1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
4 #include <netinet/in.h>
5 #include <sys/capability.h>
7 #include "alloc-util.h"
8 #include "bus-common-errors.h"
9 #include "bus-get-properties.h"
10 #include "bus-message-util.h"
11 #include "bus-polkit.h"
12 #include "dns-domain.h"
13 #include "networkd-link-bus.h"
14 #include "networkd-link.h"
15 #include "networkd-manager.h"
16 #include "networkd-state-file.h"
17 #include "parse-util.h"
18 #include "resolve-util.h"
19 #include "socket-netlink.h"
21 #include "user-util.h"
23 BUS_DEFINE_PROPERTY_GET_ENUM(property_get_operational_state
, link_operstate
, LinkOperationalState
);
24 BUS_DEFINE_PROPERTY_GET_ENUM(property_get_carrier_state
, link_carrier_state
, LinkCarrierState
);
25 BUS_DEFINE_PROPERTY_GET_ENUM(property_get_address_state
, link_address_state
, LinkAddressState
);
26 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_administrative_state
, link_state
, LinkState
);
28 static int property_get_bit_rates(
31 const char *interface
,
33 sd_bus_message
*reply
,
35 sd_bus_error
*error
) {
37 Link
*link
= userdata
;
46 manager
= link
->manager
;
48 if (!manager
->use_speed_meter
||
49 manager
->speed_meter_usec_old
== 0 ||
51 return sd_bus_message_append(reply
, "(tt)", UINT64_MAX
, UINT64_MAX
);
53 assert(manager
->speed_meter_usec_new
> manager
->speed_meter_usec_old
);
54 interval_sec
= (manager
->speed_meter_usec_new
- manager
->speed_meter_usec_old
) / USEC_PER_SEC
;
56 if (link
->stats_new
.tx_bytes
> link
->stats_old
.tx_bytes
)
57 tx
= (uint64_t) ((link
->stats_new
.tx_bytes
- link
->stats_old
.tx_bytes
) / interval_sec
);
59 tx
= (uint64_t) ((UINT64_MAX
- (link
->stats_old
.tx_bytes
- link
->stats_new
.tx_bytes
)) / interval_sec
);
61 if (link
->stats_new
.rx_bytes
> link
->stats_old
.rx_bytes
)
62 rx
= (uint64_t) ((link
->stats_new
.rx_bytes
- link
->stats_old
.rx_bytes
) / interval_sec
);
64 rx
= (uint64_t) ((UINT64_MAX
- (link
->stats_old
.rx_bytes
- link
->stats_new
.rx_bytes
)) / interval_sec
);
66 return sd_bus_message_append(reply
, "(tt)", tx
, rx
);
69 static int verify_managed_link(Link
*l
, sd_bus_error
*error
) {
72 if (l
->flags
& IFF_LOOPBACK
)
73 return sd_bus_error_setf(error
, BUS_ERROR_LINK_BUSY
, "Link %s is loopback device.", l
->ifname
);
78 int bus_link_method_set_ntp_servers(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
79 _cleanup_strv_free_
char **ntp
= NULL
;
87 r
= verify_managed_link(l
, error
);
91 r
= sd_bus_message_read_strv(message
, &ntp
);
95 STRV_FOREACH(i
, ntp
) {
96 r
= dns_name_is_valid_or_address(*i
);
100 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Invalid NTP server: %s", *i
);
103 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
104 "org.freedesktop.network1.set-ntp-servers",
105 NULL
, true, UID_INVALID
,
106 &l
->manager
->polkit_registry
, error
);
110 return 1; /* Polkit will call us back */
112 strv_free_and_replace(l
->ntp
, ntp
);
115 r
= link_save_and_clean(l
);
119 return sd_bus_reply_method_return(message
, NULL
);
122 static int bus_link_method_set_dns_servers_internal(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
, bool extended
) {
123 struct in_addr_full
**dns
;
131 r
= verify_managed_link(l
, error
);
135 r
= bus_message_read_dns_servers(message
, error
, extended
, &dns
, &n
);
139 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
140 "org.freedesktop.network1.set-dns-servers",
141 NULL
, true, UID_INVALID
,
142 &l
