]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
af5bc85d | 2 | /*** |
af5bc85d | 3 | Copyright 2010 Lennart Poettering |
af5bc85d LP |
4 | ***/ |
5 | ||
af5bc85d | 6 | #include <net/if.h> |
af5bc85d | 7 | #include <stdlib.h> |
af5bc85d | 8 | |
1c4baffc | 9 | #include "sd-netlink.h" |
07630cea | 10 | |
9ca903cc | 11 | #include "loopback-setup.h" |
07630cea LP |
12 | #include "missing.h" |
13 | #include "netlink-util.h" | |
5a723174 | 14 | |
2d2a815c ZJS |
15 | #define LOOPBACK_SETUP_TIMEOUT_USEC (5 * USEC_PER_SEC) |
16 | ||
fb893927 LP |
17 | struct state { |
18 | unsigned n_messages; | |
19 | int rcode; | |
77d0776c YW |
20 | const char *error_message; |
21 | const char *success_message; | |
fb893927 LP |
22 | }; |
23 | ||
c23218ae | 24 | static int generic_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) { |
fb893927 | 25 | struct state *s = userdata; |
77d0776c | 26 | int r; |
fb893927 LP |
27 | |
28 | assert(s); | |
29 | assert(s->n_messages > 0); | |
30 | s->n_messages--; | |
31 | ||
32 | errno = 0; | |
fb893927 | 33 | |
77d0776c YW |
34 | r = sd_netlink_message_get_errno(m); |
35 | if (r < 0) | |
36 | log_debug_errno(r, "%s: %m", s->error_message); | |
37 | else | |
38 | log_debug("%s", s->success_message); | |
fb893927 | 39 | |
77d0776c | 40 | s->rcode = r; |
fb893927 LP |
41 | return 0; |
42 | } | |
43 | ||
44 | static int start_loopback(sd_netlink *rtnl, struct state *s) { | |
4afd3348 | 45 | _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL; |
81eca919 | 46 | int r; |
af5bc85d | 47 | |
fb893927 LP |
48 | assert(rtnl); |
49 | assert(s); | |
50 | ||
f3fc4815 | 51 | r = sd_rtnl_message_new_link(rtnl, &req, RTM_SETLINK, LOOPBACK_IFINDEX); |
fc25d7f8 TG |
52 | if (r < 0) |
53 | return r; | |
54 | ||
5d4795f3 | 55 | r = sd_rtnl_message_link_set_flags(req, IFF_UP, IFF_UP); |
81eca919 TG |
56 | if (r < 0) |
57 | return r; | |
af5bc85d | 58 | |
c23218ae | 59 | r = sd_netlink_call_async(rtnl, req, generic_handler, s, LOOPBACK_SETUP_TIMEOUT_USEC, NULL); |
fb893927 LP |
60 | if (r < 0) |
61 | return r; | |
62 | ||
63 | s->n_messages ++; | |
64 | return 0; | |
65 | } | |
66 | ||
fb893927 LP |
67 | static int add_ipv4_address(sd_netlink *rtnl, struct state *s) { |
68 | _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL; | |
69 | int r; | |
70 | ||
71 | assert(rtnl); | |
72 | assert(s); | |
73 | ||
74 | r = sd_rtnl_message_new_addr(rtnl, &req, RTM_NEWADDR, LOOPBACK_IFINDEX, AF_INET); | |
75 | if (r < 0) | |
76 | return r; | |
77 | ||
78 | r = sd_rtnl_message_addr_set_prefixlen(req, 8); | |
79 | if (r < 0) | |
80 | return r; | |
81 | ||
82 | r = sd_rtnl_message_addr_set_flags(req, IFA_F_PERMANENT); | |
83 | if (r < 0) | |
84 | return r; | |
85 | ||
86 | r = sd_rtnl_message_addr_set_scope(req, RT_SCOPE_HOST); | |
87 | if (r < 0) | |
88 | return r; | |
89 | ||
90 | r = sd_netlink_message_append_in_addr(req, IFA_LOCAL, &(struct in_addr) { .s_addr = htobe32(INADDR_LOOPBACK) } ); | |
91 | if (r < 0) | |
92 | return r; | |
93 | ||
94 | r = sd_netlink_call_async(rtnl, req, generic_handler, s, USEC_INFINITY, NULL); | |
95 | if (r < 0) | |
96 | return r; | |
97 | ||
98 | s->n_messages ++; | |
99 | return 0; | |
100 | } | |
101 | ||
102 | static int add_ipv6_address(sd_netlink *rtnl, struct state *s) { | |
103 | _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL; | |
104 | int r; | |
105 | ||
106 | assert(rtnl); | |
107 | assert(s); | |
108 | ||
109 | r = sd_rtnl_message_new_addr(rtnl, &req, RTM_NEWADDR, LOOPBACK_IFINDEX, AF_INET6); | |
110 | if (r < 0) | |
111 | return r; | |
112 | ||
113 | r = sd_rtnl_message_addr_set_prefixlen(req, 128); | |
114 | if (r < 0) | |
115 | return r; | |
116 | ||
117 | r = sd_rtnl_message_addr_set_flags(req, IFA_F_PERMANENT); | |
118 | if (r < 0) | |
119 | return r; | |
120 | ||
121 | r = sd_rtnl_message_addr_set_scope(req, RT_SCOPE_HOST); | |
122 | if (r < 0) | |
123 | return r; | |
124 | ||
125 | r = sd_netlink_message_append_in6_addr(req, IFA_LOCAL, &in6addr_loopback); | |
81eca919 TG |
126 | if (r < 0) |
127 | return r; | |
af5bc85d | 128 | |
