xref: /titanic_41/usr/src/cmd/cmd-inet/usr.lib/in.ndpd/main.c (revision 3d808a5295b8e731b863fdf7705b85d639514263)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include "defs.h"
29 #include "tables.h"
30 #include <fcntl.h>
31 #include <sys/un.h>
32 
33 static void	initlog(void);
34 static void	run_timeouts(void);
35 
36 static void	advertise(struct sockaddr_in6 *sin6, struct phyint *pi,
37 		    boolean_t no_prefixes);
38 static void	solicit(struct sockaddr_in6 *sin6, struct phyint *pi);
39 static void	initifs(boolean_t first);
40 static void	check_if_removed(struct phyint *pi);
41 static void	loopback_ra_enqueue(struct phyint *pi,
42 		    struct nd_router_advert *ra, int len);
43 static void	loopback_ra_dequeue(void);
44 static void	check_daemonize(void);
45 
46 struct in6_addr all_nodes_mcast = { { 0xff, 0x2, 0x0, 0x0,
47 				    0x0, 0x0, 0x0, 0x0,
48 				    0x0, 0x0, 0x0, 0x0,
49 				    0x0, 0x0, 0x0, 0x1 } };
50 
51 struct in6_addr all_routers_mcast = { { 0xff, 0x2, 0x0, 0x0,
52 				    0x0, 0x0, 0x0, 0x0,
53 				    0x0, 0x0, 0x0, 0x0,
54 				    0x0, 0x0, 0x0, 0x2 } };
55 
56 static struct sockaddr_in6 v6allnodes = { AF_INET6, 0, 0,
57 				    { 0xff, 0x2, 0x0, 0x0,
58 				    0x0, 0x0, 0x0, 0x0,
59 				    0x0, 0x0, 0x0, 0x0,
60 				    0x0, 0x0, 0x0, 0x1 } };
61 
62 static struct sockaddr_in6 v6allrouters = { AF_INET6, 0, 0,
63 				    { 0xff, 0x2, 0x0, 0x0,
64 				    0x0, 0x0, 0x0, 0x0,
65 				    0x0, 0x0, 0x0, 0x0,
66 				    0x0, 0x0, 0x0, 0x2 } };
67 
68 static char **argv0;		/* Saved for re-exec on SIGHUP */
69 
70 static uint64_t packet[(IP_MAXPACKET + 1)/8];
71 
72 static int	show_ifs = 0;
73 static boolean_t	already_daemonized = _B_FALSE;
74 int		debug = 0;
75 int		no_loopback = 0; /* Do not send RA packets to ourselves */
76 
77 /*
78  * Size of routing socket message used by in.ndpd which includes the header,
79  * space for the RTA_DST, RTA_GATEWAY and RTA_NETMASK (each a sockaddr_in6)
80  * plus space for the RTA_IFP (a sockaddr_dl).
81  */
82 #define	NDP_RTM_MSGLEN	sizeof (struct rt_msghdr) +	\
83 			sizeof (struct sockaddr_in6) +	\
84 			sizeof (struct sockaddr_in6) +	\
85 			sizeof (struct sockaddr_in6) +	\
86 			sizeof (struct sockaddr_dl)
87 
88 /*
89  * These are referenced externally in tables.c in order to fill in the
90  * dynamic portions of the routing socket message and then to send the message
91  * itself.
92  */
93 int	rtsock = -1;			/* Routing socket */
94 struct	rt_msghdr	*rt_msg;	/* Routing socket message */
95 struct	sockaddr_in6	*rta_gateway;	/* RTA_GATEWAY sockaddr */
96 struct	sockaddr_dl	*rta_ifp;	/* RTA_IFP sockaddr */
97 int	mibsock = -1;			/* mib request socket */
98 
99 /*
100  * Return the current time in milliseconds truncated to
101  * fit in an integer.
102  */
103 uint_t
104 getcurrenttime(void)
105 {
106 	struct timeval tp;
107 
108 	if (gettimeofday(&tp, NULL) < 0) {
109 		logperror("getcurrenttime: gettimeofday failed");
110 		exit(1);
111 	}
112 	return (tp.tv_sec * 1000 + tp.tv_usec / 1000);
113 }
114 
115 /*
116  * Output a preformated packet from the packet[] buffer.
117  */
118 static void
119 sendpacket(struct sockaddr_in6 *sin6, int sock, int size, int flags)
120 {
121 	int cc;
122 	char abuf[INET6_ADDRSTRLEN];
123 
124 	cc = sendto(sock, (char *)packet, size, flags,
125 		(struct sockaddr *)sin6, sizeof (*sin6));
126 	if (cc < 0 || cc != size) {
127 		if (cc < 0) {
128 			logperror("sendpacket: sendto");
129 		}
130 		logmsg(LOG_ERR, "sendpacket: wrote %s %d chars, ret=%d\n",
131 		    inet_ntop(sin6->sin6_family,
132 		    (void *)&sin6->sin6_addr,
133 		    abuf, sizeof (abuf)),
134 		    size, cc);
135 	}
136 }
137 
138 /* Send a Router Solicitation */
139 static void
140 solicit(struct sockaddr_in6 *sin6, struct phyint *pi)
141 {
142 	int packetlen = 0;
143 	struct	nd_router_solicit *rs = (struct nd_router_solicit *)packet;
144 	char *pptr = (char *)packet;
145 
146 	rs->nd_rs_type = ND_ROUTER_SOLICIT;
147 	rs->nd_rs_code = 0;
148 	rs->nd_rs_cksum = htons(0);
149 	rs->nd_rs_reserved = htonl(0);
150 
151 	packetlen += sizeof (*rs);
152 	pptr += sizeof (*rs);
153 
154 	/* Attach any options */
155 	if (pi->pi_hdw_addr_len != 0) {
156 		struct nd_opt_lla *lo = (struct nd_opt_lla *)pptr;
157 		int optlen;
158 
159 		/* roundup to multiple of 8 and make padding zero */
160 		optlen = ((sizeof (struct nd_opt_hdr) +
161 		    pi->pi_hdw_addr_len + 7) / 8) * 8;
162 		bzero(pptr, optlen);
163 
164 		lo->nd_opt_lla_type = ND_OPT_SOURCE_LINKADDR;
165 		lo->nd_opt_lla_len = optlen / 8;
166 		bcopy((char *)pi->pi_hdw_addr,
167 		    (char *)lo->nd_opt_lla_hdw_addr,
168 		    pi->pi_hdw_addr_len);
169 		packetlen += optlen;
170 		pptr += optlen;
171 	}
172 
173 	if (debug & D_PKTOUT) {
174 		print_route_sol("Sending solicitation to ", pi, rs, packetlen,
175 		    sin6);
176 	}
177 	sendpacket(sin6, pi->pi_sock, packetlen, 0);
178 }
179 
180 /*
181  * Send a (set of) Router Advertisements and feed them back to ourselves
182  * for processing. Unless no_prefixes is set all prefixes are included.
183  * If there are too many prefix options to fit in one packet multiple
184  * packets will be sent - each containing a subset of the prefix options.
185  */
186 static void
187 advertise(struct sockaddr_in6 *sin6, struct phyint *pi, boolean_t no_prefixes)
188 {
189 	struct	nd_opt_prefix_info *po;
190 	char *pptr = (char *)packet;
191 	struct nd_router_advert *ra;
192 	struct adv_prefix *adv_pr;
193 	int packetlen = 0;
194 
195 	ra = (struct nd_router_advert *)pptr;
196 	ra->nd_ra_type = ND_ROUTER_ADVERT;
197 	ra->nd_ra_code = 0;
198 	ra->nd_ra_cksum = htons(0);
199 	ra->nd_ra_curhoplimit = pi->pi_AdvCurHopLimit;
200 	ra->nd_ra_flags_reserved = 0;
201 	if (pi->pi_AdvManagedFlag)
202 		ra->nd_ra_flags_reserved |= ND_RA_FLAG_MANAGED;
203 	if (pi->pi_AdvOtherConfigFlag)
204 		ra->nd_ra_flags_reserved |= ND_RA_FLAG_OTHER;
205 
206 	if (pi->pi_adv_state == FINAL_ADV)
207 		ra->nd_ra_router_lifetime = htons(0);
208 	else
209 		ra->nd_ra_router_lifetime = htons(pi->pi_AdvDefaultLifetime);
210 	ra->nd_ra_reachable = htonl(pi->pi_AdvReachableTime);
211 	ra->nd_ra_retransmit = htonl(pi->pi_AdvRetransTimer);
212 
213 	packetlen = sizeof (*ra);
214 	pptr += sizeof (*ra);
215 
216 	if (pi->pi_adv_state == FINAL_ADV) {
217 		if (debug & D_PKTOUT) {
218 			print_route_adv("Sending advert (FINAL) to ", pi,
219 			    ra, packetlen, sin6);
220 		}
221 		sendpacket(sin6, pi->pi_sock, packetlen, 0);
222 		/* Feed packet back in for router operation */
223 		loopback_ra_enqueue(pi, ra, packetlen);
224 		return;
225 	}
226 
227 	/* Attach any options */
228 	if (pi->pi_hdw_addr_len != 0) {
229 		struct nd_opt_lla *lo = (struct nd_opt_lla *)pptr;
230 		int optlen;
231 
232 		/* roundup to multiple of 8 and make padding zero */
233 		optlen = ((sizeof (struct nd_opt_hdr) +
234 		    pi->pi_hdw_addr_len + 7) / 8) * 8;
235 		bzero(pptr, optlen);
236 
237 		lo->nd_opt_lla_type = ND_OPT_SOURCE_LINKADDR;
238 		lo->nd_opt_lla_len = optlen / 8;
239 		bcopy((char *)pi->pi_hdw_addr,
240 		    (char *)lo->nd_opt_lla_hdw_addr,
241 		    pi->pi_hdw_addr_len);
242 		packetlen += optlen;
243 		pptr += optlen;
244 	}
245 
246 	if (pi->pi_AdvLinkMTU != 0) {
247 		struct nd_opt_mtu *mo = (struct nd_opt_mtu *)pptr;
248 
249 		mo->nd_opt_mtu_type = ND_OPT_MTU;
250 		mo->nd_opt_mtu_len = sizeof (struct nd_opt_mtu) / 8;
251 		mo->nd_opt_mtu_reserved = 0;
252 		mo->nd_opt_mtu_mtu = htonl(pi->pi_AdvLinkMTU);
253 
254 		packetlen += sizeof (struct nd_opt_mtu);
255 		pptr += sizeof (struct nd_opt_mtu);
256 	}
257 
258 	if (no_prefixes) {
259 		if (debug & D_PKTOUT) {
260 			print_route_adv("Sending advert to ", pi,
261 			    ra, packetlen, sin6);
262 		}
263 		sendpacket(sin6, pi->pi_sock, packetlen, 0);
264 		/* Feed packet back in for router operation */
265 		loopback_ra_enqueue(pi, ra, packetlen);
266 		return;
267 	}
268 
269 	po = (struct nd_opt_prefix_info *)pptr;
270 	for (adv_pr = pi->pi_adv_prefix_list; adv_pr != NULL;
271 	    adv_pr = adv_pr->adv_pr_next) {
272 		if (!adv_pr->adv_pr_AdvOnLinkFlag &&
273 		    !adv_pr->adv_pr_AdvAutonomousFlag) {
274 			continue;
275 		}
276 
277 		/*
278 		 * If the prefix doesn't fit in packet send
279 		 * what we have so far and start with new packet.
