]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/networkd-nexthop.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
network/nexthop: NextHop.id is always positive when nexthop_configure() is called
[thirdparty/systemd.git] / src / network / networkd-nexthop.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later
2 * Copyright © 2019 VMware, Inc.
3 */
4
5 #include <net/if.h>
6 #include <linux/nexthop.h>
7
8 #include "alloc-util.h"
9 #include "netlink-util.h"
10 #include "networkd-link.h"
11 #include "networkd-manager.h"
12 #include "networkd-network.h"
13 #include "networkd-nexthop.h"
14 #include "networkd-queue.h"
15 #include "networkd-route-util.h"
16 #include "parse-util.h"
17 #include "set.h"
18 #include "stdio-util.h"
19 #include "string-util.h"
20
21 NextHop *nexthop_free(NextHop *nexthop) {
22 if (!nexthop)
23 return NULL;
24
25 if (nexthop->network) {
26 assert(nexthop->section);
27 hashmap_remove(nexthop->network->nexthops_by_section, nexthop->section);
28 }
29
30 config_section_free(nexthop->section);
31
32 if (nexthop->link) {
33 set_remove(nexthop->link->nexthops, nexthop);
34
35 if (nexthop->link->manager && nexthop->id > 0)
36 hashmap_remove(nexthop->link->manager->nexthops_by_id, UINT32_TO_PTR(nexthop->id));
37 }
38
39 if (nexthop->manager) {
40 set_remove(nexthop->manager->nexthops, nexthop);
41
42 if (nexthop->id > 0)
43 hashmap_remove(nexthop->manager->nexthops_by_id, UINT32_TO_PTR(nexthop->id));
44 }
45
46 hashmap_free_free(nexthop->group);
47
48 return mfree(nexthop);
49 }
50
51 DEFINE_SECTION_CLEANUP_FUNCTIONS(NextHop, nexthop_free);
52
53 static int nexthop_new(NextHop **ret) {
54 _cleanup_(nexthop_freep) NextHop *nexthop = NULL;
55
56 nexthop = new(NextHop, 1);
57 if (!nexthop)
58 return -ENOMEM;
59
60 *nexthop = (NextHop) {
61 .family = AF_UNSPEC,
62 .onlink = -1,
63 };
64
65 *ret = TAKE_PTR(nexthop);
66
67 return 0;
68 }
69
70 static int nexthop_new_static(Network *network, const char *filename, unsigned section_line, NextHop **ret) {
71 _cleanup_(config_section_freep) ConfigSection *n = NULL;
72 _cleanup_(nexthop_freep) NextHop *nexthop = NULL;
73 int r;
74
75 assert(network);
76 assert(ret);
77 assert(filename);
78 assert(section_line > 0);
79
80 r = config_section_new(filename, section_line, &n);
81 if (r < 0)
82 return r;
83
84 nexthop = hashmap_get(network->nexthops_by_section, n);
85 if (nexthop) {
86 *ret = TAKE_PTR(nexthop);
87 return 0;
88 }
89
90 r = nexthop_new(&nexthop);
91 if (r < 0)
92 return r;
93
94 nexthop->protocol = RTPROT_STATIC;
95 nexthop->network = network;
96 nexthop->section = TAKE_PTR(n);
97 nexthop->source = NETWORK_CONFIG_SOURCE_STATIC;
98
99 r = hashmap_ensure_put(&network->nexthops_by_section, &config_section_hash_ops, nexthop->section, nexthop);
100 if (r < 0)
101 return r;
102
103 *ret = TAKE_PTR(nexthop);
104 return 0;
105 }
106
107 static void nexthop_hash_func(const NextHop *nexthop, struct siphash *state) {
108 assert(nexthop);
109
110 siphash24_compress(&nexthop->protocol, sizeof(nexthop->protocol), state);
111 siphash24_compress(&nexthop->id, sizeof(nexthop->id), state);
112 siphash24_compress(&nexthop->blackhole, sizeof(nexthop->blackhole), state);
113 siphash24_compress(&nexthop->family, sizeof(nexthop->family), state);
