src/network/networkd-manager.c

   1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
   2
   3 #include <netinet/in.h>
   4 #include <sys/socket.h>
   5 #include <unistd.h>
   6 #include <linux/if.h>
   7 #include <linux/fib_rules.h>
   8 #include <linux/nexthop.h>
   9
  10 #include "sd-daemon.h"
  11 #include "sd-netlink.h"
  12
  13 #include "alloc-util.h"
  14 #include "bus-error.h"
  15 #include "bus-log-control-api.h"
  16 #include "bus-polkit.h"
  17 #include "bus-util.h"
  18 #include "conf-parser.h"
  19 #include "def.h"
  20 #include "device-private.h"
  21 #include "device-util.h"
  22 #include "dns-domain.h"
  23 #include "fd-util.h"
  24 #include "fileio.h"
  25 #include "firewall-util.h"
  26 #include "fs-util.h"
  27 #include "local-addresses.h"
  28 #include "netlink-util.h"
  29 #include "network-internal.h"
  30 #include "networkd-address-pool.h"
  31 #include "networkd-dhcp-server-bus.h"
  32 #include "networkd-dhcp6.h"
  33 #include "networkd-link-bus.h"
  34 #include "networkd-manager-bus.h"
  35 #include "networkd-manager.h"
  36 #include "networkd-neighbor.h"
  37 #include "networkd-network-bus.h"
  38 #include "networkd-nexthop.h"
  39 #include "networkd-routing-policy-rule.h"
  40 #include "networkd-speed-meter.h"
  41 #include "ordered-set.h"
  42 #include "path-lookup.h"
  43 #include "path-util.h"
  44 #include "selinux-util.h"
  45 #include "set.h"
  46 #include "signal-util.h"
  47 #include "stat-util.h"
  48 #include "strv.h"
  49 #include "sysctl-util.h"
  50 #include "tmpfile-util.h"
  51 #include "udev-util.h"
  52
  53 /* use 128 MB for receive socket kernel queue. */
  54 #define RCVBUF_SIZE    (128*1024*1024)
  55
  56 static int manager_reset_all(Manager *m) {
  57         Link *link;
  58         int r;
  59
  60         assert(m);
  61
  62         HASHMAP_FOREACH(link, m->links) {
  63                 r = link_carrier_reset(link);
  64                 if (r < 0)
  65                         log_link_warning_errno(link, r, "Could not reset carrier: %m");
  66         }
  67
  68         return 0;
  69 }
  70
  71 static int match_prepare_for_sleep(sd_bus_message *message, void *userdata, sd_bus_error *ret_error) {
  72         Manager *m = userdata;
  73         int b, r;
  74
  75         assert(message);
  76         assert(m);
  77
  78         r = sd_bus_message_read(message, "b", &b);
  79         if (r < 0) {
  80                 bus_log_parse_error(r);
  81                 return 0;
  82         }
  83
  84         if (b)
  85                 return 0;
  86
  87         log_debug("Coming back from suspend, resetting all connections...");
  88
  89         (void) manager_reset_all(m);
  90
  91         return 0;
  92 }
  93
  94 static int on_connected(sd_bus_message *message, void *userdata, sd_bus_error *ret_error) {
  95         Manager *m = userdata;
  96
  97         assert(message);
  98         assert(m);
  99
 100         /* Did we get a timezone or transient hostname from DHCP while D-Bus wasn't up yet? */
 101         if (m->dynamic_hostname)
 102                 (void) manager_set_hostname(m, m->dynamic_hostname);
 103         if (m->dynamic_timezone)
 104                 (void) manager_set_timezone(m, m->dynamic_timezone);
 105         if (m->links_requesting_uuid)
 106                 (void) manager_request_product_uuid(m, NULL);
 107
 108         return 0;
 109 }
 110
 111 int manager_connect_bus(Manager *m) {
 112         int r;
 113
 114         assert(m);
 115
 116         if (m->bus)
 117                 return 0;
 118
 119         r = bus_open_system_watch_bind_with_description(&m->bus, "bus-api-network");
 120         if (r < 0)
 121                 return log_error_errno(r, "Failed to connect to bus: %m");
 122
 123         r = sd_bus_add_object_vtable(m->bus, NULL, "/org/freedesktop/network1", "org.freedesktop.network1.Manager", manager_vtable, m);
 124         if (r < 0)
 125                 return log_error_errno(r, "Failed to add manager object vtable: %m");
 126
 127         r = sd_bus_add_fallback_vtable(m->bus, NULL, "/org/freedesktop/network1/link", "org.freedesktop.network1.Link", link_vtable, link_object_find, m);
 128         if (r < 0)
 129                return log_error_errno(r, "Failed to add link object vtable: %m");
 130
 131         r = sd_bus_add_fallback_vtable(m->bus, NULL, "/org/freedesktop/network1/link", "org.freedesktop.network1.DHCPServer", dhcp_server_vtable, link_object_find, m);
 132         if (r < 0)
 133                return log_error_errno(r, "Failed to add link object vtable: %m");
 134
 135         r = sd_bus_add_node_enumerator(m->bus, NULL, "/org/freedesktop/network1/link", link_node_enumerator, m);
 136         if (r < 0)
 137                 return log_error_errno(r, "Failed to add link enumerator: %m");
 138
 139         r = sd_bus_add_fallback_vtable(m->bus, NULL, "/org/freedesktop/network1/network", "org.freedesktop.network1.Network", network_vtable, network_object_find, m);
 140         if (r < 0)
 141                return log_error_errno(r, "Failed to add network object vtable: %m");
 142
 143         r = sd_bus_add_node_enumerator(m->bus, NULL, "/org/freedesktop/network1/network", network_node_enumerator, m);
 144         if (r < 0)
 145                 return log_error_errno(r, "Failed to add network enumerator: %m");
 146
 147         r = bus_log_control_api_register(m->bus);
 148         if (r < 0)
 149                 return r;
 150
 151         r = sd_bus_request_name_async(m->bus, NULL, "org.freedesktop.network1", 0, NULL, NULL);
 152         if (r < 0)
 153                 return log_error_errno(r, "Failed to request name: %m");