fb893927 LP |
129 | r = sd_netlink_call_async(rtnl, req, generic_handler, s, USEC_INFINITY, NULL); |
130 | if (r < 0) | |
131 | return r; | |
132 | ||
133 | s->n_messages ++; | |
af5bc85d LP |
134 | return 0; |
135 | } | |
136 | ||
1c4baffc | 137 | static bool check_loopback(sd_netlink *rtnl) { |
4afd3348 | 138 | _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL; |
e95e909d | 139 | unsigned flags; |
e62d8c39 | 140 | int r; |
e95e909d TG |
141 | |
142 | r = sd_rtnl_message_new_link(rtnl, &req, RTM_GETLINK, LOOPBACK_IFINDEX); | |
143 | if (r < 0) | |
2f0af4e1 | 144 | return false; |
e95e909d | 145 | |
fb893927 | 146 | r = sd_netlink_call(rtnl, req, USEC_INFINITY, &reply); |
e95e909d | 147 | if (r < 0) |
2f0af4e1 | 148 | return false; |
e95e909d TG |
149 | |
150 | r = sd_rtnl_message_link_get_flags(reply, &flags); | |
151 | if (r < 0) | |
2f0af4e1 | 152 | return false; |
e95e909d TG |
153 | |
154 | return flags & IFF_UP; | |
2c3ff76e LP |
155 | } |
156 | ||
af5bc85d | 157 | int loopback_setup(void) { |
4afd3348 | 158 | _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL; |
77d0776c YW |
159 | struct state state_4 = { |
160 | .error_message = "Failed to add address 127.0.0.1 to loopback interface", | |
161 | .success_message = "Successfully added address 127.0.0.1 to loopback interface", | |
162 | }, state_6 = { | |
163 | .error_message = "Failed to add address ::1 to loopback interface", | |
164 | .success_message = "Successfully added address ::1 to loopback interface", | |
165 | }, state_up = { | |
166 | .error_message = "Failed to bring loopback interface up", | |
167 | .success_message = "Successfully brought loopback interface up", | |
168 | }; | |
f3fc4815 | 169 | int r; |
0a0dc69b | 170 | |
1c4baffc | 171 | r = sd_netlink_open(&rtnl); |
2c3ff76e | 172 | if (r < 0) |
fb893927 LP |
173 | return log_error_errno(r, "Failed to open netlink: %m"); |
174 | ||
175 | /* Note that we add the IP addresses here explicitly even though the kernel does that too implicitly when | |
176 | * setting up the loopback device. The reason we do this here a second time (and possibly race against the | |
177 | * kernel) is that we want to synchronously wait until the IP addresses are set up correctly, see | |
178 | * | |
179 | * https://github.com/systemd/systemd/issues/5641 */ | |
180 | ||
c23218ae | 181 | r = add_ipv4_address(rtnl, &state_4); |
fb893927 | 182 | if (r < 0) |
3561eafa | 183 | return log_error_errno(r, "Failed to enqueue IPv4 loopback address add request: %m"); |
fb893927 | 184 | |
c23218ae | 185 | r = add_ipv6_address(rtnl, &state_6); |
fb893927 | 186 | if (r < 0) |
c23218ae | 187 | return log_error_errno(r, "Failed to enqueue IPv6 loopback address add request: %m"); |
fb893927 | 188 | |
c23218ae | 189 | r = start_loopback(rtnl, &state_up); |
fb893927 | 190 | if (r < 0) |
3561eafa | 191 | return log_error_errno(r, "Failed to enqueue loopback interface start request: %m"); |
fb893927 | 192 | |
c23218ae | 193 | while (state_4.n_messages + state_6.n_messages + state_up.n_messages > 0) { |
2d2a815c | 194 | r = sd_netlink_wait(rtnl, LOOPBACK_SETUP_TIMEOUT_USEC); |
fb893927 LP |
195 | if (r < 0) |
196 | return log_error_errno(r, "Failed to wait for netlink event: %m"); | |
197 | ||
198 | r = sd_netlink_process(rtnl, NULL); | |
199 | if (r < 0) | |
200 | return log_warning_errno(r, "Failed to process netlink event: %m"); | |
201 | } | |
af5bc85d | 202 | |
c23218ae ZJS |
203 | /* Note that we don't really care whether the addresses could be added or not */ |
204 | if (state_up.rcode != 0) { | |
205 | /* If we lack the permissions to configure the loopback device, | |
206 | * but we find it to be already configured, let's exit cleanly, | |
207 | * in order to supported unprivileged containers. */ | |
208 | if (state_up.rcode == -EPERM && check_loopback(rtnl)) | |
8f084002 | 209 | return 0; |
af5bc85d | 210 | |
c23218ae | 211 | return log_warning_errno(state_up.rcode, "Failed to configure loopback device: %m"); |
8f084002 | 212 | } |
2c3ff76e | 213 | |
e62d8c39 | 214 | return 0; |
af5bc85d | 215 | } |