114
115 switch (nexthop->family) {
116 case AF_INET:
117 case AF_INET6:
118 siphash24_compress(&nexthop->gw, FAMILY_ADDRESS_SIZE(nexthop->family), state);
119
120 break;
121 default:
122 /* treat any other address family as AF_UNSPEC */
123 break;
124 }
125 }
126
127 static int nexthop_compare_func(const NextHop *a, const NextHop *b) {
128 int r;
129
130 r = CMP(a->protocol, b->protocol);
131 if (r != 0)
132 return r;
133
134 r = CMP(a->id, b->id);
135 if (r != 0)
136 return r;
137
138 r = CMP(a->blackhole, b->blackhole);
139 if (r != 0)
140 return r;
141
142 r = CMP(a->family, b->family);
143 if (r != 0)
144 return r;
145
146 if (IN_SET(a->family, AF_INET, AF_INET6))
147 return memcmp(&a->gw, &b->gw, FAMILY_ADDRESS_SIZE(a->family));
148
149 return 0;
150 }
151
152 DEFINE_PRIVATE_HASH_OPS_WITH_KEY_DESTRUCTOR(
153 nexthop_hash_ops,
154 NextHop,
155 nexthop_hash_func,
156 nexthop_compare_func,
157 nexthop_free);
158
159 static bool nexthop_equal(const NextHop *a, const NextHop *b) {
160 if (a == b)
161 return true;
162
163 if (!a || !b)
164 return false;
165
166 return nexthop_compare_func(a, b) == 0;
167 }
168
169 static int nexthop_dup(const NextHop *src, NextHop **ret) {
170 _cleanup_(nexthop_freep) NextHop *dest = NULL;
171 struct nexthop_grp *nhg;
172 int r;
173
174 assert(src);
175 assert(ret);
176
177 dest = newdup(NextHop, src, 1);
178 if (!dest)
179 return -ENOMEM;
180
181 /* unset all pointers */
182 dest->manager = NULL;
183 dest->link = NULL;
184 dest->network = NULL;
185 dest->section = NULL;
186 dest->group = NULL;
187
188 HASHMAP_FOREACH(nhg, src->group) {
189 _cleanup_free_ struct nexthop_grp *g = NULL;
190
191 g = newdup(struct nexthop_grp, nhg, 1);
192 if (!g)
193 return -ENOMEM;
194
195 r = hashmap_ensure_put(&dest->group, NULL, UINT32_TO_PTR(g->id), g);
196 if (r < 0)
197 return r;
198 if (r > 0)
199 TAKE_PTR(g);
200 }
201
202 *ret = TAKE_PTR(dest);
203 return 0;
204 }
205
206 int manager_get_nexthop_by_id(Manager *manager, uint32_t id, NextHop **ret) {
207 NextHop *nh;
208
209 assert(manager);
210
211 if (id == 0)
212 return -EINVAL;
213
214 nh = hashmap_get(manager->nexthops_by_id, UINT32_TO_PTR(id));
215 if (!nh)
216 return -ENOENT;
217
218 if (ret)
219 *ret = nh;
220 return 0;
221 }
222
223 static bool nexthop_owned_by_link(const NextHop *nexthop) {
224 return !nexthop->blackhole && hashmap_isempty(nexthop->group);
225 }
226
227 static int nexthop_get(Manager *manager, Link *link, NextHop *in, NextHop **ret) {
228 NextHop *nexthop;
229 Set *nexthops;
230
231 assert(in);
232
233 if (nexthop_owned_by_link(in)) {
234 if (!link)
235 return -ENOENT;
236
237 nexthops = link->nexthops;
238 } else {
239 if (!manager)
240 return -ENOENT;
241
242 nexthops = manager->nexthops;
243 }
244
245 nexthop = set_get(nexthops, in);
246 if (nexthop) {
247 if (ret)
248 *ret = nexthop;
249 return 0;
250 }
251
252 if (in->id > 0)
253 return -ENOENT;
254
255 /* Also find nexthop configured without ID. */
256 SET_FOREACH(nexthop, nexthops) {
257 uint32_t id;
258 bool found;
259
260 id = nexthop->id;
261 nexthop->id = 0;
262 found = nexthop_equal(nexthop, in);
263 nexthop->id = id;
264
265 if (!found)
266 continue;
267
268 if (ret)
