm_static_prefixlen = prefixlen;
1959 	}
1960 	return (status);
1961 }
1962 
1963 /*
1964  * Gets the static source address from the address object in `ipaddr'.
1965  * Memory for `addr' should be already allocated by the caller.
1966  */
1967 ipadm_status_t
1968 ipadm_get_addr(const ipadm_addrobj_t ipaddr, struct sockaddr_storage *addr)
1969 {
1970 	if (ipaddr == NULL || ipaddr->ipadm_atype != IPADM_ADDR_STATIC ||
1971 	    addr == NULL) {
1972 		return (IPADM_INVALID_ARG);
1973 	}
1974 	*addr = ipaddr->ipadm_static_addr;
1975 
1976 	return (IPADM_SUCCESS);
1977 }
1978 
1979 /*
1980  * Set up tunnel destination address in ipaddr by contacting DNS.
1981  * The function works similar to ipadm_set_addr().
1982  * The dst_addr must resolve to exactly one address. IPADM_BAD_ADDR is returned
1983  * if dst_addr resolves to more than one address. The caller has to verify
1984  * that ipadm_static_addr and ipadm_static_dst_addr have the same ss_family
1985  */
1986 ipadm_status_t
1987 ipadm_set_dst_addr(ipadm_addrobj_t ipaddr, const char *daddrstr, sa_family_t af)
1988 {
1989 	ipadm_status_t	status;
1990 
1991 	/* mask lengths are not meaningful for point-to-point interfaces. */
1992 	if (strchr(daddrstr, '/') != NULL)
1993 		return (IPADM_BAD_ADDR);
1994 
1995 	status = i_ipadm_resolve_addr(daddrstr, af,
1996 	    &ipaddr->ipadm_static_dst_addr);
1997 	if (status == IPADM_SUCCESS) {
1998 		(void) strlcpy(ipaddr->ipadm_static_dname, daddrstr,
1999 		    sizeof (ipaddr->ipadm_static_dname));
2000 	}
2001 	return (status);
2002 }
2003 
2004 /*
2005  * Sets the interface ID in the address object `ipaddr' with the address
2006  * in the string `interface_id'. This interface ID will be used when
2007  * ipadm_create_addr() is called with `ipaddr' with address type
2008  * set to IPADM_ADDR_IPV6_ADDRCONF.
2009  */
2010 ipadm_status_t
2011 ipadm_set_interface_id(ipadm_addrobj_t ipaddr, const char *interface_id)
2012 {
2013 	struct sockaddr_in6	*sin6;
2014 	char			*end;
2015 	char			*cp;
2016 	uint32_t		prefixlen;
2017 	char			addrstr[INET6_ADDRSTRLEN + 1];
2018 
2019 	if (ipaddr == NULL || interface_id == NULL ||
2020 	    ipaddr->ipadm_atype != IPADM_ADDR_IPV6_ADDRCONF)
2021 		return (IPADM_INVALID_ARG);
2022 
2023 	(void) strlcpy(addrstr, interface_id, sizeof (addrstr));
2024 	if ((cp = strchr(addrstr, '/')) == NULL)
2025 		return (IPADM_INVALID_ARG);
2026 	*cp++ = '\0';
2027 	sin6 = &ipaddr->ipadm_intfid;
2028 	if (inet_pton(AF_INET6, addrstr, &sin6->sin6_addr) == 1) {
2029 		errno = 0;
2030 		prefixlen = strtoul(cp, &end, 10);
2031 		if (errno != 0 || *end != '\0' || prefixlen > IPV6_ABITS)
2032 			return (IPADM_INVALID_ARG);
2033 		sin6->sin6_family = AF_INET6;
2034 		ipaddr->ipadm_intfidlen = prefixlen;
2035 		return (IPADM_SUCCESS);
2036 	}
2037 	return (IPADM_INVALID_ARG);
2038 }
2039 
2040 /*
2041  * Sets the value for the field `ipadm_stateless' in address object `ipaddr'.
2042  */
2043 ipadm_status_t
2044 ipadm_set_stateless(ipadm_addrobj_t ipaddr, boolean_t stateless)
2045 {
2046 	if (ipaddr == NULL ||
2047 	    ipaddr->ipadm_atype != IPADM_ADDR_IPV6_ADDRCONF)
2048 		return (IPADM_INVALID_ARG);
2049 	ipaddr->ipadm_stateless = stateless;
2050 
2051 	return (IPADM_SUCCESS);
2052 }
2053 
2054 /*
2055  * Sets the value for the field `ipadm_stateful' in address object `ipaddr'.
2056  */
2057 ipadm_status_t
2058 ipadm_set_stateful(ipadm_addrobj_t ipaddr, boolean_t stateful)
2059 {
2060 	if (ipaddr == NULL ||
2061 	    ipaddr->ipadm_atype != IPADM_ADDR_IPV6_ADDRCONF)
2062 		return (IPADM_INVALID_ARG);
2063 	ipaddr->ipadm_stateful = stateful;
2064 
2065 	return (IPADM_SUCCESS);
2066 }
2067 
2068 /*
2069  * Sets the dhcp parameter `ipadm_primary' in the address object `ipaddr'.
2070  * The field is used during the address creation with address
2071  * type IPADM_ADDR_DHCP. It specifies if the interface should be set
2072  * as a primary interface for getting dhcp global options from the DHCP server.
2073  */
2074 ipadm_status_t
2075 ipadm_set_primary(ipadm_addrobj_t ipaddr, boolean_t primary)
2076 {
2077 	if (ipaddr == NULL || ipaddr->ipadm_atype != IPADM_ADDR_DHCP)
2078 		return (IPADM_INVALID_ARG);
2079 	ipaddr->ipadm_primary = primary;
2080 
2081 	return (IPADM_SUCCESS);
2082 }
2083 
2084 /*
2085  * Sets the dhcp parameter `ipadm_wait' in the address object `ipaddr'.
2086  * This field is used during the address creation with address type
2087  * IPADM_ADDR_DHCP. It specifies how long the API ipadm_create_addr()
2088  * should wait before returning while the dhcp address is being acquired
2089  * by the dhcpagent.
2090  * Possible values:
2091  * - IPADM_DHCP_WAIT_FOREVER : Do not return until dhcpagent returns.
2092  * - IPADM_DHCP_WAIT_DEFAULT : Wait a default amount of time before returning.
2093  * - <integer>	   : Wait the specified number of seconds before returning.
2094  */
2095 ipadm_status_t
2096 ipadm_set_wait_time(ipadm_addrobj_t ipaddr, int32_t wait)
2097 {
2098 	if (ipaddr == NULL || ipaddr->ipadm_atype != IPADM_ADDR_DHCP)
2099 		return (IPADM_INVALID_ARG);
2100 	ipaddr->ipadm_wait = wait;
2101 	return (IPADM_SUCCESS);
2102 }
2103 
2104 /*
2105  * Sets the dhcp parameter `ipadm_reqhost' in the address object `ipaddr',
2106  * but validate any non-nil value using ipadm_is_valid_hostname() and also
2107  * check length.
2108  */
2109 ipadm_status_t
2110 ipadm_set_reqhost(ipadm_addrobj_t ipaddr, const char *reqhost)
2111 {
2112 	const size_t HNLEN = sizeof (ipaddr->ipadm_reqhost);
2113 
2114 	if (ipaddr == NULL || ipaddr->ipadm_atype != IPADM_ADDR_DHCP)
2115 		return (IPADM_INVALID_ARG);
2116 
2117 	if (ipadm_is_nil_hostname(reqhost))
2118 		*ipaddr->ipadm_reqhost = '\0';
2119 	else if (!ipadm_is_valid_hostname(reqhost))
2120 		return (IPADM_INVALID_ARG);
2121 	else if (strlcpy(ipaddr->ipadm_reqhost, reqhost, HNLEN) >= HNLEN)
2122 		return (IPADM_INVALID_ARG);
2123 	return (IPADM_SUCCESS);
2124 }
2125 
2126 /*
2127  * Creates a placeholder for the `ipadm_aobjname' in the ipmgmtd `aobjmap'.
2128  * If the `aobjname' already exists in the daemon's `aobjmap' then
2129  * IPADM_ADDROBJ_EXISTS will be returned.
2130  *
2131  * If the libipadm consumer set `ipaddr.ipadm_aobjname[0]' to `\0', then the
2132  * daemon will generate an `aobjname' for the given `ipaddr'.
2133  */
2134 ipadm_status_t
2135 i_ipadm_lookupadd_addrobj(ipadm_handle_t iph, ipadm_addrobj_t ipaddr)
2136 {
2137 	ipmgmt_aobjop_arg_t	larg;
2138 	ipmgmt_aobjop_rval_t	rval, *rvalp;
2139 	int			err;
2140 
2141 	bzero(&larg, sizeof (larg));
2142 	larg.ia_cmd = IPMGMT_CMD_ADDROBJ_LOOKUPADD;
2143 	(void) strlcpy(larg.ia_aobjname, ipaddr->ipadm_aobjname,
2144 	    sizeof (larg.ia_aobjname));
2145 	(void) strlcpy(larg.ia_ifname, ipaddr->ipadm_ifname,
2146 	    sizeof (larg.ia_ifname));
2147 	larg.ia_family = ipaddr->ipadm_af;
2148 	larg.ia_atype = ipaddr->ipadm_atype;
2149 
2150 	rvalp = &rval;
2151 	err = ipadm_door_call(iph, &larg, sizeof (larg), (void **)&rvalp,
2152 	    sizeof (rval), B_FALSE);
2153 	if (err == 0 && ipaddr->ipadm_aobjname[0] == '\0') {
2154 		/* copy the daemon generated `aobjname' into `ipadddr' */
2155 		(void) strlcpy(ipaddr->ipadm_aobjname, rval.ir_aobjname,
2156 		    sizeof (ipaddr->ipadm_aobjname));
2157 	}
2158 	if (err == EEXIST)
2159 		return (IPADM_ADDROBJ_EXISTS);
2160 	return (ipadm_errno2status(err));
2161 }
2162 
2163 /*
2164  * Sets the logical interface number in the ipmgmtd's memory map for the
2165  * address object `ipaddr'. If another address object has the same
2166  * logical interface number, IPADM_ADDROBJ_EXISTS is returned.
2167  */
2168 ipadm_status_t
2169 i_ipadm_setlifnum_addrobj(ipadm_handle_t iph, ipadm_addrobj_t ipaddr)
2170 {
2171 	ipmgmt_aobjop_arg_t	larg;
2172 	ipmgmt_retval_t		rval, *rvalp;
2173 	int			err;
2174 
2175 	if (iph->iph_flags & IPH_IPMGMTD)
2176 		return (IPADM_SUCCESS);
2177 
2178 	bzero(&larg, sizeof (larg));
2179 	larg.ia_cmd = IPMGMT_CMD_ADDROBJ_SETLIFNUM;
2180 	(void) strlcpy(larg.ia_aobjname, ipaddr->ipadm_aobjname,
2181 	    sizeof (larg.ia_aobjname));
2182 	larg.ia_lnum = ipaddr->ipadm_lifnum;
2183 	(void) strlcpy(larg.ia_ifname, ipaddr->ipadm_ifname,
2184 	    sizeof (larg.ia_ifname));
2185 	larg.ia_family = ipaddr->ipadm_af;
2186 
2187 	rvalp = &rval;
2188 	err = ipadm_door_call(iph, &larg, sizeof (larg), (void **)&rvalp,
2189 	    sizeof (rval), B_FALSE);
2190 	if (err == EEXIST)
2191 		return (IPADM_ADDROBJ_EXISTS);
2192 	return (ipadm_errno2status(err));
2193 }
2194 
2195 /*
2196  * Creates the IPv4 or IPv6 address in the nvlist `nvl' on the interface
2197  * `ifname'. If a hostname is present, it is resolved before the address
2198  * is created.
