]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd-network/sd-radv.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #32345 from yuwata/sd-radv-send
[thirdparty/systemd.git] / src / libsystemd-network / sd-radv.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2 /***
3 Copyright © 2017 Intel Corporation. All rights reserved.
4 ***/
5
6 #include <netinet/icmp6.h>
7 #include <netinet/in.h>
8 #include <arpa/inet.h>
9
10 #include "sd-radv.h"
11
12 #include "alloc-util.h"
13 #include "dns-domain.h"
14 #include "ether-addr-util.h"
15 #include "event-util.h"
16 #include "fd-util.h"
17 #include "icmp6-util.h"
18 #include "in-addr-util.h"
19 #include "iovec-util.h"
20 #include "macro.h"
21 #include "memory-util.h"
22 #include "ndisc-router-solicit-internal.h"
23 #include "network-common.h"
24 #include "radv-internal.h"
25 #include "random-util.h"
26 #include "socket-util.h"
27 #include "string-util.h"
28 #include "strv.h"
29 #include "unaligned.h"
30
31 int sd_radv_new(sd_radv **ret) {
32 _cleanup_(sd_radv_unrefp) sd_radv *ra = NULL;
33
34 assert_return(ret, -EINVAL);
35
36 ra = new(sd_radv, 1);
37 if (!ra)
38 return -ENOMEM;
39
40 *ra = (sd_radv) {
41 .n_ref = 1,
42 .fd = -EBADF,
43 .lifetime_usec = RADV_DEFAULT_ROUTER_LIFETIME_USEC,
44 };
45
46 *ret = TAKE_PTR(ra);
47
48 return 0;
49 }
50
51 int sd_radv_attach_event(sd_radv *ra, sd_event *event, int64_t priority) {
52 int r;
53
54 assert_return(ra, -EINVAL);
55 assert_return(!ra->event, -EBUSY);
56
57 if (event)
58 ra->event = sd_event_ref(event);
59 else {
60 r = sd_event_default(&ra->event);
61 if (r < 0)
62 return 0;
63 }
64
65 ra->event_priority = priority;
66
67 return 0;
68 }
69
70 int sd_radv_detach_event(sd_radv *ra) {
71
72 assert_return(ra, -EINVAL);
73
74 ra->event = sd_event_unref(ra->event);
75 return 0;
76 }
77
78 sd_event *sd_radv_get_event(sd_radv *ra) {
79 assert_return(ra, NULL);
80
81 return ra->event;
82 }
83
84 int sd_radv_is_running(sd_radv *ra) {
85 if (!ra)
86 return false;
87
88 return ra->state != RADV_STATE_IDLE;
89 }
90
91 static void radv_reset(sd_radv *ra) {
92 assert(ra);
93
94 (void) event_source_disable(ra->timeout_event_source);
95
96 ra->recv_event_source = sd_event_source_disable_unref(ra->recv_event_source);
97
98 ra->ra_sent = 0;
99 }
100
101 static sd_radv *radv_free(sd_radv *ra) {
102 if (!ra)
103 return NULL;
104
105 LIST_CLEAR(prefix, ra->prefixes, sd_radv_prefix_unref);
106 LIST_CLEAR(prefix, ra->route_prefixes, sd_radv_route_prefix_unref);
107 LIST_CLEAR(prefix, ra->pref64_prefixes, sd_radv_pref64_prefix_unref);
108
109 free(ra->rdnss);
110 free(ra->dnssl);
111
112 radv_reset(ra);
113
114 sd_event_source_unref(ra->timeout_event_source);
115 sd_radv_detach_event(ra);
116
117 ra->fd = safe_close(ra->fd);
118 free(ra->ifname);
119
120 return mfree(ra);
121 }
122
123 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv, sd_radv, radv_free);
124
125 static bool router_lifetime_is_valid(usec_t lifetime_usec) {
126 assert_cc(RADV_MAX_ROUTER_LIFETIME_USEC <= UINT16_MAX * USEC_PER_SEC);
127 return lifetime_usec == 0 ||
128 (lifetime_usec >= RADV_MIN_ROUTER_LIFETIME_USEC &&
129 lifetime_usec <= RADV_MAX_ROUTER_LIFETIME_USEC);
130 }
131
132 static int radv_send_router_on_stop(sd_radv *ra) {
133 static const struct nd_router_advert adv = {
134 .nd_ra_type = ND_ROUTER_ADVERT,
135 };
136
137 _cleanup_set_free_ Set *options = NULL;
138 usec_t time_now;
139 int r;
140
141 assert(ra);
142
143 r = sd_event_now(ra->event, CLOCK_BOOTTIME, &time_now);
144 if (r < 0)
145 return r;
146
147 if (!ether_addr_is_null(&ra->mac_addr)) {
148 r = ndisc_option_set_link_layer_address(&options, SD_NDISC_OPTION_SOURCE_LL_ADDRESS, &ra->mac_addr);
149 if (r < 0)
150 return r;
151 }
152
153 return ndisc_send(ra->fd, &IN6_ADDR_ALL_NODES_MULTICAST, &adv.nd_ra_hdr, options, time_now);
154 }
155
156 static int radv_send_router(sd_radv *ra, const struct in6_addr *dst) {
157 assert(ra);
158
159 struct sockaddr_in6 dst_addr = {
160 .sin6_family = AF_INET6,
161 .sin6_addr = IN6_ADDR_ALL_NODES_MULTICAST,
162 };
163 struct nd_router_advert adv = {
164 .nd_ra_type = ND_ROUTER_ADVERT,
165 .nd_ra_router_lifetime = usec_to_be16_sec(ra->lifetime_usec),
