xref: /titanic_41/usr/src/cmd/cmd-inet/sbin/dhcpagent/interface.c (revision 6a42cb7b9d730ae02bbdb8898dc074179f96e178)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include <sys/types.h>
29 #include <sys/socket.h>
30 #include <net/if.h>
31 #include <stdlib.h>
32 #include <sys/sockio.h>
33 #include <netinet/in.h>
34 #include <netinet/dhcp.h>
35 #include <string.h>
36 #include <unistd.h>
37 #include <search.h>
38 #include <libdevinfo.h>
39 #include <libdlpi.h>
40 #include <netinet/if_ether.h>
41 #include <arpa/inet.h>
42 #include <dhcpmsg.h>
43 #include <dhcp_inittab.h>
44 #include <stropts.h>
45 
46 #include "agent.h"
47 #include "interface.h"
48 #include "util.h"
49 #include "dlpi_io.h"
50 #include "packet.h"
51 #include "states.h"
52 
53 dhcp_pif_t *v4root;
54 dhcp_pif_t *v6root;
55 
56 static uint_t cached_v4_max_mtu, cached_v6_max_mtu;
57 
58 /*
59  * Interface flags to watch: things that should be under our direct control.
60  */
61 #define	DHCP_IFF_WATCH	(IFF_DHCPRUNNING | IFF_DEPRECATED | \
62 	IFF_ADDRCONF | IFF_MIPRUNNING | IFF_TEMPORARY)
63 
64 static void clear_lif_dhcp(dhcp_lif_t *);
65 
66 /*
67  * insert_pif(): creates a new physical interface structure and chains it on
68  *		 the list.  Initializes state that remains consistent across
69  *		 all use of the physical interface entry.
70  *
71  *   input: const char *: the name of the physical interface
72  *	    boolean_t: if B_TRUE, this is DHCPv6
73  *	    int *: ignored on input; if insert_pif fails, set to a DHCP_IPC_E_*
74  *		   error code with the reason why
75  *  output: dhcp_pif_t *: a pointer to the new entry, or NULL on failure
76  */
77 
78 dhcp_pif_t *
79 insert_pif(const char *pname, boolean_t isv6, int *error)
80 {
81 	dhcp_pif_t *pif;
82 	struct lifreq lifr;
83 
84 	if ((pif = calloc(1, sizeof (*pif))) == NULL) {
85 		dhcpmsg(MSG_ERR, "insert_pif: cannot allocate pif entry for "
86 		    "%s", pname);
87 		*error = DHCP_IPC_E_MEMORY;
88 		return (NULL);
89 	}
90 
91 	pif->pif_isv6 = isv6;
92 	pif->pif_dlpi_hd = NULL;
93 	pif->pif_dlpi_id = -1;
94 	pif->pif_hold_count = 1;
95 	pif->pif_running = B_TRUE;
96 
97 	if (strlcpy(pif->pif_name, pname, LIFNAMSIZ) >= LIFNAMSIZ) {
98 		dhcpmsg(MSG_ERROR, "insert_pif: interface name %s is too long",
99 		    pname);
100 		*error = DHCP_IPC_E_INVIF;
101 		goto failure;
102 	}
103 
104 	/* We do not use DLPI with DHCPv6 */
105 	if (!isv6) {
106 		int			rc;
107 		dlpi_handle_t		dh;
108 		dlpi_info_t		dlinfo;
109 
110 		/*
111 		 * Do the allocations necessary for IPv4 DHCP.
112 		 *
113 		 *  1. open the interface using DLPI
114 		 *  2. get the interface max SDU
115 		 *  3. get the interface hardware type and hardware length
116 		 *  4. get the interface hardware address
117 		 *  5. get the interface hardware broadcast address
118 		 */
119 
120 		/* step 1 */
121 		if ((rc = dlpi_open(pname, &dh, 0)) != DLPI_SUCCESS) {
122 			dhcpmsg(MSG_ERROR, "insert_pif: dlpi_open: %s",
123 			    dlpi_strerror(rc));
124 			*error = DHCP_IPC_E_INVIF;
125 			goto failure;
126 		}
127 		pif->pif_dlpi_hd = dh;
128 
129 		if ((rc = dlpi_bind(dh, ETHERTYPE_IP, NULL)) != DLPI_SUCCESS) {
130 			dhcpmsg(MSG_ERROR, "insert_pif: dlpi_bind: %s",
131 			    dlpi_strerror(rc));
132 			*error = DHCP_IPC_E_INVIF;
133 			goto failure;
134 		}
135 
136 		/* step 2 */
137 		rc = dlpi_info(pif->pif_dlpi_hd, &dlinfo, 0);
138 		if (rc != DLPI_SUCCESS) {
139 			dhcpmsg(MSG_ERROR, "insert_pif: dlpi_info: %s",
140 			    dlpi_strerror(rc));
141 			*error = DHCP_IPC_E_INVIF;
142 			goto failure;
143 		}
144 
145 		pif->pif_max = dlinfo.di_max_sdu;
146 		if (pif->pif_max < DHCP_DEF_MAX_SIZE) {
147 			dhcpmsg(MSG_ERROR, "insert_pif: %s does not have a "
148 			    "large enough maximum SDU to support DHCP "
149 			    "(%u < %u)", pname, pif->pif_max,
150 			    DHCP_DEF_MAX_SIZE);
151 			*error = DHCP_IPC_E_INVIF;
152 			goto failure;
153 		}
154 
155 		/* step 3 */
156 		pif->pif_hwtype = dlpi_arptype(dlinfo.di_mactype);
157 		pif->pif_hwlen  = dlinfo.di_physaddrlen;
158 
159 		dhcpmsg(MSG_DEBUG, "insert_pif: %s: sdumax %u, hwtype %d, "
160 		    "hwlen %d", pname, pif->pif_max, pif->pif_hwtype,
161 		    pif->pif_hwlen);
162 
163 		/* step 4 */
164 		if (pif->pif_hwlen > 0) {
165 			pif->pif_hwaddr = malloc(pif->pif_hwlen);
166 			if (pif->pif_hwaddr == NULL) {
167 				dhcpmsg(MSG_ERR, "insert_pif: cannot allocate "
168 				    "pif_hwaddr for %s", pname);
169 				*error = DHCP_IPC_E_MEMORY;
170 				goto failure;
171 			}
172 		}
173 
174 		(void) memcpy(pif->pif_hwaddr, dlinfo.di_physaddr,
175 		    pif->pif_hwlen);
176 
177 		/*
178 		 * step 5
179 		 * Some media types has no broadcast address.
180 		 */
181 		if ((pif->pif_dlen = dlinfo.di_bcastaddrlen) != 0) {
182 			pif->pif_daddr = malloc(pif->pif_dlen);
183 			if (pif->pif_daddr == NULL) {
184 				dhcpmsg(MSG_ERR, "insert_pif: cannot allocate "
185 				    "pif_daddr for %s", pname);
186 				*error = DHCP_IPC_E_MEMORY;
187 				goto failure;
188 			}
189 		}
190 		(void) memcpy(pif->pif_daddr, dlinfo.di_bcastaddr,
191 		    pif->pif_dlen);
192 
193 		/* Close the DLPI stream until actually needed */
194 		close_dlpi_pif(pif);
195 	}
196 
197 	/*
198 	 * This is a bit gross, but IP has a confused interface.  We must
199 	 * assume that the zeroth LIF is plumbed, and must query there to get
200 	 * the interface index number.
201 	 */
202 	(void) strlcpy(lifr.lifr_name, pname, LIFNAMSIZ);
203 
204 	if (ioctl(isv6 ? v6_sock_fd : v4_sock_fd, SIOCGLIFINDEX, &lifr) == -1) {
205 		if (errno == ENXIO)
206 			*error = DHCP_IPC_E_INVIF;
207 		else
208 			*error = DHCP_IPC_E_INT;
209 		dhcpmsg(MSG_ERR, "insert_pif: SIOCGLIFINDEX for %s", pname);
210 		goto failure;
211 	}
212 	pif->pif_index = lifr.lifr_index;
213 
214 	insque(pif, isv6 ? &v6root : &v4root);
215 
216 	return (pif);
217 
218 failure:
219 	release_pif(pif);
220 	return (NULL);
221 }
222 
223 /*
224  * hold_pif(): acquire a hold on a physical interface structure.
225  *
226  *   input: dhcp_pif_t *: a pointer to the PIF structure
227  *  output: none
228  */
229 
230 void
231 hold_pif(dhcp_pif_t *pif)
232 {
233 	pif->pif_hold_count++;
234 	dhcpmsg(MSG_DEBUG2, "hold_pif: hold count on %s: %u", pif->pif_name,
235 	    pif->pif_hold_count);
236 }
237 
238 /*
239  * release_pif(): release a hold on a physical interface structure; will
240  *		  destroy the structure on the last hold removed.