2199  */
2200 ipadm_status_t
2201 i_ipadm_enable_static(ipadm_handle_t iph, const char *ifname, nvlist_t *nvl,
2202     sa_family_t af)
2203 {
2204 	char			*prefixlenstr = NULL;
2205 	char			*upstr = NULL;
2206 	char			*sname = NULL, *dname = NULL;
2207 	struct ipadm_addrobj_s	ipaddr;
2208 	char			*aobjname = NULL;
2209 	nvlist_t		*nvaddr = NULL;
2210 	nvpair_t		*nvp;
2211 	char			*cidraddr;
2212 	char			*name;
2213 	ipadm_status_t		status;
2214 	int			err = 0;
2215 	uint32_t		flags = IPADM_OPT_ACTIVE;
2216 
2217 	/* retrieve the address information */
2218 	for (nvp = nvlist_next_nvpair(nvl, NULL); nvp != NULL;
2219 	    nvp = nvlist_next_nvpair(nvl, nvp)) {
2220 		name = nvpair_name(nvp);
2221 		if (strcmp(name, IPADM_NVP_IPV4ADDR) == 0 ||
2222 		    strcmp(name, IPADM_NVP_IPV6ADDR) == 0) {
2223 			err = nvpair_value_nvlist(nvp, &nvaddr);
2224 		} else if (strcmp(name, IPADM_NVP_AOBJNAME) == 0) {
2225 			err = nvpair_value_string(nvp, &aobjname);
2226 		} else if (strcmp(name, IPADM_NVP_PREFIXLEN) == 0) {
2227 			err = nvpair_value_string(nvp, &prefixlenstr);
2228 		} else if (strcmp(name, "up") == 0) {
2229 			err = nvpair_value_string(nvp, &upstr);
2230 		}
2231 		if (err != 0)
2232 			return (ipadm_errno2status(err));
2233 	}
2234 	for (nvp = nvlist_next_nvpair(nvaddr, NULL); nvp != NULL;
2235 	    nvp = nvlist_next_nvpair(nvaddr, nvp)) {
2236 		name = nvpair_name(nvp);
2237 		if (strcmp(name, IPADM_NVP_IPADDRHNAME) == 0)
2238 			err = nvpair_value_string(nvp, &sname);
2239 		else if (strcmp(name, IPADM_NVP_IPDADDRHNAME) == 0)
2240 			err = nvpair_value_string(nvp, &dname);
2241 		if (err != 0)
2242 			return (ipadm_errno2status(err));
2243 	}
2244 
2245 	if (strcmp(upstr, "yes") == 0)
2246 		flags |= IPADM_OPT_UP;
2247 
2248 	/* build the address object from the above information */
2249 	i_ipadm_init_addr(&ipaddr, ifname, aobjname, IPADM_ADDR_STATIC);
2250 	if (prefixlenstr != NULL && atoi(prefixlenstr) > 0) {
2251 		if (asprintf(&cidraddr, "%s/%s", sname, prefixlenstr) == -1)
2252 			return (IPADM_NO_MEMORY);
2253 		status = ipadm_set_addr(&ipaddr, cidraddr, af);
2254 		free(cidraddr);
2255 	} else {
2256 		status = ipadm_set_addr(&ipaddr, sname, af);
2257 	}
2258 	if (status != IPADM_SUCCESS)
2259 		return (status);
2260 
2261 	if (dname != NULL) {
2262 		status = ipadm_set_dst_addr(&ipaddr, dname, af);
2263 		if (status != IPADM_SUCCESS)
2264 			return (status);
2265 	}
2266 	return (i_ipadm_create_addr(iph, &ipaddr, flags));
2267 }
2268 
2269 /*
2270  * Creates a dhcp address on the interface `ifname' based on the
2271  * IPADM_ADDR_DHCP address object parameters from the nvlist `nvl'.
2272  */
2273 ipadm_status_t
2274 i_ipadm_enable_dhcp(ipadm_handle_t iph, const char *ifname, nvlist_t *nvl)
2275 {
2276 	int32_t			wait = IPADM_DHCP_WAIT_DEFAULT;
2277 	boolean_t		primary = B_FALSE;
2278 	nvlist_t		*nvdhcp = NULL;
2279 	nvpair_t		*nvp;
2280 	char			*name;
2281 	struct ipadm_addrobj_s	ipaddr;
2282 	char			*aobjname = NULL, *reqhost = NULL;
2283 	int			err = 0;
2284 	ipadm_status_t		ipadm_err = IPADM_SUCCESS;
2285 
2286 	/* Extract the dhcp parameters */
2287 	for (nvp = nvlist_next_nvpair(nvl, NULL); nvp != NULL;
2288 	    nvp = nvlist_next_nvpair(nvl, nvp)) {
2289 		name = nvpair_name(nvp);
2290 		if (strcmp(name, IPADM_NVP_DHCP) == 0)
2291 			err = nvpair_value_nvlist(nvp, &nvdhcp);
2292 		else if (strcmp(name, IPADM_NVP_AOBJNAME) == 0)
2293 			err = nvpair_value_string(nvp, &aobjname);
2294 		else if (strcmp(name, IPADM_NVP_REQHOST) == 0)
2295 			err = nvpair_value_string(nvp, &reqhost);
2296 		if (err != 0)
2297 			return (ipadm_errno2status(err));
2298 	}
2299 	for (nvp = nvlist_next_nvpair(nvdhcp, NULL); nvp != NULL;
2300 	    nvp = nvlist_next_nvpair(nvdhcp, nvp)) {
2301 		name = nvpair_name(nvp);
2302 		if (strcmp(name, IPADM_NVP_WAIT) == 0)
2303 			err = nvpair_value_int32(nvp, &wait);
2304 		else if (strcmp(name, IPADM_NVP_PRIMARY) == 0)
2305 			err = nvpair_value_boolean_value(nvp, &primary);
2306 		if (err != 0)
2307 			return (ipadm_errno2status(err));
2308 	}
2309 
2310 	/* Build the address object */
2311 	i_ipadm_init_addr(&ipaddr, ifname, aobjname, IPADM_ADDR_DHCP);
2312 	ipaddr.ipadm_primary = primary;
2313 	if (iph->iph_flags & IPH_INIT)
2314 		ipaddr.ipadm_wait = 0;
2315 	else
2316 		ipaddr.ipadm_wait = wait;
2317 	ipadm_err = ipadm_set_reqhost(&ipaddr, reqhost);
2318 	if (ipadm_err != IPADM_SUCCESS)
2319 		return (ipadm_err);
2320 	ipaddr.ipadm_af = AF_INET;
2321 	return (i_ipadm_create_dhcp(iph, &ipaddr, IPADM_OPT_ACTIVE));
2322 }
2323 
2324 /*
2325  * Creates auto-configured addresses on the interface `ifname' based on
2326  * the IPADM_ADDR_IPV6_ADDRCONF address object parameters from the nvlist `nvl'.
2327  */
2328 ipadm_status_t
2329 i_ipadm_enable_addrconf(ipadm_handle_t iph, const char *ifname, nvlist_t *nvl)
2330 {
2331 	struct ipadm_addrobj_s	ipaddr;
2332 	char		*stateful = NULL, *stateless = NULL;
2333 	uint_t		n;
2334 	uint8_t		*addr6 = NULL;
2335 	uint32_t	intfidlen = 0;
2336 	char		*aobjname;
2337 	nvlist_t	*nvaddr;
2338 	nvpair_t	*nvp;
2339 	char		*name;
2340 	int		err = 0;
2341 
2342 	/* Extract the parameters */
2343 	for (nvp = nvlist_next_nvpair(nvl, NULL); nvp != NULL;
2344 	    nvp = nvlist_next_nvpair(nvl, nvp)) {
2345 		name = nvpair_name(nvp);
2346 		if (strcmp(name, IPADM_NVP_INTFID) == 0)
2347 			err = nvpair_value_nvlist(nvp, &nvaddr);
2348 		else if (strcmp(name, IPADM_NVP_AOBJNAME) == 0)
2349 			err = nvpair_value_string(nvp, &aobjname);
2350 		if (err != 0)
2351 			return (ipadm_errno2status(err));
2352 	}
2353 	for (nvp = nvlist_next_nvpair(nvaddr, NULL); nvp != NULL;
2354 	    nvp = nvlist_next_nvpair(nvaddr, nvp)) {
2355 		name = nvpair_name(nvp);
2356 		if (strcmp(name, IPADM_NVP_IPNUMADDR) == 0)
2357 			err = nvpair_value_uint8_array(nvp, &addr6, &n);
2358 		if (strcmp(name, IPADM_NVP_PREFIXLEN) == 0)
2359 			err = nvpair_value_uint32(nvp, &intfidlen);
2360 		else if (strcmp(name, IPADM_NVP_STATELESS) == 0)
2361 			err = nvpair_value_string(nvp, &stateless);
2362 		else if (strcmp(name, IPADM_NVP_STATEFUL) == 0)
2363 			err = nvpair_value_string(nvp, &stateful);
2364 		if (err != 0)
2365 			return (ipadm_errno2status(err));
2366 	}
2367 	/* Build the address object. */
2368 	i_ipadm_init_addr(&ipaddr, ifname, aobjname, IPADM_ADDR_IPV6_ADDRCONF);
2369 	if (intfidlen > 0) {
2370 		ipaddr.ipadm_intfidlen = intfidlen;
2371 		bcopy(addr6, &ipaddr.ipadm_intfid.sin6_addr.s6_addr, n);
2372 	}
2373 	ipaddr.ipadm_stateless = (strcmp(stateless, "yes") == 0);
2374 	ipaddr.ipadm_stateful = (strcmp(stateful, "yes") == 0);
2375 	return (i_ipadm_create_ipv6addrs(iph, &ipaddr, IPADM_OPT_ACTIVE));
2376 }
2377 
2378 /*
2379  * Allocates `ipadm_addrobj_t' and populates the relevant member fields based on
2380  * the provided `type'. `aobjname' represents the address object name, which
2381  * is of the form `<ifname>/<addressname>'.
2382  *
2383  * The caller has to minimally provide <ifname>. If <addressname> is not
2384  * provided, then a default one will be generated by the API.
2385  */
2386 ipadm_status_t
2387 ipadm_create_addrobj(ipadm_addr_type_t type, const char *aobjname,
2388     ipadm_addrobj_t *ipaddr)
2389 {
2390 	ipadm_addrobj_t	newaddr;
2391 	ipadm_status_t	status;
2392 	char		*aname, *cp;
2393 	char		ifname[IPADM_AOBJSIZ];
2394 	ifspec_t 	ifsp;
2395 
2396 	if (ipaddr == NULL)
2397 		return (IPADM_INVALID_ARG);
2398 	*ipaddr = NULL;
2399 
2400 	if (aobjname == NULL || aobjname[0] == '\0')
2401 		return (IPADM_INVALID_ARG);
2402 
2403 	if (strlcpy(ifname, aobjname, IPADM_AOBJSIZ) >= IPADM_AOBJSIZ)
2404 		return (IPADM_INVALID_ARG);
2405 
2406 	if ((aname = strchr(ifname, '/')) != NULL)
2407 		*aname++ = '\0';
2408 
2409 	/* Check if the interface name is valid. */
2410 	if (!ifparse_ifspec(ifname, &ifsp))
2411 		return (IPADM_INVALID_ARG);
2412 
2413 	/* Check if the given addrobj name is valid. */
2414 	if (aname != NULL && !i_ipadm_is_user_aobjname_valid(aname))
2415 		return (IPADM_INVALID_ARG);
2416 
2417 	if ((newaddr = calloc(1, sizeof (struct ipadm_addrobj_s))) == NULL)
2418 		return (IPADM_NO_MEMORY);
2419 
2420 	/*
2421 	 * If the ifname has logical interface number, extract it and assign
2422 	 * it to `ipadm_lifnum'. Only applications with IPH_LEGACY set will do
2423 	 * this today. We will check for the validity later in
2424 	 * i_ipadm_validate_create_addr().