166 .nd_ra_retransmit = usec_to_be32_msec(ra->retransmit_usec),
167 };
168 struct {
169 struct nd_opt_hdr opthdr;
170 struct ether_addr slladdr;
171 } _packed_ opt_mac = {
172 .opthdr = {
173 .nd_opt_type = ND_OPT_SOURCE_LINKADDR,
174 .nd_opt_len = DIV_ROUND_UP(sizeof(struct nd_opt_hdr) + sizeof(struct ether_addr), 8),
175 },
176 .slladdr = ra->mac_addr,
177 };
178 struct nd_opt_mtu opt_mtu = {
179 .nd_opt_mtu_type = ND_OPT_MTU,
180 .nd_opt_mtu_len = 1,
181 .nd_opt_mtu_mtu = htobe32(ra->mtu),
182 };
183 /* Reserve iov space for RA header, linkaddr, MTU, N prefixes, N routes, N pref64 prefixes, RDNSS,
184 * DNSSL, and home agent. */
185 struct iovec iov[6 + ra->n_prefixes + ra->n_route_prefixes + ra->n_pref64_prefixes];
186 struct msghdr msg = {
187 .msg_name = &dst_addr,
188 .msg_namelen = sizeof(dst_addr),
189 .msg_iov = iov,
190 };
191 usec_t time_now;
192 int r;
193
194 r = sd_event_now(ra->event, CLOCK_BOOTTIME, &time_now);
195 if (r < 0)
196 return r;
197
198 if (dst && in6_addr_is_set(dst))
199 dst_addr.sin6_addr = *dst;
200
201 /* The nd_ra_curhoplimit and nd_ra_flags_reserved fields cannot specified with nd_ra_router_lifetime
202 * simultaneously in the structured initializer in the above. */
203 adv.nd_ra_curhoplimit = ra->hop_limit;
204 adv.nd_ra_flags_reserved = ra->flags;
205 iov[msg.msg_iovlen++] = IOVEC_MAKE(&adv, sizeof(adv));
206
207 /* MAC address is optional, either because the link does not use L2 addresses or load sharing is
208 * desired. See RFC 4861, Section 4.2. */
209 if (!ether_addr_is_null(&ra->mac_addr))
210 iov[msg.msg_iovlen++] = IOVEC_MAKE(&opt_mac, sizeof(opt_mac));
211
212 if (ra->mtu > 0)
213 iov[msg.msg_iovlen++] = IOVEC_MAKE(&opt_mtu, sizeof(opt_mtu));
214
215 LIST_FOREACH(prefix, p, ra->prefixes) {
216 usec_t lifetime_valid_usec, lifetime_preferred_usec;
217
218 lifetime_valid_usec = MIN(usec_sub_unsigned(p->valid_until, time_now),
219 p->lifetime_valid_usec);
220
221 lifetime_preferred_usec = MIN3(usec_sub_unsigned(p->preferred_until, time_now),
222 p->lifetime_preferred_usec,
223 lifetime_valid_usec);
224
225 p->opt.lifetime_valid = usec_to_be32_sec(lifetime_valid_usec);
226 p->opt.lifetime_preferred = usec_to_be32_sec(lifetime_preferred_usec);
227
228 iov[msg.msg_iovlen++] = IOVEC_MAKE(&p->opt, sizeof(p->opt));
229 }
230
231 LIST_FOREACH(prefix, rt, ra->route_prefixes) {
232 rt->opt.lifetime = usec_to_be32_sec(MIN(usec_sub_unsigned(rt->valid_until, time_now),
233 rt->lifetime_usec));
234
235 iov[msg.msg_iovlen++] = IOVEC_MAKE(&rt->opt, sizeof(rt->opt));
236 }
237
238 LIST_FOREACH(prefix, p, ra->pref64_prefixes)
239 iov[msg.msg_iovlen++] = IOVEC_MAKE(&p->opt, sizeof(p->opt));
240
241 if (ra->rdnss)
242 iov[msg.msg_iovlen++] = IOVEC_MAKE(ra->rdnss, ra->rdnss->length * 8);
243
244 if (ra->dnssl)
245 iov[msg.msg_iovlen++] = IOVEC_MAKE(ra->dnssl, ra->dnssl->length * 8);
246
247 if (FLAGS_SET(ra->flags, ND_RA_FLAG_HOME_AGENT)) {
248 ra->home_agent.nd_opt_home_agent_info_type = ND_OPT_HOME_AGENT_INFO;
249 ra->home_agent.nd_opt_home_agent_info_len = 1;
250
251 /* 0 means to place the current Router Lifetime value */
252 if (ra->home_agent.nd_opt_home_agent_info_lifetime == 0)
253 ra->home_agent.nd_opt_home_agent_info_lifetime = adv.nd_ra_router_lifetime;
254
255 iov[msg.msg_iovlen++] = IOVEC_MAKE(&ra->home_agent, sizeof(ra->home_agent));
256 }
257
258 if (sendmsg(ra->fd, &msg, 0) < 0)
259 return -errno;
260
261 return 0;
262 }
263
264 static int radv_process_packet(sd_radv *ra, ICMP6Packet *packet) {
265 int r;
266
267 assert(ra);
268 assert(packet);
269
270 if (icmp6_packet_get_type(packet) != ND_ROUTER_SOLICIT)
271 return log_radv_errno(ra, SYNTHETIC_ERRNO(EBADMSG), "Received ICMP6 packet with unexpected type, ignoring.");
272
273 _cleanup_(sd_ndisc_router_solicit_unrefp) sd_ndisc_router_solicit *rs = NULL;
274 rs = ndisc_router_solicit_new(packet);
275 if (!rs)
276 return log_oom_debug();
277
278 r = ndisc_router_solicit_parse(ra, rs);
279 if (r < 0)
280 return r;
281
282 struct in6_addr src;
283 r = sd_ndisc_router_solicit_get_sender_address(rs, &src);
284 if (r == -ENODATA) /* null address is allowed */