269 *ret = nexthop;
270 return 0;
271 }
272
273 return -ENOENT;
274 }
275
276 static int nexthop_add(Manager *manager, Link *link, NextHop *nexthop) {
277 int r;
278
279 assert(nexthop);
280 assert(nexthop->id > 0);
281
282 if (nexthop_owned_by_link(nexthop)) {
283 assert(link);
284
285 r = set_ensure_put(&link->nexthops, &nexthop_hash_ops, nexthop);
286 if (r < 0)
287 return r;
288 if (r == 0)
289 return -EEXIST;
290
291 nexthop->link = link;
292
293 manager = link->manager;
294 } else {
295 assert(manager);
296
297 r = set_ensure_put(&manager->nexthops, &nexthop_hash_ops, nexthop);
298 if (r < 0)
299 return r;
300 if (r == 0)
301 return -EEXIST;
302
303 nexthop->manager = manager;
304 }
305
306 return hashmap_ensure_put(&manager->nexthops_by_id, NULL, UINT32_TO_PTR(nexthop->id), nexthop);
307 }
308
309 static int nexthop_acquire_id(Manager *manager, NextHop *nexthop) {
310 _cleanup_set_free_ Set *ids = NULL;
311 Network *network;
312 int r;
313
314 assert(manager);
315 assert(nexthop);
316
317 if (nexthop->id > 0)
318 return 0;
319
320 /* If ManageForeignNextHops=no, nexthop with id == 0 should be already filtered by
321 * nexthop_section_verify(). */
322 assert(manager->manage_foreign_nexthops);
323
324 /* Find the lowest unused ID. */
325
326 ORDERED_HASHMAP_FOREACH(network, manager->networks) {
327 NextHop *tmp;
328
329 HASHMAP_FOREACH(tmp, network->nexthops_by_section) {
330 if (tmp->id == 0)
331 continue;
332
333 r = set_ensure_put(&ids, NULL, UINT32_TO_PTR(tmp->id));
334 if (r < 0)
335 return r;
336 }
337 }
338
339 for (uint32_t id = 1; id < UINT32_MAX; id++) {
340 if (manager_get_nexthop_by_id(manager, id, NULL) >= 0)
341 continue;
342 if (set_contains(ids, UINT32_TO_PTR(id)))
343 continue;
344
345 nexthop->id = id;
346 return 0;
347 }
348
349 return -EBUSY;
350 }
351
352 static void log_nexthop_debug(const NextHop *nexthop, const char *str, const Link *link) {
353 _cleanup_free_ char *state = NULL, *group = NULL, *flags = NULL;
354 struct nexthop_grp *nhg;
355
356 assert(nexthop);
357 assert(str);
358
359 /* link may be NULL. */
360
361 if (!DEBUG_LOGGING)
362 return;
363
364 (void) network_config_state_to_string_alloc(nexthop->state, &state);
365 (void) route_flags_to_string_alloc(nexthop->flags, &flags);
366
367 HASHMAP_FOREACH(nhg, nexthop->group)
368 (void) strextendf_with_separator(&group, ",", "%"PRIu32":%"PRIu32, nhg->id, nhg->weight+1u);
369
370 log_link_debug(link, "%s %s nexthop (%s): id: %"PRIu32", gw: %s, blackhole: %s, group: %s, flags: %s",
371 str, strna(network_config_source_to_string(nexthop->source)), strna(state),
372 nexthop->id,
373 IN_ADDR_TO_STRING(nexthop->family, &nexthop->gw),
374 yes_no(nexthop->blackhole), strna(group), strna(flags));
375 }
376
377 static int nexthop_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
378 int r;
379
380 assert(m);
381
382 /* link may be NULL. */
383
384 if (link && IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
385 return 1;
386
387 r = sd_netlink_message_get_errno(m);
388 if (r < 0 && r != -ENOENT)
389 log_link_message_warning_errno(link, m, r, "Could not drop nexthop, ignoring");
390
391 return 1;
392 }
393
394 static int nexthop_remove(NextHop *nexthop) {
395 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