2425 	 */
2426 	if (ifsp.ifsp_lunvalid) {
2427 		newaddr->ipadm_lifnum = ifsp.ifsp_lun;
2428 		cp = strchr(ifname, IPADM_LOGICAL_SEP);
2429 		*cp = '\0';
2430 	}
2431 	(void) strlcpy(newaddr->ipadm_ifname, ifname,
2432 	    sizeof (newaddr->ipadm_ifname));
2433 
2434 	if (aname != NULL) {
2435 		(void) snprintf(newaddr->ipadm_aobjname,
2436 		    sizeof (newaddr->ipadm_aobjname), "%s/%s", ifname, aname);
2437 	}
2438 
2439 	switch (type) {
2440 	case IPADM_ADDR_IPV6_ADDRCONF:
2441 		newaddr->ipadm_intfidlen = 0;
2442 		newaddr->ipadm_stateful = B_TRUE;
2443 		newaddr->ipadm_stateless = B_TRUE;
2444 		newaddr->ipadm_af = AF_INET6;
2445 		break;
2446 
2447 	case IPADM_ADDR_DHCP:
2448 		newaddr->ipadm_primary = B_FALSE;
2449 		newaddr->ipadm_wait = IPADM_DHCP_WAIT_DEFAULT;
2450 		newaddr->ipadm_af = AF_INET;
2451 		break;
2452 
2453 	case IPADM_ADDR_STATIC:
2454 		newaddr->ipadm_af = AF_UNSPEC;
2455 		newaddr->ipadm_static_prefixlen = 0;
2456 		break;
2457 
2458 	default:
2459 		status = IPADM_INVALID_ARG;
2460 		goto fail;
2461 	}
2462 	newaddr->ipadm_atype = type;
2463 	*ipaddr = newaddr;
2464 	return (IPADM_SUCCESS);
2465 fail:
2466 	free(newaddr);
2467 	return (status);
2468 }
2469 
2470 /*
2471  * Returns `aobjname' from the address object in `ipaddr'.
2472  */
2473 ipadm_status_t
2474 ipadm_get_aobjname(const ipadm_addrobj_t ipaddr, char *aobjname, size_t len)
2475 {
2476 	if (ipaddr == NULL || aobjname == NULL)
2477 		return (IPADM_INVALID_ARG);
2478 	if (strlcpy(aobjname, ipaddr->ipadm_aobjname, len) >= len)
2479 		return (IPADM_INVALID_ARG);
2480 
2481 	return (IPADM_SUCCESS);
2482 }
2483 
2484 /*
2485  * Frees the address object in `ipaddr'.
2486  */
2487 void
2488 ipadm_destroy_addrobj(ipadm_addrobj_t ipaddr)
2489 {
2490 	free(ipaddr);
2491 }
2492 
2493 /*
2494  * Retrieves the logical interface name from `ipaddr' and stores the
2495  * string in `lifname'.
2496  */
2497 void
2498 i_ipadm_addrobj2lifname(ipadm_addrobj_t ipaddr, char *lifname, int lifnamesize)
2499 {
2500 	if (ipaddr->ipadm_lifnum != 0) {
2501 		(void) snprintf(lifname, lifnamesize, "%s:%d",
2502 		    ipaddr->ipadm_ifname, ipaddr->ipadm_lifnum);
2503 	} else {
2504 		(void) snprintf(lifname, lifnamesize, "%s",
2505 		    ipaddr->ipadm_ifname);
2506 	}
2507 }
2508 
2509 /*
2510  * Checks if a non-zero static address is present on the 0th logical interface
2511  * of the given IPv4 or IPv6 physical interface. For an IPv4 interface, it
2512  * also checks if the interface is under DHCP control. If the condition is true,
2513  * the output argument `exists' will be set to B_TRUE. Otherwise, `exists'
2514  * is set to B_FALSE.
2515  *
2516  * Note that *exists will not be initialized if an error is encountered.
2517  */
2518 static ipadm_status_t
2519 i_ipadm_addr_exists_on_if(ipadm_handle_t iph, const char *ifname,
2520     sa_family_t af, boolean_t *exists)
2521 {
2522 	struct lifreq	lifr;
2523 	int		sock;
2524 
2525 	/* For IPH_LEGACY, a new logical interface will never be added. */
2526 	if (iph->iph_flags & IPH_LEGACY) {
2527 		*exists = B_FALSE;
2528 		return (IPADM_SUCCESS);
2529 	}
2530 	bzero(&lifr, sizeof (lifr));
2531 	(void) strlcpy(lifr.lifr_name, ifname, sizeof (lifr.lifr_name));
2532 	if (af == AF_INET) {
2533 		sock = iph->iph_sock;
2534 		if (ioctl(sock, SIOCGLIFFLAGS, (caddr_t)&lifr) < 0)
2535 			return (ipadm_errno2status(errno));
2536 		if (lifr.lifr_flags & IFF_DHCPRUNNING) {
2537 			*exists = B_TRUE;
2538 			return (IPADM_SUCCESS);
2539 		}
2540 	} else {
2541 		sock = iph->iph_sock6;
2542 	}
2543 	if (ioctl(sock, SIOCGLIFADDR, (caddr_t)&lifr) < 0)
2544 		return (ipadm_errno2status(errno));
2545 	*exists = !sockaddrunspec((struct sockaddr *)&lifr.lifr_addr);
2546 
2547 	return (IPADM_SUCCESS);
2548 }
2549 
2550 /*
2551  * Adds a new logical interface in the kernel for interface
2552  * `addr->ipadm_ifname', if there is a non-zero address on the 0th
2553  * logical interface or if the 0th logical interface is under DHCP
2554  * control. On success, it sets the lifnum in the address object `addr'.
2555  */
2556 ipadm_status_t
2557 i_ipadm_do_addif(ipadm_handle_t iph, ipadm_addrobj_t addr)
2558 {
2559 	ipadm_status_t	status;
2560 	boolean_t	addif;
2561 	struct lifreq	lifr;
2562 	int		sock;
2563 
2564 	addr->ipadm_lifnum = 0;
2565 	status = i_ipadm_addr_exists_on_if(iph, addr->ipadm_ifname,
2566 	    addr->ipadm_af, &addif);
2567 	if (status != IPADM_SUCCESS)
2568 		return (status);
2569 	if (addif) {
2570 		/*
2571 		 * If there is an address on 0th logical interface,
2572 		 * add a new logical interface.
2573 		 */
2574 		bzero(&lifr, sizeof (lifr));
2575 		(void) strlcpy(lifr.lifr_name, addr->ipadm_ifname,
2576 		    sizeof (lifr.lifr_name));
2577 		sock = (addr->ipadm_af == AF_INET ? iph->iph_sock :
2578 		    iph->iph_sock6);
2579 		if (ioctl(sock, SIOCLIFADDIF, (caddr_t)&lifr) < 0)
2580 			return (ipadm_errno2status(errno));
2581 		addr->ipadm_lifnum = i_ipadm_get_lnum(lifr.lifr_name);
2582 	}
2583 	return (IPADM_SUCCESS);
2584 }
2585 
2586 /*
2587  * Reads all the address lines from the persistent DB into the nvlist `onvl',
2588  * when both `ifname' and `aobjname' are NULL. If an `ifname' is provided,
2589  * it returns all the addresses for the given interface `ifname'.
2590  * If an `aobjname' is specified, then the address line corresponding to
2591  * that name will be returned.
2592  */
2593 static ipadm_status_t
2594 i_ipadm_get_db_addr(ipadm_handle_t iph, const char *ifname,
2595     const char *aobjname, nvlist_t **onvl)
2596 {
2597 	ipmgmt_getaddr_arg_t	garg;
2598 	ipmgmt_get_rval_t	*rvalp;
2599 	int			err;
2600 	size_t			nvlsize;
2601 	char			*nvlbuf;
2602 
2603 	/* Populate the door_call argument structure */
2604 	bzero(&garg, sizeof (garg));
2605 	garg.ia_cmd = IPMGMT_CMD_GETADDR;
2606 	if (aobjname != NULL)
2607 		(void) strlcpy(garg.ia_aobjname, aobjname,
2608 		    sizeof (garg.ia_aobjname));
2609 	if (ifname != NULL)
2610 		(void) strlcpy(garg.ia_ifname, ifname, sizeof (garg.ia_ifname));
2611 
2612 	rvalp = malloc(sizeof (ipmgmt_get_rval_t));
2613 	err = ipadm_door_call(iph, &garg, sizeof (garg), (void **)&rvalp,
2614 	    sizeof (*rvalp), B_TRUE);
2615 	if (err == 0) {
2616 		nvlsize = rvalp->ir_nvlsize;
2617 		nvlbuf = (char *)rvalp + sizeof (ipmgmt_get_rval_t);
2618 		err = nvlist_unpack(nvlbuf, nvlsize, onvl, NV_ENCODE_NATIVE);
2619 	}
2620 	free(rvalp);
2621 	return (ipadm_errno2status(err));
2622 }
2623 
2624 /*
2625  * Adds the IP address contained in the 'ipaddr' argument to the physical
2626  * interface represented by 'ifname' after doing the required validation.
2627  * If the interface does not exist, it is created before the address is
2628  * added.
2629  *
2630  * If IPH_LEGACY is set in iph_flags, flags has to be IPADM_OPT_ACTIVE
2631  * and a default addrobj name will be generated. Input `addr->ipadm_aobjname',
2632  * if provided, will be ignored and replaced with the newly generated name.
2633  * The interface name provided has to be a logical interface name that
2634  * already exists. No new logical interface will be added in this function.
2635  *
2636  * If IPADM_OPT_V46 is passed in the flags, then both IPv4 and IPv6 interfaces
2637  * are plumbed (if they haven't been already).  Otherwise, just the interface
2638  * specified in `addr' is plumbed.
2639  */
2640 ipadm_status_t
2641 ipadm_create_addr(ipadm_handle_t iph, ipadm_addrobj_t addr, uint32_t flags)
2642 {
2643 	ipadm_status_t		status;
2644 	sa_family_t		af;
2645 	sa_family_t		daf;
2646 	sa_family_t		other_af;
2647 	boolean_t		created_af = B_FALSE;
2648 	boolean_t		created_other_af = B_FALSE;
2649 	ipadm_addr_type_t	type;
2650 	char			*ifname = addr->ipadm_ifname;
2651 	boolean_t		legacy = (iph->iph_flags & IPH_LEGACY);
2652 	boolean_t		aobjfound;
2653 	boolean_t		is_6to4;
2654 	struct lifreq		lifr;
2655 	uint64_t		ifflags;
2656 	boolean_t		is_boot = (iph->iph_flags & IPH_IPMGMTD);
2657 
2658 	/* check for solaris.network.interface.config authorization */
2659 	if (!ipadm_check_auth())
2660 		return (IPADM_EAUTH);
2661 
2662 	/* Validate the addrobj. This also fills in addr->ipadm_ifname. */
2663 	status = i_ipadm_validate_create_addr(iph, addr, flags);
2664 	if (status != IPADM_SUCCESS)
2665 		return (status);
2666 
2667 	/*
2668 	 * For Legacy case, check if an addrobj already exists for the
2669 	 * given logical interface name. If one does not exist,
2670 	 * a default name will be generated and added to the daemon's
2671 	 * aobjmap.
2672 	 */
2673 	if (legacy) {
2674 		struct ipadm_addrobj_s	ipaddr;
2675 
2676 		ipaddr = *addr;
2677 		status = i_ipadm_get_lif2addrobj(iph, &ipaddr);
2678 		if (status == IPADM_SUCCESS) {
2679 			aobjfound = B_TRUE;
2680 			/*
2681 			 * With IPH_LEGACY, modifying an address that is not
2682 			 * a static address will return with an error.
2683 			 */
2684 			if (ipaddr.ipadm_atype != IPADM_ADDR_STATIC)
2685 				return (IPADM_NOTSUP);
2686 			/*
2687 			 * we found the addrobj in daemon, copy over the
2688 			 * aobjname to `addr'.
2689 			 */
2690 			(void) strlcpy(addr->ipadm_aobjname,
2691 			    ipaddr.ipadm_aobjname, IPADM_AOBJSIZ);
2692 		} else if (status == IPADM_NOTFOUND) {
2693 			aobjfound = B_FALSE;
2694 		} else {
2695 			return (status);
2696 		}
2697 	}
2698 
2699 	af = addr->ipadm_af;
2700 	/*
2701 	 * Create a placeholder for this address object in the daemon.