285 return sd_radv_send(ra); /* When an unsolicited RA, we need to also update timer. */
286 if (r < 0)
287 return log_radv_errno(ra, r, "Failed to get sender address of RS, ignoring: %m");
288 if (in6_addr_equal(&src, &ra->ipv6ll))
289 /* This should be definitely caused by a misconfiguration. If we send RA to ourself, the
290 * kernel complains about that. Let's ignore the packet. */
291 return log_radv_errno(ra, SYNTHETIC_ERRNO(EADDRINUSE), "Received RS from the same interface, ignoring.");
292
293 r = radv_send_router(ra, &src);
294 if (r < 0)
295 return log_radv_errno(ra, r, "Unable to send solicited Router Advertisement to %s, ignoring: %m", IN6_ADDR_TO_STRING(&src));
296
297 log_radv(ra, "Sent solicited Router Advertisement to %s.", IN6_ADDR_TO_STRING(&src));
298 return 0;
299 }
300
301 static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
302 _cleanup_(icmp6_packet_unrefp) ICMP6Packet *packet = NULL;
303 sd_radv *ra = ASSERT_PTR(userdata);
304 int r;
305
306 assert(fd >= 0);
307
308 r = icmp6_packet_receive(fd, &packet);
309 if (r < 0) {
310 log_radv_errno(ra, r, "Failed to receive ICMPv6 packet, ignoring: %m");
311 return 0;
312 }
313
314 (void) radv_process_packet(ra, packet);
315 return 0;
316 }
317
318 static int radv_timeout(sd_event_source *s, uint64_t usec, void *userdata) {
319 sd_radv *ra = ASSERT_PTR(userdata);
320
321 if (sd_radv_send(ra) < 0)
322 (void) sd_radv_stop(ra);
323
324 return 0;
325 }
326
327 int sd_radv_send(sd_radv *ra) {
328 usec_t min_timeout, max_timeout, time_now, timeout;
329 int r;
330
331 assert_return(ra, -EINVAL);
332 assert_return(ra->event, -EINVAL);
333 assert_return(sd_radv_is_running(ra), -EINVAL);
334 assert(router_lifetime_is_valid(ra->lifetime_usec));
335
336 r = sd_event_now(ra->event, CLOCK_BOOTTIME, &time_now);
337 if (r < 0)
338 return r;
339
340 r = radv_send_router(ra, NULL);
341 if (r < 0)
342 return log_radv_errno(ra, r, "Unable to send Router Advertisement: %m");
343
344 ra->ra_sent++;
345
346 /* RFC 4861, Section 6.2.4, sending initial Router Advertisements */
347 if (ra->ra_sent <= RADV_MAX_INITIAL_RTR_ADVERTISEMENTS)
348 max_timeout = RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC;
349 else
350 max_timeout = RADV_DEFAULT_MAX_TIMEOUT_USEC;
351
352 /* RFC 4861, Section 6.2.1, lifetime must be at least MaxRtrAdvInterval,
353 * so lower the interval here */
354 if (ra->lifetime_usec > 0)
355 max_timeout = MIN(max_timeout, ra->lifetime_usec);
356
357 if (max_timeout >= 9 * USEC_PER_SEC)
358 min_timeout = max_timeout / 3;
359 else
360 min_timeout = max_timeout * 3 / 4;
361
362 /* RFC 4861, Section 6.2.1.
363 * MaxRtrAdvInterval MUST be no less than 4 seconds and no greater than 1800 seconds.
364 * MinRtrAdvInterval MUST be no less than 3 seconds and no greater than .75 * MaxRtrAdvInterval. */
365 assert(max_timeout >= RADV_MIN_MAX_TIMEOUT_USEC);
366 assert(max_timeout <= RADV_MAX_MAX_TIMEOUT_USEC);
367 assert(min_timeout >= RADV_MIN_MIN_TIMEOUT_USEC);
368 assert(min_timeout <= max_timeout * 3 / 4);
369
370 timeout = min_timeout + random_u64_range(max_timeout - min_timeout);
371 log_radv(ra, "Sent unsolicited Router Advertisement. Next advertisement will be in %s.",
372 FORMAT_TIMESPAN(timeout, USEC_PER_SEC));
373
374 return event_reset_time(
375 ra->event, &ra->timeout_event_source,
376 CLOCK_BOOTTIME,
377 usec_add(time_now, timeout), MSEC_PER_SEC,
378 radv_timeout, ra,
379 ra->event_priority, "radv-timeout", true);
380 }
381
382 int sd_radv_stop(sd_radv *ra) {
383 int r;
384
385 if (!ra)
386 return 0;
387
388 if (ra->state == RADV_STATE_IDLE)
389 return 0;
390
391 log_radv(ra, "Stopping IPv6 Router Advertisement daemon");
392
393 /* RFC 4861, Section 6.2.5:
394 * the router SHOULD transmit one or more (but not more than MAX_FINAL_RTR_ADVERTISEMENTS) final
395 * multicast Router Advertisements on the interface with a Router Lifetime field of zero. */
396 r = radv_send_router_on_stop(ra);
397 if (r < 0)
398 log_radv_errno(ra, r, "Unable to send last Router Advertisement with router lifetime set to zero, ignoring: %m");
399
400 radv_reset(ra);
401 ra->fd = safe_close(ra->fd);
402 ra->state = RADV_STATE_IDLE;