 154
 155         r = sd_bus_attach_event(m->bus, m->event, 0);
 156         if (r < 0)
 157                 return log_error_errno(r, "Failed to attach bus to event loop: %m");
 158
 159         r = sd_bus_match_signal_async(
 160                         m->bus,
 161                         NULL,
 162                         "org.freedesktop.DBus.Local",
 163                         NULL,
 164                         "org.freedesktop.DBus.Local",
 165                         "Connected",
 166                         on_connected, NULL, m);
 167         if (r < 0)
 168                 return log_error_errno(r, "Failed to request match on Connected signal: %m");
 169
 170         r = sd_bus_match_signal_async(
 171                         m->bus,
 172                         NULL,
 173                         "org.freedesktop.login1",
 174                         "/org/freedesktop/login1",
 175                         "org.freedesktop.login1.Manager",
 176                         "PrepareForSleep",
 177                         match_prepare_for_sleep, NULL, m);
 178         if (r < 0)
 179                 log_warning_errno(r, "Failed to request match for PrepareForSleep, ignoring: %m");
 180
 181         return 0;
 182 }
 183
 184 static int manager_udev_process_link(sd_device_monitor *monitor, sd_device *device, void *userdata) {
 185         Manager *m = userdata;
 186         DeviceAction action;
 187         Link *link = NULL;
 188         int r, ifindex;
 189
 190         assert(m);
 191         assert(device);
 192
 193         r = device_get_action(device, &action);
 194         if (r < 0) {
 195                 log_device_debug_errno(device, r, "Failed to get udev action, ignoring device: %m");
 196                 return 0;
 197         }
 198
 199         /* Ignore the "remove" uevent — let's remove a device only if rtnetlink says so. All other uevents
 200          * are "positive" events in some form, i.e. inform us about a changed or new network interface, that
 201          * still exists — and we are interested in that. */
 202         if (action == DEVICE_ACTION_REMOVE)
 203                 return 0;
 204
 205         r = sd_device_get_ifindex(device, &ifindex);
 206         if (r < 0) {
 207                 log_device_debug_errno(device, r, "Ignoring udev %s event for device without ifindex or with invalid ifindex: %m",
 208                                        device_action_to_string(action));
 209                 return 0;
 210         }
 211
 212         r = device_is_renaming(device);
 213         if (r < 0) {
 214                 log_device_error_errno(device, r, "Failed to determine the device is renamed or not, ignoring '%s' uevent: %m",
 215                                        device_action_to_string(action));
 216                 return 0;
 217         }
 218         if (r > 0) {
 219                 log_device_debug(device, "Interface is under renaming, wait for the interface to be renamed.");
 220                 return 0;
 221         }
 222
 223         r = link_get(m, ifindex, &link);
 224         if (r < 0) {
 225                 if (r != -ENODEV)
 226                         log_debug_errno(r, "Failed to get link from ifindex %i, ignoring: %m", ifindex);
 227                 return 0;
 228         }
 229
 230         (void) link_initialized(link, device);
 231
 232         return 0;
 233 }
 234
 235 static int manager_connect_udev(Manager *m) {
 236         int r;
 237
 238         /* udev does not initialize devices inside containers, so we rely on them being already
 239          * initialized before entering the container. */
 240         if (path_is_read_only_fs("/sys") > 0)
 241                 return 0;
 242
 243         r = sd_device_monitor_new(&m->device_monitor);
 244         if (r < 0)
 245                 return log_error_errno(r, "Failed to initialize device monitor: %m");
 246
 247         r = sd_device_monitor_set_receive_buffer_size(m->device_monitor, RCVBUF_SIZE);
 248         if (r < 0)
 249                 log_warning_errno(r, "Failed to increase buffer size for device monitor, ignoring: %m");
 250
 251         r = sd_device_monitor_filter_add_match_subsystem_devtype(m->device_monitor, "net", NULL);
 252         if (r < 0)
 253                 return log_error_errno(r, "Could not add device monitor filter: %m");
 254
 255         r = sd_device_monitor_attach_event(m->device_monitor, m->event);
 256         if (r < 0)
 257                 return log_error_errno(r, "Failed to attach event to device monitor: %m");
 258
 259         r = sd_device_monitor_start(m->device_monitor, manager_udev_process_link, m);
 260         if (r < 0)
 261                 return log_error_errno(r, "Failed to start device monitor: %m");
 262
 263         return 0;
 264 }
 265
 266 static int manager_rtnl_process_link(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
 267         Link *link = NULL;
 268         NetDev *netdev = NULL;
 269         uint16_t type;
 270         const char *name;
 271         int r, ifindex;
 272
 273         assert(rtnl);
 274         assert(message);
 275         assert(m);
 276
 277         if (sd_netlink_message_is_error(message)) {
 278                 r = sd_netlink_message_get_errno(message);
 279                 if (r < 0)
 280                         log_message_warning_errno(message, r, "rtnl: Could not receive link message, ignoring");
 281
 282                 return 0;
 283         }
 284
 285         r = sd_netlink_message_get_type(message, &type);
 286         if (r < 0) {
 287                 log_warning_errno(r, "rtnl: Could not get message type, ignoring: %m");