280 		 */
281 		if (packetlen + sizeof (*po) >
282 		    pi->pi_LinkMTU - sizeof (struct ip6_hdr)) {
283 			if (debug & D_PKTOUT) {
284 				print_route_adv("Sending advert "
285 				    "(FRAG) to ",
286 				    pi, ra, packetlen, sin6);
287 			}
288 			sendpacket(sin6, pi->pi_sock, packetlen, 0);
289 			/* Feed packet back in for router operation */
290 			loopback_ra_enqueue(pi, ra, packetlen);
291 			packetlen = sizeof (*ra);
292 			pptr = (char *)packet + sizeof (*ra);
293 			po = (struct nd_opt_prefix_info *)pptr;
294 		}
295 		po->nd_opt_pi_type = ND_OPT_PREFIX_INFORMATION;
296 		po->nd_opt_pi_len = sizeof (*po)/8;
297 		po->nd_opt_pi_flags_reserved = 0;
298 		if (adv_pr->adv_pr_AdvOnLinkFlag) {
299 			po->nd_opt_pi_flags_reserved |=
300 			    ND_OPT_PI_FLAG_ONLINK;
301 		}
302 		if (adv_pr->adv_pr_AdvAutonomousFlag) {
303 			po->nd_opt_pi_flags_reserved |=
304 			    ND_OPT_PI_FLAG_AUTO;
305 		}
306 		po->nd_opt_pi_prefix_len = adv_pr->adv_pr_prefix_len;
307 		/*
308 		 * If both Adv*Expiration and Adv*Lifetime are
309 		 * set we prefer the former and make the lifetime
310 		 * decrement in real time.
311 		 */
312 		if (adv_pr->adv_pr_AdvValidRealTime) {
313 			po->nd_opt_pi_valid_time =
314 			    htonl(adv_pr->adv_pr_AdvValidExpiration);
315 		} else {
316 			po->nd_opt_pi_valid_time =
317 			    htonl(adv_pr->adv_pr_AdvValidLifetime);
318 		}
319 		if (adv_pr->adv_pr_AdvPreferredRealTime) {
320 			po->nd_opt_pi_preferred_time =
321 			    htonl(adv_pr->adv_pr_AdvPreferredExpiration);
322 		} else {
323 			po->nd_opt_pi_preferred_time =
324 			    htonl(adv_pr->adv_pr_AdvPreferredLifetime);
325 		}
326 		po->nd_opt_pi_reserved2 = htonl(0);
327 		po->nd_opt_pi_prefix = adv_pr->adv_pr_prefix;
328 
329 		po++;
330 		packetlen += sizeof (*po);
331 	}
332 	if (debug & D_PKTOUT) {
333 		print_route_adv("Sending advert to ", pi,
334 		    ra, packetlen, sin6);
335 	}
336 	sendpacket(sin6, pi->pi_sock, packetlen, 0);
337 	/* Feed packet back in for router operation */
338 	loopback_ra_enqueue(pi, ra, packetlen);
339 }
340 
341 /* Poll support */
342 static int		pollfd_num = 0;	/* Allocated and initialized */
343 static struct pollfd	*pollfds = NULL;
344 
345 /*
346  * Add fd to the set being polled. Returns 0 if ok; -1 if failed.
347  */
348 int
349 poll_add(int fd)
350 {
351 	int i;
352 	int new_num;
353 	struct pollfd *newfds;
354 
355 	/* Check if already present */
356 	for (i = 0; i < pollfd_num; i++) {
357 		if (pollfds[i].fd == fd)
358 			return (0);
359 	}
360 	/* Check for empty spot already present */
361 	for (i = 0; i < pollfd_num; i++) {
362 		if (pollfds[i].fd == -1) {
363 			pollfds[i].fd = fd;
364 			return (0);
365 		}
366 	}
367 
368 	/* Allocate space for 32 more fds and initialize to -1 */
369 	new_num = pollfd_num + 32;
370 	newfds = realloc(pollfds, new_num * sizeof (struct pollfd));
371 	if (newfds == NULL) {
372 		logperror("poll_add: realloc");
373 		return (-1);
374 	}
375 
376 	newfds[pollfd_num].fd = fd;
377 	newfds[pollfd_num++].events = POLLIN;
378 
379 	for (i = pollfd_num; i < new_num; i++) {
380 		newfds[i].fd = -1;
381 		newfds[i].events = POLLIN;
382 	}
383 	pollfd_num = new_num;
384 	pollfds = newfds;
385 	return (0);
386 }
387 
388 /*
389  * Remove fd from the set being polled. Returns 0 if ok; -1 if failed.
390  */
391 int
392 poll_remove(int fd)
393 {
394 	int i;
395 
396 	/* Check if already present */
397 	for (i = 0; i < pollfd_num; i++) {
398 		if (pollfds[i].fd == fd) {
399 			pollfds[i].fd = -1;
400 			return (0);
401 		}
402 	}
403 	return (-1);
404 }
405 
406 /*
407  * Extract information about the ifname (either a physical interface and
408  * the ":0" logical interface or just a logical interface).
409  * If the interface (still) exists in kernel set pr_in_use
410  * for caller to be able to detect interfaces that are removed.
411  * Starts sending advertisements/solicitations when new physical interfaces
412  * are detected.
413  */
414 static void
415 if_process(int s, char *ifname, boolean_t first)
416 {
417 	struct lifreq lifr;
418 	struct phyint *pi;
419 	struct prefix *pr;
420 	char *cp;
421 	char phyintname[LIFNAMSIZ + 1];
422 
423 	if (debug & D_IFSCAN)
424 		logmsg(LOG_DEBUG, "if_process(%s)\n", ifname);
425 
426 	(void) strncpy(lifr.lifr_name, ifname, sizeof (lifr.lifr_name));
427 	lifr.lifr_name[sizeof (lifr.lifr_name) - 1] = '\0';
428 	if (ioctl(s, SIOCGLIFFLAGS, (char *)&lifr) < 0) {
429 		if (errno == ENXIO) {
430 			/*
431 			 * Interface has disappeared
432 			 */
433 			return;
434 		}
435 		logperror("if_process: ioctl (get interface flags)");
436 		return;
437 	}
438 
439 	/*
440 	 * Ignore loopback and point-to-multipoint interfaces.
441 	 * Point-to-point interfaces always have IFF_MULTICAST set.
442 	 */
443 	if (!(lifr.lifr_flags & IFF_MULTICAST) ||
444 	    (lifr.lifr_flags & IFF_LOOPBACK)) {
445 		return;
446 	}
447 
448 	if (!(lifr.lifr_flags & IFF_IPV6))
449 		return;
450 
451 	(void) strncpy(phyintname, ifname, sizeof (phyintname));
452 	phyintname[sizeof (phyintname) - 1] = '\0';
453 	if ((cp = strchr(phyintname, IF_SEPARATOR)) != NULL) {
454 		*cp = '\0';
455 	}
456 
457 	pi = phyint_lookup(phyintname);
458 	if (pi == NULL) {
459 		/*
460 		 * Do not add anything for new interfaces until they are UP.
461 		 * For existing interfaces we track the up flag.
462 		 */
463 		if (!(lifr.lifr_flags & IFF_UP))
464 			return;
465 
466 		pi = phyint_create(phyintname);
467 		if (pi == NULL) {
468 			logmsg(LOG_ERR, "if_process: out of memory\n");
469 			return;
470 		}
471 	}
472 	(void) phyint_init_from_k(pi);
473 	if (pi->pi_sock == -1 && !(pi->pi_kernel_state & PI_PRESENT)) {
474 		/* Interface is not yet present */
475 		if (debug & D_PHYINT) {
476 			logmsg(LOG_DEBUG, "if_process: interface not yet "
477 			    "present %s\n", pi->pi_name);
478 		}
479 		return;
480 	}
481 
482 	if (pi->pi_sock != -1) {
483 		if (poll_add(pi->pi_sock) == -1) {
484 			/*
485 			 * reset state.
486 			 */
487 			phyint_cleanup(pi);
488 		}
489 	}
490 
491 	/*
492 	 * Check if IFF_ROUTER has been turned off in kernel in which
493 	 * case we have to turn off AdvSendAdvertisements.
494 	 * The kernel will automatically turn off IFF_ROUTER if
495 	 * ip6_forwarding is turned off.
496 	 * Note that we do not switch back should IFF_ROUTER be turned on.
497 	 */
498 	if (!first &&
499 	    pi->pi_AdvSendAdvertisements && !(pi->pi_flags & IFF_ROUTER)) {
500 		logmsg(LOG_INFO, "No longer a router on %s\n", pi->pi_name);
501 		check_to_advertise(pi, START_FINAL_ADV);
502 
503 		pi->pi_AdvSendAdvertisements = 0;
504 		pi->pi_sol_state = NO_SOLICIT;
505 	}
506 
507 	/*
508 	 * Send advertisments and solicitation only if the interface is
509 	 * present in the kernel.
510 	 */
511 	if (pi->pi_kernel_state & PI_PRESENT) {
512 
513 		if (pi->pi_AdvSendAdvertisements) {
514 			if (pi->pi_adv_state == NO_ADV)
515 				check_to_advertise(pi, START_INIT_ADV);
516 		} else {
517 			if (pi->pi_sol_state == NO_SOLICIT)
518 				check_to_solicit(pi, START_INIT_SOLICIT);
519 		}
520 	}
521 
522 	/*
523 	 * Track static kernel prefixes to prevent in.ndpd from clobbering
524 	 * them by creating a struct prefix for each prefix detected in the
525 	 * kernel.