403
404 return 0;
405 }
406
407 static int radv_setup_recv_event(sd_radv *ra) {
408 int r;
409
410 assert(ra);
411 assert(ra->event);
412 assert(ra->ifindex > 0);
413
414 _cleanup_close_ int fd = -EBADF;
415 fd = icmp6_bind(ra->ifindex, /* is_router = */ true);
416 if (fd < 0)
417 return fd;
418
419 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
420 r = sd_event_add_io(ra->event, &s, fd, EPOLLIN, radv_recv, ra);
421 if (r < 0)
422 return r;
423
424 r = sd_event_source_set_priority(s, ra->event_priority);
425 if (r < 0)
426 return r;
427
428 (void) sd_event_source_set_description(s, "radv-receive-message");
429
430 ra->fd = TAKE_FD(fd);
431 ra->recv_event_source = TAKE_PTR(s);
432 return 0;
433 }
434
435 int sd_radv_start(sd_radv *ra) {
436 int r;
437
438 assert_return(ra, -EINVAL);
439 assert_return(ra->event, -EINVAL);
440 assert_return(ra->ifindex > 0, -EINVAL);
441
442 if (ra->state != RADV_STATE_IDLE)
443 return 0;
444
445 r = radv_setup_recv_event(ra);
446 if (r < 0)
447 goto fail;
448
449 r = event_reset_time(ra->event, &ra->timeout_event_source,
450 CLOCK_BOOTTIME,
451 0, 0,
452 radv_timeout, ra,
453 ra->event_priority, "radv-timeout", true);
454 if (r < 0)
455 goto fail;
456
457 ra->state = RADV_STATE_ADVERTISING;
458
459 log_radv(ra, "Started IPv6 Router Advertisement daemon");
460
461 return 0;
462
463 fail:
464 radv_reset(ra);
465
466 return r;
467 }
468
469 int sd_radv_set_ifindex(sd_radv *ra, int ifindex) {
470 assert_return(ra, -EINVAL);
471 assert_return(ifindex > 0, -EINVAL);
472
473 if (ra->state != RADV_STATE_IDLE)
474 return -EBUSY;
475
476 ra->ifindex = ifindex;
477
478 return 0;
479 }
480
481 int sd_radv_set_ifname(sd_radv *ra, const char *ifname) {
482 assert_return(ra, -EINVAL);
483 assert_return(ifname, -EINVAL);
484
485 if (!ifname_valid_full(ifname, IFNAME_VALID_ALTERNATIVE))
486 return -EINVAL;
487
488 return free_and_strdup(&ra->ifname, ifname);
489 }
490
491 int sd_radv_get_ifname(sd_radv *ra, const char **ret) {
492 int r;
493
494 assert_return(ra, -EINVAL);
495
496 r = get_ifname(ra->ifindex, &ra->ifname);
497 if (r < 0)
498 return r;
499
500 if (ret)
501 *ret = ra->ifname;
502
503 return 0;
504 }
505
506 int sd_radv_set_link_local_address(sd_radv *ra, const struct in6_addr *addr) {
507 assert_return(ra, -EINVAL);
508 assert_return(!addr || in6_addr_is_link_local(addr), -EINVAL);
509
510 if (addr)
511 ra->ipv6ll = *addr;
512 else
513 zero(ra->ipv6ll);
514
515 return 0;
516 }
517
518 int sd_radv_set_mac(sd_radv *ra, const struct ether_addr *mac_addr) {
519 assert_return(ra, -EINVAL);
520
521 if (ra->state != RADV_STATE_IDLE)
522 return -EBUSY;
523
524 if (mac_addr)
525 ra->mac_addr = *mac_addr;
526 else
527 zero(ra->mac_addr);
528
529 return 0;
530 }
531
532 int sd_radv_set_mtu(sd_radv *ra, uint32_t mtu) {
533 assert_return(ra, -EINVAL);
534 assert_return(mtu >= 1280, -EINVAL);
535
536 ra->mtu = mtu;
537
538 return 0;
539 }
540
541 int sd_radv_set_hop_limit(sd_radv *ra, uint8_t hop_limit) {
542 assert_return(ra, -EINVAL);
543
544 if (ra->state != RADV_STATE_IDLE)
545 return -EBUSY;
546
547 ra->hop_limit = hop_limit;
548
549 return 0;
550 }
551
552 int sd_radv_set_retransmit(sd_radv *ra, uint64_t usec) {
553 assert_return(ra, -EINVAL);
554
555 if (ra->state != RADV_STATE_IDLE)
556 return -EBUSY;
557
558 if (usec > RADV_MAX_RETRANSMIT_USEC)
559 return -EINVAL;
560
561 ra->retransmit_usec = usec;
562 return 0;
563 }
564
565 int sd_radv_set_router_lifetime(sd_radv *ra, uint64_t usec) {
566 assert_return(ra, -EINVAL);
567
568 if (ra->state != RADV_STATE_IDLE)
569 return -EBUSY;
570
571 if (!router_lifetime_is_valid(usec))
572 return -EINVAL;
573
574 /* RFC 4191, Section 2.2, "...If the Router Lifetime is zero, the preference value MUST be set
575 * to (00) by the sender..." */
576 if (usec == 0 &&
577 (ra->flags & (0x3 << 3)) != (SD_NDISC_PREFERENCE_MEDIUM << 3))
578 return -EINVAL;
579
580 ra->lifetime_usec = usec;
581 return 0;
582 }
583
584 int sd_radv_set_managed_information(sd_radv *ra, int managed) {
585 assert_return(ra, -EINVAL);
586
587 if (ra->state != RADV_STATE_IDLE)
588 return -EBUSY;
589