 288                 return 0;
 289         } else if (!IN_SET(type, RTM_NEWLINK, RTM_DELLINK)) {
 290                 log_warning("rtnl: Received unexpected message type %u when processing link, ignoring.", type);
 291                 return 0;
 292         }
 293
 294         r = sd_rtnl_message_link_get_ifindex(message, &ifindex);
 295         if (r < 0) {
 296                 log_warning_errno(r, "rtnl: Could not get ifindex from link message, ignoring: %m");
 297                 return 0;
 298         } else if (ifindex <= 0) {
 299                 log_warning("rtnl: received link message with invalid ifindex %d, ignoring.", ifindex);
 300                 return 0;
 301         }
 302
 303         r = sd_netlink_message_read_string(message, IFLA_IFNAME, &name);
 304         if (r < 0) {
 305                 log_warning_errno(r, "rtnl: Received link message without ifname, ignoring: %m");
 306                 return 0;
 307         }
 308
 309         (void) link_get(m, ifindex, &link);
 310         (void) netdev_get(m, name, &netdev);
 311
 312         switch (type) {
 313         case RTM_NEWLINK:
 314                 if (!link) {
 315                         /* link is new, so add it */
 316                         r = link_add(m, message, &link);
 317                         if (r < 0) {
 318                                 log_warning_errno(r, "Could not process new link message, ignoring: %m");
 319                                 return 0;
 320                         }
 321                 }
 322
 323                 if (netdev) {
 324                         /* netdev exists, so make sure the ifindex matches */
 325                         r = netdev_set_ifindex(netdev, message);
 326                         if (r < 0) {
 327                                 log_warning_errno(r, "Could not process new link message for netdev, ignoring: %m");
 328                                 return 0;
 329                         }
 330                 }
 331
 332                 r = link_update(link, message);
 333                 if (r < 0) {
 334                         log_warning_errno(r, "Could not process link message, ignoring: %m");
 335                         return 0;
 336                 }
 337
 338                 break;
 339
 340         case RTM_DELLINK:
 341                 link_drop(link);
 342                 netdev_drop(netdev);
 343
 344                 break;
 345
 346         default:
 347                 assert_not_reached("Received link message with invalid RTNL message type.");
 348         }
 349
 350         return 1;
 351 }
 352
 353 static int systemd_netlink_fd(void) {
 354         int n, fd, rtnl_fd = -EINVAL;
 355
 356         n = sd_listen_fds(true);
 357         if (n <= 0)
 358                 return -EINVAL;
 359
 360         for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++) {
 361                 if (sd_is_socket(fd, AF_NETLINK, SOCK_RAW, -1) > 0) {
 362                         if (rtnl_fd >= 0)
 363                                 return -EINVAL;
 364
 365                         rtnl_fd = fd;
 366                 }
 367         }
 368
 369         return rtnl_fd;
 370 }
 371
 372 static int manager_connect_genl(Manager *m) {
 373         int r;
 374
 375         assert(m);
 376
 377         r = sd_genl_socket_open(&m->genl);
 378         if (r < 0)
 379                 return r;
 380
 381         r = sd_netlink_inc_rcvbuf(m->genl, RCVBUF_SIZE);
 382         if (r < 0)
 383                 log_warning_errno(r, "Failed to increase receive buffer size for general netlink socket, ignoring: %m");
 384
 385         r = sd_netlink_attach_event(m->genl, m->event, 0);
 386         if (r < 0)
 387                 return r;
 388
 389         return 0;
 390 }
 391
 392 static int manager_connect_rtnl(Manager *m) {
 393         int fd, r;
 394
 395         assert(m);
 396
 397         fd = systemd_netlink_fd();
 398         if (fd < 0)
 399                 r = sd_netlink_open(&m->rtnl);
 400         else
 401                 r = sd_netlink_open_fd(&m->rtnl, fd);
 402         if (r < 0)
 403                 return r;
 404
 405         /* Bump receiver buffer, but only if we are not called via socket activation, as in that
 406          * case systemd sets the receive buffer size for us, and the value in the .socket unit
 407          * should take full effect. */
 408         if (fd < 0) {
 409                 r = sd_netlink_inc_rcvbuf(m->rtnl, RCVBUF_SIZE);
 410                 if (r < 0)
 411                         log_warning_errno(r, "Failed to increase receive buffer size for rtnl socket, ignoring: %m");
 412         }
 413
 414         r = sd_netlink_attach_event(m->rtnl, m->event, 0);
 415         if (r < 0)
 416                 return r;
 417
 418         r = netlink_add_match(m->rtnl, NULL, RTM_NEWLINK, &manager_rtnl_process_link, NULL, m, "network-rtnl_process_link");
 419         if (r < 0)
 420                 return r;
 421
 422         r = netlink_add_match(m->rtnl, NULL, RTM_DELLINK, &manager_rtnl_process_link, NULL, m, "network-rtnl_process_link");
 423         if (r < 0)
 424                 return r;
 425
 426         r = netlink_add_match(m->rtnl, NULL, RTM_NEWADDR, &manager_rtnl_process_address, NULL, m, "network-rtnl_process_address");
 427         if (r < 0)
 428                 return r;
 429
 430         r = netlink_add_match(m->rtnl, NULL, RTM_DELADDR, &manager_rtnl_process_address, NULL, m, "network-rtnl_process_address");
 431         if (r < 0)
 432                 return r;
 433
 434         r = netlink_add_match(m->rtnl, NULL, RTM_NEWNEIGH, &manager_rtnl_process_neighbor, NULL, m, "network-rtnl_process_neighbor");