526 	 */
527 	pr = prefix_lookup_name(pi, ifname);
528 	if (pr == NULL) {
529 		pr = prefix_create_name(pi, ifname);
530 		if (pr == NULL) {
531 			logmsg(LOG_ERR, "if_process: out of memory\n");
532 			return;
533 		}
534 		if (prefix_init_from_k(pr) == -1) {
535 			prefix_delete(pr);
536 			return;
537 		}
538 	}
539 	/* Detect prefixes which are removed */
540 	if (pr->pr_kernel_state != 0)
541 		pr->pr_in_use = _B_TRUE;
542 
543 	if ((lifr.lifr_flags & IFF_DUPLICATE) &&
544 	    (pr->pr_flags & IFF_TEMPORARY)) {
545 		in6_addr_t *token;
546 		int i;
547 		char abuf[INET6_ADDRSTRLEN];
548 
549 		if (++pr->pr_attempts >= MAX_DAD_FAILURES) {
550 			logmsg(LOG_ERR, "%s: token %s is duplicate after %d "
551 			    "attempts; disabling temporary addresses on %s",
552 			    pr->pr_name, inet_ntop(AF_INET6,
553 			    (void *)&pi->pi_tmp_token, abuf, sizeof (abuf)),
554 			    pr->pr_attempts, pi->pi_name);
555 			pi->pi_TmpAddrsEnabled = 0;
556 			tmptoken_delete(pi);
557 			prefix_delete(pr);
558 			return;
559 		}
560 		logmsg(LOG_WARNING, "%s: token %s is duplicate; trying again",
561 		    pr->pr_name, inet_ntop(AF_INET6, (void *)&pi->pi_tmp_token,
562 		    abuf, sizeof (abuf)));
563 		if (!tmptoken_create(pi)) {
564 			prefix_delete(pr);
565 			return;
566 		}
567 		token = &pi->pi_tmp_token;
568 		for (i = 0; i < 16; i++) {
569 			/*
570 			 * prefix_create ensures that pr_prefix has all-zero
571 			 * bits after prefixlen.
572 			 */
573 			pr->pr_address.s6_addr[i] = pr->pr_prefix.s6_addr[i] |
574 			    token->s6_addr[i];
575 		}
576 		if (prefix_lookup_addr_match(pr) != NULL) {
577 			prefix_delete(pr);
578 			return;
579 		}
580 		pr->pr_CreateTime = getcurrenttime() / MILLISEC;
581 		/*
582 		 * We've got a new token.  Clearing PR_AUTO causes
583 		 * prefix_update_k to bring the interface up and set the
584 		 * address.
585 		 */
586 		pr->pr_kernel_state &= ~PR_AUTO;
587 		prefix_update_k(pr);
588 	}
589 }
590 
591 static int ifsock = -1;
592 
593 /*
594  * Scan all interfaces to detect changes as well as new and deleted intefaces
595  * 'first' is set for the initial call only. Do not effect anything.
596  */
597 static void
598 initifs(boolean_t first)
599 {
600 	char *buf;
601 	int bufsize;
602 	int numifs;
603 	int n;
604 	struct lifnum lifn;
605 	struct lifconf lifc;
606 	struct lifreq *lifr;
607 	struct phyint *pi;
608 	struct phyint *next_pi;
609 	struct prefix *pr;
610 
611 	if (debug & D_IFSCAN)
612 		logmsg(LOG_DEBUG, "Reading interface configuration\n");
613 	if (ifsock < 0) {
614 		ifsock = socket(AF_INET6, SOCK_DGRAM, 0);
615 		if (ifsock < 0) {
616 			logperror("initifs: socket");
617 			return;
618 		}
619 	}
620 	lifn.lifn_family = AF_INET6;
621 	lifn.lifn_flags = LIFC_NOXMIT | LIFC_TEMPORARY;
622 	if (ioctl(ifsock, SIOCGLIFNUM, (char *)&lifn) < 0) {
623 		logperror("initifs: ioctl (get interface numbers)");
624 		return;
625 	}
626 	numifs = lifn.lifn_count;
627 	bufsize = numifs * sizeof (struct lifreq);
628 
629 	buf = (char *)malloc(bufsize);
630 	if (buf == NULL) {
631 		logmsg(LOG_ERR, "initifs: out of memory\n");
632 		return;
633 	}
634 
635 	/*
636 	 * Mark the interfaces so that we can find phyints and prefixes
637 	 * which have disappeared from the kernel.
638 	 * if_process will set pr_in_use when it finds the interface
639 	 * in the kernel.
640 	 */
641 	for (pi = phyints; pi != NULL; pi = pi->pi_next) {
642 		/*
643 		 * Before re-examining the state of the interfaces,
644 		 * PI_PRESENT should be cleared from pi_kernel_state.
645 		 */
646 		pi->pi_kernel_state &= ~PI_PRESENT;
647 		for (pr = pi->pi_prefix_list; pr != NULL; pr = pr->pr_next) {
648 			pr->pr_in_use = _B_FALSE;
649 		}
650 	}
651 
652 	lifc.lifc_family = AF_INET6;
653 	lifc.lifc_flags = LIFC_NOXMIT | LIFC_TEMPORARY;
654 	lifc.lifc_len = bufsize;
655 	lifc.lifc_buf = buf;
656 
657 	if (ioctl(ifsock, SIOCGLIFCONF, (char *)&lifc) < 0) {
658 		logperror("initifs: ioctl (get interface configuration)");
659 		free(buf);
660 		return;
661 	}
662 
663 	lifr = (struct lifreq *)lifc.lifc_req;
664 	for (n = lifc.lifc_len / sizeof (struct lifreq); n > 0; n--, lifr++)
665 		if_process(ifsock, lifr->lifr_name, first);
666 	free(buf);
667 
668 	/*
669 	 * Detect phyints that have been removed from the kernel.
670 	 * Since we can't recreate it here (would require ifconfig plumb
671 	 * logic) we just terminate use of that phyint.
672 	 */
673 	for (pi = phyints; pi != NULL; pi = next_pi) {
674 		next_pi = pi->pi_next;
675 		/*
676 		 * If interface (still) exists in kernel, set
677 		 * pi_state to indicate that.
678 		 */
679 		if (pi->pi_kernel_state & PI_PRESENT) {
680 			pi->pi_state |= PI_PRESENT;
681 		}
682 
683 		check_if_removed(pi);
684 	}
685 	if (show_ifs)
686 		phyint_print_all();
687 }
688 
689 
690 /*
691  * Router advertisement state machine. Used for everything but timer
692  * events which use advertise_event directly.
693  */
694 void
695 check_to_advertise(struct phyint *pi, enum adv_events event)
696 {
697 	uint_t delay;
698 	enum adv_states old_state = pi->pi_adv_state;
699 
700 	if (debug & D_STATE) {
701 		logmsg(LOG_DEBUG, "check_to_advertise(%s, %d) state %d\n",
702 		    pi->pi_name, (int)event, (int)old_state);
703 	}
704 	delay = advertise_event(pi, event, 0);
705 	if (delay != TIMER_INFINITY) {
706 		/* Make sure the global next event is updated */
707 		timer_schedule(delay);
708 	}
709 
710 	if (debug & D_STATE) {
711 		logmsg(LOG_DEBUG, "check_to_advertise(%s, %d) state %d -> %d\n",
712 		    pi->pi_name, (int)event, (int)old_state,
713 		    (int)pi->pi_adv_state);
714 	}
715 }
716 
717 /*
718  * Router advertisement state machine.
719  * Return the number of milliseconds until next timeout (TIMER_INFINITY
720  * if never).
721  * For the ADV_TIMER event the caller passes in the number of milliseconds
722  * since the last timer event in the 'elapsed' parameter.
723  */
724 uint_t
725 advertise_event(struct phyint *pi, enum adv_events event, uint_t elapsed)
726 {
727 	uint_t delay;
728 
729 	if (debug & D_STATE) {
730 		logmsg(LOG_DEBUG, "advertise_event(%s, %d, %d) state %d\n",
731 		    pi->pi_name, (int)event, elapsed, (int)pi->pi_adv_state);
732 	}
733 	check_daemonize();
734 	if (!pi->pi_AdvSendAdvertisements)
735 		return (TIMER_INFINITY);
736 	if (pi->pi_flags & IFF_NORTEXCH) {
737 		if (debug & D_PKTOUT) {
738 			logmsg(LOG_DEBUG, "Suppress sending RA packet on %s "
739 			    "(no route exchange on interface)\n",
740 			    pi->pi_name);
741 		}
742 		return (TIMER_INFINITY);
743 	}
744 
745 	switch (event) {
746 	case ADV_OFF:
747 		pi->pi_adv_state = NO_ADV;
748 		return (TIMER_INFINITY);
749 
750 	case START_INIT_ADV:
751 		if (pi->pi_adv_state == INIT_ADV)
752 			return (pi->pi_adv_time_left);
753 		pi->pi_adv_count = ND_MAX_INITIAL_RTR_ADVERTISEMENTS;
754 		pi->pi_adv_time_left = 0;
755 		pi->pi_adv_state = INIT_ADV;
756 		break;	/* send advertisement */
757 
758 	case START_FINAL_ADV:
759 		if (pi->pi_adv_state == NO_ADV)
760 			return (TIMER_INFINITY);
761 		if (pi->pi_adv_state == FINAL_ADV)
762 			return (pi->pi_adv_time_left);
763 		pi->pi_adv_count = ND_MAX_FINAL_RTR_ADVERTISEMENTS;
764 		pi->pi_adv_time_left = 0;
765 		pi->pi_adv_state = FINAL_ADV;
766 		break;	/* send advertisement */
767 
768 	case RECEIVED_SOLICIT:
769 		if (pi->pi_adv_state == NO_ADV)
770 			return (TIMER_INFINITY);
771 		if (pi->pi_adv_state == SOLICIT_ADV) {
772 			if (pi->pi_adv_time_left != 0)
773 				return (pi->pi_adv_time_left);
774 			break;
775 		}
776 		delay = GET_RANDOM(0, ND_MAX_RA_DELAY_TIME);
777 		if (delay < pi->pi_adv_time_left)
778 			pi->pi_adv_time_left = delay;
779 		if (pi->pi_adv_time_since_sent < ND_MIN_DELAY_BETWEEN_RAS) {
780 			/*
781 			 * Send an advertisement (ND_MIN_DELAY_BETWEEN_RAS
782 			 * plus random delay) after the previous
783 			 * advertisement was sent.
784 			 */
785 			pi->pi_adv_time_left = delay +
786 			    ND_MIN_DELAY_BETWEEN_RAS -
787 			    pi->pi_adv_time_since_sent;
788 		}
789 		pi->pi_adv_state = SOLICIT_ADV;
790 		break;
791 
792 	case ADV_TIMER:
793 		if (pi->pi_adv_state == NO_ADV)
794 			return (TIMER_INFINITY);
795 		/* Decrease time left */
796 		if (pi->pi_adv_time_left >= elapsed)
797 			pi->pi_adv_time_left -= elapsed;
798 		else
799 			pi->pi_adv_time_left = 0;
800 
801 		/* Increase time since last advertisement was sent */
802 		pi->pi_adv_time_since_sent += elapsed;
803 		break;
804 	default:
805 		logmsg(LOG_ERR, "advertise_event: Unknown event %d\n",
806 		    (int)event);
807 		return (TIMER_INFINITY);
808 	}
809 
810 	if (pi->pi_adv_time_left != 0)
811 		return (pi->pi_adv_time_left);
812 
813 	/* Send advertisement and calculate next time to send */
814 	if (pi->pi_adv_state == FINAL_ADV) {
815 		/* Omit the prefixes */
816 		advertise(&v6allnodes, pi, _B_TRUE);
817 	} else {
818 		advertise(&v6allnodes, pi, _B_FALSE);
819 	}
820 	pi->pi_adv_time_since_sent = 0;
821 
822 	switch (pi->pi_adv_state) {
823 	case SOLICIT_ADV:
824 		/*
825 		 * The solicited advertisement has been sent.