590 SET_FLAG(ra->flags, ND_RA_FLAG_MANAGED, managed);
591
592 return 0;
593 }
594
595 int sd_radv_set_other_information(sd_radv *ra, int other) {
596 assert_return(ra, -EINVAL);
597
598 if (ra->state != RADV_STATE_IDLE)
599 return -EBUSY;
600
601 SET_FLAG(ra->flags, ND_RA_FLAG_OTHER, other);
602
603 return 0;
604 }
605
606 int sd_radv_set_preference(sd_radv *ra, unsigned preference) {
607 assert_return(ra, -EINVAL);
608 assert_return(IN_SET(preference,
609 SD_NDISC_PREFERENCE_LOW,
610 SD_NDISC_PREFERENCE_MEDIUM,
611 SD_NDISC_PREFERENCE_HIGH), -EINVAL);
612
613 /* RFC 4191, Section 2.2, "...If the Router Lifetime is zero, the preference value MUST be set
614 * to (00) by the sender..." */
615 if (ra->lifetime_usec == 0 && preference != SD_NDISC_PREFERENCE_MEDIUM)
616 return -EINVAL;
617
618 ra->flags = (ra->flags & ~(0x3 << 3)) | (preference << 3);
619
620 return 0;
621 }
622
623 int sd_radv_set_home_agent_information(sd_radv *ra, int home_agent) {
624 assert_return(ra, -EINVAL);
625
626 if (ra->state != RADV_STATE_IDLE)
627 return -EBUSY;
628
629 SET_FLAG(ra->flags, ND_RA_FLAG_HOME_AGENT, home_agent);
630
631 return 0;
632 }
633
634 int sd_radv_set_home_agent_preference(sd_radv *ra, uint16_t preference) {
635 assert_return(ra, -EINVAL);
636
637 if (ra->state != RADV_STATE_IDLE)
638 return -EBUSY;
639
640 ra->home_agent.nd_opt_home_agent_info_preference = htobe16(preference);
641
642 return 0;
643 }
644
645 int sd_radv_set_home_agent_lifetime(sd_radv *ra, uint64_t lifetime_usec) {
646 assert_return(ra, -EINVAL);
647
648 if (ra->state != RADV_STATE_IDLE)
649 return -EBUSY;
650
651 if (lifetime_usec > RADV_HOME_AGENT_MAX_LIFETIME_USEC)
652 return -EINVAL;
653
654 ra->home_agent.nd_opt_home_agent_info_lifetime = usec_to_be16_sec(lifetime_usec);
655 return 0;
656 }
657
658 int sd_radv_add_prefix(sd_radv *ra, sd_radv_prefix *p) {
659 sd_radv_prefix *found = NULL;
660 int r;
661
662 assert_return(ra, -EINVAL);
663 assert_return(p, -EINVAL);
664
665 /* Refuse prefixes that don't have a prefix set */
666 if (in6_addr_is_null(&p->opt.in6_addr))
667 return -ENOEXEC;
668
669 const char *addr_p = IN6_ADDR_PREFIX_TO_STRING(&p->opt.in6_addr, p->opt.prefixlen);
670
671 LIST_FOREACH(prefix, cur, ra->prefixes) {
672 r = in_addr_prefix_intersect(AF_INET6,
673 (const union in_addr_union*) &cur->opt.in6_addr,
674 cur->opt.prefixlen,
675 (const union in_addr_union*) &p->opt.in6_addr,
676 p->opt.prefixlen);
677 if (r < 0)
678 return r;
679 if (r == 0)
680 continue;
681
682 if (cur->opt.prefixlen == p->opt.prefixlen) {
683 found = cur;
684 break;
685 }
686
687 return log_radv_errno(ra, SYNTHETIC_ERRNO(EEXIST),
688 "IPv6 prefix %s conflicts with %s, ignoring.",
689 addr_p,
690 IN6_ADDR_PREFIX_TO_STRING(&cur->opt.in6_addr, cur->opt.prefixlen));
691 }
692
693 if (found) {
694 /* p and cur may be equivalent. First increment the reference counter. */
695 sd_radv_prefix_ref(p);
696
697 /* Then, remove the old entry. */
698 LIST_REMOVE(prefix, ra->prefixes, found);
699 sd_radv_prefix_unref(found);
700
701 /* Finally, add the new entry. */
702 LIST_APPEND(prefix, ra->prefixes, p);
703
704 log_radv(ra, "Updated/replaced IPv6 prefix %s (preferred: %s, valid: %s)",
705 addr_p,
706 FORMAT_TIMESPAN(p->lifetime_preferred_usec, USEC_PER_SEC),
707 FORMAT_TIMESPAN(p->lifetime_valid_usec, USEC_PER_SEC));
708 } else {
709 /* The prefix is new. Let's simply add it. */
710
711 sd_radv_prefix_ref(p);
712 LIST_APPEND(prefix, ra->prefixes, p);
713 ra->n_prefixes++;
714
715 log_radv(ra, "Added prefix %s", addr_p);
716 }
717
718 if (ra->state == RADV_STATE_IDLE)
719 return 0;
720
721 if (ra->ra_sent == 0)
722 return 0;
723
724 /* If RAs have already been sent, send an RA immediately to announce the newly-added prefix */
725 r = radv_send_router(ra, NULL);
726 if (r < 0)
727 log_radv_errno(ra, r, "Unable to send Router Advertisement for added prefix %s, ignoring: %m", addr_p);
728 else
729 log_radv(ra, "Sent Router Advertisement for added/updated prefix %s.", addr_p);
730
731 return 0;
732 }
733
734 void sd_radv_remove_prefix(
735 sd_radv *ra,
736 const struct in6_addr *prefix,
737 unsigned char prefixlen) {
738
739 if (!ra)
740 return;
741