->manager
->polkit_registry
, error
);
146 r
= 1; /* Polkit will call us back */
150 if (l
->n_dns
!= UINT_MAX
)
151 for (unsigned i
= 0; i
< l
->n_dns
; i
++)
152 in_addr_full_free(l
->dns
[i
]);
154 free_and_replace(l
->dns
, dns
);
158 r
= link_save_and_clean(l
);
162 return sd_bus_reply_method_return(message
, NULL
);
165 for (size_t i
= 0; i
< n
; i
++)
166 in_addr_full_free(dns
[i
]);
172 int bus_link_method_set_dns_servers(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
173 return bus_link_method_set_dns_servers_internal(message
, userdata
, error
, false);
176 int bus_link_method_set_dns_servers_ex(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
177 return bus_link_method_set_dns_servers_internal(message
, userdata
, error
, true);
180 int bus_link_method_set_domains(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
181 _cleanup_ordered_set_free_ OrderedSet
*search_domains
= NULL
, *route_domains
= NULL
;
188 r
= verify_managed_link(l
, error
);
192 r
= sd_bus_message_enter_container(message
, 'a', "(sb)");
197 _cleanup_free_
char *str
= NULL
;
198 OrderedSet
**domains
;
202 r
= sd_bus_message_read(message
, "(sb)", &name
, &route_only
);
208 r
= dns_name_is_valid(name
);
212 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Invalid search domain %s", name
);
213 if (!route_only
&& dns_name_is_root(name
))
214 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Root domain is not suitable as search domain");
216 r
= dns_name_normalize(name
, 0, &str
);
218 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Invalid search domain %s", name
);
220 domains
= route_only
? &route_domains
: &search_domains
;
221 r
= ordered_set_ensure_allocated(domains
, &string_hash_ops_free
);
225 r
= ordered_set_consume(*domains
, TAKE_PTR(str
));
232 r
= sd_bus_message_exit_container(message
);
236 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
237 "org.freedesktop.network1.set-domains",
238 NULL
, true, UID_INVALID
,
239 &l
->manager
->polkit_registry
, error
);
243 return 1; /* Polkit will call us back */
245 ordered_set_free(l
->search_domains
);
246 ordered_set_free(l
->route_domains
);
247 l
->search_domains
= TAKE_PTR(search_domains
);
248 l
->route_domains
= TAKE_PTR(route_domains
);
251 r
= link_save_and_clean(l
);
255 return sd_bus_reply_method_return(message
, NULL
);
258 int bus_link_method_set_default_route(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
265 r
= verify_managed_link(l
, error
);
269 r
= sd_bus_message_read(message
, "b", &b
);
273 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
274 "org.freedesktop.network1.set-default-route",
275 NULL
, true, UID_INVALID
,
276 &l
->manager
->polkit_registry
, error
);
280 return 1; /* Polkit will call us back */
282 if (l
->dns_default_route
!= b
) {
283 l
->dns_default_route
= b
;
286 r
= link_save_and_clean(l
);
291 return sd_bus_reply_method_return(message
, NULL
);
294 int bus_link_method_set_llmnr(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
303 r
= verify_managed_link(l
, error
);
307 r
= sd_bus_message_read(message
, "s", &llmnr
);
312 mode
= RESOLVE_SUPPORT_YES
;
314 mode
= resolve_support_from_string(llmnr
);
316 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Invalid LLMNR setting: %s", llmnr
);
319 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
320 "org.freedesktop.network1.set-llmnr",
321 NULL
, true, UID_INVALID
,
322 &l
->manager
->polkit_registry
, error
);