826 		 * Revert to periodic advertisements.
827 		 */
828 		pi->pi_adv_state = REG_ADV;
829 		/* FALLTHRU */
830 	case REG_ADV:
831 		pi->pi_adv_time_left =
832 		    GET_RANDOM(1000 * pi->pi_MinRtrAdvInterval,
833 		    1000 * pi->pi_MaxRtrAdvInterval);
834 		break;
835 
836 	case INIT_ADV:
837 		if (--pi->pi_adv_count > 0) {
838 			delay = GET_RANDOM(1000 * pi->pi_MinRtrAdvInterval,
839 			    1000 * pi->pi_MaxRtrAdvInterval);
840 			if (delay > ND_MAX_INITIAL_RTR_ADVERT_INTERVAL)
841 				delay = ND_MAX_INITIAL_RTR_ADVERT_INTERVAL;
842 			pi->pi_adv_time_left = delay;
843 		} else {
844 			pi->pi_adv_time_left =
845 			    GET_RANDOM(1000 * pi->pi_MinRtrAdvInterval,
846 			    1000 * pi->pi_MaxRtrAdvInterval);
847 			pi->pi_adv_state = REG_ADV;
848 		}
849 		break;
850 
851 	case FINAL_ADV:
852 		if (--pi->pi_adv_count > 0) {
853 			pi->pi_adv_time_left =
854 			    ND_MAX_INITIAL_RTR_ADVERT_INTERVAL;
855 		} else {
856 			pi->pi_adv_state = NO_ADV;
857 		}
858 		break;
859 	}
860 	if (pi->pi_adv_state != NO_ADV)
861 		return (pi->pi_adv_time_left);
862 	else
863 		return (TIMER_INFINITY);
864 }
865 
866 /*
867  * Router solicitation state machine. Used for everything but timer
868  * events which use solicit_event directly.
869  */
870 void
871 check_to_solicit(struct phyint *pi, enum solicit_events event)
872 {
873 	uint_t delay;
874 	enum solicit_states old_state = pi->pi_sol_state;
875 
876 	if (debug & D_STATE) {
877 		logmsg(LOG_DEBUG, "check_to_solicit(%s, %d) state %d\n",
878 		    pi->pi_name, (int)event, (int)old_state);
879 	}
880 	delay = solicit_event(pi, event, 0);
881 	if (delay != TIMER_INFINITY) {
882 		/* Make sure the global next event is updated */
883 		timer_schedule(delay);
884 	}
885 
886 	if (debug & D_STATE) {
887 		logmsg(LOG_DEBUG, "check_to_solicit(%s, %d) state %d -> %d\n",
888 		    pi->pi_name, (int)event, (int)old_state,
889 		    (int)pi->pi_sol_state);
890 	}
891 }
892 
893 static void
894 daemonize_ndpd(void)
895 {
896 	FILE *pidfp;
897 	mode_t pidmode = (S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); /* 0644 */
898 	struct itimerval it;
899 	boolean_t timerval = _B_TRUE;
900 
901 	/*
902 	 * Need to get current timer settings so they can be restored
903 	 * after the fork(), as the it_value and it_interval values for
904 	 * the ITIMER_REAL timer are reset to 0 in the child process.
905 	 */
906 	if (getitimer(ITIMER_REAL, &it) < 0) {
907 		if (debug & D_TIMER)
908 			logmsg(LOG_DEBUG,
909 			    "daemonize_ndpd: failed to get itimerval\n");
910 		timerval = _B_FALSE;
911 	}
912 
913 	/* Daemonize. */
914 	switch (fork()) {
915 	case 0:
916 		/* Child */
917 		break;
918 	case -1:
919 		logperror("fork");
920 		exit(1);
921 	default:
922 		/* Parent */
923 		_exit(0);
924 	}
925 
926 	/* Store our process id, blow away any existing file if it exists. */
927 	if ((pidfp = fopen(PATH_PID, "w")) == NULL) {
928 		(void) fprintf(stderr, "%s: unable to open " PATH_PID ": %s\n",
929 		    argv0[0], strerror(errno));
930 	} else {
931 		(void) fprintf(pidfp, "%ld\n", getpid());
932 		(void) fclose(pidfp);
933 		(void) chmod(PATH_PID, pidmode);
934 	}
935 
936 	(void) close(0);
937 	(void) close(1);
938 	(void) close(2);
939 
940 	(void) chdir("/");
941 	(void) open("/dev/null", O_RDWR);
942 	(void) dup2(0, 1);
943 	(void) dup2(0, 2);
944 	(void) setsid();
945 
946 	already_daemonized = _B_TRUE;
947 
948 	/*
949 	 * Restore timer values, if we were able to save them; if not,
950 	 * check and set the right value by calling run_timeouts().
951 	 */
952 	if (timerval) {
953 		if (setitimer(ITIMER_REAL, &it, NULL) < 0) {
954 			logperror("daemonize_ndpd: setitimer");
955 			exit(2);
956 		}
957 	} else {
958 		run_timeouts();
959 	}
960 }
961 
962 /*
963  * Check to see if the time is right to daemonize.  The right time is when:
964  *
965  * 1.  We haven't already daemonized.
966  * 2.  We are not in debug mode.
967  * 3.  All interfaces are marked IFF_NOXMIT.
968  * 4.  All non-router interfaces have their prefixes set up and we're
969  *     done sending router solicitations on those interfaces without
970  *     prefixes.
971  */
972 static void
973 check_daemonize(void)
974 {
975 	struct phyint		*pi;
976 
977 	if (already_daemonized || debug != 0)
978 		return;
979 
980 	for (pi = phyints; pi != NULL; pi = pi->pi_next) {
981 		if (!(pi->pi_flags & IFF_NOXMIT))
982 			break;
983 	}
984 
985 	/*
986 	 * If we can't transmit on any of the interfaces there is no reason
987 	 * to hold up progress.
988 	 */
989 	if (pi == NULL) {
990 		daemonize_ndpd();
991 		return;
992 	}
993 
994 	/* Check all interfaces.  If any are still soliciting, just return. */
995 	for (pi = phyints; pi != NULL; pi = pi->pi_next) {
996 		if (pi->pi_AdvSendAdvertisements ||
997 		    !(pi->pi_kernel_state & PI_PRESENT))
998 			continue;
999 
1000 		if (pi->pi_sol_state == INIT_SOLICIT)
1001 			return;
1002 	}
1003 
1004 	daemonize_ndpd();
1005 }
1006 
1007 /*
1008  * Router solicitation state machine.
1009  * Return the number of milliseconds until next timeout (TIMER_INFINITY
1010  * if never).
1011  * For the SOL_TIMER event the caller passes in the number of milliseconds
1012  * since the last timer event in the 'elapsed' parameter.
1013  */
1014 uint_t
1015 solicit_event(struct phyint *pi, enum solicit_events event, uint_t elapsed)
1016 {
1017 	if (debug & D_STATE) {
1018 		logmsg(LOG_DEBUG, "solicit_event(%s, %d, %d) state %d\n",
1019 		    pi->pi_name, (int)event, elapsed, (int)pi->pi_sol_state);
1020 	}
1021 
1022 	if (pi->pi_AdvSendAdvertisements)
1023 		return (TIMER_INFINITY);
1024 	if (pi->pi_flags & IFF_NORTEXCH) {
1025 		if (debug & D_PKTOUT) {
1026 			logmsg(LOG_DEBUG, "Suppress sending RS packet on %s "
1027 			    "(no route exchange on interface)\n",
1028 			    pi->pi_name);
1029 		}
1030 		return (TIMER_INFINITY);
1031 	}
1032 
1033 	switch (event) {
1034 	case SOLICIT_OFF:
1035 		pi->pi_sol_state = NO_SOLICIT;
1036 		check_daemonize();
1037 		return (TIMER_INFINITY);
1038 
1039 	case SOLICIT_DONE:
1040 		pi->pi_sol_state = DONE_SOLICIT;
1041 		check_daemonize();
1042 		return (TIMER_INFINITY);
1043 
1044 	case START_INIT_SOLICIT:
1045 		if (pi->pi_sol_state == INIT_SOLICIT)
1046 			return (pi->pi_sol_time_left);
1047 		pi->pi_sol_count = ND_MAX_RTR_SOLICITATIONS;
1048 		pi->pi_sol_time_left =
1049 		    GET_RANDOM(0, ND_MAX_RTR_SOLICITATION_DELAY);
1050 		pi->pi_sol_state = INIT_SOLICIT;
1051 		break;
1052 
1053 	case SOL_TIMER:
1054 		if (pi->pi_sol_state == NO_SOLICIT)
1055 			return (TIMER_INFINITY);
1056 		/* Decrease time left */
1057 		if (pi->pi_sol_time_left >= elapsed)
1058 			pi->pi_sol_time_left -= elapsed;
1059 		else
1060 			pi->pi_sol_time_left = 0;
1061 		break;
1062 	default:
1063 		logmsg(LOG_ERR, "solicit_event: Unknown event %d\n",
1064 		    (int)event);
1065 		return (TIMER_INFINITY);
1066 	}
1067 
1068 	if (pi->pi_sol_time_left != 0)
1069 		return (pi->pi_sol_time_left);
1070 
1071 	/* Send solicitation and calculate next time */
1072 	switch (pi->pi_sol_state) {
1073 	case INIT_SOLICIT:
1074 		solicit(&v6allrouters, pi);
1075 		if (--pi->pi_sol_count == 0) {
1076 			pi->pi_sol_state = DONE_SOLICIT;
1077 			check_daemonize();
1078 			return (TIMER_INFINITY);
1079 		}
1080 		pi->pi_sol_time_left = ND_RTR_SOLICITATION_INTERVAL;
1081 		return (pi->pi_sol_time_left);
1082 	case NO_SOLICIT:
1083 	case DONE_SOLICIT:
1084 		return (TIMER_INFINITY);
1085 	default:
1086 		return (pi->pi_sol_time_left);
1087 	}
1088 }
1089 
1090 /*
1091  * Timer mechanism using relative time (in milliseconds) from the
1092  * previous timer event. Timers exceeding TIMER_INFINITY milliseconds
1093  * will fire after TIMER_INFINITY milliseconds.
1094  */
1095 static uint_t timer_previous;	/* When last SIGALRM occurred */
1096 static uint_t timer_next;	/* Currently scheduled timeout */
1097 
1098 static void
1099 timer_init(void)
1100 {
1101 	timer_previous = getcurrenttime();
1102 	timer_next = TIMER_INFINITY;
1103 	run_timeouts();
1104 }
1105 
1106 /*
1107  * Make sure the next SIGALRM occurs delay milliseconds from the current
1108  * time if not earlier.