2702 	 * Skip this step if we are booting a zone (and therefore being called
2703 	 * from ipmgmtd itself), and, for IPH_LEGACY case if the
2704 	 * addrobj already exists.
2705 	 *
2706 	 * Note that the placeholder is not needed in the NGZ boot case,
2707 	 * when zoneadmd has itself applied the "allowed-ips" property to clamp
2708 	 * down any interface configuration, so the namespace for the interface
2709 	 * is fully controlled by the GZ.
2710 	 */
2711 	if (!is_boot && (!legacy || !aobjfound)) {
2712 		status = i_ipadm_lookupadd_addrobj(iph, addr);
2713 		if (status != IPADM_SUCCESS)
2714 			return (status);
2715 	}
2716 
2717 	is_6to4 = i_ipadm_is_6to4(iph, ifname);
2718 	/* Plumb the IP interfaces if necessary */
2719 	status = i_ipadm_create_if(iph, ifname, af, flags);
2720 	if (status != IPADM_SUCCESS && status != IPADM_IF_EXISTS) {
2721 		(void) i_ipadm_delete_addrobj(iph, addr, IPADM_OPT_ACTIVE);
2722 		return (status);
2723 	}
2724 	if (status == IPADM_SUCCESS)
2725 		created_af = B_TRUE;
2726 	if (!is_6to4 && !legacy && (flags & IPADM_OPT_V46)) {
2727 		other_af = (af == AF_INET ? AF_INET6 : AF_INET);
2728 		status = i_ipadm_create_if(iph, ifname, other_af, flags);
2729 		if (status != IPADM_SUCCESS && status != IPADM_IF_EXISTS) {
2730 			(void) i_ipadm_delete_if(iph, ifname, af, flags);
2731 			return (status);
2732 		}
2733 		if (status == IPADM_SUCCESS)
2734 			created_other_af = B_TRUE;
2735 	}
2736 
2737 	/*
2738 	 * Some input validation based on the interface flags:
2739 	 * 1. in non-global zones, make sure that we are not persistently
2740 	 *    creating addresses on interfaces that are acquiring
2741 	 *    address from the global zone.
2742 	 * 2. Validate static addresses for IFF_POINTOPOINT interfaces.
2743 	 */
2744 	if (addr->ipadm_atype == IPADM_ADDR_STATIC) {
2745 		status = i_ipadm_get_flags(iph, ifname, af, &ifflags);
2746 		if (status != IPADM_SUCCESS)
2747 			goto fail;
2748 
2749 		if (iph->iph_zoneid != GLOBAL_ZONEID &&
2750 		    (ifflags & IFF_L3PROTECT) && (flags & IPADM_OPT_PERSIST)) {
2751 			status = IPADM_GZ_PERM;
2752 			goto fail;
2753 		}
2754 		daf = addr->ipadm_static_dst_addr.ss_family;
2755 		if (ifflags & IFF_POINTOPOINT) {
2756 			if (is_6to4) {
2757 				if (af != AF_INET6 || daf != AF_UNSPEC) {
2758 					status = IPADM_INVALID_ARG;
2759 					goto fail;
2760 				}
2761 			} else {
2762 				if (daf != af) {
2763 					status = IPADM_INVALID_ARG;
2764 					goto fail;
2765 				}
2766 				/* Check for a valid dst address. */
2767 				if (!legacy && sockaddrunspec(
2768 				    (struct sockaddr *)
2769 				    &addr->ipadm_static_dst_addr)) {
2770 					status = IPADM_BAD_ADDR;
2771 					goto fail;
2772 				}
2773 			}
2774 		} else {
2775 			/*
2776 			 * Disallow setting of dstaddr when the link is not
2777 			 * a point-to-point link.
2778 			 */
2779 			if (daf != AF_UNSPEC)
2780 				return (IPADM_INVALID_ARG);
2781 		}
2782 	}
2783 
2784 	/*
2785 	 * For 6to4 interfaces, kernel configures a default link-local
2786 	 * address. We need to replace it, if the caller has provided
2787 	 * an address that is different from the default link-local.
2788 	 */
2789 	if (status == IPADM_SUCCESS && is_6to4) {
2790 		bzero(&lifr, sizeof (lifr));
2791 		(void) strlcpy(lifr.lifr_name, addr->ipadm_ifname,
2792 		    sizeof (lifr.lifr_name));
2793 		if (ioctl(iph->iph_sock6, SIOCGLIFADDR, &lifr) < 0) {
2794 			status = ipadm_errno2status(errno);
2795 			goto fail;
2796 		}
2797 		if (sockaddrcmp(&lifr.lifr_addr, &addr->ipadm_static_addr))
2798 			return (IPADM_SUCCESS);
2799 	}
2800 
2801 	/* Create the address. */
2802 	type = addr->ipadm_atype;
2803 	switch (type) {
2804 	case IPADM_ADDR_STATIC:
2805 		status = i_ipadm_create_addr(iph, addr, flags);
2806 		break;
2807 	case IPADM_ADDR_DHCP:
2808 		status = i_ipadm_create_dhcp(iph, addr, flags);
2809 		break;
2810 	case IPADM_ADDR_IPV6_ADDRCONF:
2811 		status = i_ipadm_create_ipv6addrs(iph, addr, flags);
2812 		break;
2813 	default:
2814 		status = IPADM_INVALID_ARG;
2815 		break;
2816 	}
2817 
2818 	/*
2819 	 * If address was not created successfully, unplumb the interface
2820 	 * if it was plumbed implicitly in this function and remove the
2821 	 * addrobj created by the ipmgmtd daemon as a placeholder.
2822 	 * If IPH_LEGACY is set, then remove the addrobj only if it was
2823 	 * created in this function.
2824 	 */
2825 fail:
2826 	if (status != IPADM_DHCP_IPC_TIMEOUT &&
2827 	    status != IPADM_SUCCESS) {
2828 		if (!legacy) {
2829 			if (created_af || created_other_af) {
2830 				if (created_af) {
2831 					(void) i_ipadm_delete_if(iph, ifname,
2832 					    af, flags);
2833 				}
2834 				if (created_other_af) {
2835 					(void) i_ipadm_delete_if(iph, ifname,
2836 					    other_af, flags);
2837 				}
2838 			} else {
2839 				(void) i_ipadm_delete_addrobj(iph, addr, flags);
2840 			}
2841 		} else if (!aobjfound) {
2842 			(void) i_ipadm_delete_addrobj(iph, addr, flags);
2843 		}
2844 	}
2845 
2846 	return (status);
2847 }
2848 
2849 /*
2850  * Creates the static address in `ipaddr' in kernel. After successfully
2851  * creating it, it updates the ipmgmtd daemon's aobjmap with the logical
2852  * interface information.
2853  */
2854 static ipadm_status_t
2855 i_ipadm_create_addr(ipadm_handle_t iph, ipadm_addrobj_t ipaddr, uint32_t flags)
2856 {
2857 	struct lifreq			lifr;
2858 	ipadm_status_t			status = IPADM_SUCCESS;
2859 	int				sock;
2860 	struct sockaddr_storage		m, *mask = &m;
2861 	const struct sockaddr_storage	*addr = &ipaddr->ipadm_static_addr;
2862 	const struct sockaddr_storage	*daddr = &ipaddr->ipadm_static_dst_addr;
2863 	sa_family_t			af;
2864 	boolean_t			legacy = (iph->iph_flags & IPH_LEGACY);
2865 	struct ipadm_addrobj_s		legacy_addr;
2866 	boolean_t			default_prefixlen = B_FALSE;
2867 	boolean_t			is_boot;
2868 
2869 	is_boot = ((iph->iph_flags & IPH_IPMGMTD) != 0);
2870 	af = ipaddr->ipadm_af;
2871 	sock = (af == AF_INET ? iph->iph_sock : iph->iph_sock6);
2872 
2873 	/* If prefixlen was not provided, get default prefixlen */
2874 	if (ipaddr->ipadm_static_prefixlen == 0) {
2875 		/* prefixlen was not provided, get default prefixlen */
2876 		status = i_ipadm_get_default_prefixlen(
2877 		    &ipaddr->ipadm_static_addr,
2878 		    &ipaddr->ipadm_static_prefixlen);
2879 		if (status != IPADM_SUCCESS)
2880 			return (status);
2881 		default_prefixlen = B_TRUE;
2882 	}
2883 	(void) plen2mask(ipaddr->ipadm_static_prefixlen, af,
2884 	    (struct sockaddr *)mask);
2885 
2886 	/*
2887 	 * Create a new logical interface if needed; otherwise, just
2888 	 * use the 0th logical interface.
2889 	 */
2890 retry:
2891 	if (!(iph->iph_flags & IPH_LEGACY)) {
2892 		status = i_ipadm_do_addif(iph, ipaddr);
2893 		if (status != IPADM_SUCCESS)
2894 			return (status);
2895 		/*
2896 		 * We don't have to set the lifnum for IPH_INIT case, because
2897 		 * there is no placeholder created for the address object in
2898 		 * this case. For IPH_LEGACY, we don't do this because the
2899 		 * lifnum is given by the caller and it will be set in the
2900 		 * end while we call the i_ipadm_addr_persist().
2901 		 */
2902 		if (!(iph->iph_flags & IPH_INIT)) {
2903 			status = i_ipadm_setlifnum_addrobj(iph, ipaddr);
2904 			if (status == IPADM_ADDROBJ_EXISTS)
2905 				goto retry;
2906 			if (status != IPADM_SUCCESS)
2907 				return (status);
2908 		}
2909 	}
2910 	i_ipadm_addrobj2lifname(ipaddr, lifr.lifr_name,
2911 	    sizeof (lifr.lifr_name));
2912 	lifr.lifr_addr = *mask;
2913 	if (ioctl(sock, SIOCSLIFNETMASK, (caddr_t)&lifr) < 0) {
2914 		status = ipadm_errno2status(errno);
2915 		goto ret;
2916 	}
2917 	lifr.lifr_addr = *addr;
2918 	if (ioctl(sock, SIOCSLIFADDR, (caddr_t)&lifr) < 0) {
2919 		status = ipadm_errno2status(errno);
2920 		goto ret;
2921 	}
2922 	/* Set the destination address, if one is given. */
2923 	if (daddr->ss_family != AF_UNSPEC) {
2924 		lifr.lifr_addr = *daddr;
2925 		if (ioctl(sock, SIOCSLIFDSTADDR, (caddr_t)&lifr) < 0) {
2926 			status = ipadm_errno2status(errno);
2927 			goto ret;
2928 		}
2929 	}
2930 
2931 	if (flags & IPADM_OPT_UP) {
2932 		status = i_ipadm_set_flags(iph, lifr.lifr_name, af, IFF_UP, 0);
2933 
2934 		/*
2935 		 * IPADM_DAD_FOUND is a soft-error for create-addr.
2936 		 * No need to tear down the address.
2937 		 */
2938 		if (status == IPADM_DAD_FOUND)
2939 			status = IPADM_SUCCESS;
2940 	}
2941 
2942 	if (status == IPADM_SUCCESS && !is_boot) {
2943 		/*
2944 		 * For IPH_LEGACY, we might be modifying the address on
2945 		 * an address object that already exists e.g. by doing
2946 		 * "ifconfig bge0:1 <addr>; ifconfig bge0:1 <newaddr>"
2947 		 * So, we need to store the object only if it does not
2948 		 * already exist in ipmgmtd.
2949 		 */
2950 		if (legacy) {
2951 			bzero(&legacy_addr, sizeof (legacy_addr));
2952 			(void) strlcpy(legacy_addr.ipadm_aobjname,
2953 			    ipaddr->ipadm_aobjname,
2954 			    sizeof (legacy_addr.ipadm_aobjname));
2955 			status = i_ipadm_get_addrobj(iph, &legacy_addr);
2956 			if (status == IPADM_SUCCESS &&
2957 			    legacy_addr.ipadm_lifnum >= 0) {
2958 				return (status);
2959 			}
2960 		}
2961 		status = i_ipadm_addr_persist(iph, ipaddr, default_prefixlen,
2962 		    flags, NULL);
2963 	}
2964 ret:
2965 	if (status != IPADM_SUCCESS && !legacy)
2966 		(void) i_ipadm_delete_addr(iph, ipaddr);
2967 	return (status);
2968 }
2969 
2970 /*
2971  * Removes the address object identified by `aobjname' from both active and
2972  * persistent configuration. The address object will be removed from only
2973  * active configuration if IPH_LEGACY is set in `iph->iph_flags'.