241  *
242  *   input: dhcp_pif_t *: a pointer to the PIF structure
243  *  output: none
244  */
245 
246 void
247 release_pif(dhcp_pif_t *pif)
248 {
249 	if (pif->pif_hold_count == 0) {
250 		dhcpmsg(MSG_CRIT, "release_pif: extraneous release");
251 		return;
252 	}
253 
254 	if (--pif->pif_hold_count == 0) {
255 		dhcpmsg(MSG_DEBUG, "release_pif: freeing PIF %s",
256 		    pif->pif_name);
257 
258 		remque(pif);
259 		pif->pif_dlpi_count = 1;
260 		close_dlpi_pif(pif);
261 		free(pif->pif_hwaddr);
262 		free(pif->pif_daddr);
263 		free(pif);
264 	} else {
265 		dhcpmsg(MSG_DEBUG2, "release_pif: hold count on %s: %u",
266 		    pif->pif_name, pif->pif_hold_count);
267 	}
268 }
269 
270 /*
271  * lookup_pif_by_index(): Looks up PIF entries given regular ifIndex.
272  *
273  *   input: uint_t: the interface index
274  *	    boolean_t: B_TRUE if using DHCPv6, B_FALSE otherwise
275  *  output: dhcp_pif_t *: the matching PIF, or NULL if not found
276  */
277 
278 dhcp_pif_t *
279 lookup_pif_by_index(uint_t ifindex, boolean_t isv6)
280 {
281 	dhcp_pif_t *pif;
282 
283 	for (pif = isv6 ? v6root : v4root; pif != NULL; pif = pif->pif_next) {
284 		if (pif->pif_index == ifindex)
285 			break;
286 	}
287 
288 	return (pif);
289 }
290 
291 /*
292  * lookup_pif_by_uindex(): Looks up PIF entries given truncated index and
293  *			   previous PIF pointer (or NULL for list start).
294  *			   Caller is expected to iterate through all
295  *			   potential matches to find interface of interest.
296  *
297  *   input: uint16_t: the interface index (truncated)
298  *	    dhcp_pif_t *: the previous PIF, or NULL for list start
299  *	    boolean_t: B_TRUE if using DHCPv6, B_FALSE otherwise
300  *  output: dhcp_pif_t *: the next matching PIF, or NULL if not found
301  *    note: This operates using the 'truncated' (16-bit) ifindex as seen by
302  *	    routing socket clients.  The value stored in pif_index is the
303  *	    32-bit ifindex from the ioctl interface.
304  */
305 
306 dhcp_pif_t *
307 lookup_pif_by_uindex(uint16_t ifindex, dhcp_pif_t *pif, boolean_t isv6)
308 {
309 	if (pif == NULL)
310 		pif = isv6 ? v6root : v4root;
311 	else
312 		pif = pif->pif_next;
313 
314 	for (; pif != NULL; pif = pif->pif_next) {
315 		if ((pif->pif_index & 0xffff) == ifindex)
316 			break;
317 	}
318 
319 	return (pif);
320 }
321 
322 /*
323  * lookup_pif_by_name(): Looks up a physical interface entry given a name.
324  *
325  *   input: const char *: the physical interface name
326  *	    boolean_t: B_TRUE if using DHCPv6, B_FALSE otherwise
327  *  output: dhcp_pif_t *: the matching PIF, or NULL if not found
328  */
329 
330 dhcp_pif_t *
331 lookup_pif_by_name(const char *pname, boolean_t isv6)
332 {
333 	dhcp_pif_t *pif;
334 
335 	pif = isv6 ? v6root : v4root;
336 
337 	for (; pif != NULL; pif = pif->pif_next) {
338 		if (strcmp(pif->pif_name, pname) == 0)
339 			break;
340 	}
341 
342 	return (pif);
343 }
344 
345 /*
346  * open_dlpi_pif(): register the use of DLPI I/O by a LIF on a PIF, opening
347  *		    the connection if necessary.
348  *
349  *   input: dhcp_pif_t *: the physical interface on which to use DLPI
350  *  output: boolean_t: B_TRUE on success, B_FALSE on failure.
351  */
352 
353 boolean_t
354 open_dlpi_pif(dhcp_pif_t *pif)
355 {
356 	int		rc;
357 	dlpi_handle_t	dh;
358 
359 	if (pif->pif_dlpi_hd == NULL) {
360 		if ((rc = dlpi_open(pif->pif_name, &dh, 0)) != DLPI_SUCCESS) {
361 			dhcpmsg(MSG_ERROR, "open_dlpi_pif: dlpi_open: %s",
362 			    dlpi_strerror(rc));
363 			return (B_FALSE);
364 		}
365 
366 		if ((rc = dlpi_bind(dh, ETHERTYPE_IP, NULL)) != DLPI_SUCCESS) {
367 			dhcpmsg(MSG_ERROR, "open_dlpi_pif: dlpi_bind: %s",
368 			    dlpi_strerror(rc));
369 			dlpi_close(dh);
370 			return (B_FALSE);
371 		}
372 
373 		if (!(set_packet_filter(dh, dhcp_filter, NULL, "DHCP"))) {
374 			dlpi_close(dh);
375 			return (B_FALSE);
376 		}
377 		pif->pif_dlpi_id = iu_register_event(eh, dlpi_fd(dh), POLLIN,
378 		    dhcp_collect_dlpi, pif);
379 		if (pif->pif_dlpi_id == -1) {
380 			dlpi_close(dh);
381 			return (B_FALSE);
382 		}
383 
384 		pif->pif_dlpi_hd = dh;
385 	}
386 	pif->pif_dlpi_count++;
387 	return (B_TRUE);
388 }
389 
390 /*
391  * close_dlpi_pif(): unregister the use of DLPI I/O by a LIF on a PIF, closing
392  *		     the connection if this was the last user.
393  *
394  *   input: dhcp_pif_t *: the physical interface on which we're using DLPI
395  *  output: none
396  */
397 
398 void
399 close_dlpi_pif(dhcp_pif_t *pif)
400 {
401 	if (pif->pif_dlpi_count > 1) {
402 		pif->pif_dlpi_count--;
403 		return;
404 	}
405 	pif->pif_dlpi_count = 0;
406 	if (pif->pif_dlpi_id != -1) {
407 		(void) iu_unregister_event(eh, pif->pif_dlpi_id, NULL);
408 		pif->pif_dlpi_id = -1;
409 	}
410 	if (pif->pif_dlpi_hd != NULL) {
411 		dlpi_close(pif->pif_dlpi_hd);
412 		pif->pif_dlpi_hd = NULL;
413 	}
414 }
415 
416 /*
417  * pif_status(): update the physical interface up/down status.
418  *
419  *   input: dhcp_pif_t *: the physical interface on which we're using DLPI
420  *	    boolean_t: B_TRUE if the interface is going up
421  *  output: none
422  */
423 
424 void
425 pif_status(dhcp_pif_t *pif, boolean_t isup)
426 {
427 	dhcp_lif_t *lif;
428 	dhcp_smach_t *dsmp;
429 
430 	pif->pif_running = isup;
431 	dhcpmsg(LOG_DEBUG, "interface %s has %s", pif->pif_name,
432 	    isup ? "come back up" : "gone down");
433 	for (lif = pif->pif_lifs; lif != NULL; lif = lif->lif_next) {
434 		for (dsmp = lif->lif_smachs; dsmp != NULL;
435 		    dsmp = dsmp->dsm_next) {
436 			if (isup)
437 				refresh_smach(dsmp);
438 			else
439 				remove_default_routes(dsmp);
440 		}
441 	}
442 }
443 
444 /* Helper for insert_lif: extract addresses as defined */
445 #define	ASSIGN_ADDR(v4, v6, lf) \
446 	if (pif->pif_isv6) { \
447 		lif->v6 = ((struct sockaddr_in6 *)&lifr.lf)->sin6_addr; \
448 	} else { \
449 		lif->v4 = ((struct sockaddr_in *)&lifr.lf)->sin_addr.s_addr; \
450 	}
451 
452 /*
453  * insert_lif(): Creates a new logical interface structure and chains it on
454  *		 the list for a given physical interface.  Initializes state
455  *		 that remains consistent across all use of the logical
456  *		 interface entry.  Caller's PIF hold is transferred to the
457  *		 LIF on success, and is dropped on failure.