1109  * Handles getcurrenttime (32 bit integer holding milliseconds) wraparound
1110  * by treating differences greater than 0x80000000 as negative.
1111  */
1112 void
1113 timer_schedule(uint_t delay)
1114 {
1115 	uint_t now;
1116 	struct itimerval itimerval;
1117 
1118 	now = getcurrenttime();
1119 	if (debug & D_TIMER) {
1120 		logmsg(LOG_DEBUG, "timer_schedule(%u): now %u next %u\n",
1121 		    delay, now, timer_next);
1122 	}
1123 	/* Will this timer occur before the currently scheduled SIGALRM? */
1124 	if (delay >= timer_next - now) {
1125 		if (debug & D_TIMER) {
1126 			logmsg(LOG_DEBUG, "timer_schedule(%u): no action - "
1127 			    "next in %u ms\n",
1128 			    delay, timer_next - now);
1129 		}
1130 		return;
1131 	}
1132 	if (delay == 0) {
1133 		/* Minimum allowed delay */
1134 		delay = 1;
1135 	}
1136 	timer_next = now + delay;
1137 
1138 	itimerval.it_value.tv_sec = delay / 1000;
1139 	itimerval.it_value.tv_usec = (delay % 1000) * 1000;
1140 	itimerval.it_interval.tv_sec = 0;
1141 	itimerval.it_interval.tv_usec = 0;
1142 	if (debug & D_TIMER) {
1143 		logmsg(LOG_DEBUG, "timer_schedule(%u): sec %lu usec %lu\n",
1144 		    delay,
1145 		    itimerval.it_value.tv_sec, itimerval.it_value.tv_usec);
1146 	}
1147 	if (setitimer(ITIMER_REAL, &itimerval, NULL) < 0) {
1148 		logperror("timer_schedule: setitimer");
1149 		exit(2);
1150 	}
1151 }
1152 
1153 /*
1154  * Conditional running of timer. If more than 'minimal_time' millseconds
1155  * since the timer routines were last run we run them.
1156  * Used when packets arrive.
1157  */
1158 static void
1159 conditional_run_timeouts(uint_t minimal_time)
1160 {
1161 	uint_t now;
1162 	uint_t elapsed;
1163 
1164 	now = getcurrenttime();
1165 	elapsed = now - timer_previous;
1166 	if (elapsed > minimal_time) {
1167 		if (debug & D_TIMER) {
1168 			logmsg(LOG_DEBUG, "conditional_run_timeouts: "
1169 			    "elapsed %d\n", elapsed);
1170 		}
1171 		run_timeouts();
1172 	}
1173 }
1174 
1175 /*
1176  * Timer has fired.
1177  * Determine when the next timer event will occur by asking all
1178  * the timer routines.
1179  * Should not be called from a timer routine but in some cases this is
1180  * done because the code doesn't know that e.g. it was called from
1181  * ifconfig_timer(). In this case the nested run_timeouts will just return but
1182  * the running run_timeouts will ensure to call all the timer functions by
1183  * looping once more.
1184  */
1185 static void
1186 run_timeouts(void)
1187 {
1188 	uint_t now;
1189 	uint_t elapsed;
1190 	uint_t next;
1191 	uint_t nexti;
1192 	struct phyint *pi;
1193 	struct phyint *next_pi;
1194 	struct prefix *pr;
1195 	struct prefix *next_pr;
1196 	struct adv_prefix *adv_pr;
1197 	struct adv_prefix *next_adv_pr;
1198 	struct router *dr;
1199 	struct router *next_dr;
1200 	static boolean_t timeout_running;
1201 	static boolean_t do_retry;
1202 
1203 	if (timeout_running) {
1204 		if (debug & D_TIMER)
1205 			logmsg(LOG_DEBUG, "run_timeouts: nested call\n");
1206 		do_retry = _B_TRUE;
1207 		return;
1208 	}
1209 	timeout_running = _B_TRUE;
1210 retry:
1211 	/* How much time since the last time we were called? */
1212 	now = getcurrenttime();
1213 	elapsed = now - timer_previous;
1214 	timer_previous = now;
1215 
1216 	if (debug & D_TIMER)
1217 		logmsg(LOG_DEBUG, "run_timeouts: elapsed %d\n", elapsed);
1218 
1219 	next = TIMER_INFINITY;
1220 	for (pi = phyints; pi != NULL; pi = next_pi) {
1221 		next_pi = pi->pi_next;
1222 		nexti = phyint_timer(pi, elapsed);
1223 		if (nexti != TIMER_INFINITY && nexti < next)
1224 			next = nexti;
1225 		if (debug & D_TIMER) {
1226 			logmsg(LOG_DEBUG, "run_timeouts (pi %s): %d -> %u ms\n",
1227 			    pi->pi_name, nexti, next);
1228 		}
1229 		for (pr = pi->pi_prefix_list; pr != NULL; pr = next_pr) {
1230 			next_pr = pr->pr_next;
1231 			nexti = prefix_timer(pr, elapsed);
1232 			if (nexti != TIMER_INFINITY && nexti < next)
1233 				next = nexti;
1234 			if (debug & D_TIMER) {
1235 				logmsg(LOG_DEBUG, "run_timeouts (pr %s): "
1236 				    "%d -> %u ms\n", pr->pr_name, nexti, next);
1237 			}
1238 		}
1239 		for (adv_pr = pi->pi_adv_prefix_list; adv_pr != NULL;
1240 		    adv_pr = next_adv_pr) {
1241 			next_adv_pr = adv_pr->adv_pr_next;
1242 			nexti = adv_prefix_timer(adv_pr, elapsed);
1243 			if (nexti != TIMER_INFINITY && nexti < next)
1244 				next = nexti;
1245 			if (debug & D_TIMER) {
1246 				logmsg(LOG_DEBUG, "run_timeouts "
1247 				    "(adv pr on %s): %d -> %u ms\n",
1248 				    adv_pr->adv_pr_physical->pi_name,
1249 				    nexti, next);
1250 			}
1251 		}
1252 		for (dr = pi->pi_router_list; dr != NULL; dr = next_dr) {
1253 			next_dr = dr->dr_next;
1254 			nexti = router_timer(dr, elapsed);
1255 			if (nexti != TIMER_INFINITY && nexti < next)
1256 				next = nexti;
1257 			if (debug & D_TIMER) {
1258 				logmsg(LOG_DEBUG, "run_timeouts (dr): "
1259 				    "%d -> %u ms\n", nexti, next);
1260 			}
1261 		}
1262 		if (pi->pi_TmpAddrsEnabled) {
1263 			nexti = tmptoken_timer(pi, elapsed);
1264 			if (nexti != TIMER_INFINITY && nexti < next)
1265 				next = nexti;
1266 			if (debug & D_TIMER) {
1267 				logmsg(LOG_DEBUG, "run_timeouts (tmp on %s): "
1268 				    "%d -> %u ms\n", pi->pi_name, nexti, next);
1269 			}
1270 		}
1271 	}
1272 	/*
1273 	 * Make sure the timer functions are run at least once
1274 	 * an hour.
1275 	 */
1276 	if (next == TIMER_INFINITY)
1277 		next = 3600 * 1000;	/* 1 hour */
1278 
1279 	if (debug & D_TIMER)
1280 		logmsg(LOG_DEBUG, "run_timeouts: %u ms\n", next);
1281 	timer_schedule(next);
1282 	if (do_retry) {
1283 		if (debug & D_TIMER)
1284 			logmsg(LOG_DEBUG, "run_timeouts: retry\n");
1285 		do_retry = _B_FALSE;
1286 		goto retry;
1287 	}
1288 	timeout_running = _B_FALSE;
1289 }
1290 
1291 static int eventpipe_read = -1;	/* Used for synchronous signal delivery */
1292 static int eventpipe_write = -1;
1293 
1294 /*
1295  * Ensure that signals are processed synchronously with the rest of
1296  * the code by just writing a one character signal number on the pipe.
1297  * The poll loop will pick this up and process the signal event.
1298  */
1299 static void
1300 sig_handler(int signo)
1301 {
1302 	uchar_t buf = (uchar_t)signo;
1303 
1304 	if (eventpipe_write == -1) {
1305 		logmsg(LOG_ERR, "sig_handler: no pipe\n");
1306 		return;
1307 	}
1308 	if (write(eventpipe_write, &buf, sizeof (buf)) < 0)
1309 		logperror("sig_handler: write");
1310 }
1311 
1312 /*
1313  * Pick up a signal "byte" from the pipe and process it.
1314  */
1315 static void
1316 in_signal(int fd)
1317 {
1318 	uchar_t buf;
1319 	struct phyint *pi;
1320 	struct phyint *next_pi;
1321 
1322 	switch (read(fd, &buf, sizeof (buf))) {
1323 	case -1:
1324 		logperror("in_signal: read");
1325 		exit(1);
1326 		/* NOTREACHED */
1327 	case 1:
1328 		break;
1329 	case 0:
1330 		logmsg(LOG_ERR, "in_signal: read eof\n");
1331 		exit(1);
1332 		/* NOTREACHED */
1333 	default:
1334 		logmsg(LOG_ERR, "in_signal: read > 1\n");
1335 		exit(1);
1336 	}
1337 
1338 	if (debug & D_TIMER)
1339 		logmsg(LOG_DEBUG, "in_signal() got %d\n", buf);
1340 
1341 	switch (buf) {
1342 	case SIGALRM:
1343 		if (debug & D_TIMER) {
1344 			uint_t now = getcurrenttime();
1345 
1346 			logmsg(LOG_DEBUG, "in_signal(SIGALRM) delta %u\n",
1347 			    now - timer_next);
1348 		}
1349 		timer_next = TIMER_INFINITY;
1350 		run_timeouts();
1351 		break;
1352 	case SIGHUP:
1353 		/* Re-read config file by exec'ing ourselves */
1354 		for (pi = phyints; pi != NULL; pi = next_pi) {
1355 			next_pi = pi->pi_next;
1356 			if (pi->pi_AdvSendAdvertisements)
1357 				check_to_advertise(pi, START_FINAL_ADV);
1358 
1359 			phyint_delete(pi);
1360 		}
1361 
1362 		/*
1363 		 * Prevent fd leaks.  Everything gets re-opened at start-up
1364 		 * time.  0, 1, and 2 are closed and re-opened as
1365 		 * /dev/null, so we'll leave those open.