2974  *
2975  * If the address type is IPADM_ADDR_STATIC or IPADM_ADDR_DHCP, the address
2976  * in the address object will be removed from the physical interface.
2977  * If the address type is IPADM_ADDR_DHCP, the flag IPADM_OPT_RELEASE specifies
2978  * whether the lease should be released. If IPADM_OPT_RELEASE is not
2979  * specified, the lease will be dropped. This option is not supported
2980  * for other address types.
2981  *
2982  * If the address type is IPADM_ADDR_IPV6_ADDRCONF, the link-local address and
2983  * all the autoconfigured addresses will be removed.
2984  * Finally, the address object is also removed from ipmgmtd's aobjmap and from
2985  * the persistent DB.
2986  */
2987 ipadm_status_t
2988 ipadm_delete_addr(ipadm_handle_t iph, const char *aobjname, uint32_t flags)
2989 {
2990 	ipadm_status_t		status;
2991 	struct ipadm_addrobj_s	ipaddr;
2992 	boolean_t		release = ((flags & IPADM_OPT_RELEASE) != 0);
2993 
2994 	/* check for solaris.network.interface.config authorization */
2995 	if (!ipadm_check_auth())
2996 		return (IPADM_EAUTH);
2997 
2998 	/* validate input */
2999 	if (flags == 0 || ((flags & IPADM_OPT_PERSIST) &&
3000 	    !(flags & IPADM_OPT_ACTIVE)) ||
3001 	    (flags & ~(IPADM_COMMON_OPT_MASK|IPADM_OPT_RELEASE))) {
3002 		return (IPADM_INVALID_ARG);
3003 	}
3004 	bzero(&ipaddr, sizeof (ipaddr));
3005 	if (aobjname == NULL || strlcpy(ipaddr.ipadm_aobjname, aobjname,
3006 	    IPADM_AOBJSIZ) >= IPADM_AOBJSIZ) {
3007 		return (IPADM_INVALID_ARG);
3008 	}
3009 
3010 	/* Retrieve the address object information from ipmgmtd. */
3011 	status = i_ipadm_get_addrobj(iph, &ipaddr);
3012 	if (status != IPADM_SUCCESS)
3013 		return (status);
3014 
3015 	if (release && ipaddr.ipadm_atype != IPADM_ADDR_DHCP)
3016 		return (IPADM_NOTSUP);
3017 	/*
3018 	 * If requested to delete just from active config but the address
3019 	 * is not in active config, return error.
3020 	 */
3021 	if (!(ipaddr.ipadm_flags & IPMGMT_ACTIVE) &&
3022 	    (flags & IPADM_OPT_ACTIVE) && !(flags & IPADM_OPT_PERSIST)) {
3023 		return (IPADM_NOTFOUND);
3024 	}
3025 
3026 	/*
3027 	 * If address is present in active config, remove it from
3028 	 * kernel.
3029 	 */
3030 	if (ipaddr.ipadm_flags & IPMGMT_ACTIVE) {
3031 		switch (ipaddr.ipadm_atype) {
3032 		case IPADM_ADDR_STATIC:
3033 			status = i_ipadm_delete_addr(iph, &ipaddr);
3034 			break;
3035 		case IPADM_ADDR_DHCP:
3036 			status = i_ipadm_delete_dhcp(iph, &ipaddr, release);
3037 			break;
3038 		case IPADM_ADDR_IPV6_ADDRCONF:
3039 			status = i_ipadm_delete_ipv6addrs(iph, &ipaddr);
3040 			break;
3041 		default:
3042 			/*
3043 			 * This is the case of address object name residing in
3044 			 * daemon's aobjmap (added by ADDROBJ_LOOKUPADD). Fall
3045 			 * through and delete that address object.
3046 			 */
3047 			break;
3048 		}
3049 
3050 		/*
3051 		 * If the address was previously deleted from the active
3052 		 * config, we will get a IPADM_ENXIO from kernel.
3053 		 * We will still proceed and purge the address information
3054 		 * in the DB.
3055 		 */
3056 		if (status == IPADM_ENXIO)
3057 			status = IPADM_SUCCESS;
3058 		else if (status != IPADM_SUCCESS)
3059 			return (status);
3060 	}
3061 
3062 	if (!(ipaddr.ipadm_flags & IPMGMT_PERSIST) &&
3063 	    (flags & IPADM_OPT_PERSIST)) {
3064 		flags &= ~IPADM_OPT_PERSIST;
3065 	}
3066 	status = i_ipadm_delete_addrobj(iph, &ipaddr, flags);
3067 	if (status == IPADM_NOTFOUND)
3068 		return (status);
3069 	return (IPADM_SUCCESS);
3070 }
3071 
3072 /*
3073  * Starts the dhcpagent and sends it the message DHCP_START to start
3074  * configuring a dhcp address on the given interface in `addr'.
3075  * After making the dhcpagent request, it also updates the
3076  * address object information in ipmgmtd's aobjmap and creates an
3077  * entry in persistent DB if IPADM_OPT_PERSIST is set in `flags'.
3078  */
3079 static ipadm_status_t
3080 i_ipadm_create_dhcp(ipadm_handle_t iph, ipadm_addrobj_t addr, uint32_t flags)
3081 {
3082 	ipadm_status_t	status;
3083 	ipadm_status_t	dh_status;
3084 
3085 	if (dhcp_start_agent(DHCP_IPC_MAX_WAIT) == -1)
3086 		return (IPADM_DHCP_START_ERROR);
3087 	/*
3088 	 * Create a new logical interface if needed; otherwise, just
3089 	 * use the 0th logical interface.
3090 	 */
3091 retry:
3092 	status = i_ipadm_do_addif(iph, addr);
3093 	if (status != IPADM_SUCCESS)
3094 		return (status);
3095 	/*
3096 	 * We don't have to set the lifnum for IPH_INIT case, because
3097 	 * there is no placeholder created for the address object in this
3098 	 * case.
3099 	 */
3100 	if (!(iph->iph_flags & IPH_INIT)) {
3101 		status = i_ipadm_setlifnum_addrobj(iph, addr);
3102 		if (status == IPADM_ADDROBJ_EXISTS)
3103 			goto retry;
3104 		if (status != IPADM_SUCCESS)
3105 			return (status);
3106 	}
3107 	/* Send DHCP_START to the dhcpagent. */
3108 	status = i_ipadm_op_dhcp(addr, DHCP_START, NULL);
3109 	/*
3110 	 * We do not undo the create-addr operation for IPADM_DHCP_IPC_TIMEOUT
3111 	 * since it is only a soft error to indicate the caller that the lease
3112 	 * might be required after the function returns.
3113 	 */
3114 	if (status != IPADM_SUCCESS && status != IPADM_DHCP_IPC_TIMEOUT)
3115 		goto fail;
3116 	dh_status = status;
3117 
3118 	/* Persist the address object information in ipmgmtd. */
3119 	status = i_ipadm_addr_persist(iph, addr, B_FALSE, flags, NULL);
3120 	if (status != IPADM_SUCCESS)
3121 		goto fail;
3122 
3123 	return (dh_status);
3124 fail:
3125 	/* In case of error, delete the dhcp address */
3126 	(void) i_ipadm_delete_dhcp(iph, addr, B_TRUE);
3127 	return (status);
3128 }
3129 
3130 /*
3131  * Releases/drops the dhcp lease on the logical interface in the address
3132  * object `addr'. If `release' is set to B_FALSE, the lease will be dropped.
3133  */
3134 static ipadm_status_t
3135 i_ipadm_delete_dhcp(ipadm_handle_t iph, ipadm_addrobj_t addr, boolean_t release)
3136 {
3137 	ipadm_status_t	status;
3138 	int		dherr;
3139 
3140 	/* Send DHCP_RELEASE or DHCP_DROP to the dhcpagent */
3141 	if (release) {
3142 		status = i_ipadm_op_dhcp(addr, DHCP_RELEASE, &dherr);
3143 		/*
3144 		 * If no lease was obtained on the object, we should
3145 		 * drop the dhcp control on the interface.
3146 		 */
3147 		if (status != IPADM_SUCCESS && dherr == DHCP_IPC_E_OUTSTATE)
3148 			status = i_ipadm_op_dhcp(addr, DHCP_DROP, NULL);
3149 	} else {
3150 		status = i_ipadm_op_dhcp(addr, DHCP_DROP, NULL);
3151 	}
3152 	if (status != IPADM_SUCCESS)
3153 		return (status);
3154 
3155 	/* Delete the logical interface */
3156 	if (addr->ipadm_lifnum != 0) {
3157 		struct lifreq lifr;
3158 
3159 		bzero(&lifr, sizeof (lifr));
3160 		i_ipadm_addrobj2lifname(addr, lifr.lifr_name,
3161 		    sizeof (lifr.lifr_name));
3162 		if (ioctl(iph->iph_sock, SIOCLIFREMOVEIF, (caddr_t)&lifr) < 0)
3163 			return (ipadm_errno2status(errno));
3164 	}
3165 
3166 	return (IPADM_SUCCESS);
3167 }
3168 
3169 /*
3170  * Communicates with the dhcpagent to send a dhcp message of type `type'.
3171  * It returns the dhcp error in `dhcperror' if a non-null pointer is provided
3172  * in `dhcperror'.
3173  */
3174 static ipadm_status_t
3175 i_ipadm_op_dhcp(ipadm_addrobj_t addr, dhcp_ipc_type_t type, int *dhcperror)
3176 {
3177 	dhcp_ipc_request_t	*request;
3178 	dhcp_ipc_reply_t	*reply	= NULL;
3179 	dhcp_symbol_t		*entry = NULL;
3180 	dhcp_data_type_t	dtype = DHCP_TYPE_NONE;
3181 	void			*d4o = NULL;
3182 	uint16_t		d4olen = 0;
3183 	char			ifname[LIFNAMSIZ];
3184 	int			error;
3185 	int			dhcp_timeout;
3186 
3187 	/* Construct a message to the dhcpagent. */
3188 	bzero(&ifname, sizeof (ifname));
3189 	i_ipadm_addrobj2lifname(addr, ifname, sizeof (ifname));
3190 	if (addr->ipadm_primary)
3191 		type |= DHCP_PRIMARY;
3192 
3193 	/* Set up a CD_HOSTNAME option, if applicable, to send through IPC */
3194 	switch (DHCP_IPC_CMD(type)) {
3195 	case DHCP_START:
3196 	case DHCP_EXTEND:
3197 		if (addr->ipadm_af == AF_INET && addr->ipadm_reqhost != NULL &&
3198 		    *addr->ipadm_reqhost != '\0') {
3199 			entry = inittab_getbycode(ITAB_CAT_STANDARD,
3200 			    ITAB_CONS_INFO, CD_HOSTNAME);
3201 			if (entry == NULL) {
3202 				return (IPADM_FAILURE);
3203 			} else {
3204 				d4o = inittab_encode(entry, addr->ipadm_reqhost,
3205 				    &d4olen, B_FALSE);
3206 				free(entry);
3207 				entry = NULL;
3208 				if (d4o == NULL)
3209 					return (IPADM_FAILURE);
3210 				dtype = DHCP_TYPE_OPTION;
3211 			}
3212 		}
3213 		break;
3214 	default:
3215 		break;
3216 	}
3217 
3218 	request = dhcp_ipc_alloc_request(type, ifname, d4o, d4olen, dtype);
3219 	if (request == NULL) {
3220 		free(d4o);
3221 		return (IPADM_NO_MEMORY);
3222 	}
3223 
3224 	if (addr->ipadm_wait == IPADM_DHCP_WAIT_FOREVER)
3225 		dhcp_timeout = DHCP_IPC_WAIT_FOREVER;
3226 	else if (addr->ipadm_wait == IPADM_DHCP_WAIT_DEFAULT)
3227 		dhcp_timeout = DHCP_IPC_WAIT_DEFAULT;
3228 	else
3229 		dhcp_timeout = addr->ipadm_wait;
3230 	/* Send the message to dhcpagent. */
3231 	error = dhcp_ipc_make_request(request, &reply, dhcp_timeout);
3232 	free(request);
3233 	free(d4o);
3234 	if (error == 0) {
3235 		error = reply->return_code;
3236 		free(reply);
3237 	}
3238 	if (error != 0) {
3239 		if (dhcperror != NULL)
3240 			*dhcperror = error;
3241 		if (error != DHCP_IPC_E_TIMEOUT)
3242 			return (IPADM_DHCP_IPC_ERROR);
3243 		else if (dhcp_timeout != 0)
3244 			return (IPADM_DHCP_IPC_TIMEOUT);
3245 	}
3246 
3247 	return (IPADM_SUCCESS);
3248 }
3249 
3250 /*
3251  * Communicates with the dhcpagent to send a dhcp message of type
3252  * DHCP_STATUS, and copy on success into the `status' instance owned by the
3253  * caller. It returns any dhcp error in `dhcperror' if a non-null pointer
3254  * is provided.