458  *
459  *   input: dhcp_pif_t *: pointer to the physical interface for this LIF
460  *	    const char *: the name of the logical interface
461  *	    int *: ignored on input; if insert_pif fails, set to a DHCP_IPC_E_*
462  *		   error code with the reason why
463  *  output: dhcp_lif_t *: a pointer to the new entry, or NULL on failure
464  */
465 
466 dhcp_lif_t *
467 insert_lif(dhcp_pif_t *pif, const char *lname, int *error)
468 {
469 	dhcp_lif_t *lif;
470 	int fd;
471 	struct lifreq lifr;
472 
473 	if ((lif = calloc(1, sizeof (*lif))) == NULL) {
474 		dhcpmsg(MSG_ERR, "insert_lif: cannot allocate lif entry for "
475 		    "%s", lname);
476 		*error = DHCP_IPC_E_MEMORY;
477 		return (NULL);
478 	}
479 
480 	lif->lif_sock_ip_fd = -1;
481 	lif->lif_acknak_id = -1;
482 	lif->lif_iaid_id = -1;
483 	lif->lif_hold_count = 1;
484 	lif->lif_pif = pif;
485 	lif->lif_removed = B_TRUE;
486 	init_timer(&lif->lif_preferred, 0);
487 	init_timer(&lif->lif_expire, 0);
488 
489 	if (strlcpy(lif->lif_name, lname, LIFNAMSIZ) >= LIFNAMSIZ) {
490 		dhcpmsg(MSG_ERROR, "insert_lif: interface name %s is too long",
491 		    lname);
492 		*error = DHCP_IPC_E_INVIF;
493 		goto failure;
494 	}
495 
496 	(void) strlcpy(lifr.lifr_name, lname, LIFNAMSIZ);
497 
498 	fd = pif->pif_isv6 ? v6_sock_fd : v4_sock_fd;
499 
500 	if (ioctl(fd, SIOCGLIFMTU, &lifr) == -1)
501 		lif->lif_max = 1024;
502 	else
503 		lif->lif_max = lifr.lifr_mtu;
504 
505 	if (ioctl(fd, SIOCGLIFADDR, &lifr) == -1) {
506 		if (errno == ENXIO)
507 			*error = DHCP_IPC_E_INVIF;
508 		else
509 			*error = DHCP_IPC_E_INT;
510 		dhcpmsg(MSG_ERR, "insert_lif: SIOCGLIFADDR for %s", lname);
511 		goto failure;
512 	}
513 	ASSIGN_ADDR(lif_addr, lif_v6addr, lifr_addr);
514 
515 	if (ioctl(fd, SIOCGLIFNETMASK, &lifr) == -1) {
516 		if (errno == ENXIO)
517 			*error = DHCP_IPC_E_INVIF;
518 		else
519 			*error = DHCP_IPC_E_INT;
520 		dhcpmsg(MSG_ERR, "insert_lif: SIOCGLIFNETMASK for %s", lname);
521 		goto failure;
522 	}
523 	ASSIGN_ADDR(lif_netmask, lif_v6mask, lifr_addr);
524 
525 	if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) {
526 		*error = DHCP_IPC_E_INT;
527 		dhcpmsg(MSG_ERR, "insert_lif: SIOCGLIFFLAGS for %s", lname);
528 		goto failure;
529 	}
530 	lif->lif_flags = lifr.lifr_flags;
531 
532 	/*
533 	 * If we've just detected the interface going up or down, then signal
534 	 * an appropriate action.  There may be other state machines here.
535 	 */
536 	if ((lifr.lifr_flags & IFF_RUNNING) && !pif->pif_running) {
537 		pif_status(pif, B_TRUE);
538 	} else if (!(lifr.lifr_flags & IFF_RUNNING) && pif->pif_running) {
539 		pif_status(pif, B_FALSE);
540 	}
541 
542 	if (lifr.lifr_flags & IFF_POINTOPOINT) {
543 		if (ioctl(fd, SIOCGLIFDSTADDR, &lifr) == -1) {
544 			*error = DHCP_IPC_E_INT;
545 			dhcpmsg(MSG_ERR, "insert_lif: SIOCGLIFDSTADDR for %s",
546 			    lname);
547 			goto failure;
548 		}
549 		ASSIGN_ADDR(lif_peer, lif_v6peer, lifr_dstaddr);
550 	} else if (!pif->pif_isv6 && (lifr.lifr_flags & IFF_BROADCAST)) {
551 		if (ioctl(fd, SIOCGLIFBRDADDR, &lifr) == -1) {
552 			*error = DHCP_IPC_E_INT;
553 			dhcpmsg(MSG_ERR, "insert_lif: SIOCGLIFBRDADDR for %s",
554 			    lname);
555 			goto failure;
556 		}
557 		lif->lif_broadcast =
558 		    ((struct sockaddr_in *)&lifr.lifr_broadaddr)->sin_addr.
559 		    s_addr;
560 	}
561 
562 	if (pif->pif_isv6)
563 		cached_v6_max_mtu = 0;
564 	else
565 		cached_v4_max_mtu = 0;
566 
567 	lif->lif_removed = B_FALSE;
568 	insque(lif, &pif->pif_lifs);
569 
570 	return (lif);
571 
572 failure:
573 	release_lif(lif);
574 	return (NULL);
575 }
576 
577 /*
578  * hold_lif(): acquire a hold on a logical interface structure.
579  *
580  *   input: dhcp_lif_t *: a pointer to the LIF structure
581  *  output: none
582  */
583 
584 void
585 hold_lif(dhcp_lif_t *lif)
586 {
587 	lif->lif_hold_count++;
588 	dhcpmsg(MSG_DEBUG2, "hold_lif: hold count on %s: %u", lif->lif_name,
589 	    lif->lif_hold_count);
590 }
591 
592 /*
593  * release_lif(): release a hold on a logical interface structure; will
594  *		  destroy the structure on the last hold removed.
595  *
596  *   input: dhcp_lif_t *: a pointer to the LIF structure
597  *  output: none
598  */
599 
600 void
601 release_lif(dhcp_lif_t *lif)
602 {
603 	if (lif->lif_hold_count == 0) {
604 		dhcpmsg(MSG_CRIT, "release_lif: extraneous release on %s",
605 		    lif->lif_name);
606 		return;
607 	}
608 
609 	if (lif->lif_hold_count == 1 && !lif->lif_removed) {
610 		unplumb_lif(lif);
611 		return;
612 	}
613 
614 	if (--lif->lif_hold_count == 0) {
615 		dhcp_pif_t *pif;
616 
617 		dhcpmsg(MSG_DEBUG, "release_lif: freeing LIF %s",
618 		    lif->lif_name);
619 
620 		if (lif->lif_lease != NULL)
621 			dhcpmsg(MSG_CRIT,
622 			    "release_lif: still holding lease at last hold!");
623 		close_ip_lif(lif);
624 		pif = lif->lif_pif;
625 		if (pif->pif_isv6)
626 			cached_v6_max_mtu = 0;
627 		else
628 			cached_v4_max_mtu = 0;
629 		release_pif(pif);
630 		free(lif);
631 	} else {
632 		dhcpmsg(MSG_DEBUG2, "release_lif: hold count on %s: %u",
633 		    lif->lif_name, lif->lif_hold_count);
634 	}
635 }
636 
637 /*
638  * remove_lif(): remove a logical interface from its PIF and lease (if any) and
639  *		 the lease's hold on the LIF.  Assumes that we did not plumb
640  *		 the interface.
641  *
642  *   input: dhcp_lif_t *: a pointer to the LIF structure
643  *  output: none
644  */
645 
646 void
647 remove_lif(dhcp_lif_t *lif)
648 {
649 	if (lif->lif_plumbed) {
650 		dhcpmsg(MSG_CRIT, "remove_lif: attempted invalid removal of %s",
651 		    lif->lif_name);
652 		return;
653 	}
654 	if (lif->lif_removed) {
655 		dhcpmsg(MSG_CRIT, "remove_lif: extraneous removal of %s",
656 		    lif->lif_name);
657 	} else {
658 		dhcp_lif_t *lifnext;
659 		dhcp_lease_t *dlp;
660 
661 		dhcpmsg(MSG_DEBUG2, "remove_lif: removing %s", lif->lif_name);
662 		lif->lif_removed = B_TRUE;
663 		lifnext = lif->lif_next;
664 		clear_lif_dhcp(lif);
665 		cancel_lif_timers(lif);
666 		if (lif->lif_iaid_id != -1 &&
667 		    iu_cancel_timer(tq, lif->lif_iaid_id, NULL) == 1) {
668 			lif->lif_iaid_id = -1;
669 			release_lif(lif);
670 		}
671 
672 		/* Remove from PIF list */
673 		remque(lif);
674 
675 		/* If we were part of a lease, then remove ourselves */
676 		if ((dlp = lif->lif_lease) != NULL) {
677 			if (--dlp->dl_nlifs == 0)
678 				dlp->dl_lifs = NULL;
679 			else if (dlp->dl_lifs == lif)
680 				dlp->dl_lifs = lifnext;
681 			if (lif->lif_flags & IFF_DHCPRUNNING)
682 				clear_lif_dhcp(lif);
683 			if (lif->lif_declined != NULL) {
684 				dlp->dl_smach->dsm_lif_down--;
685 				lif->lif_declined = NULL;
686 			}
687 			lif->lif_lease = NULL;
688 			release_lif(lif);
689 		}
690 	}
691 }
692 
693 /*
694  * lookup_lif_by_name(): Looks up a logical interface entry given a name and
695  *			 a physical interface.