1366 		 */
1367 		closefrom(3);
1368 
1369 		logmsg(LOG_ERR, "SIGHUP: restart and reread config file\n");
1370 		(void) execv(argv0[0], argv0);
1371 		(void) unlink(PATH_PID);
1372 		_exit(0177);
1373 		/* NOTREACHED */
1374 	case SIGUSR1:
1375 		logmsg(LOG_DEBUG, "Printing configuration:\n");
1376 		phyint_print_all();
1377 		break;
1378 	case SIGINT:
1379 	case SIGTERM:
1380 	case SIGQUIT:
1381 		for (pi = phyints; pi != NULL; pi = next_pi) {
1382 			next_pi = pi->pi_next;
1383 			if (pi->pi_AdvSendAdvertisements)
1384 				check_to_advertise(pi, START_FINAL_ADV);
1385 
1386 			phyint_delete(pi);
1387 		}
1388 		(void) unlink(NDPD_SNMP_SOCKET);
1389 		(void) unlink(PATH_PID);
1390 		exit(0);
1391 		/* NOTREACHED */
1392 	case 255:
1393 		/*
1394 		 * Special "signal" from looback_ra_enqueue.
1395 		 * Handle any queued loopback router advertisements.
1396 		 */
1397 		loopback_ra_dequeue();
1398 		break;
1399 	default:
1400 		logmsg(LOG_ERR, "in_signal: unknown signal: %d\n", buf);
1401 	}
1402 }
1403 
1404 /*
1405  * Create pipe for signal delivery and set up signal handlers.
1406  */
1407 static void
1408 setup_eventpipe(void)
1409 {
1410 	int fds[2];
1411 	struct sigaction act;
1412 
1413 	if ((pipe(fds)) < 0) {
1414 		logperror("setup_eventpipe: pipe");
1415 		exit(1);
1416 	}
1417 	eventpipe_read = fds[0];
1418 	eventpipe_write = fds[1];
1419 	if (poll_add(eventpipe_read) == -1) {
1420 		exit(1);
1421 	}
1422 	act.sa_handler = sig_handler;
1423 	act.sa_flags = SA_RESTART;
1424 	(void) sigaction(SIGALRM, &act, NULL);
1425 
1426 	(void) sigset(SIGHUP, sig_handler);
1427 	(void) sigset(SIGUSR1, sig_handler);
1428 	(void) sigset(SIGTERM, sig_handler);
1429 	(void) sigset(SIGINT, sig_handler);
1430 	(void) sigset(SIGQUIT, sig_handler);
1431 }
1432 
1433 /*
1434  * Create a routing socket for receiving RTM_IFINFO messages and initialize
1435  * the routing socket message header and as much of the sockaddrs as possible.
1436  */
1437 static int
1438 setup_rtsock(void)
1439 {
1440 	int s;
1441 	int ret;
1442 	char *cp;
1443 	struct sockaddr_in6 *sin6;
1444 
1445 	s = socket(PF_ROUTE, SOCK_RAW, AF_INET6);
1446 	if (s == -1) {
1447 		logperror("socket(PF_ROUTE)");
1448 		exit(1);
1449 	}
1450 	ret = fcntl(s, F_SETFL, O_NDELAY|O_NONBLOCK);
1451 	if (ret < 0) {
1452 		logperror("fcntl(O_NDELAY)");
1453 		exit(1);
1454 	}
1455 	if (poll_add(s) == -1) {
1456 		exit(1);
1457 	}
1458 
1459 	/*
1460 	 * Allocate storage for the routing socket message.
1461 	 */
1462 	rt_msg = (struct rt_msghdr *)malloc(NDP_RTM_MSGLEN);
1463 	if (rt_msg == NULL) {
1464 		logperror("malloc");
1465 		exit(1);
1466 	}
1467 
1468 	/*
1469 	 * Initialize the routing socket message by zero-filling it and then
1470 	 * setting the fields where are constant through the lifetime of the
1471 	 * process.
1472 	 */
1473 	bzero(rt_msg, NDP_RTM_MSGLEN);
1474 	rt_msg->rtm_msglen = NDP_RTM_MSGLEN;
1475 	rt_msg->rtm_version = RTM_VERSION;
1476 	rt_msg->rtm_addrs = RTA_DST | RTA_GATEWAY | RTA_NETMASK | RTA_IFP;
1477 	rt_msg->rtm_pid = getpid();
1478 	if (rt_msg->rtm_pid < 0) {
1479 		logperror("getpid");
1480 		exit(1);
1481 	}
1482 
1483 	/*
1484 	 * The RTA_DST sockaddr does not change during the lifetime of the
1485 	 * process so it can be completely initialized at this time.
1486 	 */
1487 	cp = (char *)rt_msg + sizeof (struct rt_msghdr);
1488 	sin6 = (struct sockaddr_in6 *)cp;
1489 	sin6->sin6_family = AF_INET6;
1490 	sin6->sin6_addr = in6addr_any;
1491 
1492 	/*
1493 	 * Initialize the constant portion of the RTA_GATEWAY sockaddr.
1494 	 */
1495 	cp += sizeof (struct sockaddr_in6);
1496 	rta_gateway = (struct sockaddr_in6 *)cp;
1497 	rta_gateway->sin6_family = AF_INET6;
1498 
1499 	/*
1500 	 * The RTA_NETMASK sockaddr does not change during the lifetime of the
1501 	 * process so it can be completely initialized at this time.
1502 	 */
1503 	cp += sizeof (struct sockaddr_in6);
1504 	sin6 = (struct sockaddr_in6 *)cp;
1505 	sin6->sin6_family = AF_INET6;
1506 	sin6->sin6_addr = in6addr_any;
1507 
1508 	/*
1509 	 * Initialize the constant portion of the RTA_IFP sockaddr.
1510 	 */
1511 	cp += sizeof (struct sockaddr_in6);
1512 	rta_ifp = (struct sockaddr_dl *)cp;
1513 	rta_ifp->sdl_family = AF_LINK;
1514 
1515 	return (s);
1516 }
1517 
1518 static int
1519 setup_mibsock(void)
1520 {
1521 	int sock;
1522 	int ret;
1523 	int len;
1524 	struct sockaddr_un laddr;
1525 
1526 	sock = socket(AF_UNIX, SOCK_DGRAM, 0);
1527 	if (sock == -1) {
1528 		logperror("setup_mibsock: socket(AF_UNIX)");
1529 		exit(1);
1530 	}
1531 
1532 	bzero(&laddr, sizeof (laddr));
1533 	laddr.sun_family = AF_UNIX;
1534 
1535 	(void) strncpy(laddr.sun_path, NDPD_SNMP_SOCKET,
1536 	    sizeof (laddr.sun_path));
1537 	len = sizeof (struct sockaddr_un);
1538 
1539 	(void) unlink(NDPD_SNMP_SOCKET);
1540 	ret = bind(sock, (struct sockaddr *)&laddr, len);
1541 	if (ret < 0) {
1542 		logperror("setup_mibsock: bind\n");
1543 		exit(1);
1544 	}
1545 
1546 	ret = fcntl(sock, F_SETFL, O_NONBLOCK);
1547 	if (ret < 0) {
1548 		logperror("fcntl(O_NONBLOCK)");
1549 		exit(1);
1550 	}
1551 	if (poll_add(sock) == -1) {
1552 		exit(1);
1553 	}
1554 	return (sock);
1555 }
1556 
1557 /*
1558  * Retrieve one routing socket message. If RTM_IFINFO indicates
1559  * new phyint do a full scan of the interfaces. If RTM_IFINFO
1560  * indicates an existing phyint, only scan that phyint and associated
1561  * prefixes.
1562  */
1563 static void
1564 process_rtsock(int rtsock)
1565 {
1566 	int n;
1567 #define	MSG_SIZE	2048/8
1568 	int64_t msg[MSG_SIZE];
1569 	struct rt_msghdr *rtm;
1570 	struct if_msghdr *ifm;
1571 	struct phyint *pi;
1572 	struct prefix *pr;
1573 	boolean_t need_initifs = _B_FALSE;
1574 	boolean_t need_ifscan = _B_FALSE;
1575 	int64_t	ifscan_msg[10][MSG_SIZE];
1576 	int ifscan_index = 0;
1577 	int i;
1578 
1579 	/* Empty the rtsock and coealesce all the work that we have */
1580 	while (ifscan_index < 10) {
1581 		n = read(rtsock, msg, sizeof (msg));
1582 		if (n <= 0) {
1583 			/* No more messages */
1584 			break;
1585 		}
1586 		rtm = (struct rt_msghdr *)msg;
1587 		if (rtm->rtm_version != RTM_VERSION) {
1588 			logmsg(LOG_ERR,
1589 			    "process_rtsock: version %d not understood\n",
1590 			    rtm->rtm_version);
1591 			return;
1592 		}
1593 		switch (rtm->rtm_type) {
1594 		case RTM_NEWADDR:
1595 		case RTM_DELADDR:
1596 			/*
1597 			 * Some logical interface has changed - have to scan
1598 			 * everything to determine what actually changed.
1599 			 */
1600 			if (debug & D_IFSCAN) {
1601 				logmsg(LOG_DEBUG, "process_rtsock: "
1602 				    "message %d\n", rtm->rtm_type);
1603 			}
1604 			need_initifs = _B_TRUE;
1605 			break;
1606 		case RTM_IFINFO:
1607 			need_ifscan = _B_TRUE;
1608 			(void) memcpy(ifscan_msg[ifscan_index], rtm,
1609 			    sizeof (msg));
1610 			ifscan_index++;
1611 			/* Handled below */
1612 			break;
1613 		default:
1614 			/* Not interesting */
1615 			break;
1616 		}
1617 	}
1618 	/*
1619 	 * If we do full scan i.e initifs, we don't need to
1620 	 * scan a particular interface as we should have
1621 	 * done that as part of initifs.
1622 	 */
1623 	if (need_initifs) {
1624 		initifs(_B_FALSE);
1625 		return;
1626 	}
1627 
1628 	if (!need_ifscan)
1629 		return;
1630 
1631 	for (i = 0; i < ifscan_index; i++) {
1632 		ifm = (struct if_msghdr *)ifscan_msg[i];
1633 		if (debug & D_IFSCAN)
1634 			logmsg(LOG_DEBUG, "process_rtsock: index %d\n",
1635 			    ifm->ifm_index);
1636 
1637 		pi = phyint_lookup_on_index(ifm->ifm_index);
1638 		if (pi == NULL) {
1639 			/*
1640 			 * A new physical interface. Do a full scan of the
1641 			 * to catch any new logical interfaces.
1642 			 */
1643 			initifs(_B_FALSE);
1644 			return;
1645 		}
1646 
1647 		if (ifm->ifm_flags != pi->pi_flags) {
1648 			if (debug & D_IFSCAN) {
1649 				logmsg(LOG_DEBUG, "process_rtsock: clr for "
1650 				    "%s old flags 0x%x new flags 0x%x\n",
1651 				    pi->pi_name, pi->pi_flags, ifm->ifm_flags);
1652 			}
1653 		}
1654 
1655 
1656 		/*
1657 		 * Mark the interfaces so that we can find phyints and prefixes
1658 		 * which have disappeared from the kernel.
1659 		 * if_process will set pr_in_use when it finds the
1660 		 * interface in the kernel.