742 if (!prefix)
743 return;
744
745 LIST_FOREACH(prefix, cur, ra->prefixes) {
746 if (prefixlen != cur->opt.prefixlen)
747 continue;
748
749 if (!in6_addr_equal(prefix, &cur->opt.in6_addr))
750 continue;
751
752 LIST_REMOVE(prefix, ra->prefixes, cur);
753 ra->n_prefixes--;
754 sd_radv_prefix_unref(cur);
755 return;
756 }
757 }
758
759 int sd_radv_add_route_prefix(sd_radv *ra, sd_radv_route_prefix *p) {
760 sd_radv_route_prefix *found = NULL;
761 int r;
762
763 assert_return(ra, -EINVAL);
764 assert_return(p, -EINVAL);
765
766 const char *addr_p = IN6_ADDR_PREFIX_TO_STRING(&p->opt.in6_addr, p->opt.prefixlen);
767
768 LIST_FOREACH(prefix, cur, ra->route_prefixes) {
769 r = in_addr_prefix_intersect(AF_INET6,
770 (const union in_addr_union*) &cur->opt.in6_addr,
771 cur->opt.prefixlen,
772 (const union in_addr_union*) &p->opt.in6_addr,
773 p->opt.prefixlen);
774 if (r < 0)
775 return r;
776 if (r == 0)
777 continue;
778
779 if (cur->opt.prefixlen == p->opt.prefixlen) {
780 found = cur;
781 break;
782 }
783
784 return log_radv_errno(ra, SYNTHETIC_ERRNO(EEXIST),
785 "IPv6 route prefix %s conflicts with %s, ignoring.",
786 addr_p,
787 IN6_ADDR_PREFIX_TO_STRING(&cur->opt.in6_addr, cur->opt.prefixlen));
788 }
789
790 if (found) {
791 /* p and cur may be equivalent. First increment the reference counter. */
792 sd_radv_route_prefix_ref(p);
793
794 /* Then, remove the old entry. */
795 LIST_REMOVE(prefix, ra->route_prefixes, found);
796 sd_radv_route_prefix_unref(found);
797
798 /* Finally, add the new entry. */
799 LIST_APPEND(prefix, ra->route_prefixes, p);
800
801 log_radv(ra, "Updated/replaced IPv6 route prefix %s (lifetime: %s)",
802 strna(addr_p),
803 FORMAT_TIMESPAN(p->lifetime_usec, USEC_PER_SEC));
804 } else {
805 /* The route prefix is new. Let's simply add it. */
806
807 sd_radv_route_prefix_ref(p);
808 LIST_APPEND(prefix, ra->route_prefixes, p);
809 ra->n_route_prefixes++;
810
811 log_radv(ra, "Added route prefix %s", strna(addr_p));
812 }
813
814 if (ra->state == RADV_STATE_IDLE)
815 return 0;
816
817 if (ra->ra_sent == 0)
818 return 0;
819
820 /* If RAs have already been sent, send an RA immediately to announce the newly-added route prefix */
821 r = radv_send_router(ra, NULL);
822 if (r < 0)
823 log_radv_errno(ra, r, "Unable to send Router Advertisement for added route prefix %s, ignoring: %m",
824 strna(addr_p));
825 else
826 log_radv(ra, "Sent Router Advertisement for added route prefix %s.", strna(addr_p));
827
828 return 0;
829 }
830
831 int sd_radv_add_pref64_prefix(sd_radv *ra, sd_radv_pref64_prefix *p) {
832 sd_radv_pref64_prefix *found = NULL;
833 int r;
834
835 assert_return(ra, -EINVAL);
836 assert_return(p, -EINVAL);
837
838 const char *addr_p = IN6_ADDR_PREFIX_TO_STRING(&p->in6_addr, p->prefixlen);
839
840 LIST_FOREACH(prefix, cur, ra->pref64_prefixes) {
841 r = in_addr_prefix_intersect(AF_INET6,
842 (const union in_addr_union*) &cur->in6_addr,
843 cur->prefixlen,
844 (const union in_addr_union*) &p->in6_addr,
845 p->prefixlen);
846 if (r < 0)
847 return r;
848 if (r == 0)
849 continue;
850
851 if (cur->prefixlen == p->prefixlen) {
852 found = cur;
853 break;
854 }
855
856 return log_radv_errno(ra, SYNTHETIC_ERRNO(EEXIST),
857 "IPv6 PREF64 prefix %s conflicts with %s, ignoring.",
858 addr_p,
859 IN6_ADDR_PREFIX_TO_STRING(&cur->in6_addr, cur->prefixlen));
860 }
861
862 if (found) {
863 /* p and cur may be equivalent. First increment the reference counter. */
864 sd_radv_pref64_prefix_ref(p);
865
866 /* Then, remove the old entry. */
867 LIST_REMOVE(prefix, ra->pref64_prefixes, found);
868 sd_radv_pref64_prefix_unref(found);
869
870 /* Finally, add the new entry. */
871 LIST_APPEND(prefix, ra->pref64_prefixes, p);
872
873 log_radv(ra, "Updated/replaced IPv6 PREF64 prefix %s (lifetime: %s)",
874 strna(addr_p),
875 FORMAT_TIMESPAN(p->lifetime_usec, USEC_PER_SEC));
876 } else {
877 /* The route prefix is new. Let's simply add it. */
878
879 sd_radv_pref64_prefix_ref(p);
880 LIST_APPEND(prefix, ra->pref64_prefixes, p);
881 ra->n_pref64_prefixes++;
882
883 log_radv(ra, "Added PREF64 prefix %s", strna(addr_p));
884 }
885
886 if (ra->state == RADV_STATE_IDLE)