696  *
697  *   input: const char *: the logical interface name
698  *	    const dhcp_pif_t *: the physical interface
699  *  output: dhcp_lif_t *: the matching LIF, or NULL if not found
700  */
701 
702 dhcp_lif_t *
703 lookup_lif_by_name(const char *lname, const dhcp_pif_t *pif)
704 {
705 	dhcp_lif_t *lif;
706 
707 	for (lif = pif->pif_lifs; lif != NULL; lif = lif->lif_next) {
708 		if (strcmp(lif->lif_name, lname) == 0)
709 			break;
710 	}
711 
712 	return (lif);
713 }
714 
715 /*
716  * checkaddr(): checks if the given address is still set on the given LIF
717  *
718  *   input: const dhcp_lif_t *: the LIF to check
719  *	    int: the address to look up on the interface (ioctl)
720  *	    const in6_addr_t *: the address to compare to
721  *	    const char *: name of the address for logging purposes
722  *  output: boolean_t: B_TRUE if the address is still set; B_FALSE if not
723  */
724 
725 static boolean_t
726 checkaddr(const dhcp_lif_t *lif, int ioccmd, const in6_addr_t *addr,
727     const char *aname)
728 {
729 	boolean_t isv6;
730 	int fd;
731 	struct lifreq lifr;
732 
733 	(void) memset(&lifr, 0, sizeof (struct lifreq));
734 	(void) strlcpy(lifr.lifr_name, lif->lif_name, LIFNAMSIZ);
735 
736 	isv6 = lif->lif_pif->pif_isv6;
737 	fd = isv6 ? v6_sock_fd : v4_sock_fd;
738 
739 	if (ioctl(fd, ioccmd, &lifr) == -1) {
740 		if (errno == ENXIO) {
741 			dhcpmsg(MSG_WARNING, "checkaddr: interface %s is gone",
742 			    lif->lif_name);
743 			return (B_FALSE);
744 		}
745 		dhcpmsg(MSG_DEBUG,
746 		    "checkaddr: ignoring ioctl error on %s %x: %s",
747 		    lif->lif_name, ioccmd, strerror(errno));
748 	} else if (isv6) {
749 		struct sockaddr_in6 *sin6 =
750 		    (struct sockaddr_in6 *)&lifr.lifr_addr;
751 		char abuf1[INET6_ADDRSTRLEN];
752 		char abuf2[INET6_ADDRSTRLEN];
753 
754 		if (!IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, addr)) {
755 			dhcpmsg(MSG_WARNING,
756 			    "checkaddr: expected %s %s on %s, have %s",
757 			    aname, inet_ntop(AF_INET6, &sin6->sin6_addr, abuf1,
758 			    sizeof (abuf1)),  lif->lif_name,
759 			    inet_ntop(AF_INET6, addr, abuf2, sizeof (abuf2)));
760 			return (B_FALSE);
761 		}
762 	} else {
763 		struct sockaddr_in *sinp =
764 		    (struct sockaddr_in *)&lifr.lifr_addr;
765 		ipaddr_t v4addr;
766 		char abuf1[INET_ADDRSTRLEN];
767 		char abuf2[INET_ADDRSTRLEN];
768 
769 		IN6_V4MAPPED_TO_IPADDR(addr, v4addr);
770 		if (sinp->sin_addr.s_addr != v4addr) {
771 			dhcpmsg(MSG_WARNING,
772 			    "checkaddr: expected %s %s on %s, have %s",
773 			    aname, inet_ntop(AF_INET, &sinp->sin_addr, abuf1,
774 			    sizeof (abuf1)),  lif->lif_name,
775 			    inet_ntop(AF_INET, &v4addr, abuf2,
776 			    sizeof (abuf2)));
777 			return (B_FALSE);
778 		}
779 	}
780 	return (B_TRUE);
781 }
782 
783 /*
784  * verify_lif(): verifies than a LIF is still valid (i.e., has not been
785  *		 explicitly or implicitly dropped or released)
786  *
787  *   input: const dhcp_lif_t *: the LIF to verify
788  *  output: boolean_t: B_TRUE if the LIF is still valid, B_FALSE otherwise
789  */
790 
791 boolean_t
792 verify_lif(const dhcp_lif_t *lif)
793 {
794 	boolean_t isv6;
795 	int fd;
796 	struct lifreq lifr;
797 
798 	(void) memset(&lifr, 0, sizeof (struct lifreq));
799 	(void) strlcpy(lifr.lifr_name, lif->lif_name, LIFNAMSIZ);
800 
801 	isv6 = lif->lif_pif->pif_isv6;
802 	fd = isv6 ? v6_sock_fd : v4_sock_fd;
803 
804 	if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) {
805 		if (errno != ENXIO) {
806 			dhcpmsg(MSG_ERR,
807 			    "verify_lif: SIOCGLIFFLAGS failed on %s",
808 			    lif->lif_name);
809 		}
810 		return (B_FALSE);
811 	}
812 
813 	/*
814 	 * If important flags have changed, then abandon the interface.
815 	 */
816 	if ((lif->lif_flags ^ lifr.lifr_flags) & DHCP_IFF_WATCH) {
817 		dhcpmsg(MSG_DEBUG, "verify_lif: unexpected flag change on %s: "
818 		    "%llx to %llx (%llx)", lif->lif_name, lif->lif_flags,
819 		    lifr.lifr_flags, (lif->lif_flags ^ lifr.lifr_flags) &
820 		    DHCP_IFF_WATCH);
821 		return (B_FALSE);
822 	}
823 
824 	/*
825 	 * Special case: if the interface has gone down as a duplicate, then
826 	 * this alone does _not_ mean that we're abandoning it just yet.  Allow
827 	 * the state machine to handle this normally by trying to get a new
828 	 * lease.
829 	 */
830 	if ((lifr.lifr_flags & (IFF_UP|IFF_DUPLICATE)) == IFF_DUPLICATE) {
831 		dhcpmsg(MSG_DEBUG, "verify_lif: duplicate address on %s",
832 		    lif->lif_name);
833 		return (B_TRUE);
834 	}
835 
836 	/*
837 	 * If the user has torn down or started up the interface manually, then
838 	 * abandon the lease.
839 	 */
840 	if ((lif->lif_flags ^ lifr.lifr_flags) & IFF_UP) {
841 		dhcpmsg(MSG_DEBUG, "verify_lif: user has %s %s",
842 		    lifr.lifr_flags & IFF_UP ? "started up" : "shut down",
843 		    lif->lif_name);
844 		return (B_FALSE);
845 	}
846 
847 	/*
848 	 * Check for delete and recreate.
849 	 */
850 	if (ioctl(fd, SIOCGLIFINDEX, &lifr) == -1) {
851 		dhcpmsg(MSG_ERR, "verify_lif: SIOCGLIFINDEX failed on %s",
852 		    lif->lif_name);
853 		return (B_FALSE);
854 	}
855 	if (lifr.lifr_index != lif->lif_pif->pif_index) {
856 		dhcpmsg(MSG_DEBUG,
857 		    "verify_lif: ifindex on %s changed: %u to %u",
858 		    lif->lif_name, lif->lif_pif->pif_index, lifr.lifr_index);
859 		return (B_FALSE);
860 	}
861 
862 	/*
863 	 * If the IP address, netmask, or broadcast address have changed, or
864 	 * the interface has been unplumbed, then we act like there has been an
865 	 * implicit drop.  (Note that the netmask is under DHCP control for
866 	 * IPv4, but not for DHCPv6, and that IPv6 doesn't have broadcast
867 	 * addresses.)
868 	 */
869 
870 	if (!checkaddr(lif, SIOCGLIFADDR, &lif->lif_v6addr, "local address"))
871 		return (B_FALSE);
872 
873 	if (isv6) {
874 		/*
875 		 * If it's not point-to-point, we're done.  If it is, then
876 		 * check the peer's address as well.