1661 		 * Before re-examining the state of the interfaces,
1662 		 * PI_PRESENT should be cleared from pi_kernel_state.
1663 		 */
1664 		pi->pi_kernel_state &= ~PI_PRESENT;
1665 		for (pr = pi->pi_prefix_list; pr != NULL; pr = pr->pr_next) {
1666 			pr->pr_in_use = _B_FALSE;
1667 		}
1668 
1669 		if (ifsock < 0) {
1670 			ifsock = socket(AF_INET6, SOCK_DGRAM, 0);
1671 			if (ifsock < 0) {
1672 				logperror("process_rtsock: socket");
1673 				return;
1674 			}
1675 		}
1676 		if_process(ifsock, pi->pi_name, _B_FALSE);
1677 		for (pr = pi->pi_prefix_list; pr != NULL; pr = pr->pr_next) {
1678 			if_process(ifsock, pr->pr_name, _B_FALSE);
1679 		}
1680 		/*
1681 		 * If interface (still) exists in kernel, set
1682 		 * pi_state to indicate that.
1683 		 */
1684 		if (pi->pi_kernel_state & PI_PRESENT) {
1685 			pi->pi_state |= PI_PRESENT;
1686 		}
1687 		check_if_removed(pi);
1688 		if (show_ifs)
1689 			phyint_print_all();
1690 	}
1691 }
1692 
1693 static void
1694 process_mibsock(int mibsock)
1695 {
1696 	struct phyint *pi;
1697 	socklen_t fromlen;
1698 	struct sockaddr_un from;
1699 	ndpd_info_t ndpd_info;
1700 	ssize_t len;
1701 	int command;
1702 
1703 	fromlen = (socklen_t)sizeof (from);
1704 	len = recvfrom(mibsock, &command, sizeof (int), 0,
1705 	    (struct sockaddr *)&from, &fromlen);
1706 
1707 	if (len < sizeof (int) || command != NDPD_SNMP_INFO_REQ) {
1708 		logperror("process_mibsock: bad command \n");
1709 		return;
1710 	}
1711 
1712 	ndpd_info.info_type = NDPD_SNMP_INFO_RESPONSE;
1713 	ndpd_info.info_version = NDPD_SNMP_INFO_VER;
1714 	ndpd_info.info_num_of_phyints = num_of_phyints;
1715 
1716 	(void) sendto(mibsock, &ndpd_info, sizeof (ndpd_info_t), 0,
1717 	    (struct sockaddr *)&from, fromlen);
1718 
1719 	for (pi = phyints; pi != NULL; pi = pi->pi_next) {
1720 		int prefixes;
1721 		int routers;
1722 		struct prefix   *prefix_list;
1723 		struct router   *router_list;
1724 		ndpd_phyint_info_t phyint;
1725 		ndpd_prefix_info_t prefix;
1726 		ndpd_router_info_t router;
1727 		/*
1728 		 * get number of prefixes
1729 		 */
1730 		routers = 0;
1731 		prefixes = 0;
1732 		prefix_list = pi->pi_prefix_list;
1733 		while (prefix_list != NULL) {
1734 			prefixes++;
1735 			prefix_list = prefix_list->pr_next;
1736 		}
1737 
1738 		/*
1739 		 * get number of routers
1740 		 */
1741 		router_list = pi->pi_router_list;
1742 		while (router_list != NULL) {
1743 			routers++;
1744 			router_list = router_list->dr_next;
1745 		}
1746 
1747 		phyint.phyint_info_type = NDPD_PHYINT_INFO;
1748 		phyint.phyint_info_version = NDPD_PHYINT_INFO_VER;
1749 		phyint.phyint_index = pi->pi_index;
1750 		bcopy(pi->pi_config,
1751 		    phyint.phyint_config, I_IFSIZE);
1752 		phyint.phyint_num_of_prefixes = prefixes;
1753 		phyint.phyint_num_of_routers = routers;
1754 		(void) sendto(mibsock, &phyint, sizeof (phyint), 0,
1755 		    (struct sockaddr *)&from, fromlen);
1756 
1757 		/*
1758 		 * Copy prefix information
1759 		 */
1760 
1761 		prefix_list = pi->pi_prefix_list;
1762 		while (prefix_list != NULL) {
1763 			prefix.prefix_info_type = NDPD_PREFIX_INFO;
1764 			prefix.prefix_info_version = NDPD_PREFIX_INFO_VER;
1765 			prefix.prefix_prefix = prefix_list->pr_prefix;
1766 			prefix.prefix_len = prefix_list->pr_prefix_len;
1767 			prefix.prefix_flags = prefix_list->pr_flags;
1768 			prefix.prefix_phyint_index = pi->pi_index;
1769 			prefix.prefix_ValidLifetime =
1770 			    prefix_list->pr_ValidLifetime;
1771 			prefix.prefix_PreferredLifetime =
1772 			    prefix_list->pr_PreferredLifetime;
1773 			prefix.prefix_OnLinkLifetime =
1774 			    prefix_list->pr_OnLinkLifetime;
1775 			prefix.prefix_OnLinkFlag =
1776 			    prefix_list->pr_OnLinkFlag;
1777 			prefix.prefix_AutonomousFlag =
1778 			    prefix_list->pr_AutonomousFlag;
1779 			(void) sendto(mibsock, &prefix, sizeof (prefix), 0,
1780 			    (struct sockaddr *)&from, fromlen);
1781 			prefix_list = prefix_list->pr_next;
1782 		}
1783 		/*
1784 		 * Copy router information
1785 		 */
1786 		router_list = pi->pi_router_list;
1787 		while (router_list != NULL) {
1788 			router.router_info_type = NDPD_ROUTER_INFO;
1789 			router.router_info_version = NDPD_ROUTER_INFO_VER;
1790 			router.router_address = router_list->dr_address;
1791 			router.router_lifetime = router_list->dr_lifetime;
1792 			router.router_phyint_index = pi->pi_index;
1793 			(void) sendto(mibsock, &router, sizeof (router), 0,
1794 			    (struct sockaddr *)&from, fromlen);
1795 			router_list = router_list->dr_next;
1796 		}
1797 	}
1798 }
1799 
1800 /*
1801  * Check whether the address formed by pr->pr_prefix and pi_token
1802  * exists in the kernel. Cannot call SIOCTMYADDR/ONLINK as it
1803  * does not check for down addresses. This function should not
1804  * be called for onlink prefixes.
1805  */
1806 static boolean_t
1807 is_address_present(struct phyint *pi, struct prefix *pr, uint64_t flags)
1808 {
1809 	int s;
1810 	in6_addr_t addr, *token;
1811 	int i;
1812 	int ret;
1813 	struct sockaddr_in6 sin6;
1814 
1815 	s = socket(AF_INET6, SOCK_DGRAM, 0);
1816 	if (s < 0) {
1817 		logperror("is_address_present: socket");
1818 		/*
1819 		 * By returning B_TRUE, we make the caller delete
1820 		 * the prefix from the internal table. In the worst
1821 		 * case the next RA will create the prefix.
1822 		 */
1823 		return (_B_TRUE);
1824 	}
1825 	if (flags & IFF_TEMPORARY)
1826 		token = &pi->pi_tmp_token;
1827 	else
1828 		token = &pi->pi_token;
1829 	for (i = 0; i < 16; i++) {
1830 		/*
1831 		 * prefix_create ensures that pr_prefix has all-zero
1832 		 * bits after prefixlen.
1833 		 */
1834 		addr.s6_addr[i] = pr->pr_prefix.s6_addr[i] | token->s6_addr[i];
1835 	}
1836 	(void) memset(&sin6, 0, sizeof (struct sockaddr_in6));
1837 	sin6.sin6_family = AF_INET6;
1838 	sin6.sin6_addr = addr;
1839 	ret = bind(s, (struct sockaddr *)&sin6, sizeof (struct sockaddr_in6));
1840 	(void) close(s);
1841 	if (ret < 0 && errno == EADDRNOTAVAIL)
1842 		return (_B_FALSE);
1843 	else
1844 		return (_B_TRUE);
1845 }
1846 
1847 /*
1848  * Look if the phyint or one of its prefixes have been removed from
1849  * the kernel and take appropriate action.
1850  * Uses {pi,pr}_in_use.
1851  */
1852 static void
1853 check_if_removed(struct phyint *pi)
1854 {
1855 	struct prefix *pr;
1856 	struct prefix *next_pr;
1857 
1858 	/*
1859 	 * Detect phyints that have been removed from the kernel.
1860 	 * Since we can't recreate it here (would require ifconfig plumb
1861 	 * logic) we just terminate use of that phyint.
1862 	 */
1863 	if (!(pi->pi_kernel_state & PI_PRESENT) &&
1864 	    (pi->pi_state & PI_PRESENT)) {
1865 		logmsg(LOG_ERR, "Interface %s has been removed from kernel. "
1866 		    "in.ndpd will no longer use it\n", pi->pi_name);
1867 		/*
1868 		 * Clear state so that should the phyint reappear
1869 		 * we will start with initial advertisements or
1870 		 * solicitations.
1871 		 */
1872 		phyint_cleanup(pi);
1873 	}
1874 	/*
1875 	 * Detect prefixes which are removed.
1876 	 *
1877 	 * We remove the prefix in all of the following cases :
1878 	 *
1879 	 * 1) Static prefixes are not the ones we create. So,
1880 	 *    just remove it from our tables.
1881 	 *
1882 	 * 2) On-link prefixes potentially move to a different
1883 	 *    phyint during failover. As it does not have
1884 	 *    an address, we can't use the logic in is_address_present
1885 	 *    to detect whether it is present in the kernel or not.
1886 	 *    Thus when it is manually removed we don't recreate it.
1887 	 *
1888 	 * 3) If there is a token mis-match and this prefix is not
1889 	 *    in the kernel, it means we don't need this prefix on
1890 	 *    this interface anymore. It must have been moved to a
1891 	 *    different interface by in.mpathd. This normally
1892 	 *    happens after a failover followed by a failback (or
1893 	 *    another failover) and we re-read the network
1894 	 *    configuration. For the failover from A to B, we would
1895 	 *    have created state on B about A's address, which will
1896 	 *    not be in use after the subsequent failback. So, we
1897 	 *    remove that prefix here.
1898 	 *
1899 	 * 4) If the physical interface is not present, then remove
1900 	 *    the prefix. In the cases where we are advertising
1901 	 *    prefixes, the state is kept in advertisement prefix and
1902 	 *    hence we can delete the prefix.
1903 	 *
1904 	 * 5) Similar to case (3), when we failover from A to B, the
1905 	 *    prefix in A will not be in use as it has been moved to B.
1906 	 *    We will delete it from our tables and recreate it when
1907 	 *    it fails back. is_address_present makes sure that the
1908 	 *    address is still valid in kernel.
1909 	 *
1910 	 * If none of the above is true, we recreate the prefix as it
1911 	 * has been manually removed. We do it only when the interface
1912 	 * is not FAILED or INACTIVE or OFFLINE.