326 return 1; /* Polkit will call us back */
328 if (l
->llmnr
!= mode
) {
332 r
= link_save_and_clean(l
);
337 return sd_bus_reply_method_return(message
, NULL
);
340 int bus_link_method_set_mdns(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
349 r
= verify_managed_link(l
, error
);
353 r
= sd_bus_message_read(message
, "s", &mdns
);
358 mode
= RESOLVE_SUPPORT_NO
;
360 mode
= resolve_support_from_string(mdns
);
362 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Invalid MulticastDNS setting: %s", mdns
);
365 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
366 "org.freedesktop.network1.set-mdns",
367 NULL
, true, UID_INVALID
,
368 &l
->manager
->polkit_registry
, error
);
372 return 1; /* Polkit will call us back */
374 if (l
->mdns
!= mode
) {
378 r
= link_save_and_clean(l
);
383 return sd_bus_reply_method_return(message
, NULL
);
386 int bus_link_method_set_dns_over_tls(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
388 const char *dns_over_tls
;
395 r
= verify_managed_link(l
, error
);
399 r
= sd_bus_message_read(message
, "s", &dns_over_tls
);
403 if (isempty(dns_over_tls
))
404 mode
= _DNS_OVER_TLS_MODE_INVALID
;
406 mode
= dns_over_tls_mode_from_string(dns_over_tls
);
408 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Invalid DNSOverTLS setting: %s", dns_over_tls
);
411 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
412 "org.freedesktop.network1.set-dns-over-tls",
413 NULL
, true, UID_INVALID
,
414 &l
->manager
->polkit_registry
, error
);
418 return 1; /* Polkit will call us back */
420 if (l
->dns_over_tls_mode
!= mode
) {
421 l
->dns_over_tls_mode
= mode
;
424 r
= link_save_and_clean(l
);
429 return sd_bus_reply_method_return(message
, NULL
);
432 int bus_link_method_set_dnssec(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
441 r
= verify_managed_link(l
, error
);
445 r
= sd_bus_message_read(message
, "s", &dnssec
);
450 mode
= _DNSSEC_MODE_INVALID
;
452 mode
= dnssec_mode_from_string(dnssec
);
454 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Invalid DNSSEC setting: %s", dnssec
);
457 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
458 "org.freedesktop.network1.set-dnssec",
459 NULL
, true, UID_INVALID
,
460 &l
->manager
->polkit_registry
, error
);
464 return 1; /* Polkit will call us back */
466 if (l
->dnssec_mode
!= mode
) {
467 l
->dnssec_mode
= mode
;
470 r
= link_save_and_clean(l
);
475 return sd_bus_reply_method_return(message
, NULL
);
478 int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
479 _cleanup_set_free_free_ Set
*ns
= NULL
;
480 _cleanup_strv_free_
char **ntas
= NULL
;
488 r
= verify_managed_link(l
, error
);
492 r
= sd_bus_message_read_strv(message
, &ntas
);
496 STRV_FOREACH(i
, ntas
) {
497 r
= dns_name_is_valid(*i
);
501 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Invalid negative trust anchor domain: %s", *i
);
504 ns
= set_new(&dns_name_hash_ops
);
508 STRV_FOREACH(i
, ntas
) {
509 r
= set_put_strdup(&ns
, *i
);
514 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
515 "org.freedesktop.network1.set-dnssec-negative-trust-anchors",
516 NULL
, true, UID_INVALID
,
517 &l
->manager
->polkit_registry
, error
);
521 return 1; /* Polkit will call us back */
523 set_free_free(l
->dnssec_negative_trust_anchors
);
524 l
->dnssec_negative_trust_anchors
= TAKE_PTR(ns
);
527 r
= link_save_and_clean(l
);
531 return sd_bus_reply_method_return(message
, NULL
);