877 		 */
878 		return (!(lif->lif_flags & IFF_POINTOPOINT) ||
879 		    checkaddr(lif, SIOCGLIFDSTADDR, &lif->lif_v6peer,
880 		    "peer address"));
881 	} else {
882 		if (!checkaddr(lif, SIOCGLIFNETMASK, &lif->lif_v6mask,
883 		    "netmask"))
884 			return (B_FALSE);
885 
886 		return (checkaddr(lif,
887 		    (lif->lif_flags & IFF_POINTOPOINT) ? SIOCGLIFDSTADDR :
888 		    SIOCGLIFBRDADDR, &lif->lif_v6peer, "peer address"));
889 	}
890 }
891 
892 /*
893  * canonize_lif(): puts the interface in a canonical (zeroed) form.  This is
894  *		   used only on the "main" LIF for IPv4.  All other interfaces
895  *		   are under dhcpagent control and are removed using
896  *		   unplumb_lif().
897  *
898  *   input: dhcp_lif_t *: the interface to canonize
899  *  output: none
900  */
901 
902 static void
903 canonize_lif(dhcp_lif_t *lif)
904 {
905 	boolean_t isv6;
906 	int fd;
907 	struct lifreq lifr;
908 
909 	/*
910 	 * If there's nothing here, then don't touch the interface.  This can
911 	 * happen when an already-canonized LIF is recanonized.
912 	 */
913 	if (IN6_IS_ADDR_UNSPECIFIED(&lif->lif_v6addr))
914 		return;
915 
916 	isv6 = lif->lif_pif->pif_isv6;
917 	dhcpmsg(MSG_VERBOSE, "canonizing IPv%d interface %s",
918 	    isv6 ? 6 : 4, lif->lif_name);
919 
920 	lif->lif_v6addr = my_in6addr_any;
921 	lif->lif_v6mask = my_in6addr_any;
922 	lif->lif_v6peer = my_in6addr_any;
923 
924 	(void) memset(&lifr, 0, sizeof (struct lifreq));
925 	(void) strlcpy(lifr.lifr_name, lif->lif_name, LIFNAMSIZ);
926 
927 	fd = isv6 ? v6_sock_fd : v4_sock_fd;
928 
929 	if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) {
930 		if (errno != ENXIO) {
931 			dhcpmsg(MSG_ERR, "canonize_lif: can't get flags for %s",
932 			    lif->lif_name);
933 		}
934 		return;
935 	}
936 
937 	/* Should not happen */
938 	if (!(lifr.lifr_flags & IFF_DHCPRUNNING)) {
939 		dhcpmsg(MSG_INFO,
940 		    "canonize_lif: cannot clear %s; flags are %llx",
941 		    lif->lif_name, lifr.lifr_flags);
942 		return;
943 	}
944 
945 	/*
946 	 * clear the UP flag, but don't clear DHCPRUNNING since
947 	 * that should only be done when the interface is removed
948 	 * (see clear_lif_dhcp() and remove_lif())
949 	 */
950 
951 	lif->lif_flags = lifr.lifr_flags &= ~IFF_UP;
952 
953 	if (ioctl(fd, SIOCSLIFFLAGS, &lifr) == -1) {
954 		dhcpmsg(MSG_ERR, "canonize_lif: can't set flags for %s",
955 		    lif->lif_name);
956 		return;
957 	}
958 
959 	(void) memset(&lifr.lifr_addr, 0, sizeof (lifr.lifr_addr));
960 	if (isv6) {
961 		struct sockaddr_in6 *sin6 =
962 		    (struct sockaddr_in6 *)&lifr.lifr_addr;
963 
964 		sin6->sin6_family = AF_INET6;
965 		sin6->sin6_addr = my_in6addr_any;
966 	} else {
967 		struct sockaddr_in *sinv =
968 		    (struct sockaddr_in *)&lifr.lifr_addr;
969 
970 		sinv->sin_family = AF_INET;
971 		sinv->sin_addr.s_addr = htonl(INADDR_ANY);
972 	}
973 
974 	if (ioctl(fd, SIOCSLIFADDR, &lifr) == -1) {
975 		dhcpmsg(MSG_ERR,
976 		    "canonize_lif: can't clear local address on %s",
977 		    lif->lif_name);
978 	}
979 
980 	/* Netmask is under in.ndpd control with IPv6 */
981 	if (!isv6 && ioctl(fd, SIOCSLIFNETMASK, &lifr) == -1) {
982 		dhcpmsg(MSG_ERR, "canonize_lif: can't clear netmask on %s",
983 		    lif->lif_name);
984 	}
985 
986 	if (lif->lif_flags & IFF_POINTOPOINT) {
987 		if (ioctl(fd, SIOCSLIFDSTADDR, &lifr) == -1) {
988 			dhcpmsg(MSG_ERR,
989 			    "canonize_lif: can't clear remote address on %s",
990 			    lif->lif_name);
991 		}
992 	} else if (!isv6) {
993 		if (ioctl(fd, SIOCSLIFBRDADDR, &lifr) == -1) {
994 			dhcpmsg(MSG_ERR,
995 			    "canonize_lif: can't clear broadcast address on %s",
996 			    lif->lif_name);
997 		}
998 	}
999 }
1000 
1001 /*
1002  * plumb_lif(): Adds the LIF to the system.  This is used for all
1003  *		DHCPv6-derived interfaces.  The returned LIF has a hold
1004  *		on it.
1005  *
1006  *   input: dhcp_lif_t *: the interface to unplumb
1007  *  output: none
1008  */
1009 
1010 dhcp_lif_t *
1011 plumb_lif(dhcp_pif_t *pif, const in6_addr_t *addr)
1012 {
1013 	dhcp_lif_t *lif;
1014 	char abuf[INET6_ADDRSTRLEN];
1015 	struct lifreq lifr;
1016 	struct sockaddr_in6 *sin6;
1017 	int error;
1018 
1019 	(void) inet_ntop(AF_INET6, addr, abuf, sizeof (abuf));
1020 
1021 	for (lif = pif->pif_lifs; lif != NULL; lif = lif->lif_next) {
1022 		if (IN6_ARE_ADDR_EQUAL(&lif->lif_v6addr, addr)) {
1023 			dhcpmsg(MSG_ERR,
1024 			    "plumb_lif: entry for %s already exists!", abuf);
1025 			return (NULL);
1026 		}
1027 	}
1028 
1029 	/* First, create a new zero-address logical interface */
1030 	(void) memset(&lifr, 0, sizeof (lifr));
1031 	(void) strlcpy(lifr.lifr_name, pif->pif_name, sizeof (lifr.lifr_name));
1032 	if (ioctl(v6_sock_fd, SIOCLIFADDIF, &lifr) == -1) {
1033 		dhcpmsg(MSG_ERR, "plumb_lif: SIOCLIFADDIF %s", pif->pif_name);
1034 		return (NULL);
1035 	}
1036 
1037 	/* Next, set the netmask to all ones */
1038 	sin6 = (struct sockaddr_in6 *)&lifr.lifr_addr;
1039 	sin6->sin6_family = AF_INET6;
1040 	(void) memset(&sin6->sin6_addr, 0xff, sizeof (sin6->sin6_addr));
1041 	if (ioctl(v6_sock_fd, SIOCSLIFNETMASK, &lifr) == -1) {
1042 		dhcpmsg(MSG_ERR, "plumb_lif: SIOCSLIFNETMASK %s",
1043 		    lifr.lifr_name);
1044 		goto failure;
1045 	}
1046 
1047 	/* Now set the interface address */
1048 	sin6->sin6_addr = *addr;
1049 	if (ioctl(v6_sock_fd, SIOCSLIFADDR, &lifr) == -1) {
1050 		dhcpmsg(MSG_ERR, "plumb_lif: SIOCSLIFADDR %s %s",
1051 		    lifr.lifr_name, abuf);
1052 		goto failure;
1053 	}
1054 
1055 	/* Mark the interface up */
1056 	if (ioctl(v6_sock_fd, SIOCGLIFFLAGS, &lifr) == -1) {
1057 		dhcpmsg(MSG_ERR, "plumb_lif: SIOCGLIFFLAGS %s",
1058 		    lifr.lifr_name);
1059 		goto failure;
1060 	}
1061 	lifr.lifr_flags |= IFF_UP | IFF_DHCPRUNNING;
1062 	if (ioctl(v6_sock_fd, SIOCSLIFFLAGS, &lifr) == -1) {
1063 		dhcpmsg(MSG_ERR, "plumb_lif: SIOCSLIFFLAGS %s",
1064 		    lifr.lifr_name);
1065 		goto failure;
1066 	}
1067 
1068 	/* Now we can create the internal LIF structure */
1069 	hold_pif(pif);
1070 	if ((lif = insert_lif(pif, lifr.lifr_name, &error)) == NULL)
1071 		goto failure;
1072 
1073 	dhcpmsg(MSG_DEBUG, "plumb_lif: plumbed up %s on %s", abuf,
1074 	    lif->lif_name);
1075 	lif->lif_plumbed = B_TRUE;
1076 
1077 	return (lif);
1078 
1079 failure:
1080 	if (ioctl(v6_sock_fd, SIOCLIFREMOVEIF, &lifr) == -1 &&
1081 	    errno != ENXIO) {
1082 		dhcpmsg(MSG_ERR, "plumb_lif: SIOCLIFREMOVEIF %s",
1083 		    lifr.lifr_name);
1084 	}
1085 	return (NULL);
1086 }
1087 
1088 /*
1089  * unplumb_lif(): Removes the LIF from dhcpagent and the system.  This is used
1090  *		  for all interfaces configured by DHCP (those in leases).