3255  */
3256 static ipadm_status_t
3257 i_ipadm_dhcp_status(ipadm_addrobj_t addr, dhcp_status_t *status,
3258     int *dhcperror)
3259 {
3260 	dhcp_ipc_type_t		type = DHCP_STATUS;
3261 	dhcp_ipc_request_t	*request;
3262 	dhcp_ipc_reply_t	*reply;
3263 	dhcp_status_t		*private_status;
3264 	size_t			reply_size;
3265 	int			error;
3266 
3267 	if (addr->ipadm_af == AF_INET6)
3268 		type |= DHCP_V6;
3269 
3270 	request = dhcp_ipc_alloc_request(type, addr->ipadm_ifname, NULL, 0,
3271 	    DHCP_TYPE_NONE);
3272 	if (request == NULL)
3273 		return (IPADM_NO_MEMORY);
3274 
3275 	error = dhcp_ipc_make_request(request, &reply, DHCP_IPC_WAIT_DEFAULT);
3276 	free(request);
3277 	if (error != 0) {
3278 		if (dhcperror != NULL)
3279 			*dhcperror = error;
3280 		return (error != DHCP_IPC_E_TIMEOUT ? IPADM_DHCP_IPC_ERROR
3281 		    : IPADM_DHCP_IPC_TIMEOUT);
3282 	}
3283 
3284 	error = reply->return_code;
3285 	if (error == DHCP_IPC_E_UNKIF) {
3286 		free(reply);
3287 		bzero(status, sizeof (dhcp_status_t));
3288 		return (IPADM_NOTFOUND);
3289 	}
3290 
3291 	private_status = dhcp_ipc_get_data(reply, &reply_size, NULL);
3292 	if (reply_size < DHCP_STATUS_VER1_SIZE) {
3293 		free(reply);
3294 		return (IPADM_DHCP_IPC_ERROR);
3295 	}
3296 
3297 	/*
3298 	 * Copy the status out of the memory allocated by this function into
3299 	 * memory owned by the caller.
3300 	 */
3301 	*status = *private_status;
3302 	free(reply);
3303 	return (IPADM_SUCCESS);
3304 }
3305 
3306 /*
3307  * Returns the IP addresses of the specified interface in both the
3308  * active and the persistent configuration. If no
3309  * interface is specified, it returns all non-zero IP addresses
3310  * configured on all interfaces in active and persistent
3311  * configurations.
3312  * `addrinfo' will contain addresses that are
3313  * (1) in both active and persistent configuration (created persistently)
3314  * (2) only in active configuration (created temporarily)
3315  * (3) only in persistent configuration (disabled addresses)
3316  *
3317  * Address list that is returned by this function must be freed
3318  * using the ipadm_freeaddr_info() function.
3319  */
3320 ipadm_status_t
3321 ipadm_addr_info(ipadm_handle_t iph, const char *ifname,
3322     ipadm_addr_info_t **addrinfo, uint32_t flags, int64_t lifc_flags)
3323 {
3324 	ifspec_t	ifsp;
3325 
3326 	if (addrinfo == NULL || iph == NULL)
3327 		return (IPADM_INVALID_ARG);
3328 	if (ifname != NULL &&
3329 	    (!ifparse_ifspec(ifname, &ifsp) || ifsp.ifsp_lunvalid)) {
3330 		return (IPADM_INVALID_ARG);
3331 	}
3332 	return (i_ipadm_get_all_addr_info(iph, ifname, addrinfo,
3333 	    flags, lifc_flags));
3334 }
3335 
3336 /*
3337  * Frees the structure allocated by ipadm_addr_info().
3338  */
3339 void
3340 ipadm_free_addr_info(ipadm_addr_info_t *ainfo)
3341 {
3342 	freeifaddrs((struct ifaddrs *)ainfo);
3343 }
3344 
3345 /*
3346  * Makes a door call to ipmgmtd to update its `aobjmap' with the address
3347  * object in `ipaddr'. This door call also can update the persistent DB to
3348  * remember address object to be recreated on next reboot or on an
3349  * ipadm_enable_addr()/ipadm_enable_if() call.
3350  */
3351 ipadm_status_t
3352 i_ipadm_addr_persist(ipadm_handle_t iph, const ipadm_addrobj_t ipaddr,
3353     boolean_t default_prefixlen, uint32_t flags, const char *propname)
3354 {
3355 	char			*aname = ipaddr->ipadm_aobjname;
3356 	nvlist_t		*nvl;
3357 	int			err = 0;
3358 	ipadm_status_t		status;
3359 	uint_t			pflags = 0;
3360 
3361 	/*
3362 	 * Construct the nvl to send to the door.
3363 	 */
3364 	if (nvlist_alloc(&nvl, NV_UNIQUE_NAME, 0) != 0)
3365 		return (IPADM_NO_MEMORY);
3366 	if ((err = nvlist_add_string(nvl, IPADM_NVP_IFNAME,
3367 	    ipaddr->ipadm_ifname)) != 0 ||
3368 	    (err = nvlist_add_string(nvl, IPADM_NVP_AOBJNAME, aname)) != 0 ||
3369 	    (err = nvlist_add_int32(nvl, IPADM_NVP_LIFNUM,
3370 	    ipaddr->ipadm_lifnum)) != 0) {
3371 		status = ipadm_errno2status(err);
3372 		goto ret;
3373 	}
3374 	switch (ipaddr->ipadm_atype) {
3375 	case IPADM_ADDR_STATIC:
3376 		status = i_ipadm_add_ipaddr2nvl(nvl, ipaddr);
3377 		if (status != IPADM_SUCCESS)
3378 			goto ret;
3379 		if (flags & IPADM_OPT_UP)
3380 			err = nvlist_add_string(nvl, "up", "yes");
3381 		else
3382 			err = nvlist_add_string(nvl, "up", "no");
3383 		status = ipadm_errno2status(err);
3384 		break;
3385 	case IPADM_ADDR_DHCP:
3386 		status = i_ipadm_add_dhcp2nvl(nvl, ipaddr->ipadm_primary,
3387 		    ipaddr->ipadm_wait);
3388 		if (status != IPADM_SUCCESS)
3389 			goto ret;
3390 
3391 		/*
3392 		 * For purposes of updating the ipmgmtd cached representation of
3393 		 * reqhost (ipmgmt_am_reqhost), include a value here in `nvl',
3394 		 * but the value is actually fully persisted as a separate
3395 		 * i_ipadm_persist_propval below.
3396 		 */
3397 		err = nvlist_add_string(nvl, IPADM_NVP_REQHOST,
3398 		    ipaddr->ipadm_reqhost);
3399 		status = ipadm_errno2status(err);
3400 		break;
3401 	case IPADM_ADDR_IPV6_ADDRCONF:
3402 		status = i_ipadm_add_intfid2nvl(nvl, ipaddr);
3403 		break;
3404 	}
3405 	if (status != IPADM_SUCCESS)
3406 		goto ret;
3407 
3408 	if (iph->iph_flags & IPH_INIT) {
3409 		/*
3410 		 * IPMGMT_INIT tells the ipmgmtd to set both IPMGMT_ACTIVE and
3411 		 * IPMGMT_PERSIST on the address object in its `aobjmap'.
3412 		 * For the callers ipadm_enable_if() and ipadm_enable_addr(),
3413 		 * IPADM_OPT_PERSIST is not set in their flags. They send
3414 		 * IPH_INIT in iph_flags, so that the address object will be
3415 		 * set as both IPMGMT_ACTIVE and IPMGMT_PERSIST.
3416 		 */
3417 		pflags |= IPMGMT_INIT;
3418 	} else {
3419 		if (flags & IPADM_OPT_ACTIVE)
3420 			pflags |= IPMGMT_ACTIVE;
3421 		if (flags & IPADM_OPT_PERSIST)
3422 			pflags |= IPMGMT_PERSIST;
3423 		if (flags & IPADM_OPT_SET_PROPS)
3424 			pflags |= IPMGMT_PROPS_ONLY;
3425 	}
3426 	status = i_ipadm_addr_persist_nvl(iph, nvl, pflags);
3427 
3428 	if (flags & IPADM_OPT_SET_PROPS) {
3429 		/*
3430 		 * Set PERSIST per IPADM_OPT_PROPS_PERSIST, and then un-set the
3431 		 * SET_PROPS bits.
3432 		 */
3433 		flags |= IPADM_OPT_ACTIVE;
3434 		if (flags & IPADM_OPT_PERSIST_PROPS)
3435 			flags |= IPADM_OPT_PERSIST;
3436 		else
3437 			flags &= ~IPADM_OPT_PERSIST;
3438 		flags &= ~(IPADM_OPT_SET_PROPS | IPADM_OPT_PERSIST_PROPS);
3439 	}
3440 
3441 	if (status == IPADM_SUCCESS && (flags & IPADM_OPT_PERSIST)) {
3442 		char		pbuf[MAXPROPVALLEN], *pval = NULL;
3443 		ipadm_prop_desc_t	*pdp = NULL;
3444 
3445 		/*
3446 		 * addprop properties are stored on separate lines in the DB and
3447 		 * not along with the address itself. Call the function that
3448 		 * persists address properties.
3449 		 */
3450 
3451 		switch (ipaddr->ipadm_atype) {
3452 		case IPADM_ADDR_STATIC:
3453 			if (!default_prefixlen && (propname == NULL ||
3454 			    strcmp(propname, IPADM_NVP_PREFIXLEN) == 0)) {
3455 				pdp = i_ipadm_get_addrprop_desc(
3456 				    IPADM_NVP_PREFIXLEN);
3457 				(void) snprintf(pbuf, sizeof (pbuf), "%u",
3458 				    ipaddr->ipadm_static_prefixlen);
3459 				pval = pbuf;
3460 			}
3461 			break;
3462 		case IPADM_ADDR_DHCP:
3463 			if (propname == NULL ||
3464 			    strcmp(propname, IPADM_NVP_REQHOST) == 0) {
3465 				pdp = i_ipadm_get_addrprop_desc(
3466 				    IPADM_NVP_REQHOST);
3467 				pval = ipaddr->ipadm_reqhost;
3468 			}
3469 			break;
3470 		default:
3471 			break;
3472 		}
3473 
3474 		if (pval != NULL) {
3475 			assert(pdp != NULL);
3476 			status = i_ipadm_persist_propval(iph, pdp, pval,
3477 			    ipaddr, flags);
3478 		}
3479 	}
3480 
3481 ret:
3482 	nvlist_free(nvl);
3483 	return (status);
3484 }
3485 
3486 /*
3487  * Makes the door call to ipmgmtd to store the address object in the
3488  * nvlist `nvl'.