 435         if (r < 0)
 436                 return r;
 437
 438         r = netlink_add_match(m->rtnl, NULL, RTM_DELNEIGH, &manager_rtnl_process_neighbor, NULL, m, "network-rtnl_process_neighbor");
 439         if (r < 0)
 440                 return r;
 441
 442         r = netlink_add_match(m->rtnl, NULL, RTM_NEWROUTE, &manager_rtnl_process_route, NULL, m, "network-rtnl_process_route");
 443         if (r < 0)
 444                 return r;
 445
 446         r = netlink_add_match(m->rtnl, NULL, RTM_DELROUTE, &manager_rtnl_process_route, NULL, m, "network-rtnl_process_route");
 447         if (r < 0)
 448                 return r;
 449
 450         r = netlink_add_match(m->rtnl, NULL, RTM_NEWRULE, &manager_rtnl_process_rule, NULL, m, "network-rtnl_process_rule");
 451         if (r < 0)
 452                 return r;
 453
 454         r = netlink_add_match(m->rtnl, NULL, RTM_DELRULE, &manager_rtnl_process_rule, NULL, m, "network-rtnl_process_rule");
 455         if (r < 0)
 456                 return r;
 457
 458         r = netlink_add_match(m->rtnl, NULL, RTM_NEWNEXTHOP, &manager_rtnl_process_nexthop, NULL, m, "network-rtnl_process_nexthop");
 459         if (r < 0)
 460                 return r;
 461
 462         r = netlink_add_match(m->rtnl, NULL, RTM_DELNEXTHOP, &manager_rtnl_process_nexthop, NULL, m, "network-rtnl_process_nexthop");
 463         if (r < 0)
 464                 return r;
 465
 466         return 0;
 467 }
 468
 469 static int ordered_set_put_dns_server(OrderedSet *s, int ifindex, struct in_addr_full *dns) {
 470         const char *p;
 471         int r;
 472
 473         assert(s);
 474         assert(dns);
 475
 476         if (dns->ifindex != 0 && dns->ifindex != ifindex)
 477                 return 0;
 478
 479         p = in_addr_full_to_string(dns);
 480         if (!p)
 481                 return 0;
 482
 483         r = ordered_set_put_strdup(s, p);
 484         if (r == -EEXIST)
 485                 return 0;
 486
 487         return r;
 488 }
 489
 490 static int ordered_set_put_dns_servers(OrderedSet *s, int ifindex, struct in_addr_full **dns, unsigned n) {
 491         int r, c = 0;
 492
 493         assert(s);
 494         assert(dns || n == 0);
 495
 496         for (unsigned i = 0; i < n; i++) {
 497                 r = ordered_set_put_dns_server(s, ifindex, dns[i]);
 498                 if (r < 0)
 499                         return r;
 500
 501                 c += r;
 502         }
 503
 504         return c;
 505 }
 506
 507 static int ordered_set_put_in4_addr(OrderedSet *s, const struct in_addr *address) {
 508         char *p;
 509         int r;
 510
 511         assert(s);
 512         assert(address);
 513
 514         r = in_addr_to_string(AF_INET, (const union in_addr_union*) address, &p);
 515         if (r < 0)
 516                 return r;
 517
 518         r = ordered_set_consume(s, p);
 519         if (r == -EEXIST)
 520                 return 0;
 521
 522         return r;
 523 }
 524
 525 static int ordered_set_put_in4_addrv(OrderedSet *s,
 526                                      const struct in_addr *addresses,
 527                                      size_t n,
 528                                      bool (*predicate)(const struct in_addr *addr)) {
 529         int r, c = 0;
 530
 531         assert(s);
 532         assert(n == 0 || addresses);
 533
 534         for (size_t i = 0; i < n; i++) {
 535                 if (predicate && !predicate(&addresses[i]))
 536                         continue;
 537                 r = ordered_set_put_in4_addr(s, addresses+i);
 538                 if (r < 0)
 539                         return r;
 540
 541                 c += r;
 542         }
 543
 544         return c;
 545 }
 546
 547 static int manager_save(Manager *m) {
 548         _cleanup_ordered_set_free_free_ OrderedSet *dns = NULL, *ntp = NULL, *sip = NULL, *search_domains = NULL, *route_domains = NULL;
 549         const char *operstate_str, *carrier_state_str, *address_state_str;
 550         LinkOperationalState operstate = LINK_OPERSTATE_OFF;
 551         LinkCarrierState carrier_state = LINK_CARRIER_STATE_OFF;
 552         LinkAddressState address_state = LINK_ADDRESS_STATE_OFF;
 553         _cleanup_free_ char *temp_path = NULL;
 554         _cleanup_strv_free_ char **p = NULL;
 555         _cleanup_fclose_ FILE *f = NULL;
 556         Link *link;
 557         int r;
 558
 559         assert(m);
 560         assert(m->state_file);
 561
 562         /* We add all NTP and DNS server to a set, to filter out duplicates */
 563         dns = ordered_set_new(&string_hash_ops);
 564         if (!dns)
 565                 return -ENOMEM;
 566
 567         ntp = ordered_set_new(&string_hash_ops);
 568         if (!ntp)
 569                 return -ENOMEM;
 570
 571         sip = ordered_set_new(&string_hash_ops);
 572         if (!sip)
 573                 return -ENOMEM;
 574
 575         search_domains = ordered_set_new(&dns_name_hash_ops);
 576         if (!search_domains)
 577                 return -ENOMEM;
 578
 579         route_domains = ordered_set_new(&dns_name_hash_ops);
 580         if (!route_domains)
 581                 return -ENOMEM;
 582
 583         HASHMAP_FOREACH(link, m->links) {
 584                 const struct in_addr *addresses;
 585
 586                 if (link->flags & IFF_LOOPBACK)
 587                         continue;
 588
 589                 if (link->operstate > operstate)
 590                         operstate = link->operstate;
 591
 592                 if (link->carrier_state > carrier_state)
 593                         carrier_state = link->carrier_state;