1091  *
1092  *   input: dhcp_lif_t *: the interface to unplumb
1093  *  output: none
1094  */
1095 
1096 void
1097 unplumb_lif(dhcp_lif_t *lif)
1098 {
1099 	dhcp_lease_t *dlp;
1100 
1101 	if (lif->lif_plumbed) {
1102 		struct lifreq lifr;
1103 
1104 		(void) memset(&lifr, 0, sizeof (lifr));
1105 		(void) strlcpy(lifr.lifr_name, lif->lif_name,
1106 		    sizeof (lifr.lifr_name));
1107 		if (ioctl(v6_sock_fd, SIOCLIFREMOVEIF, &lifr) == -1 &&
1108 		    errno != ENXIO) {
1109 			dhcpmsg(MSG_ERR, "unplumb_lif: SIOCLIFREMOVEIF %s",
1110 			    lif->lif_name);
1111 		}
1112 		lif->lif_plumbed = B_FALSE;
1113 	}
1114 	lif->lif_flags = 0;
1115 	/*
1116 	 * Special case: if we're "unplumbing" the main LIF for DHCPv4, then
1117 	 * just canonize it and remove it from the lease.
1118 	 */
1119 	if ((dlp = lif->lif_lease) != NULL && dlp->dl_smach->dsm_lif == lif) {
1120 		canonize_lif(lif);
1121 		cancel_lif_timers(lif);
1122 		if (lif->lif_declined != NULL) {
1123 			dlp->dl_smach->dsm_lif_down--;
1124 			lif->lif_declined = NULL;
1125 		}
1126 		dlp->dl_nlifs = 0;
1127 		dlp->dl_lifs = NULL;
1128 		lif->lif_lease = NULL;
1129 		release_lif(lif);
1130 	} else {
1131 		remove_lif(lif);
1132 	}
1133 }
1134 
1135 /*
1136  * attach_lif(): create a new logical interface, creating the physical
1137  *		 interface as necessary.
1138  *
1139  *   input: const char *: the logical interface name
1140  *	    boolean_t: B_TRUE for IPv6
1141  *	    int *: set to DHCP_IPC_E_* if creation fails
1142  *  output: dhcp_lif_t *: pointer to new entry, or NULL on failure
1143  */
1144 
1145 dhcp_lif_t *
1146 attach_lif(const char *lname, boolean_t isv6, int *error)
1147 {
1148 	dhcp_pif_t *pif;
1149 	char pname[LIFNAMSIZ], *cp;
1150 
1151 	(void) strlcpy(pname, lname, sizeof (pname));
1152 	if ((cp = strchr(pname, ':')) != NULL)
1153 		*cp = '\0';
1154 
1155 	if ((pif = lookup_pif_by_name(pname, isv6)) != NULL)
1156 		hold_pif(pif);
1157 	else if ((pif = insert_pif(pname, isv6, error)) == NULL)
1158 		return (NULL);
1159 
1160 	if (lookup_lif_by_name(lname, pif) != NULL) {
1161 		dhcpmsg(MSG_ERROR, "attach_lif: entry for %s already exists!",
1162 		    lname);
1163 		release_pif(pif);
1164 		*error = DHCP_IPC_E_INVIF;
1165 		return (NULL);
1166 	}
1167 
1168 	/* If LIF creation fails, then insert_lif discards our PIF hold */
1169 	return (insert_lif(pif, lname, error));
1170 }
1171 
1172 /*
1173  * set_lif_dhcp(): Set logical interface flags to show that it's managed
1174  *		   by DHCP.
1175  *
1176  *   input: dhcp_lif_t *: the logical interface
1177  *	    boolean_t: B_TRUE if adopting
1178  *  output: int: set to DHCP_IPC_E_* if operation fails
1179  */
1180 
1181 int
1182 set_lif_dhcp(dhcp_lif_t *lif, boolean_t is_adopting)
1183 {
1184 	int fd;
1185 	int err;
1186 	struct lifreq lifr;
1187 
1188 	fd = lif->lif_pif->pif_isv6 ? v6_sock_fd : v4_sock_fd;
1189 
1190 	(void) strlcpy(lifr.lifr_name, lif->lif_name, LIFNAMSIZ);
1191 
1192 	if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) {
1193 		err = errno;
1194 		dhcpmsg(MSG_ERR, "set_lif_dhcp: SIOCGLIFFLAGS for %s",
1195 		    lif->lif_name);
1196 		return (err == ENXIO ? DHCP_IPC_E_INVIF : DHCP_IPC_E_INT);
1197 	}
1198 	lif->lif_flags = lifr.lifr_flags;
1199 
1200 	/*
1201 	 * Check for conflicting sources of address control, and other
1202 	 * unacceptable configurations.
1203 	 */
1204 	if (lifr.lifr_flags & (IFF_LOOPBACK|IFF_ADDRCONF|IFF_MIPRUNNING|
1205 	    IFF_TEMPORARY|IFF_VIRTUAL)) {
1206 		dhcpmsg(MSG_ERR, "set_lif_dhcp: cannot use %s: flags are %llx",
1207 		    lif->lif_name, lifr.lifr_flags);
1208 		return (DHCP_IPC_E_INVIF);
1209 	}
1210 
1211 	/*
1212 	 * if DHCPRUNNING is already set on the interface and we're
1213 	 * not adopting it, the agent probably crashed and burned.
1214 	 * note it, but don't let it stop the proceedings.  we're
1215 	 * pretty sure we're not already running, since we wouldn't
1216 	 * have been able to bind to our IPC port.
1217 	 */
1218 
1219 	if (lifr.lifr_flags & IFF_DHCPRUNNING) {
1220 		if (!is_adopting) {
1221 			dhcpmsg(MSG_WARNING, "set_lif_dhcp: DHCP flag already "
1222 			    "set on %s", lif->lif_name);
1223 		}
1224 	} else {
1225 		lifr.lifr_flags |= IFF_DHCPRUNNING;
1226 		if (ioctl(fd, SIOCSLIFFLAGS, &lifr) == -1) {
1227 			dhcpmsg(MSG_ERR, "set_lif_dhcp: SIOCSLIFFLAGS for %s",
1228 			    lif->lif_name);
1229 			return (DHCP_IPC_E_INT);
1230 		}
1231 		lif->lif_flags = lifr.lifr_flags;
1232 	}
1233 	return (DHCP_IPC_SUCCESS);
1234 }
1235 
1236 /*
1237  * clear_lif_dhcp(): Clear logical interface flags to show that it's no longer
1238  *		     managed by DHCP.
1239  *
1240  *   input: dhcp_lif_t *: the logical interface
1241  *  output: none
1242  */
1243 
1244 static void
1245 clear_lif_dhcp(dhcp_lif_t *lif)
1246 {
1247 	int fd;
1248 	struct lifreq lifr;
1249 
1250 	fd = lif->lif_pif->pif_isv6 ? v6_sock_fd : v4_sock_fd;
1251 
1252 	(void) strlcpy(lifr.lifr_name, lif->lif_name, LIFNAMSIZ);
1253 
1254 	if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1)
1255 		return;
1256 
1257 	if (!(lifr.lifr_flags & IFF_DHCPRUNNING))
1258 		return;
1259 
1260 	lif->lif_flags = lifr.lifr_flags &= ~IFF_DHCPRUNNING;
1261 	(void) ioctl(fd, SIOCSLIFFLAGS, &lifr);
1262 }
1263 
1264 /*
1265  * set_lif_deprecated(): Set the "deprecated" flag to tell users that this
1266  *			 address will be going away.  As the interface is
1267  *			 going away, we don't care if there are errors.