396 Manager *manager;
397 Link *link;
398 int r;
399
400 assert(nexthop);
401 assert(nexthop->manager || (nexthop->link && nexthop->link->manager));
402
403 /* link may be NULL. */
404 link = nexthop->link;
405 manager = nexthop->manager ?: nexthop->link->manager;
406
407 if (nexthop->id == 0) {
408 log_link_debug(link, "Cannot remove nexthop without valid ID, ignoring.");
409 return 0;
410 }
411
412 log_nexthop_debug(nexthop, "Removing", link);
413
414 r = sd_rtnl_message_new_nexthop(manager->rtnl, &m, RTM_DELNEXTHOP, AF_UNSPEC, RTPROT_UNSPEC);
415 if (r < 0)
416 return log_link_error_errno(link, r, "Could not create RTM_DELNEXTHOP message: %m");
417
418 r = sd_netlink_message_append_u32(m, NHA_ID, nexthop->id);
419 if (r < 0)
420 return log_link_error_errno(link, r, "Could not append NHA_ID attribute: %m");
421
422 r = netlink_call_async(manager->rtnl, NULL, m, nexthop_remove_handler,
423 link ? link_netlink_destroy_callback : NULL, link);
424 if (r < 0)
425 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
426
427 link_ref(link); /* link may be NULL, link_ref() is OK with that */
428
429 nexthop_enter_removing(nexthop);
430 return 0;
431 }
432
433 static int nexthop_configure(NextHop *nexthop, Link *link, Request *req) {
434 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
435 int r;
436
437 assert(nexthop);
438 assert(nexthop->id > 0);
439 assert(IN_SET(nexthop->family, AF_UNSPEC, AF_INET, AF_INET6));
440 assert(link);
441 assert(link->manager);
442 assert(link->manager->rtnl);
443 assert(link->ifindex > 0);
444 assert(req);
445
446 log_nexthop_debug(nexthop, "Configuring", link);
447
448 r = sd_rtnl_message_new_nexthop(link->manager->rtnl, &m, RTM_NEWNEXTHOP, nexthop->family, nexthop->protocol);
449 if (r < 0)
450 return r;
451
452 r = sd_netlink_message_append_u32(m, NHA_ID, nexthop->id);
453 if (r < 0)
454 return r;
455
456 if (!hashmap_isempty(nexthop->group)) {
457 _cleanup_free_ struct nexthop_grp *group = NULL;
458 struct nexthop_grp *p, *nhg;
459
460 group = new(struct nexthop_grp, hashmap_size(nexthop->group));
461 if (!group)
462 return log_oom();
463
464 p = group;
465 HASHMAP_FOREACH(nhg, nexthop->group)
466 *p++ = *nhg;
467
468 r = sd_netlink_message_append_data(m, NHA_GROUP, group, sizeof(struct nexthop_grp) * hashmap_size(nexthop->group));
469 if (r < 0)
470 return r;
471
472 } else if (nexthop->blackhole) {
473 r = sd_netlink_message_append_flag(m, NHA_BLACKHOLE);
474 if (r < 0)
475 return r;
476 } else {
477 r = sd_netlink_message_append_u32(m, NHA_OIF, link->ifindex);
478 if (r < 0)
479 return r;
480
481 if (in_addr_is_set(nexthop->family, &nexthop->gw)) {
482 r = netlink_message_append_in_addr_union(m, NHA_GATEWAY, nexthop->family, &nexthop->gw);
483 if (r < 0)
484 return r;
485
486 r = sd_rtnl_message_nexthop_set_flags(m, nexthop->flags & RTNH_F_ONLINK);
487 if (r < 0)
488 return r;
489 }
490 }
491
492 return request_call_netlink_async(link->manager->rtnl, m, req);
493 }
494
495 static int static_nexthop_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, NextHop *nexthop) {
496 int r;
497
498 assert(m);
499 assert(link);
500
501 r = sd_netlink_message_get_errno(m);
502 if (r < 0 && r != -EEXIST) {