887 return 0;
888
889 if (ra->ra_sent == 0)
890 return 0;
891
892 /* If RAs have already been sent, send an RA immediately to announce the newly-added route prefix */
893 r = radv_send_router(ra, NULL);
894 if (r < 0)
895 log_radv_errno(ra, r, "Unable to send Router Advertisement for added PREF64 prefix %s, ignoring: %m",
896 strna(addr_p));
897 else
898 log_radv(ra, "Sent Router Advertisement for added PREF64 prefix %s.", strna(addr_p));
899
900 return 0;
901 }
902
903 int sd_radv_set_rdnss(
904 sd_radv *ra,
905 uint64_t lifetime_usec,
906 const struct in6_addr *dns,
907 size_t n_dns) {
908
909 _cleanup_free_ struct sd_radv_opt_dns *opt_rdnss = NULL;
910 size_t len;
911
912 assert_return(ra, -EINVAL);
913 assert_return(n_dns < 128, -EINVAL);
914
915 if (lifetime_usec > RADV_RDNSS_MAX_LIFETIME_USEC)
916 return -EINVAL;
917
918 if (!dns || n_dns == 0) {
919 ra->rdnss = mfree(ra->rdnss);
920 ra->n_rdnss = 0;
921
922 return 0;
923 }
924
925 len = sizeof(struct sd_radv_opt_dns) + sizeof(struct in6_addr) * n_dns;
926
927 opt_rdnss = malloc0(len);
928 if (!opt_rdnss)
929 return -ENOMEM;
930
931 opt_rdnss->type = RADV_OPT_RDNSS;
932 opt_rdnss->length = len / 8;
933 opt_rdnss->lifetime = usec_to_be32_sec(lifetime_usec);
934
935 memcpy(opt_rdnss + 1, dns, n_dns * sizeof(struct in6_addr));
936
937 free_and_replace(ra->rdnss, opt_rdnss);
938
939 ra->n_rdnss = n_dns;
940
941 return 0;
942 }
943
944 int sd_radv_set_dnssl(
945 sd_radv *ra,
946 uint64_t lifetime_usec,
947 char **search_list) {
948
949 _cleanup_free_ struct sd_radv_opt_dns *opt_dnssl = NULL;
950 size_t len = 0;
951 uint8_t *p;
952
953 assert_return(ra, -EINVAL);
954
955 if (lifetime_usec > RADV_DNSSL_MAX_LIFETIME_USEC)
956 return -EINVAL;
957
958 if (strv_isempty(search_list)) {
959 ra->dnssl = mfree(ra->dnssl);
960 return 0;
961 }
962
963 STRV_FOREACH(s, search_list)
964 len += strlen(*s) + 2;
965
966 len = (sizeof(struct sd_radv_opt_dns) + len + 7) & ~0x7;
967
968 opt_dnssl = malloc0(len);
969 if (!opt_dnssl)
970 return -ENOMEM;
971
972 opt_dnssl->type = RADV_OPT_DNSSL;
973 opt_dnssl->length = len / 8;
974 opt_dnssl->lifetime = usec_to_be32_sec(lifetime_usec);
975
976 p = (uint8_t *)(opt_dnssl + 1);
977 len -= sizeof(struct sd_radv_opt_dns);
978
979 STRV_FOREACH(s, search_list) {
980 int r;
981
982 r = dns_name_to_wire_format(*s, p, len, false);
983 if (r < 0)
984 return r;
985
986 if (len < (size_t)r)
987 return -ENOBUFS;
988
989 p += r;
990 len -= r;
991 }
992
993 free_and_replace(ra->dnssl, opt_dnssl);
994
995 return 0;
996 }
997
998 int sd_radv_prefix_new(sd_radv_prefix **ret) {
999 sd_radv_prefix *p;
1000
1001 assert_return(ret, -EINVAL);
1002
1003 p = new(sd_radv_prefix, 1);
1004 if (!p)
1005 return -ENOMEM;
1006
1007 *p = (sd_radv_prefix) {
1008 .n_ref = 1,
1009
1010 .opt.type = ND_OPT_PREFIX_INFORMATION,
1011 .opt.length = (sizeof(p->opt) - 1)/8 + 1,
1012 .opt.prefixlen = 64,
1013
1014 /* RFC 4861, Section 6.2.1 */
1015 .opt.flags = ND_OPT_PI_FLAG_ONLINK|ND_OPT_PI_FLAG_AUTO,
1016
1017 .lifetime_valid_usec = RADV_DEFAULT_VALID_LIFETIME_USEC,
1018 .lifetime_preferred_usec = RADV_DEFAULT_PREFERRED_LIFETIME_USEC,
1019 .valid_until = USEC_INFINITY,
1020 .preferred_until = USEC_INFINITY,
1021 };
1022
1023 *ret = p;
1024 return 0;
1025 }
1026
1027 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_prefix, sd_radv_prefix, mfree);
1028
1029 int sd_radv_prefix_set_prefix(
1030 sd_radv_prefix *p,
1031 const struct in6_addr *in6_addr,
1032 unsigned char prefixlen) {
1033
1034 assert_return(p, -EINVAL);
1035 assert_return(in6_addr, -EINVAL);
1036
1037 if (prefixlen < 3 || prefixlen > 128)
1038 return -EINVAL;
1039
1040 if (prefixlen > 64)
1041 /* unusual but allowed, log it */
1042 log_radv(NULL, "Unusual prefix length %d greater than 64", prefixlen);
1043
1044 p->opt.in6_addr = *in6_addr;
1045 p->opt.prefixlen = prefixlen;
1046
1047 return 0;
1048 }
1049
1050 int sd_radv_prefix_get_prefix(
1051 sd_radv_prefix *p,
1052 struct in6_addr *ret_in6_addr,
1053 unsigned char *ret_prefixlen) {
1054
1055 assert_return(p, -EINVAL);
1056 assert_return(ret_in6_addr, -EINVAL);
1057 assert_return(ret_prefixlen, -EINVAL);
1058