534 int bus_link_method_revert_ntp(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
541 r
= verify_managed_link(l
, error
);
545 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
546 "org.freedesktop.network1.revert-ntp",
547 NULL
, true, UID_INVALID
,
548 &l
->manager
->polkit_registry
, error
);
552 return 1; /* Polkit will call us back */
554 link_ntp_settings_clear(l
);
557 r
= link_save_and_clean(l
);
561 return sd_bus_reply_method_return(message
, NULL
);
564 int bus_link_method_revert_dns(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
571 r
= verify_managed_link(l
, error
);
575 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
576 "org.freedesktop.network1.revert-dns",
577 NULL
, true, UID_INVALID
,
578 &l
->manager
->polkit_registry
, error
);
582 return 1; /* Polkit will call us back */
584 link_dns_settings_clear(l
);
587 r
= link_save_and_clean(l
);
591 return sd_bus_reply_method_return(message
, NULL
);
594 int bus_link_method_force_renew(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
601 return sd_bus_error_setf(error
, BUS_ERROR_UNMANAGED_INTERFACE
,
602 "Interface %s is not managed by systemd-networkd",
605 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
606 "org.freedesktop.network1.forcerenew",
607 NULL
, true, UID_INVALID
,
608 &l
->manager
->polkit_registry
, error
);
612 return 1; /* Polkit will call us back */
614 if (l
->dhcp_server
) {
615 r
= sd_dhcp_server_forcerenew(l
->dhcp_server
);
620 return sd_bus_reply_method_return(message
, NULL
);
623 int bus_link_method_renew(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
630 return sd_bus_error_setf(error
, BUS_ERROR_UNMANAGED_INTERFACE
,
631 "Interface %s is not managed by systemd-networkd",
634 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
635 "org.freedesktop.network1.renew",
636 NULL
, true, UID_INVALID
,
637 &l
->manager
->polkit_registry
, error
);
641 return 1; /* Polkit will call us back */
643 if (l
->dhcp_client
) {
644 r
= sd_dhcp_client_send_renew(l
->dhcp_client
);
649 return sd_bus_reply_method_return(message
, NULL
);
652 int bus_link_method_reconfigure(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
659 r
= bus_verify_polkit_async(message
, CAP_NET_ADMIN
,
660 "org.freedesktop.network1.reconfigure",
661 NULL
, true, UID_INVALID
,
662 &l
->manager
->polkit_registry
, error
);
666 return 1; /* Polkit will call us back */
668 r
= link_reconfigure(l
, true);
672 link_set_state(l
, LINK_STATE_INITIALIZED
);
673 r
= link_save_and_clean(l
);
678 return sd_bus_reply_method_return(message
, NULL
);
681 const sd_bus_vtable link_vtable
[] = {
682 SD_BUS_VTABLE_START(0),
684 SD_BUS_PROPERTY("OperationalState", "s", property_get_operational_state
, offsetof(Link
, operstate
), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE
),
685 SD_BUS_PROPERTY("CarrierState", "s", property_get_carrier_state
, offsetof(Link
, carrier_state
), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE
),
686 SD_BUS_PROPERTY("AddressState", "s", property_get_address_state
, offsetof(Link
, address_state
), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE
),
687 SD_BUS_PROPERTY("AdministrativeState", "s", property_get_administrative_state
, offsetof(Link
, state
), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE
),
688 SD_BUS_PROPERTY("BitRates", "(tt)", property_get_bit_rates
, 0, 0),
690 SD_BUS_METHOD_WITH_ARGS("SetNTP",
691 SD_BUS_ARGS("as", servers
),
693 bus_link_method_set_ntp_servers