 594
 595                 if (link->address_state > address_state)
 596                         address_state = link->address_state;
 597
 598                 if (!link->network)
 599                         continue;
 600
 601                 /* First add the static configured entries */
 602                 if (link->n_dns != (unsigned) -1)
 603                         r = ordered_set_put_dns_servers(dns, link->ifindex, link->dns, link->n_dns);
 604                 else
 605                         r = ordered_set_put_dns_servers(dns, link->ifindex, link->network->dns, link->network->n_dns);
 606                 if (r < 0)
 607                         return r;
 608
 609                 r = ordered_set_put_strdupv(ntp, link->ntp ?: link->network->ntp);
 610                 if (r < 0)
 611                         return r;
 612
 613                 r = ordered_set_put_string_set(search_domains, link->search_domains ?: link->network->search_domains);
 614                 if (r < 0)
 615                         return r;
 616
 617                 r = ordered_set_put_string_set(route_domains, link->route_domains ?: link->network->route_domains);
 618                 if (r < 0)
 619                         return r;
 620
 621                 if (!link->dhcp_lease)
 622                         continue;
 623
 624                 /* Secondly, add the entries acquired via DHCP */
 625                 if (link->network->dhcp_use_dns) {
 626                         r = sd_dhcp_lease_get_dns(link->dhcp_lease, &addresses);
 627                         if (r > 0) {
 628                                 r = ordered_set_put_in4_addrv(dns, addresses, r, in4_addr_is_non_local);
 629                                 if (r < 0)
 630                                         return r;
 631                         } else if (r < 0 && r != -ENODATA)
 632                                 return r;
 633                 }
 634
 635                 if (link->network->dhcp_use_ntp) {
 636                         r = sd_dhcp_lease_get_ntp(link->dhcp_lease, &addresses);
 637                         if (r > 0) {
 638                                 r = ordered_set_put_in4_addrv(ntp, addresses, r, in4_addr_is_non_local);
 639                                 if (r < 0)
 640                                         return r;
 641                         } else if (r < 0 && r != -ENODATA)
 642                                 return r;
 643                 }
 644
 645                 if (link->network->dhcp_use_sip) {
 646                         r = sd_dhcp_lease_get_sip(link->dhcp_lease, &addresses);
 647                         if (r > 0) {
 648                                 r = ordered_set_put_in4_addrv(sip, addresses, r, in4_addr_is_non_local);
 649                                 if (r < 0)
 650                                         return r;
 651                         } else if (r < 0 && r != -ENODATA)
 652                                 return r;
 653                 }
 654
 655                 if (link->network->dhcp_use_domains != DHCP_USE_DOMAINS_NO) {
 656                         const char *domainname;
 657                         char **domains = NULL;
 658
 659                         OrderedSet *target_domains = (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_YES) ? search_domains : route_domains;
 660                         r = sd_dhcp_lease_get_domainname(link->dhcp_lease, &domainname);
 661                         if (r >= 0) {
 662                                 r = ordered_set_put_strdup(target_domains, domainname);
 663                                 if (r < 0)
 664                                         return r;
 665                         } else if (r != -ENODATA)
 666                                 return r;
 667
 668                         r = sd_dhcp_lease_get_search_domains(link->dhcp_lease, &domains);
 669                         if (r >= 0) {
 670                                 r = ordered_set_put_strdupv(target_domains, domains);
 671                                 if (r < 0)
 672                                         return r;
 673                         } else if (r != -ENODATA)
 674                                 return r;
 675                 }
 676         }
 677
 678         if (carrier_state >= LINK_CARRIER_STATE_ENSLAVED)
 679                 carrier_state = LINK_CARRIER_STATE_CARRIER;
 680
 681         operstate_str = link_operstate_to_string(operstate);
 682         assert(operstate_str);
 683
 684         carrier_state_str = link_carrier_state_to_string(carrier_state);
 685         assert(carrier_state_str);
 686
 687         address_state_str = link_address_state_to_string(address_state);
 688         assert(address_state_str);
 689
 690         r = fopen_temporary(m->state_file, &f, &temp_path);
 691         if (r < 0)
 692                 return r;
 693
 694         (void) fchmod(fileno(f), 0644);
 695
 696         fprintf(f,
 697                 "# This is private data. Do not parse.\n"
 698                 "OPER_STATE=%s\n"
 699                 "CARRIER_STATE=%s\n"
 700                 "ADDRESS_STATE=%s\n",
 701                 operstate_str, carrier_state_str, address_state_str);
 702
 703         ordered_set_print(f, "DNS=", dns);
 704         ordered_set_print(f, "NTP=", ntp);
 705         ordered_set_print(f, "SIP=", sip);
 706         ordered_set_print(f, "DOMAINS=", search_domains);
 707         ordered_set_print(f, "ROUTE_DOMAINS=", route_domains);
 708
 709         r = fflush_and_check(f);
 710         if (r < 0)
 711                 goto fail;
 712
 713         r = conservative_rename(temp_path, m->state_file);