1059 *ret_in6_addr = p->opt.in6_addr;
1060 *ret_prefixlen = p->opt.prefixlen;
1061
1062 return 0;
1063 }
1064
1065 int sd_radv_prefix_set_onlink(sd_radv_prefix *p, int onlink) {
1066 assert_return(p, -EINVAL);
1067
1068 SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_ONLINK, onlink);
1069
1070 return 0;
1071 }
1072
1073 int sd_radv_prefix_set_address_autoconfiguration(sd_radv_prefix *p, int address_autoconfiguration) {
1074 assert_return(p, -EINVAL);
1075
1076 SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_AUTO, address_autoconfiguration);
1077
1078 return 0;
1079 }
1080
1081 int sd_radv_prefix_set_valid_lifetime(sd_radv_prefix *p, uint64_t lifetime_usec, uint64_t valid_until) {
1082 assert_return(p, -EINVAL);
1083
1084 p->lifetime_valid_usec = lifetime_usec;
1085 p->valid_until = valid_until;
1086
1087 return 0;
1088 }
1089
1090 int sd_radv_prefix_set_preferred_lifetime(sd_radv_prefix *p, uint64_t lifetime_usec, uint64_t valid_until) {
1091 assert_return(p, -EINVAL);
1092
1093 p->lifetime_preferred_usec = lifetime_usec;
1094 p->preferred_until = valid_until;
1095
1096 return 0;
1097 }
1098
1099 int sd_radv_route_prefix_new(sd_radv_route_prefix **ret) {
1100 sd_radv_route_prefix *p;
1101
1102 assert_return(ret, -EINVAL);
1103
1104 p = new(sd_radv_route_prefix, 1);
1105 if (!p)
1106 return -ENOMEM;
1107
1108 *p = (sd_radv_route_prefix) {
1109 .n_ref = 1,
1110
1111 .opt.type = RADV_OPT_ROUTE_INFORMATION,
1112 .opt.length = DIV_ROUND_UP(sizeof(p->opt), 8),
1113 .opt.prefixlen = 64,
1114
1115 .lifetime_usec = RADV_DEFAULT_VALID_LIFETIME_USEC,
1116 .valid_until = USEC_INFINITY,
1117 };
1118
1119 *ret = p;
1120 return 0;
1121 }
1122
1123 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_route_prefix, sd_radv_route_prefix, mfree);
1124
1125 int sd_radv_route_prefix_set_prefix(
1126 sd_radv_route_prefix *p,
1127 const struct in6_addr *in6_addr,
1128 unsigned char prefixlen) {
1129
1130 assert_return(p, -EINVAL);
1131 assert_return(in6_addr, -EINVAL);
1132
1133 if (prefixlen > 128)
1134 return -EINVAL;
1135
1136 if (prefixlen > 64)
1137 /* unusual but allowed, log it */
1138 log_radv(NULL, "Unusual prefix length %u greater than 64", prefixlen);
1139
1140 p->opt.in6_addr = *in6_addr;
1141 p->opt.prefixlen = prefixlen;
1142
1143 return 0;
1144 }
1145
1146 int sd_radv_route_prefix_set_lifetime(sd_radv_route_prefix *p, uint64_t lifetime_usec, uint64_t valid_until) {
1147 assert_return(p, -EINVAL);
1148
1149 p->lifetime_usec = lifetime_usec;
1150 p->valid_until = valid_until;
1151
1152 return 0;
1153 }
1154
1155 int sd_radv_pref64_prefix_new(sd_radv_pref64_prefix **ret) {
1156 sd_radv_pref64_prefix *p;
1157
1158 assert_return(ret, -EINVAL);
1159
1160 p = new(sd_radv_pref64_prefix, 1);
1161 if (!p)
1162 return -ENOMEM;
1163
1164 *p = (sd_radv_pref64_prefix) {
1165 .n_ref = 1,
1166
1167 .opt.type = RADV_OPT_PREF64,
1168 .opt.length = 2,
1169 };
1170
1171 *ret = p;
1172 return 0;
1173 }
1174
1175 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_pref64_prefix, sd_radv_pref64_prefix, mfree);
1176
1177 int sd_radv_pref64_prefix_set_prefix(
1178 sd_radv_pref64_prefix *p,
1179 const struct in6_addr *prefix,
1180 uint8_t prefixlen,
1181 uint64_t lifetime_usec) {
1182
1183 uint16_t pref64_lifetime;
1184 uint8_t prefixlen_code;
1185 int r;
1186
1187 assert_return(p, -EINVAL);
1188 assert_return(prefix, -EINVAL);
1189
1190 r = pref64_prefix_length_to_plc(prefixlen, &prefixlen_code);
1191 if (r < 0)
1192 return log_radv_errno(NULL, r,
1193 "Unsupported PREF64 prefix length %u. Valid lengths are 32, 40, 48, 56, 64 and 96", prefixlen);
1194
1195 if (lifetime_usec > PREF64_MAX_LIFETIME_USEC)
1196 return -EINVAL;
1197
1198 /* RFC 8781 - 4.1 rounding up lifetime to multiply of 8 */
1199 pref64_lifetime = DIV_ROUND_UP(lifetime_usec, 8 * USEC_PER_SEC) << 3;
1200 pref64_lifetime |= prefixlen_code;
1201
1202 unaligned_write_be16(&p->opt.lifetime_and_plc, pref64_lifetime);
1203 memcpy(&p->opt.prefix, prefix, sizeof(p->opt.prefix));
1204
1205 p->in6_addr = *prefix;
1206 p->prefixlen = prefixlen;
1207
1208 return 0;
1209 }
Unnamed repository; edit this file 'description' to name the repository.