,
694 SD_BUS_VTABLE_UNPRIVILEGED
),
695 SD_BUS_METHOD_WITH_ARGS("SetDNS",
696 SD_BUS_ARGS("a(iay)", addresses
),
698 bus_link_method_set_dns_servers
,
699 SD_BUS_VTABLE_UNPRIVILEGED
),
700 SD_BUS_METHOD_WITH_ARGS("SetDNSEx",
701 SD_BUS_ARGS("a(iayqs)", addresses
),
703 bus_link_method_set_dns_servers_ex
,
704 SD_BUS_VTABLE_UNPRIVILEGED
),
705 SD_BUS_METHOD_WITH_ARGS("SetDomains",
706 SD_BUS_ARGS("a(sb)", domains
),
708 bus_link_method_set_domains
,
709 SD_BUS_VTABLE_UNPRIVILEGED
),
710 SD_BUS_METHOD_WITH_ARGS("SetDefaultRoute",
711 SD_BUS_ARGS("b", enable
),
713 bus_link_method_set_default_route
,
714 SD_BUS_VTABLE_UNPRIVILEGED
),
715 SD_BUS_METHOD_WITH_ARGS("SetLLMNR",
716 SD_BUS_ARGS("s", mode
),
718 bus_link_method_set_llmnr
,
719 SD_BUS_VTABLE_UNPRIVILEGED
),
720 SD_BUS_METHOD_WITH_ARGS("SetMulticastDNS",
721 SD_BUS_ARGS("s", mode
),
723 bus_link_method_set_mdns
,
724 SD_BUS_VTABLE_UNPRIVILEGED
),
725 SD_BUS_METHOD_WITH_ARGS("SetDNSOverTLS",
726 SD_BUS_ARGS("s", mode
),
728 bus_link_method_set_dns_over_tls
,
729 SD_BUS_VTABLE_UNPRIVILEGED
),
730 SD_BUS_METHOD_WITH_ARGS("SetDNSSEC",
731 SD_BUS_ARGS("s", mode
),
733 bus_link_method_set_dnssec
,
734 SD_BUS_VTABLE_UNPRIVILEGED
),
735 SD_BUS_METHOD_WITH_ARGS("SetDNSSECNegativeTrustAnchors",
736 SD_BUS_ARGS("as", names
),
738 bus_link_method_set_dnssec_negative_trust_anchors
,
739 SD_BUS_VTABLE_UNPRIVILEGED
),
740 SD_BUS_METHOD_WITH_ARGS("RevertNTP",
743 bus_link_method_revert_ntp
,
744 SD_BUS_VTABLE_UNPRIVILEGED
),
745 SD_BUS_METHOD_WITH_ARGS("RevertDNS",
748 bus_link_method_revert_dns
,
749 SD_BUS_VTABLE_UNPRIVILEGED
),
750 SD_BUS_METHOD_WITH_ARGS("Renew",
753 bus_link_method_renew
,
754 SD_BUS_VTABLE_UNPRIVILEGED
),
755 SD_BUS_METHOD_WITH_ARGS("ForceRenew",
758 bus_link_method_force_renew
,
759 SD_BUS_VTABLE_UNPRIVILEGED
),
760 SD_BUS_METHOD_WITH_ARGS("Reconfigure",
763 bus_link_method_reconfigure
,
764 SD_BUS_VTABLE_UNPRIVILEGED
),
769 char *link_bus_path(Link
*link
) {
770 _cleanup_free_
char *ifindex
= NULL
;
775 assert(link
->ifindex
> 0);
777 if (asprintf(&ifindex
, "%d", link
->ifindex
) < 0)
780 r
= sd_bus_path_encode("/org/freedesktop/network1/link", ifindex
, &p
);
787 int link_node_enumerator(sd_bus
*bus
, const char *path
, void *userdata
, char ***nodes
, sd_bus_error
*error
) {
788 _cleanup_strv_free_
char **l
= NULL
;
789 Manager
*m
= userdata
;
798 l
= new0(char*, hashmap_size(m
->links
) + 1);
802 HASHMAP_FOREACH(link
, m
->links
) {
805 p
= link_bus_path(link
);
813 *nodes
= TAKE_PTR(l
);
818 int link_object_find(sd_bus
*bus
, const char *path
, const char *interface
, void *userdata
, void **found
, sd_bus_error
*error
) {
819 _cleanup_free_
char *identifier
= NULL
;
820 Manager
*m
= userdata
;
830 r
= sd_bus_path_decode(path
, "/org/freedesktop/network1/link", &identifier
);
834 ifindex
= parse_ifindex(identifier
);
838 r
= link_get(m
, ifindex
, &link
);
842 if (streq(interface
, "org.freedesktop.network1.DHCPServer") && !link
->dhcp_server
)
850 int link_send_changed_strv(Link
*link
, char **properties
) {
851 _cleanup_free_
char *p
= NULL
;
854 assert(link
->manager
);
857 if (sd_bus_is_ready(link
->manager
->bus
) <= 0)
860 p
= link_bus_path(link
);
864 return sd_bus_emit_properties_changed_strv(
867 "org.freedesktop.network1.Link",
871 int link_send_changed(Link
*link
, const char *property
, ...) {
874 properties
= strv_from_stdarg_alloca(property
);
876 return link_send_changed_strv(link
, properties
);