503 log_link_message_warning_errno(link, m, r, "Could not set nexthop");
504 link_enter_failed(link);
505 return 1;
506 }
507
508 if (link->static_nexthop_messages == 0) {
509 log_link_debug(link, "Nexthops set");
510 link->static_nexthops_configured = true;
511 link_check_ready(link);
512 }
513
514 return 1;
515 }
516
517 static bool nexthop_is_ready_to_configure(Link *link, const NextHop *nexthop) {
518 struct nexthop_grp *nhg;
519
520 assert(link);
521 assert(nexthop);
522
523 if (!link_is_ready_to_configure(link, false))
524 return false;
525
526 if (nexthop_owned_by_link(nexthop)) {
527 /* TODO: fdb nexthop does not require IFF_UP. The conditions below needs to be updated
528 * when fdb nexthop support is added. See rtm_to_nh_config() in net/ipv4/nexthop.c of
529 * kernel. */
530 if (link->set_flags_messages > 0)
531 return false;
532 if (!FLAGS_SET(link->flags, IFF_UP))
533 return false;
534 }
535
536 /* All group members must be configured first. */
537 HASHMAP_FOREACH(nhg, nexthop->group) {
538 NextHop *g;
539
540 if (manager_get_nexthop_by_id(link->manager, nhg->id, &g) < 0)
541 return false;
542
543 if (!nexthop_exists(g))
544 return false;
545 }
546
547 if (nexthop->id == 0) {
548 Request *req;
549
550 ORDERED_SET_FOREACH(req, link->manager->request_queue) {
551 if (req->type != REQUEST_TYPE_NEXTHOP)
552 continue;
553 if (((NextHop*) req->userdata)->id != 0)
554 return false; /* first configure nexthop with id. */
555 }
556 }
557
558 return gateway_is_ready(link, FLAGS_SET(nexthop->flags, RTNH_F_ONLINK), nexthop->family, &nexthop->gw);
559 }
560
561 static int nexthop_process_request(Request *req, Link *link, NextHop *nexthop) {
562 int r;
563
564 assert(req);
565 assert(link);
566 assert(nexthop);
567
568 if (!nexthop_is_ready_to_configure(link, nexthop))
569 return 0;
570
571 r = nexthop_configure(nexthop, link, req);
572 if (r < 0)
573 return log_link_warning_errno(link, r, "Failed to configure nexthop");
574
575 nexthop_enter_configuring(nexthop);
576 return 1;
577 }
578
579 static int link_request_nexthop(Link *link, NextHop *nexthop) {
580 NextHop *existing;
581 int r;
582
583 assert(link);
584 assert(nexthop);
585 assert(nexthop->source != NETWORK_CONFIG_SOURCE_FOREIGN);
586
587 if (nexthop_get(link->manager, link, nexthop, &existing) < 0) {
588 _cleanup_(nexthop_freep) NextHop *tmp = NULL;
589
590 r = nexthop_dup(nexthop, &tmp);
591 if (r < 0)
592 return r;
593
594 r = nexthop_acquire_id(link->manager, tmp);
595 if (r < 0)
596 return r;
597
598 r = nexthop_add(link->manager, link, tmp);
599 if (r < 0)
600 return r;
601
602 existing = TAKE_PTR(tmp);
603 } else
604 existing->source = nexthop->source;
605
606 log_nexthop_debug(existing, "Requesting", link);
607 r = link_queue_request_safe(link, REQUEST_TYPE_NEXTHOP,
608 existing, NULL,
609 nexthop_hash_func,
610 nexthop_compare_func,
611 nexthop_process_request,
612 &link->static_nexthop_messages,
613 static_nexthop_handler,
614 NULL);
615 if (r <= 0)
616 return r;
617
618 nexthop_enter_requesting(existing);
619 return 1;
620 }
621
622 int link_request_static_nexthops(Link *link, bool only_ipv4) {
623 NextHop *nh;
624 int r;
625
626 assert(link);
627 assert(link->network);
628
629 link->static_nexthops_configured = false;