3489  */
3490 static ipadm_status_t
3491 i_ipadm_addr_persist_nvl(ipadm_handle_t iph, nvlist_t *nvl, uint32_t flags)
3492 {
3493 	char			*buf = NULL, *nvlbuf = NULL;
3494 	size_t			nvlsize, bufsize;
3495 	ipmgmt_setaddr_arg_t	*sargp;
3496 	int			err;
3497 
3498 	err = nvlist_pack(nvl, &nvlbuf, &nvlsize, NV_ENCODE_NATIVE, 0);
3499 	if (err != 0)
3500 		return (ipadm_errno2status(err));
3501 	bufsize = sizeof (*sargp) + nvlsize;
3502 	buf = calloc(1, bufsize);
3503 	sargp = (void *)buf;
3504 	sargp->ia_cmd = IPMGMT_CMD_SETADDR;
3505 	sargp->ia_flags = flags;
3506 	sargp->ia_nvlsize = nvlsize;
3507 	(void) bcopy(nvlbuf, buf + sizeof (*sargp), nvlsize);
3508 	err = ipadm_door_call(iph, buf, bufsize, NULL, 0, B_FALSE);
3509 	free(buf);
3510 	free(nvlbuf);
3511 	return (ipadm_errno2status(err));
3512 }
3513 
3514 /*
3515  * Makes a door call to ipmgmtd to remove the address object in `ipaddr'
3516  * from its `aobjmap'. This door call also removes the address object and all
3517  * its properties from the persistent DB if IPADM_OPT_PERSIST is set in
3518  * `flags', so that the object will not be recreated on next reboot or on an
3519  * ipadm_enable_addr()/ipadm_enable_if() call.
3520  */
3521 ipadm_status_t
3522 i_ipadm_delete_addrobj(ipadm_handle_t iph, const ipadm_addrobj_t ipaddr,
3523     uint32_t flags)
3524 {
3525 	ipmgmt_addr_arg_t	arg;
3526 	int			err;
3527 
3528 	arg.ia_cmd = IPMGMT_CMD_RESETADDR;
3529 	arg.ia_flags = 0;
3530 	if (flags & IPADM_OPT_ACTIVE)
3531 		arg.ia_flags |= IPMGMT_ACTIVE;
3532 	if (flags & IPADM_OPT_PERSIST)
3533 		arg.ia_flags |= IPMGMT_PERSIST;
3534 	(void) strlcpy(arg.ia_aobjname, ipaddr->ipadm_aobjname,
3535 	    sizeof (arg.ia_aobjname));
3536 	arg.ia_lnum = ipaddr->ipadm_lifnum;
3537 	err = ipadm_door_call(iph, &arg, sizeof (arg), NULL, 0, B_FALSE);
3538 	return (ipadm_errno2status(err));
3539 }
3540 
3541 /*
3542  * Checks if the caller is authorized for the up/down operation.
3543  * Retrieves the address object corresponding to `aobjname' from ipmgmtd
3544  * and retrieves the address flags for that object from kernel.
3545  * The arguments `ipaddr' and `ifflags' must be allocated by the caller.
3546  */
3547 static ipadm_status_t
3548 i_ipadm_updown_common(ipadm_handle_t iph, const char *aobjname,
3549     ipadm_addrobj_t ipaddr, uint32_t ipadm_flags, uint64_t *ifflags)
3550 {
3551 	ipadm_status_t	status;
3552 	char		lifname[LIFNAMSIZ];
3553 
3554 	/* check for solaris.network.interface.config authorization */
3555 	if (!ipadm_check_auth())
3556 		return (IPADM_EAUTH);
3557 
3558 	/* validate input */
3559 	if (aobjname == NULL || strlcpy(ipaddr->ipadm_aobjname, aobjname,
3560 	    IPADM_AOBJSIZ) >= IPADM_AOBJSIZ) {
3561 		return (IPADM_INVALID_ARG);
3562 	}
3563 
3564 	/* Retrieve the address object information. */
3565 	status = i_ipadm_get_addrobj(iph, ipaddr);
3566 	if (status != IPADM_SUCCESS)
3567 		return (status);
3568 
3569 	if (!(ipaddr->ipadm_flags & IPMGMT_ACTIVE))
3570 		return (IPADM_OP_DISABLE_OBJ);
3571 	if ((ipadm_flags & IPADM_OPT_PERSIST) &&
3572 	    !(ipaddr->ipadm_flags & IPMGMT_PERSIST))
3573 		return (IPADM_TEMPORARY_OBJ);
3574 	if (ipaddr->ipadm_atype == IPADM_ADDR_IPV6_ADDRCONF ||
3575 	    (ipaddr->ipadm_atype == IPADM_ADDR_DHCP &&
3576 	    (ipadm_flags & IPADM_OPT_PERSIST)))
3577 		return (IPADM_NOTSUP);
3578 
3579 	i_ipadm_addrobj2lifname(ipaddr, lifname, sizeof (lifname));
3580 	return (i_ipadm_get_flags(iph, lifname, ipaddr->ipadm_af, ifflags));
3581 }
3582 
3583 /*
3584  * Marks the address in the address object `aobjname' up. This operation is
3585  * not supported for an address object of type IPADM_ADDR_IPV6_ADDRCONF.
3586  * For an address object of type IPADM_ADDR_DHCP, this operation can
3587  * only be temporary and no updates will be made to the persistent DB.
3588  */
3589 ipadm_status_t
3590 ipadm_up_addr(ipadm_handle_t iph, const char *aobjname, uint32_t ipadm_flags)
3591 {
3592 	struct ipadm_addrobj_s ipaddr;
3593 	ipadm_status_t	status;
3594 	uint64_t	flags;
3595 	char		lifname[LIFNAMSIZ];
3596 
3597 	status = i_ipadm_updown_common(iph, aobjname, &ipaddr, ipadm_flags,
3598 	    &flags);
3599 	if (status != IPADM_SUCCESS)
3600 		return (status);
3601 	if (flags & IFF_UP)
3602 		goto persist;
3603 	/*
3604 	 * If the address is already a duplicate, then refresh-addr
3605 	 * should be used to mark it up.
3606 	 */
3607 	if (flags & IFF_DUPLICATE)
3608 		return (IPADM_DAD_FOUND);
3609 
3610 	i_ipadm_addrobj2lifname(&ipaddr, lifname, sizeof (lifname));
3611 	status = i_ipadm_set_flags(iph, lifname, ipaddr.ipadm_af, IFF_UP, 0);
3612 	if (status != IPADM_SUCCESS)
3613 		return (status);
3614 
3615 persist:
3616 	/* Update persistent DB. */
3617 	if (ipadm_flags & IPADM_OPT_PERSIST) {
3618 		status = i_ipadm_persist_propval(iph, &up_addrprop,
3619 		    "yes", &ipaddr, 0);
3620 	}
3621 
3622 	return (status);
3623 }
3624 
3625 /*
3626  * Marks the address in the address object `aobjname' down. This operation is
3627  * not supported for an address object of type IPADM_ADDR_IPV6_ADDRCONF.
3628  * For an address object of type IPADM_ADDR_DHCP, this operation can
3629  * only be temporary and no updates will be made to the persistent DB.
3630  */
3631 ipadm_status_t
3632 ipadm_down_addr(ipadm_handle_t iph, const char *aobjname, uint32_t ipadm_flags)
3633 {
3634 	struct ipadm_addrobj_s ipaddr;
3635 	ipadm_status_t	status;
3636 	struct lifreq	lifr;
3637 	uint64_t	flags;
3638 
3639 	status = i_ipadm_updown_common(iph, aobjname, &ipaddr, ipadm_flags,
3640 	    &flags);
3641 	if (status != IPADM_SUCCESS)
3642 		return (status);
3643 	i_ipadm_addrobj2lifname(&ipaddr, lifr.lifr_name,
3644 	    sizeof (lifr.lifr_name));
3645 	if (flags & IFF_UP) {
3646 		status = i_ipadm_set_flags(iph, lifr.lifr_name,
3647 		    ipaddr.ipadm_af, 0, IFF_UP);
3648 		if (status != IPADM_SUCCESS)
3649 			return (status);
3650 	} else if (flags & IFF_DUPLICATE) {
3651 		/*
3652 		 * Clear the IFF_DUPLICATE flag.
3653 		 */
3654 		if (ioctl(iph->iph_sock, SIOCGLIFADDR, &lifr) < 0)
3655 			return (ipadm_errno2status(errno));
3656 		if (ioctl(iph->iph_sock, SIOCSLIFADDR, &lifr) < 0)
3657 			return (ipadm_errno2status(errno));
3658 	}
3659 
3660 	/* Update persistent DB */
3661 	if (ipadm_flags & IPADM_OPT_PERSIST) {
3662 		status = i_ipadm_persist_propval(iph, &up_addrprop,
3663 		    "no", &ipaddr, 0);
3664 	}
3665 
3666 	return (status);
3667 }
3668 
3669 /*
3670  * Refreshes the address in the address object `aobjname'. If the address object
3671  * is of type IPADM_ADDR_STATIC, DAD is re-initiated on the address. If
3672  * `ipadm_flags' has IPADM_OPT_INFORM set, a DHCP_INFORM message is sent to the
3673  * dhcpagent for this static address. If the address object is of type
3674  * IPADM_ADDR_DHCP, a DHCP_EXTEND message is sent to the dhcpagent.
3675  * If a dhcp address has not yet been acquired, a DHCP_START is sent to the
3676  * dhcpagent. This operation is not supported for an address object of
3677  * type IPADM_ADDR_IPV6_ADDRCONF.
3678  */
3679 ipadm_status_t
3680 ipadm_refresh_addr(ipadm_handle_t iph, const char *aobjname,
3681     uint32_t ipadm_flags)
3682 {
3683 	ipadm_status_t		status = IPADM_SUCCESS;
3684 	uint64_t		flags;
3685 	struct ipadm_addrobj_s	ipaddr;
3686 	sa_family_t		af;
3687 	char			lifname[LIFNAMSIZ];
3688 	boolean_t		inform =
3689 	    ((ipadm_flags & IPADM_OPT_INFORM) != 0);
3690 
3691 	/* check for solaris.network.interface.config authorization */
3692 	if (!ipadm_check_auth())
3693 		return (IPADM_EAUTH);
3694 
3695 	bzero(&ipaddr, sizeof (ipaddr));
3696 	/* validate input */
3697 	if (aobjname == NULL || strlcpy(ipaddr.ipadm_aobjname, aobjname,
3698 	    IPADM_AOBJSIZ) >= IPADM_AOBJSIZ) {
3699 		return (IPADM_INVALID_ARG);
3700 	}
3701 
3702 	/* Retrieve the address object information. */
3703 	status = i_ipadm_get_addrobj(iph, &ipaddr);
3704 	if (status != IPADM_SUCCESS)
3705 		return (status);
3706 
3707 	if (!(ipaddr.ipadm_flags & IPMGMT_ACTIVE))
3708 		return (IPADM_OP_DISABLE_OBJ);
3709 
3710 	if (i_ipadm_is_vni(ipaddr.ipadm_ifname))
3711 		return (IPADM_NOTSUP);
3712 	if (inform && ipaddr.ipadm_atype != IPADM_ADDR_STATIC)
3713 		return (IPADM_INVALID_ARG);
3714 	af = ipaddr.ipadm_af;
3715 	if (ipaddr.ipadm_atype == IPADM_ADDR_STATIC) {
3716 		i_ipadm_addrobj2lifname(&ipaddr, lifname, sizeof (lifname));
3717 		status = i_ipadm_get_flags(iph, lifname, af, &flags);
3718 		if (status != IPADM_SUCCESS)
3719 			return (status);
3720 		if (inform) {
3721 			if (dhcp_start_agent(DHCP_IPC_MAX_WAIT) == -1)
3722 				return (IPADM_DHCP_START_ERROR);
3723 
3724 			ipaddr.ipadm_wait = IPADM_DHCP_WAIT_DEFAULT;
3725 			return (i_ipadm_op_dhcp(&ipaddr, DHCP_INFORM, NULL));
3726 		}
3727 		if (!(flags & IFF_DUPLICATE))
3728 			return (IPADM_SUCCESS);
3729 		status = i_ipadm_set_flags(iph, lifname, af, IFF_UP, 0);
3730 	} else if (ipaddr.ipadm_atype == IPADM_ADDR_DHCP) {
3731 		status = i_ipadm_refresh_dhcp(&ipaddr);
3732 	} else {
3733 		status = IPADM_NOTSUP;
3734 	}
3735 	return (status);
3736 }
3737 
3738 /*
3739  * This is called from ipadm_refresh_addr() and i_ipadm_set_reqhost() to
3740  * send a DHCP_EXTEND message and possibly a DHCP_START message
3741  * to the dhcpagent.