 714         if (r < 0)
 715                 goto fail;
 716
 717         if (m->operational_state != operstate) {
 718                 m->operational_state = operstate;
 719                 if (strv_extend(&p, "OperationalState") < 0)
 720                         log_oom();
 721         }
 722
 723         if (m->carrier_state != carrier_state) {
 724                 m->carrier_state = carrier_state;
 725                 if (strv_extend(&p, "CarrierState") < 0)
 726                         log_oom();
 727         }
 728
 729         if (m->address_state != address_state) {
 730                 m->address_state = address_state;
 731                 if (strv_extend(&p, "AddressState") < 0)
 732                         log_oom();
 733         }
 734
 735         if (p) {
 736                 r = manager_send_changed_strv(m, p);
 737                 if (r < 0)
 738                         log_error_errno(r, "Could not emit changed properties: %m");
 739         }
 740
 741         m->dirty = false;
 742
 743         return 0;
 744
 745 fail:
 746         (void) unlink(m->state_file);
 747         (void) unlink(temp_path);
 748
 749         return log_error_errno(r, "Failed to save network state to %s: %m", m->state_file);
 750 }
 751
 752 static int manager_dirty_handler(sd_event_source *s, void *userdata) {
 753         Manager *m = userdata;
 754         Link *link;
 755
 756         assert(m);
 757
 758         if (m->dirty)
 759                 manager_save(m);
 760
 761         SET_FOREACH(link, m->dirty_links)
 762                 (void) link_save_and_clean(link);
 763
 764         return 1;
 765 }
 766
 767 static int signal_terminate_callback(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
 768         Manager *m = userdata;
 769
 770         assert(m);
 771         m->restarting = false;
 772
 773         log_debug("Terminate operation initiated.");
 774
 775         return sd_event_exit(sd_event_source_get_event(s), 0);
 776 }
 777
 778 static int signal_restart_callback(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
 779         Manager *m = userdata;
 780
 781         assert(m);
 782         m->restarting = true;
 783
 784         log_debug("Restart operation initiated.");
 785
 786         return sd_event_exit(sd_event_source_get_event(s), 0);
 787 }
 788
 789 int manager_new(Manager **ret) {
 790         _cleanup_(manager_freep) Manager *m = NULL;
 791         int r;
 792
 793         m = new(Manager, 1);
 794         if (!m)
 795                 return -ENOMEM;
 796
 797         *m = (Manager) {
 798                 .speed_meter_interval_usec = SPEED_METER_DEFAULT_TIME_INTERVAL,
 799                 .manage_foreign_routes = true,
 800                 .ethtool_fd = -1,
 801         };
 802
 803         m->state_file = strdup("/run/systemd/netif/state");
 804         if (!m->state_file)
 805                 return -ENOMEM;
 806
 807         r = sd_event_default(&m->event);
 808         if (r < 0)
 809                 return r;
 810
 811         assert_se(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR2, -1) >= 0);
 812
 813         (void) sd_event_set_watchdog(m->event, true);
 814         (void) sd_event_add_signal(m->event, NULL, SIGTERM, signal_terminate_callback, m);
 815         (void) sd_event_add_signal(m->event, NULL, SIGINT, signal_terminate_callback, m);
 816         (void) sd_event_add_signal(m->event, NULL, SIGUSR2, signal_restart_callback, m);
 817
 818         r = sd_event_add_post(m->event, NULL, manager_dirty_handler, m);
 819         if (r < 0)
 820                 return r;
 821
 822         r = manager_connect_rtnl(m);
 823         if (r < 0)
 824                 return r;
 825
 826         r = manager_connect_genl(m);
 827         if (r < 0)
 828                 return r;
 829
 830         r = manager_connect_udev(m);
 831         if (r < 0)
 832                 return r;
 833
 834         r = sd_resolve_default(&m->resolve);
 835         if (r < 0)
 836                 return r;
 837
 838         r = sd_resolve_attach_event(m->resolve, m->event, 0);
 839         if (r < 0)
 840                 return r;
 841
 842         r = address_pool_setup_default(m);
 843         if (r < 0)
 844                 return r;
 845
 846         m->duid.type = DUID_TYPE_EN;
 847
 848         *ret = TAKE_PTR(m);
 849
 850         return 0;
 851 }
 852
 853 Manager* manager_free(Manager *m) {
 854         Link *link;
 855
 856         if (!m)
 857                 return NULL;
 858
 859         free(m->state_file);
 860
 861         HASHMAP_FOREACH(link, m->links)
 862                 (void) link_stop_engines(link, true);
 863
 864         m->dhcp6_prefixes = hashmap_free_with_destructor(m->dhcp6_prefixes, dhcp6_pd_free);
 865         m->dhcp6_pd_prefixes = set_free_with_destructor(m->dhcp6_pd_prefixes, dhcp6_pd_free);
 866
 867         m->dirty_links = set_free_with_destructor(m->dirty_links, link_unref);
 868         m->links_requesting_uuid = set_free_with_destructor(m->links_requesting_uuid, link_unref);
 869         m->links = hashmap_free_with_destructor(m->links, link_unref);
 870
 871         m->duids_requesting_uuid = set_free(m->duids_requesting_uuid);
 872         m->networks = ordered_hashmap_free_with_destructor(m->networks, network_unref);
 873
 874         m->netdevs = hashmap_free_with_destructor(m->netdevs, netdev_unref);
 875
 876         ordered_set_free_free(m->address_pools);
 877
 878         hashmap_free(m->route_table_names_by_number);
 879         hashmap_free(m->route_table_numbers_by_name);
 880
 881         /* routing_policy_rule_free() access m->rules and m->rules_foreign.