630
631 HASHMAP_FOREACH(nh, link->network->nexthops_by_section) {
632 if (only_ipv4 && nh->family != AF_INET)
633 continue;
634
635 r = link_request_nexthop(link, nh);
636 if (r < 0)
637 return log_link_warning_errno(link, r, "Could not request nexthop: %m");
638 }
639
640 if (link->static_nexthop_messages == 0) {
641 link->static_nexthops_configured = true;
642 link_check_ready(link);
643 } else {
644 log_link_debug(link, "Requesting nexthops");
645 link_set_state(link, LINK_STATE_CONFIGURING);
646 }
647
648 return 0;
649 }
650
651 static void manager_mark_nexthops(Manager *manager, bool foreign, const Link *except) {
652 NextHop *nexthop;
653 Link *link;
654
655 assert(manager);
656
657 /* First, mark all nexthops. */
658 SET_FOREACH(nexthop, manager->nexthops) {
659 /* do not touch nexthop created by the kernel */
660 if (nexthop->protocol == RTPROT_KERNEL)
661 continue;
662
663 /* When 'foreign' is true, mark only foreign nexthops, and vice versa. */
664 if (foreign != (nexthop->source == NETWORK_CONFIG_SOURCE_FOREIGN))
665 continue;
666
667 /* Ignore nexthops not assigned yet or already removed. */
668 if (!nexthop_exists(nexthop))
669 continue;
670
671 nexthop_mark(nexthop);
672 }
673
674 /* Then, unmark all nexthops requested by active links. */
675 HASHMAP_FOREACH(link, manager->links_by_index) {
676 if (link == except)
677 continue;
678
679 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
680 continue;
681
682 HASHMAP_FOREACH(nexthop, link->network->nexthops_by_section) {
683 NextHop *existing;
684
685 if (nexthop_get(manager, NULL, nexthop, &existing) >= 0)
686 nexthop_unmark(existing);
687 }
688 }
689 }
690
691 static int manager_drop_marked_nexthops(Manager *manager) {
692 NextHop *nexthop;
693 int r = 0;
694
695 assert(manager);
696
697 SET_FOREACH(nexthop, manager->nexthops) {
698 if (!nexthop_is_marked(nexthop))
699 continue;
700
701 RET_GATHER(r, nexthop_remove(nexthop));
702 }
703
704 return r;
705 }
706
707 int link_drop_foreign_nexthops(Link *link) {
708 NextHop *nexthop;
709 int r = 0;
710
711 assert(link);
712 assert(link->manager);
713 assert(link->network);
714
715 /* First, mark all nexthops. */
716 SET_FOREACH(nexthop, link->nexthops) {
717 /* do not touch nexthop created by the kernel */
718 if (nexthop->protocol == RTPROT_KERNEL)
719 continue;
720
721 /* Do not remove nexthops we configured. */
722 if (nexthop->source != NETWORK_CONFIG_SOURCE_FOREIGN)
723 continue;
724
725 /* Ignore nexthops not assigned yet or already removed. */
726 if (!nexthop_exists(nexthop))
727 continue;
728
729 nexthop_mark(nexthop);
730 }
731
732 /* Then, unmark all nexthops requested by active links. */
733 HASHMAP_FOREACH(nexthop, link->network->nexthops_by_section) {
734 NextHop *existing;
735
736 if (nexthop_get(NULL, link, nexthop, &existing) >= 0)
737 nexthop_unmark(existing);
738 }
739
740 /* Finally, remove all marked rules. */
741 SET_FOREACH(nexthop, link->nexthops) {
742 if (!nexthop_is_marked(nexthop))
743 continue;
744
745 RET_GATHER(r, nexthop_remove(nexthop));
746 }
747
748 manager_mark_nexthops(link->manager, /* foreign = */ true, NULL);
749
750 return RET_GATHER(r, manager_drop_marked_nexthops(link->manager));
751 }
752