1913 	 */
1914 	for (pr = pi->pi_prefix_list; pr != NULL; pr = next_pr) {
1915 		next_pr = pr->pr_next;
1916 		if (!pr->pr_in_use) {
1917 			/* Clear PR_AUTO and PR_ONLINK */
1918 			pr->pr_kernel_state &= PR_STATIC;
1919 			if ((pr->pr_state & PR_STATIC) ||
1920 			    !(pr->pr_state & PR_AUTO) ||
1921 			    !(prefix_token_match(pi, pr, pr->pr_flags)) ||
1922 			    (!(pi->pi_kernel_state & PI_PRESENT)) ||
1923 			    (is_address_present(pi, pr, pr->pr_flags))) {
1924 				prefix_delete(pr);
1925 			} else if (!(pi->pi_flags &
1926 			    (IFF_FAILED|IFF_INACTIVE|IFF_OFFLINE)) &&
1927 			    pr->pr_state != pr->pr_kernel_state) {
1928 				pr->pr_name[0] = '\0';
1929 				logmsg(LOG_INFO, "Prefix manually removed "
1930 				    "on %s - recreating it!\n",
1931 				    pi->pi_name);
1932 				prefix_update_k(pr);
1933 			}
1934 		}
1935 	}
1936 }
1937 
1938 
1939 /*
1940  * Queuing mechanism for router advertisements that are sent by in.ndpd
1941  * and that also need to be processed by in.ndpd.
1942  * Uses "signal number" 255 to indicate to the main poll loop
1943  * that there is something to dequeue and send to incomining_ra().
1944  */
1945 struct raq {
1946 	struct raq	*raq_next;
1947 	struct phyint	*raq_pi;
1948 	int		raq_packetlen;
1949 	uchar_t		*raq_packet;
1950 };
1951 static struct raq *raq_head = NULL;
1952 
1953 /*
1954  * Allocate a struct raq and memory for the packet.
1955  * Send signal 255 to have poll dequeue.
1956  */
1957 static void
1958 loopback_ra_enqueue(struct phyint *pi, struct nd_router_advert *ra, int len)
1959 {
1960 	struct raq *raq;
1961 	struct raq **raqp;
1962 
1963 	if (no_loopback)
1964 		return;
1965 
1966 	if (debug & D_PKTOUT)
1967 		logmsg(LOG_DEBUG, "loopback_ra_enqueue for %s\n", pi->pi_name);
1968 
1969 	raq = calloc(sizeof (struct raq), 1);
1970 	if (raq == NULL) {
1971 		logmsg(LOG_ERR, "loopback_ra_enqueue: out of memory\n");
1972 		return;
1973 	}
1974 	raq->raq_packet = malloc(len);
1975 	if (raq->raq_packet == NULL) {
1976 		free(raq);
1977 		logmsg(LOG_ERR, "loopback_ra_enqueue: out of memory\n");
1978 		return;
1979 	}
1980 	bcopy(ra, raq->raq_packet, len);
1981 	raq->raq_packetlen = len;
1982 	raq->raq_pi = pi;
1983 
1984 	/* Tail insert */
1985 	raqp = &raq_head;
1986 	while (*raqp != NULL)
1987 		raqp = &((*raqp)->raq_next);
1988 	*raqp = raq;
1989 
1990 	/* Signal for poll loop */
1991 	sig_handler(255);
1992 }
1993 
1994 /*
1995  * Dequeue and process all queued advertisements.
1996  */
1997 static void
1998 loopback_ra_dequeue(void)
1999 {
2000 	struct sockaddr_in6 from = IN6ADDR_LOOPBACK_INIT;
2001 	struct raq *raq;
2002 
2003 	if (debug & D_PKTIN)
2004 		logmsg(LOG_DEBUG, "loopback_ra_dequeue()\n");
2005 
2006 	while ((raq = raq_head) != NULL) {
2007 		raq_head = raq->raq_next;
2008 		raq->raq_next = NULL;
2009 
2010 		if (debug & D_PKTIN) {
2011 			logmsg(LOG_DEBUG, "loopback_ra_dequeue for %s\n",
2012 			    raq->raq_pi->pi_name);
2013 		}
2014 
2015 		incoming_ra(raq->raq_pi,
2016 		    (struct nd_router_advert *)raq->raq_packet,
2017 		    raq->raq_packetlen, &from, _B_TRUE);
2018 		free(raq->raq_packet);
2019 		free(raq);
2020 	}
2021 }
2022 
2023 
2024 static void
2025 usage(char *cmd)
2026 {
2027 	(void) fprintf(stderr,
2028 	    "usage: %s [ -adt ] [-f <config file>]\n", cmd);
2029 }
2030 
2031 int
2032 main(int argc, char *argv[])
2033 {
2034 	int i;
2035 	struct phyint *pi;
2036 	int c;
2037 	char *config_file = PATH_NDPD_CONF;
2038 	boolean_t file_required = _B_FALSE;
2039 
2040 	argv0 = argv;
2041 	srandom(gethostid());
2042 	(void) umask(0022);
2043 
2044 	while ((c = getopt(argc, argv, "adD:ntIf:")) != EOF) {
2045 		switch (c) {
2046 		case 'a':
2047 			/*
2048 			 * The StatelessAddrConf variable in ndpd.conf, if
2049 			 * present, will override this setting.
2050 			 */
2051 			ifdefaults[I_StatelessAddrConf].cf_value = 0;
2052 			break;
2053 		case 'd':
2054 			debug = D_ALL;
2055 			break;
2056 		case 'D':
2057 			i = strtol((char *)optarg, NULL, 0);
2058 			if (i == 0) {
2059 				(void) fprintf(stderr, "Bad debug flags: %s\n",
2060 				    (char *)optarg);
2061 				exit(1);
2062 			}
2063 			debug |= i;
2064 			break;
2065 		case 'n':
2066 			no_loopback = 1;
2067 			break;
2068 		case 'I':
2069 			show_ifs = 1;
2070 			break;
2071 		case 't':
2072 			debug |= D_PKTIN | D_PKTOUT | D_PKTBAD;
2073 			break;
2074 		case 'f':
2075 			config_file = (char *)optarg;
2076 			file_required = _B_TRUE;
2077 			break;
2078 		case '?':
2079 			usage(argv[0]);
2080 			exit(1);
2081 		}
2082 	}
2083 
2084 	if (parse_config(config_file, file_required) == -1)
2085 		exit(2);
2086 
2087 	if (show_ifs)
2088 		phyint_print_all();
2089 
2090 	if (debug == 0) {
2091 		initlog();
2092 	}
2093 
2094 	setup_eventpipe();
2095 	rtsock = setup_rtsock();
2096 	mibsock = setup_mibsock();
2097 	timer_init();
2098 	initifs(_B_TRUE);
2099 
2100 	check_daemonize();
2101 
2102 	for (;;) {
2103 		if (poll(pollfds, pollfd_num, -1) < 0) {
2104 			if (errno == EINTR)
2105 				continue;
2106 			logperror("main: poll");
2107 			exit(1);
2108 		}
2109 		for (i = 0; i < pollfd_num; i++) {
2110 			if (!(pollfds[i].revents & POLLIN))
2111 				continue;
2112 			if (pollfds[i].fd == eventpipe_read) {
2113 				in_signal(eventpipe_read);
2114 				break;
2115 			}
2116 			if (pollfds[i].fd == rtsock) {
2117 				process_rtsock(rtsock);
2118 				break;
2119 			}
2120 			if (pollfds[i].fd == mibsock) {
2121 				process_mibsock(mibsock);
2122 				break;
2123 			}
2124 			/*
2125 			 * Run timer routine to advance clock if more than
2126 			 * half a second since the clock was advanced.
2127 			 * This limits CPU usage under severe packet
2128 			 * arrival rates but it creates a slight inaccuracy
2129 			 * in the timer mechanism.
2130 			 */
2131 			conditional_run_timeouts(500U);
2132 			for (pi = phyints; pi != NULL; pi = pi->pi_next) {
2133 				if (pollfds[i].fd == pi->pi_sock) {
2134 					in_data(pi);
2135 					break;
2136 				}
2137 			}
2138 		}
2139 	}
2140 	/* NOTREACHED */
2141 	return (0);
2142 }
2143 
2144 /*
2145  * LOGGER
2146  */
2147 
2148 static boolean_t logging = _B_FALSE;
2149 
2150 static void
2151 initlog(void)
2152 {
2153 	logging = _B_TRUE;
2154 	openlog("in.ndpd", LOG_PID | LOG_CONS, LOG_DAEMON);
2155 }
2156 
2157 /* Print the date/time without a trailing carridge return */
2158 static void
2159 fprintdate(FILE *file)
2160 {
2161 	char buf[BUFSIZ];
2162 	struct tm tms;
2163 	time_t now;
2164 
2165 	now = time(NULL);
2166 	(void) localtime_r(&now, &tms);
2167 	(void) strftime(buf, sizeof (buf), "%h %d %X", &tms);
2168 	(void) fprintf(file, "%s ", buf);
2169 }
2170 
2171 /* PRINTFLIKE2 */
2172 void
2173 logmsg(int level, const char *fmt, ...)
2174 {
2175 	va_list ap;
2176 	va_start(ap, fmt);
2177 
2178 	if (logging) {
2179 		vsyslog(level, fmt, ap);
2180 	} else {
2181 		fprintdate(stderr);
2182 		(void) vfprintf(stderr, fmt, ap);
2183 	}
2184 	va_end(ap);
2185 }
2186 
2187 void
2188 logperror(const char *str)
2189 {
2190 	if (logging) {
2191 		syslog(LOG_ERR, "%s: %m\n", str);
2192 	} else {
2193 		fprintdate(stderr);
2194 		(void) fprintf(stderr, "%s: %s\n", str, strerror(errno));
2195 	}
2196 }
2197 
2198 void
2199 logperror_pi(const struct phyint *pi, const char *str)
2200 {
2201 	if (logging) {
2202 		syslog(LOG_ERR, "%s (interface %s): %m\n",
2203 		    str, pi->pi_name);
2204 	} else {
2205 		fprintdate(stderr);
2206 		(void) fprintf(stderr, "%s (interface %s): %s\n",
2207 		    str, pi->pi_name, strerror(errno));
2208 	}
2209 }
2210 
2211 void
2212 logperror_pr(const struct prefix *pr, const char *str)
2213 {
2214 	if (logging) {
2215 		syslog(LOG_ERR, "%s (prefix %s if %s): %m\n",
2216 		    str, pr->pr_name, pr->pr_physical->pi_name);
2217 	} else {
2218 		fprintdate(stderr);
2219 		(void) fprintf(stderr, "%s (prefix %s if %s): %s\n",
2220 		    str, pr->pr_name, pr->pr_physical->pi_name,
2221 		    strerror(errno));
2222 	}
2223 }
2224