1268  *
1269  *   input: dhcp_lif_t *: the logical interface
1270  *  output: none
1271  */
1272 
1273 void
1274 set_lif_deprecated(dhcp_lif_t *lif)
1275 {
1276 	int fd;
1277 	struct lifreq lifr;
1278 
1279 	if (lif->lif_flags & IFF_DEPRECATED)
1280 		return;
1281 
1282 	fd = lif->lif_pif->pif_isv6 ? v6_sock_fd : v4_sock_fd;
1283 
1284 	(void) strlcpy(lifr.lifr_name, lif->lif_name, LIFNAMSIZ);
1285 
1286 	if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1)
1287 		return;
1288 
1289 	if (lifr.lifr_flags & IFF_DEPRECATED)
1290 		return;
1291 
1292 	lifr.lifr_flags |= IFF_DEPRECATED;
1293 	(void) ioctl(fd, SIOCSLIFFLAGS, &lifr);
1294 	lif->lif_flags = lifr.lifr_flags;
1295 }
1296 
1297 /*
1298  * clear_lif_deprecated(): Clear the "deprecated" flag to tell users that this
1299  *			   address will not be going away.  This happens if we
1300  *			   get a renewal after preferred lifetime but before
1301  *			   the valid lifetime.
1302  *
1303  *   input: dhcp_lif_t *: the logical interface
1304  *  output: boolean_t: B_TRUE on success.
1305  */
1306 
1307 boolean_t
1308 clear_lif_deprecated(dhcp_lif_t *lif)
1309 {
1310 	int fd;
1311 	struct lifreq lifr;
1312 
1313 	fd = lif->lif_pif->pif_isv6 ? v6_sock_fd : v4_sock_fd;
1314 
1315 	(void) strlcpy(lifr.lifr_name, lif->lif_name, LIFNAMSIZ);
1316 
1317 	if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) {
1318 		dhcpmsg(MSG_ERR, "clear_lif_deprecated: SIOCGLIFFLAGS for %s",
1319 		    lif->lif_name);
1320 		return (B_FALSE);
1321 	}
1322 
1323 	/*
1324 	 * Check for conflicting sources of address control, and other
1325 	 * unacceptable configurations.
1326 	 */
1327 	if (lifr.lifr_flags & (IFF_LOOPBACK|IFF_ADDRCONF|IFF_MIPRUNNING|
1328 	    IFF_TEMPORARY|IFF_VIRTUAL)) {
1329 		dhcpmsg(MSG_ERR, "clear_lif_deprecated: cannot use %s: flags "
1330 		    "are %llx", lif->lif_name, lifr.lifr_flags);
1331 		return (B_FALSE);
1332 	}
1333 
1334 	if (!(lifr.lifr_flags & IFF_DEPRECATED))
1335 		return (B_TRUE);
1336 
1337 	lifr.lifr_flags &= ~IFF_DEPRECATED;
1338 	if (ioctl(fd, SIOCSLIFFLAGS, &lifr) == -1) {
1339 		dhcpmsg(MSG_ERR, "clear_lif_deprecated: SIOCSLIFFLAGS for %s",
1340 		    lif->lif_name);
1341 		return (B_FALSE);
1342 	} else {
1343 		lif->lif_flags = lifr.lifr_flags;
1344 		return (B_TRUE);
1345 	}
1346 }
1347 
1348 /*
1349  * open_ip_lif(): open up an IP socket for I/O on a given LIF (v4 only).
1350  *
1351  *   input: dhcp_lif_t *: the logical interface to operate on
1352  *  output: boolean_t: B_TRUE if the socket was opened successfully.
1353  */
1354 
1355 boolean_t
1356 open_ip_lif(dhcp_lif_t *lif)
1357 {
1358 	if (lif->lif_sock_ip_fd != -1) {
1359 		dhcpmsg(MSG_WARNING, "open_ip_lif: socket already open on %s",
1360 		    lif->lif_name);
1361 		return (B_FALSE);
1362 	}
1363 
1364 	lif->lif_sock_ip_fd = socket(AF_INET, SOCK_DGRAM, 0);
1365 	if (lif->lif_sock_ip_fd == -1) {
1366 		dhcpmsg(MSG_ERR, "open_ip_lif: cannot create v4 socket on %s",
1367 		    lif->lif_name);
1368 		return (B_FALSE);
1369 	}
1370 
1371 	if (!bind_sock(lif->lif_sock_ip_fd, IPPORT_BOOTPC,
1372 	    ntohl(lif->lif_addr))) {
1373 		dhcpmsg(MSG_ERR, "open_ip_lif: cannot bind v4 socket on %s",
1374 		    lif->lif_name);
1375 		return (B_FALSE);
1376 	}
1377 
1378 	lif->lif_acknak_id = iu_register_event(eh, lif->lif_sock_ip_fd, POLLIN,
1379 	    dhcp_acknak_lif, lif);
1380 	if (lif->lif_acknak_id == -1) {
1381 		dhcpmsg(MSG_WARNING, "open_ip_lif: cannot register to "
1382 		    "receive IP unicast");
1383 		close_ip_lif(lif);
1384 		return (B_FALSE);
1385 	}
1386 	return (B_TRUE);
1387 }
1388 
1389 /*
1390  * close_ip_lif(): close an IP socket for I/O on a given LIF.
1391  *
1392  *   input: dhcp_lif_t *: the logical interface to operate on
1393  *  output: none
1394  */
1395 
1396 void
1397 close_ip_lif(dhcp_lif_t *lif)
1398 {
1399 	if (lif->lif_acknak_id != -1) {
1400 		(void) iu_unregister_event(eh, lif->lif_acknak_id, NULL);
1401 		lif->lif_acknak_id = -1;
1402 	}
1403 	if (lif->lif_sock_ip_fd != -1) {
1404 		(void) close(lif->lif_sock_ip_fd);
1405 		lif->lif_sock_ip_fd = -1;
1406 	}
1407 }
1408 
1409 /*
1410  * lif_mark_decline(): mark a LIF as having been declined due to a duplicate
1411  *		       address or some other conflict.  This is used in
1412  *		       send_declines() to report failure back to the server.
1413  *
1414  *   input: dhcp_lif_t *: the logical interface to operate on
1415  *	    const char *: text string explaining why the address is declined
1416  *  output: none
1417  */
1418 
1419 void
1420 lif_mark_decline(dhcp_lif_t *lif, const char *reason)
1421 {
1422 	if (lif->lif_declined == NULL) {
1423 		dhcp_lease_t *dlp;
1424 
1425 		lif->lif_declined = reason;
1426 		if ((dlp = lif->lif_lease) != NULL)
1427 			dlp->dl_smach->dsm_lif_down++;
1428 	}
1429 }
1430 
1431 /*
1432  * schedule_lif_timer(): schedules the LIF-related timer
1433  *
1434  *   input: dhcp_lif_t *: the logical interface to operate on
1435  *	    dhcp_timer_t *: the timer to schedule
1436  *	    iu_tq_callback_t *: the callback to call upon firing
1437  *  output: boolean_t: B_TRUE if the timer was scheduled successfully
1438  */
1439 
1440 boolean_t
1441 schedule_lif_timer(dhcp_lif_t *lif, dhcp_timer_t *dt, iu_tq_callback_t *expire)
1442 {
1443 	/*
1444 	 * If there's a timer running, cancel it and release its lease
1445 	 * reference.
1446 	 */
1447 	if (dt->dt_id != -1) {
1448 		if (!cancel_timer(dt))
1449 			return (B_FALSE);
1450 		release_lif(lif);
1451 	}
1452 
1453 	if (schedule_timer(dt, expire, lif)) {
1454 		hold_lif(lif);
1455 		return (B_TRUE);
1456 	} else {
1457 		dhcpmsg(MSG_WARNING,
1458 		    "schedule_lif_timer: cannot schedule timer");
1459 		return (B_FALSE);
1460 	}
1461 }
1462 
1463 /*
1464  * cancel_lif_timer(): cancels a LIF-related timer
1465  *
1466  *   input: dhcp_lif_t *: the logical interface to operate on
1467  *	    dhcp_timer_t *: the timer to cancel
1468  *  output: none
1469  */
1470 
1471 static void
1472 cancel_lif_timer(dhcp_lif_t *lif, dhcp_timer_t *dt)
1473 {
1474 	if (dt->dt_id == -1)
1475 		return;
1476 	if (cancel_timer(dt)) {
1477 		dhcpmsg(MSG_DEBUG2,
1478 		    "cancel_lif_timer: canceled expiry timer on %s",
1479 		    lif->lif_name);
1480 		release_lif(lif);
1481 	} else {
1482 		dhcpmsg(MSG_WARNING,
1483 		    "cancel_lif_timer: cannot cancel timer on %s",
1484 		    lif->lif_name);
1485 	}
1486 }
1487 
1488 /*
1489  * cancel_lif_timers(): cancels the LIF-related timers
1490  *
1491  *   input: dhcp_lif_t *: the logical interface to operate on
1492  *  output: none
1493  */
1494 
1495 void
1496 cancel_lif_timers(dhcp_lif_t *lif)
1497 {
1498 	cancel_lif_timer(lif, &lif->lif_preferred);
1499 	cancel_lif_timer(lif, &lif->lif_expire);
1500 }
1501 
1502 /*
1503  * get_max_mtu(): find the maximum MTU of all interfaces for I/O on common
1504  *		  file descriptors (v4_sock_fd and v6_sock_fd).