753 int link_drop_managed_nexthops(Link *link) {
754 NextHop *nexthop;
755 int r = 0;
756
757 assert(link);
758 assert(link->manager);
759
760 SET_FOREACH(nexthop, link->nexthops) {
761 /* do not touch nexthop created by the kernel */
762 if (nexthop->protocol == RTPROT_KERNEL)
763 continue;
764
765 /* Do not touch addresses managed by kernel or other tools. */
766 if (nexthop->source == NETWORK_CONFIG_SOURCE_FOREIGN)
767 continue;
768
769 /* Ignore nexthops not assigned yet or already removing. */
770 if (!nexthop_exists(nexthop))
771 continue;
772
773 RET_GATHER(r, nexthop_remove(nexthop));
774 }
775
776 manager_mark_nexthops(link->manager, /* foreign = */ false, link);
777
778 return RET_GATHER(r, manager_drop_marked_nexthops(link->manager));
779 }
780
781 void link_foreignize_nexthops(Link *link) {
782 NextHop *nexthop;
783
784 assert(link);
785
786 SET_FOREACH(nexthop, link->nexthops)
787 nexthop->source = NETWORK_CONFIG_SOURCE_FOREIGN;
788
789 manager_mark_nexthops(link->manager, /* foreign = */ false, link);
790
791 SET_FOREACH(nexthop, link->manager->nexthops) {
792 if (!nexthop_is_marked(nexthop))
793 continue;
794
795 nexthop->source = NETWORK_CONFIG_SOURCE_FOREIGN;
796 }
797 }
798
799 static int nexthop_update_group(NextHop *nexthop, const struct nexthop_grp *group, size_t size) {
800 _cleanup_hashmap_free_free_ Hashmap *h = NULL;
801 size_t n_group;
802 int r;
803
804 assert(nexthop);
805 assert(group || size == 0);
806
807 if (size == 0 || size % sizeof(struct nexthop_grp) != 0)
808 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
809 "rtnl: received nexthop message with invalid nexthop group size, ignoring.");
810
811 if ((uintptr_t) group % alignof(struct nexthop_grp) != 0)
812 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
813 "rtnl: received nexthop message with invalid alignment, ignoring.");
814
815 n_group = size / sizeof(struct nexthop_grp);
816 for (size_t i = 0; i < n_group; i++) {
817 _cleanup_free_ struct nexthop_grp *nhg = NULL;
818
819 if (group[i].id == 0) {
820 log_debug("rtnl: received nexthop message with invalid ID in group, ignoring.");
821 continue;
822 }
823
824 if (group[i].weight > 254) {
825 log_debug("rtnl: received nexthop message with invalid weight in group, ignoring.");
826 continue;
827 }
828
829 nhg = newdup(struct nexthop_grp, group + i, 1);
830 if (!nhg)
831 return log_oom();
832
833 r = hashmap_ensure_put(&h, NULL, UINT32_TO_PTR(nhg->id), nhg);
834 if (r == -ENOMEM)
835 return log_oom();
836 if (r < 0) {
837 log_debug_errno(r, "Failed to store nexthop group, ignoring: %m");
838 continue;
839 }
840 if (r > 0)
841 TAKE_PTR(nhg);
842 }
843
844 hashmap_free_free(nexthop->group);
845 nexthop->group = TAKE_PTR(h);
846 return 0;
847 }
848
849 int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
850 _cleanup_(nexthop_freep) NextHop *tmp = NULL;
851 _cleanup_free_ void *raw_group = NULL;
852 NextHop *nexthop = NULL;
853 size_t raw_group_size;
854 uint32_t ifindex;
855 uint16_t type;
856 Link *link = NULL;
857 int r;
858
859 assert(rtnl);
860 assert(message);
861 assert(m);
862
863 if (sd_netlink_message_is_error(message)) {
864 r = sd_netlink_message_get_errno(message);
865 if (r < 0)