 882          * So, it is necessary to set NULL after the sets are freed. */
 883         m->rules = set_free(m->rules);
 884         m->rules_foreign = set_free(m->rules_foreign);
 885
 886         sd_netlink_unref(m->rtnl);
 887         sd_netlink_unref(m->genl);
 888         sd_resolve_unref(m->resolve);
 889
 890         /* reject (e.g. unreachable) type routes are managed by Manager, but may be referenced by a
 891          * link. E.g., DHCP6 with prefix delegation creates unreachable routes, and they are referenced
 892          * by the upstream link. And the links may be referenced by netlink slots. Hence, two
 893          * set_free() must be called after the above sd_netlink_unref(). */
 894         m->routes = set_free(m->routes);
 895         m->routes_foreign = set_free(m->routes_foreign);
 896
 897         sd_event_source_unref(m->speed_meter_event_source);
 898         sd_event_unref(m->event);
 899
 900         sd_device_monitor_unref(m->device_monitor);
 901
 902         bus_verify_polkit_async_registry_free(m->polkit_registry);
 903         sd_bus_flush_close_unref(m->bus);
 904
 905         free(m->dynamic_timezone);
 906         free(m->dynamic_hostname);
 907
 908         safe_close(m->ethtool_fd);
 909
 910         m->fw_ctx = fw_ctx_free(m->fw_ctx);
 911
 912         return mfree(m);
 913 }
 914
 915 int manager_start(Manager *m) {
 916         Link *link;
 917         int r;
 918
 919         assert(m);
 920
 921         r = manager_start_speed_meter(m);
 922         if (r < 0)
 923                 return log_error_errno(r, "Failed to initialize speed meter: %m");
 924
 925         /* The dirty handler will deal with future serialization, but the first one
 926            must be done explicitly. */
 927
 928         manager_save(m);
 929
 930         HASHMAP_FOREACH(link, m->links)
 931                 (void) link_save(link);
 932
 933         return 0;
 934 }
 935
 936 int manager_load_config(Manager *m) {
 937         int r;
 938
 939         /* update timestamp */
 940         paths_check_timestamp(NETWORK_DIRS, &m->network_dirs_ts_usec, true);
 941
 942         r = netdev_load(m, false);
 943         if (r < 0)
 944                 return r;
 945
 946         r = network_load(m, &m->networks);
 947         if (r < 0)
 948                 return r;
 949
 950         return 0;
 951 }
 952
 953 bool manager_should_reload(Manager *m) {
 954         return paths_check_timestamp(NETWORK_DIRS, &m->network_dirs_ts_usec, false);
 955 }
 956
 957 static int manager_enumerate_internal(
 958                 Manager *m,
 959                 sd_netlink_message *req,
 960                 int (*process)(sd_netlink *, sd_netlink_message *, Manager *),
 961                 const char *name) {
 962
 963         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *reply = NULL;
 964         int r;
 965
 966         assert(m);
 967         assert(m->rtnl);
 968         assert(req);
 969         assert(process);
 970
 971         r = sd_netlink_message_request_dump(req, true);
 972         if (r < 0)
 973                 return r;
 974
 975         r = sd_netlink_call(m->rtnl, req, 0, &reply);
 976         if (r < 0) {
 977                 if (name && (r == -EOPNOTSUPP || (r == -EINVAL && mac_selinux_enforcing()))) {
 978                         log_debug_errno(r, "%s are not supported by the kernel. Ignoring.", name);
 979                         return 0;
 980                 }
 981
 982                 return r;
 983         }
 984
 985         for (sd_netlink_message *reply_one = reply; reply_one; reply_one = sd_netlink_message_next(reply_one)) {
 986                 int k;
 987
 988                 m->enumerating = true;
 989
 990                 k = process(m->rtnl, reply_one, m);
 991                 if (k < 0 && r >= 0)
 992                         r = k;
 993
 994                 m->enumerating = false;
 995         }
 996
 997         return r;
 998 }
 999
1000 static int manager_enumerate_links(Manager *m) {
1001         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1002         int r;
1003
1004         assert(m);
1005         assert(m->rtnl);
1006
1007         r = sd_rtnl_message_new_link(m->rtnl, &req, RTM_GETLINK, 0);
1008         if (r < 0)
1009                 return r;
1010
1011         return manager_enumerate_internal(m, req, manager_rtnl_process_link, NULL);
1012 }
1013
1014 static int manager_enumerate_addresses(Manager *m) {
1015         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1016         int r;
1017
1018         assert(m);
1019         assert(m->rtnl);
1020
1021         r = sd_rtnl_message_new_addr(m->rtnl, &req, RTM_GETADDR, 0, 0);
1022         if (r < 0)
1023                 return r;
1024
1025         return manager_enumerate_internal(m, req, manager_rtnl_process_address, NULL);
1026 }
1027
1028 static int manager_enumerate_neighbors(Manager *m) {
1029         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1030         int r;
1031
1032         assert(m);
1033         assert(m->rtnl);
1034
1035         r = sd_rtnl_message_new_neigh(m->rtnl, &req, RTM_GETNEIGH, 0, AF_UNSPEC);
1036         if (r < 0)
1037                 return r;
1038
1039         return manager_enumerate_internal(m, req, manager_rtnl_process_neighbor, NULL);
1040 }
1041
1042 static int manager_enumerate_routes(Manager *m) {
1043         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1044         int r;
1045
1046         assert(m);
1047         assert(m->rtnl);
1048
1049         if (!m->manage_foreign_routes)
1050                 return 0;
1051
1052         r = sd_rtnl_message_new_route(m->rtnl, &req, RTM_GETROUTE, 0, 0);
1053         if (r < 0)
1054                 return r;
1055
1056         return manager_enumerate_internal(m, req, manager_rtnl_process_route, NULL);
1057 }
1058
1059 static int manager_enumerate_rules(Manager *m) {
1060         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1061         int r;
1062
1063         assert(m);
1064         assert(m->rtnl);
1065
1066         r = sd_rtnl_message_new_routing_policy_rule(m->rtnl, &req, RTM_GETRULE, 0);
1067         if (r < 0)
1068                 return r;
1069
1070         return manager_enumerate_internal(m, req, manager_rtnl_process_rule, "Routing policy rules");
1071 }