1505  *
1506  *   input: boolean_t: B_TRUE for IPv6, B_FALSE for IPv4
1507  *  output: none
1508  */
1509 
1510 uint_t
1511 get_max_mtu(boolean_t isv6)
1512 {
1513 	uint_t *mtup = isv6 ? &cached_v6_max_mtu : &cached_v4_max_mtu;
1514 
1515 	if (*mtup == 0) {
1516 		dhcp_pif_t *pif;
1517 		dhcp_lif_t *lif;
1518 		struct lifreq lifr;
1519 
1520 		/* Set an arbitrary lower bound */
1521 		*mtup = 1024;
1522 		pif = isv6 ? v6root : v4root;
1523 		for (; pif != NULL; pif = pif->pif_next) {
1524 			for (lif = pif->pif_lifs; lif != NULL;
1525 			    lif = lif->lif_next) {
1526 				(void) strlcpy(lifr.lifr_name, lif->lif_name,
1527 				    LIFNAMSIZ);
1528 				if (ioctl(v4_sock_fd, SIOCGLIFMTU, &lifr) !=
1529 				    -1 && lifr.lifr_mtu > *mtup) {
1530 					*mtup = lifr.lifr_mtu;
1531 				}
1532 			}
1533 		}
1534 	}
1535 	return (*mtup);
1536 }
1537 
1538 /*
1539  * expired_lif_state(): summarize the state of expired LIFs on a given state
1540  *			machine.
1541  *
1542  *   input: dhcp_smach_t *: the state machine to scan
1543  *  output: dhcp_expire_t: overall state
1544  */
1545 
1546 dhcp_expire_t
1547 expired_lif_state(dhcp_smach_t *dsmp)
1548 {
1549 	dhcp_lease_t *dlp;
1550 	dhcp_lif_t *lif;
1551 	uint_t nlifs;
1552 	uint_t numlifs;
1553 	uint_t numexp;
1554 
1555 	numlifs = numexp = 0;
1556 	for (dlp = dsmp->dsm_leases; dlp != NULL; dlp = dlp->dl_next) {
1557 		lif = dlp->dl_lifs;
1558 		nlifs = dlp->dl_nlifs;
1559 		numlifs += nlifs;
1560 		for (; nlifs > 0; nlifs--, lif = lif->lif_next) {
1561 			if (lif->lif_expired)
1562 				numexp++;
1563 		}
1564 	}
1565 	if (numlifs == 0)
1566 		return (DHCP_EXP_NOLIFS);
1567 	else if (numexp == 0)
1568 		return (DHCP_EXP_NOEXP);
1569 	else if (numlifs == numexp)
1570 		return (DHCP_EXP_ALLEXP);
1571 	else
1572 		return (DHCP_EXP_SOMEEXP);
1573 }
1574 
1575 /*
1576  * find_expired_lif(): find the first expired LIF on a given state machine
1577  *
1578  *   input: dhcp_smach_t *: the state machine to scan
1579  *  output: dhcp_lif_t *: the first expired LIF, or NULL if none.
1580  */
1581 
1582 dhcp_lif_t *
1583 find_expired_lif(dhcp_smach_t *dsmp)
1584 {
1585 	dhcp_lease_t *dlp;
1586 	dhcp_lif_t *lif;
1587 	uint_t nlifs;
1588 
1589 	for (dlp = dsmp->dsm_leases; dlp != NULL; dlp = dlp->dl_next) {
1590 		lif = dlp->dl_lifs;
1591 		nlifs = dlp->dl_nlifs;
1592 		for (; nlifs > 0; nlifs--, lif = lif->lif_next) {
1593 			if (lif->lif_expired)
1594 				return (lif);
1595 		}
1596 	}
1597 	return (NULL);
1598 }
1599 
1600 /*
1601  * remove_v6_strays(): remove any stray interfaces marked as DHCPRUNNING.  Used
1602  *		       only for DHCPv6.
1603  *
1604  *   input: none
1605  *  output: none
1606  */
1607 
1608 void
1609 remove_v6_strays(void)
1610 {
1611 	struct lifnum lifn;
1612 	struct lifconf lifc;
1613 	struct lifreq *lifrp, *lifrmax;
1614 	uint_t numifs;
1615 	uint64_t flags;
1616 
1617 	/*
1618 	 * Get the approximate number of interfaces in the system.  It's only
1619 	 * approximate because the system is dynamic -- interfaces may be
1620 	 * plumbed or unplumbed at any time.  This is also the reason for the
1621 	 * "+ 10" fudge factor: we're trying to avoid unnecessary looping.
1622 	 */
1623 	(void) memset(&lifn, 0, sizeof (lifn));
1624 	lifn.lifn_family = AF_INET6;
1625 	lifn.lifn_flags = LIFC_ALLZONES | LIFC_NOXMIT | LIFC_TEMPORARY;
1626 	if (ioctl(v6_sock_fd, SIOCGLIFNUM, &lifn) == -1) {
1627 		dhcpmsg(MSG_ERR,
1628 		    "remove_v6_strays: cannot read number of interfaces");
1629 		numifs = 10;
1630 	} else {
1631 		numifs = lifn.lifn_count + 10;
1632 	}
1633 
1634 	/*
1635 	 * Get the interface information.  We do this in a loop so that we can
1636 	 * recover from EINVAL from the kernel -- delivered when the buffer is
1637 	 * too small.
1638 	 */
1639 	(void) memset(&lifc, 0, sizeof (lifc));
1640 	lifc.lifc_family = AF_INET6;
1641 	lifc.lifc_flags = LIFC_ALLZONES | LIFC_NOXMIT | LIFC_TEMPORARY;
1642 	for (;;) {
1643 		lifc.lifc_len = numifs * sizeof (*lifrp);
1644 		lifrp = realloc(lifc.lifc_buf, lifc.lifc_len);
1645 		if (lifrp == NULL) {
1646 			dhcpmsg(MSG_ERR,
1647 			    "remove_v6_strays: cannot allocate memory");
1648 			free(lifc.lifc_buf);
1649 			return;
1650 		}
1651 		lifc.lifc_buf = (caddr_t)lifrp;
1652 		errno = 0;
1653 		if (ioctl(v6_sock_fd, SIOCGLIFCONF, &lifc) == 0 &&
1654 		    lifc.lifc_len < numifs * sizeof (*lifrp))
1655 			break;
1656 		if (errno == 0 || errno == EINVAL) {
1657 			numifs <<= 1;
1658 		} else {
1659 			dhcpmsg(MSG_ERR, "remove_v6_strays: SIOCGLIFCONF");
1660 			free(lifc.lifc_buf);
1661 			return;
1662 		}
1663 	}
1664 
1665 	lifrmax = lifrp + lifc.lifc_len / sizeof (*lifrp);
1666 	for (; lifrp < lifrmax; lifrp++) {
1667 		/*
1668 		 * Get the interface flags; we're interested in the DHCP ones.
1669 		 */
1670 		if (ioctl(v6_sock_fd, SIOCGLIFFLAGS, lifrp) == -1)
1671 			continue;
1672 		flags = lifrp->lifr_flags;
1673 		if (!(flags & IFF_DHCPRUNNING))
1674 			continue;
1675 		/*
1676 		 * If the interface has a link-local address, then we don't
1677 		 * control it.  Just remove the flag.
1678 		 */
1679 		if (ioctl(v6_sock_fd, SIOCGLIFADDR, lifrp) == -1)
1680 			continue;
1681 		if (IN6_IS_ADDR_LINKLOCAL(&((struct sockaddr_in6 *)&lifrp->
1682 		    lifr_addr)->sin6_addr)) {
1683 			lifrp->lifr_flags = flags & ~IFF_DHCPRUNNING;
1684 			(void) ioctl(v6_sock_fd, SIOCSLIFFLAGS, lifrp);
1685 			continue;
1686 		}
1687 		/*
1688 		 * All others are (or were) under our control.  Clean up by
1689 		 * removing them.
1690 		 */
1691 		if (ioctl(v6_sock_fd, SIOCLIFREMOVEIF, lifrp) == 0) {
1692 			dhcpmsg(MSG_DEBUG, "remove_v6_strays: removed %s",
1693 			    lifrp->lifr_name);
1694 		} else if (errno != ENXIO) {
1695 			dhcpmsg(MSG_ERR,
1696 			    "remove_v6_strays: SIOCLIFREMOVEIF %s",
1697 			    lifrp->lifr_name);
1698 		}
1699 	}
1700 	free(lifc.lifc_buf);
1701 }
1702