3742  */
3743 static ipadm_status_t
3744 i_ipadm_refresh_dhcp(ipadm_addrobj_t ipaddr)
3745 {
3746 	ipadm_status_t		status;
3747 	int			dherr;
3748 
3749 	status = i_ipadm_op_dhcp(ipaddr, DHCP_EXTEND, &dherr);
3750 	/*
3751 	 * Restart the dhcp address negotiation with server if no
3752 	 * address has been acquired yet.
3753 	 */
3754 	if (status != IPADM_SUCCESS && dherr == DHCP_IPC_E_OUTSTATE) {
3755 		ipaddr->ipadm_wait = IPADM_DHCP_WAIT_DEFAULT;
3756 		status = i_ipadm_op_dhcp(ipaddr, DHCP_START, NULL);
3757 	}
3758 
3759 	return (status);
3760 }
3761 
3762 /*
3763  * This is called from ipadm_create_addr() to validate the address parameters.
3764  * It does the following steps:
3765  * 1. Validates the interface name.
3766  * 2. Verifies that the interface is not an IPMP meta-interface or an
3767  *	underlying interface.
3768  * 3. In case of a persistent operation, verifies that the interface
3769  *	is persistent. Returns error if interface is not enabled but
3770  *	is in persistent config.
3771  * 4. Verifies that the destination address is not set or the address type is
3772  *	not DHCP or ADDRCONF when the interface is a loopback interface.
3773  * 5. Verifies that the address type is not DHCP or ADDRCONF when the interface
3774  *	has IFF_VRRP interface flag set.
3775  */
3776 static ipadm_status_t
3777 i_ipadm_validate_create_addr(ipadm_handle_t iph, ipadm_addrobj_t ipaddr,
3778     uint32_t flags)
3779 {
3780 	sa_family_t		af;
3781 	sa_family_t		other_af;
3782 	char			*ifname;
3783 	ipadm_status_t		status;
3784 	boolean_t		legacy = (iph->iph_flags & IPH_LEGACY);
3785 	boolean_t		islo, isvni;
3786 	uint64_t		ifflags = 0;
3787 	boolean_t		p_exists;
3788 	boolean_t		af_exists, other_af_exists, a_exists;
3789 
3790 	if (ipaddr == NULL || flags == 0 || flags == IPADM_OPT_PERSIST ||
3791 	    (flags & ~(IPADM_COMMON_OPT_MASK|IPADM_OPT_UP|IPADM_OPT_V46))) {
3792 		return (IPADM_INVALID_ARG);
3793 	}
3794 
3795 	if (ipaddr->ipadm_af == AF_UNSPEC)
3796 		return (IPADM_BAD_ADDR);
3797 
3798 	if (!legacy && ipaddr->ipadm_lifnum != 0)
3799 		return (IPADM_INVALID_ARG);
3800 
3801 	if (legacy && ipaddr->ipadm_atype != IPADM_ADDR_STATIC)
3802 		return (IPADM_NOTSUP);
3803 
3804 	ifname = ipaddr->ipadm_ifname;
3805 
3806 	if (i_ipadm_is_ipmp(iph, ifname) || i_ipadm_is_under_ipmp(iph, ifname))
3807 		return (IPADM_NOTSUP);
3808 
3809 	af = ipaddr->ipadm_af;
3810 	af_exists = ipadm_if_enabled(iph, ifname, af);
3811 	/*
3812 	 * For legacy case, interfaces are not implicitly plumbed. We need to
3813 	 * check if the interface exists in the active configuration.
3814 	 */
3815 	if (legacy && !af_exists)
3816 		return (IPADM_ENXIO);
3817 
3818 	other_af = (af == AF_INET ? AF_INET6 : AF_INET);
3819 	other_af_exists = ipadm_if_enabled(iph, ifname, other_af);
3820 	/*
3821 	 * Check if one of the v4 or the v6 interfaces exists in the
3822 	 * active configuration. An interface is considered disabled only
3823 	 * if both v4 and v6 are not active.
3824 	 */
3825 	a_exists = (af_exists || other_af_exists);
3826 
3827 	/* Check if interface exists in the persistent configuration. */
3828 	status = i_ipadm_if_pexists(iph, ifname, af, &p_exists);
3829 	if (status != IPADM_SUCCESS)
3830 		return (status);
3831 	if (!a_exists && p_exists)
3832 		return (IPADM_OP_DISABLE_OBJ);
3833 	if ((flags & IPADM_OPT_PERSIST) && a_exists && !p_exists) {
3834 		/*
3835 		 * If address has to be created persistently,
3836 		 * and the interface does not exist in the persistent
3837 		 * store but in active config, fail.
3838 		 */
3839 		return (IPADM_TEMPORARY_OBJ);
3840 	}
3841 	if (af_exists) {
3842 		status = i_ipadm_get_flags(iph, ifname, af, &ifflags);
3843 		if (status != IPADM_SUCCESS)
3844 			return (status);
3845 	}
3846 
3847 	/* Perform validation steps (4) and (5) */
3848 	islo = i_ipadm_is_loopback(ifname);
3849 	isvni = i_ipadm_is_vni(ifname);
3850 	switch (ipaddr->ipadm_atype) {
3851 	case IPADM_ADDR_STATIC:
3852 		if ((islo || isvni) && ipaddr->ipadm_static_dname[0] != '\0')
3853 			return (IPADM_INVALID_ARG);
3854 		/* Check for a valid src address */
3855 		if (!legacy && sockaddrunspec(
3856 		    (struct sockaddr *)&ipaddr->ipadm_static_addr))
3857 			return (IPADM_BAD_ADDR);
3858 		break;
3859 	case IPADM_ADDR_DHCP:
3860 		if (islo || (ifflags & IFF_VRRP))
3861 			return (IPADM_NOTSUP);
3862 		break;
3863 	case IPADM_ADDR_IPV6_ADDRCONF:
3864 		if (islo || (ifflags & IFF_VRRP) ||
3865 		    i_ipadm_is_6to4(iph, ifname)) {
3866 			return (IPADM_NOTSUP);
3867 		}
3868 		break;
3869 	default:
3870 		return (IPADM_INVALID_ARG);
3871 	}
3872 
3873 	return (IPADM_SUCCESS);
3874 }
3875 
3876 ipadm_status_t
3877 i_ipadm_merge_addrprops_from_nvl(nvlist_t *invl, nvlist_t *onvl,
3878     const char *aobjname)
3879 {
3880 	const char * const	ADDRPROPS[] =
3881 	    { IPADM_NVP_PREFIXLEN, IPADM_NVP_REQHOST };
3882 	const size_t		ADDRPROPSLEN =
3883 	    sizeof (ADDRPROPS) / sizeof (*ADDRPROPS);
3884 	nvpair_t	*nvp, *propnvp;
3885 	nvlist_t	*tnvl;
3886 	char		*aname;
3887 	const char	*propname;
3888 	size_t		i;
3889 	int		err;
3890 
3891 	for (i = 0; i < ADDRPROPSLEN; ++i) {
3892 		propname = ADDRPROPS[i];
3893 
3894 		for (nvp = nvlist_next_nvpair(invl, NULL); nvp != NULL;
3895 		    nvp = nvlist_next_nvpair(invl, nvp)) {
3896 			if (nvpair_value_nvlist(nvp, &tnvl) == 0 &&
3897 			    nvlist_exists(tnvl, propname) &&
3898 			    nvlist_lookup_string(tnvl, IPADM_NVP_AOBJNAME,
3899 			    &aname) == 0 && strcmp(aname, aobjname) == 0) {
3900 
3901 				/*
3902 				 * property named `propname' exists for given
3903 				 * aobj
3904 				 */
3905 				(void) nvlist_lookup_nvpair(tnvl, propname,
3906 				    &propnvp);
3907 				err = nvlist_add_nvpair(onvl, propnvp);
3908 				if (err == 0) {
3909 					err = nvlist_remove(invl,
3910 					    nvpair_name(nvp), nvpair_type(nvp));
3911 				}
3912 				if (err != 0)
3913 					return (ipadm_errno2status(err));
3914 				break;
3915 			}
3916 		}
3917 	}
3918 	return (IPADM_SUCCESS);
3919 }
3920 
3921 /*
3922  * Re-enables the address object `aobjname' based on the saved
3923  * configuration for `aobjname'.
3924  */
3925 ipadm_status_t
3926 ipadm_enable_addr(ipadm_handle_t iph, const char *aobjname, uint32_t flags)
3927 {
3928 	nvlist_t	*addrnvl, *nvl;
3929 	nvpair_t	*nvp;
3930 	ipadm_status_t	status;
3931 	struct ipadm_addrobj_s ipaddr;
3932 
3933 	/* check for solaris.network.interface.config authorization */
3934 	if (!ipadm_check_auth())
3935 		return (IPADM_EAUTH);
3936 
3937 	/* validate input */
3938 	if (flags & IPADM_OPT_PERSIST)
3939 		return (IPADM_NOTSUP);
3940 	if (aobjname == NULL || strlcpy(ipaddr.ipadm_aobjname, aobjname,
3941 	    IPADM_AOBJSIZ) >= IPADM_AOBJSIZ) {
3942 		return (IPADM_INVALID_ARG);
3943 	}
3944 
3945 	/* Retrieve the address object information. */
3946 	status = i_ipadm_get_addrobj(iph, &ipaddr);
3947 	if (status != IPADM_SUCCESS)
3948 		return (status);
3949 	if (ipaddr.ipadm_flags & IPMGMT_ACTIVE)
3950 		return (IPADM_ADDROBJ_EXISTS);
3951 
3952 	status = i_ipadm_get_db_addr(iph, NULL, aobjname, &addrnvl);
3953 	if (status != IPADM_SUCCESS)
3954 		return (status);
3955 
3956 	assert(addrnvl != NULL);
3957 
3958 	for (nvp = nvlist_next_nvpair(addrnvl, NULL); nvp != NULL;
3959 	    nvp = nvlist_next_nvpair(addrnvl, nvp)) {
3960 		if (nvpair_value_nvlist(nvp, &nvl) != 0)
3961 			continue;
3962 
3963 		if (nvlist_exists(nvl, IPADM_NVP_IPV4ADDR) ||
3964 		    nvlist_exists(nvl, IPADM_NVP_IPV6ADDR) ||
3965 		    nvlist_exists(nvl, IPADM_NVP_DHCP)) {
3966 			status = i_ipadm_merge_addrprops_from_nvl(addrnvl, nvl,
3967 			    aobjname);
3968 			if (status != IPADM_SUCCESS)
3969 				continue;
3970 		}
3971 		iph->iph_flags |= IPH_INIT;
3972 		status = i_ipadm_init_addrobj(iph, nvl);
3973 		iph->iph_flags &= ~IPH_INIT;
3974 		if (status != IPADM_SUCCESS)
3975 			break;
3976 	}
3977 
3978 	nvlist_free(addrnvl);
3979 	return (status);
3980 }
3981 
3982 /*
3983  * Disables the address object in `aobjname' from the active configuration.
3984  * Error code return values follow the model in ipadm_delete_addr().
3985  */
3986 ipadm_status_t
3987 ipadm_disable_addr(ipadm_handle_t iph, const char *aobjname, uint32_t flags)
3988 {
3989 	/* validate input */
3990 	if (flags & IPADM_OPT_PERSIST)
3991 		return (IPADM_NOTSUP);
3992 
3993 	return (ipadm_delete_addr(iph, aobjname, IPADM_OPT_ACTIVE));
3994 }
3995