1072
1073 static int manager_enumerate_nexthop(Manager *m) {
1074         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1075         int r;
1076
1077         assert(m);
1078         assert(m->rtnl);
1079
1080         r = sd_rtnl_message_new_nexthop(m->rtnl, &req, RTM_GETNEXTHOP, 0, 0);
1081         if (r < 0)
1082                 return r;
1083
1084         return manager_enumerate_internal(m, req, manager_rtnl_process_nexthop, "Nexthop rules");
1085 }
1086
1087 int manager_enumerate(Manager *m) {
1088         int r;
1089
1090         r = manager_enumerate_links(m);
1091         if (r < 0)
1092                 return log_error_errno(r, "Could not enumerate links: %m");
1093
1094         r = manager_enumerate_addresses(m);
1095         if (r < 0)
1096                 return log_error_errno(r, "Could not enumerate addresses: %m");
1097
1098         r = manager_enumerate_neighbors(m);
1099         if (r < 0)
1100                 return log_error_errno(r, "Could not enumerate neighbors: %m");
1101
1102         r = manager_enumerate_routes(m);
1103         if (r < 0)
1104                 return log_error_errno(r, "Could not enumerate routes: %m");
1105
1106         r = manager_enumerate_rules(m);
1107         if (r < 0)
1108                 return log_error_errno(r, "Could not enumerate routing policy rules: %m");
1109
1110         r = manager_enumerate_nexthop(m);
1111         if (r < 0)
1112                 return log_error_errno(r, "Could not enumerate nexthop rules: %m");
1113
1114         return 0;
1115 }
1116
1117 Link* manager_find_uplink(Manager *m, Link *exclude) {
1118         _cleanup_free_ struct local_address *gateways = NULL;
1119         int n;
1120
1121         assert(m);
1122
1123         /* Looks for a suitable "uplink", via black magic: an
1124          * interface that is up and where the default route with the
1125          * highest priority points to. */
1126
1127         n = local_gateways(m->rtnl, 0, AF_UNSPEC, &gateways);
1128         if (n < 0) {
1129                 log_warning_errno(n, "Failed to determine list of default gateways: %m");
1130                 return NULL;
1131         }
1132
1133         for (int i = 0; i < n; i++) {
1134                 Link *link;
1135
1136                 link = hashmap_get(m->links, INT_TO_PTR(gateways[i].ifindex));
1137                 if (!link) {
1138                         log_debug("Weird, found a gateway for a link we don't know. Ignoring.");
1139                         continue;
1140                 }
1141
1142                 if (link == exclude)
1143                         continue;
1144
1145                 if (link->operstate < LINK_OPERSTATE_ROUTABLE)
1146                         continue;
1147
1148                 return link;
1149         }
1150
1151         return NULL;
1152 }
1153
1154 void manager_dirty(Manager *manager) {
1155         assert(manager);
1156
1157         /* the serialized state in /run is no longer up-to-date */
1158         manager->dirty = true;
1159 }
1160
1161 static int set_hostname_handler(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
1162         const sd_bus_error *e;
1163         int r;
1164
1165         assert(m);
1166
1167         e = sd_bus_message_get_error(m);
1168         if (e) {
1169                 r = sd_bus_error_get_errno(e);
1170                 log_warning_errno(r, "Could not set hostname: %s", bus_error_message(e, r));
1171         }
1172
1173         return 1;
1174 }
1175
1176 int manager_set_hostname(Manager *m, const char *hostname) {
1177         int r;
1178
1179         log_debug("Setting transient hostname: '%s'", strna(hostname));
1180
1181         r = free_and_strdup_warn(&m->dynamic_hostname, hostname);
1182         if (r < 0)
1183                 return r;
1184
1185         if (!m->bus || sd_bus_is_ready(m->bus) <= 0) {
1186                 log_debug("Not connected to system bus, setting hostname later.");
1187                 return 0;
1188         }
1189
1190         r = sd_bus_call_method_async(
1191                         m->bus,
1192                         NULL,
1193                         "org.freedesktop.hostname1",
1194                         "/org/freedesktop/hostname1",
1195                         "org.freedesktop.hostname1",
1196                         "SetHostname",
1197                         set_hostname_handler,
1198                         m,
1199                         "sb",
1200                         hostname,
1201                         false);
1202
1203         if (r < 0)
1204                 return log_error_errno(r, "Could not set transient hostname: %m");
1205
1206         return 0;
1207 }
1208
1209 static int set_timezone_handler(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
1210         const sd_bus_error *e;
1211         int r;
1212
1213         assert(m);
1214
1215         e = sd_bus_message_get_error(m);
1216         if (e) {
1217                 r = sd_bus_error_get_errno(e);
1218                 log_warning_errno(r, "Could not set timezone: %s", bus_error_message(e, r));
1219         }
1220
1221         return 1;
1222 }
1223
1224 int manager_set_timezone(Manager *m, const char *tz) {
1225         int r;
1226
1227         assert(m);
1228         assert(tz);
1229
1230         log_debug("Setting system timezone: '%s'", tz);
1231         r = free_and_strdup_warn(&m->dynamic_timezone, tz);
1232         if (r < 0)
1233                 return r;
1234
1235         if (!m->bus || sd_bus_is_ready(m->bus) <= 0) {
1236                 log_debug("Not connected to system bus, setting timezone later.");
1237                 return 0;
1238         }
1239
1240         r = sd_bus_call_method_async(
1241                         m->bus,
1242                         NULL,
1243                         "org.freedesktop.timedate1",
1244                         "/org/freedesktop/timedate1",
1245                         "org.freedesktop.timedate1",
1246                         "SetTimezone",
1247                         set_timezone_handler,
1248                         m,
1249                         "sb",
1250                         tz,
1251                         false);
1252         if (r < 0)
1253                 return log_error_errno(r, "Could not set timezone: %m");
1254
1255         return 0;
1256 }