866 log_message_warning_errno(message, r, "rtnl: failed to receive rule message, ignoring");
867
868 return 0;
869 }
870
871 r = sd_netlink_message_get_type(message, &type);
872 if (r < 0) {
873 log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
874 return 0;
875 } else if (!IN_SET(type, RTM_NEWNEXTHOP, RTM_DELNEXTHOP)) {
876 log_warning("rtnl: received unexpected message type %u when processing nexthop, ignoring.", type);
877 return 0;
878 }
879
880 r = sd_netlink_message_read_u32(message, NHA_OIF, &ifindex);
881 if (r < 0 && r != -ENODATA) {
882 log_warning_errno(r, "rtnl: could not get NHA_OIF attribute, ignoring: %m");
883 return 0;
884 } else if (r >= 0) {
885 if (ifindex <= 0) {
886 log_warning("rtnl: received nexthop message with invalid ifindex %"PRIu32", ignoring.", ifindex);
887 return 0;
888 }
889
890 r = link_get_by_index(m, ifindex, &link);
891 if (r < 0) {
892 if (!m->enumerating)
893 log_warning("rtnl: received nexthop message for link (%"PRIu32") we do not know about, ignoring", ifindex);
894 return 0;
895 }
896 }
897
898 r = nexthop_new(&tmp);
899 if (r < 0)
900 return log_oom();
901
902 r = sd_rtnl_message_get_family(message, &tmp->family);
903 if (r < 0) {
904 log_link_warning_errno(link, r, "rtnl: could not get nexthop family, ignoring: %m");
905 return 0;
906 } else if (!IN_SET(tmp->family, AF_UNSPEC, AF_INET, AF_INET6)) {
907 log_link_debug(link, "rtnl: received nexthop message with invalid family %d, ignoring.", tmp->family);
908 return 0;
909 }
910
911 r = sd_rtnl_message_nexthop_get_protocol(message, &tmp->protocol);
912 if (r < 0) {
913 log_link_warning_errno(link, r, "rtnl: could not get nexthop protocol, ignoring: %m");
914 return 0;
915 }
916
917 r = sd_rtnl_message_nexthop_get_flags(message, &tmp->flags);
918 if (r < 0) {
919 log_link_warning_errno(link, r, "rtnl: could not get nexthop flags, ignoring: %m");
920 return 0;
921 }
922
923 r = sd_netlink_message_read_data(message, NHA_GROUP, &raw_group_size, &raw_group);
924 if (r < 0 && r != -ENODATA) {
925 log_link_warning_errno(link, r, "rtnl: could not get NHA_GROUP attribute, ignoring: %m");
926 return 0;
927 } else if (r >= 0) {
928 r = nexthop_update_group(tmp, raw_group, raw_group_size);
929 if (r < 0)
930 return 0;
931 }
932
933 if (tmp->family != AF_UNSPEC) {
934 r = netlink_message_read_in_addr_union(message, NHA_GATEWAY, tmp->family, &tmp->gw);
935 if (r < 0 && r != -ENODATA) {
936 log_link_warning_errno(link, r, "rtnl: could not get NHA_GATEWAY attribute, ignoring: %m");
937 return 0;
938 }
939 }
940
941 r = sd_netlink_message_has_flag(message, NHA_BLACKHOLE);
942 if (r < 0) {
943 log_link_warning_errno(link, r, "rtnl: could not get NHA_BLACKHOLE attribute, ignoring: %m");
944 return 0;
945 }
946 tmp->blackhole = r;
947
948 r = sd_netlink_message_read_u32(message, NHA_ID, &tmp->id);
949 if (r == -ENODATA) {
950 log_link_warning_errno(link, r, "rtnl: received nexthop message without NHA_ID attribute, ignoring: %m");
951 return 0;
952 } else if (r < 0) {
953 log_link_warning_errno(link, r, "rtnl: could not get NHA_ID attribute, ignoring: %m");
954 return 0;
955 } else if (tmp->id == 0) {
956 log_link_warning(link, "rtnl: received nexthop message with invalid nexthop ID, ignoring: %m");
957 return 0;
958 }
959
960 /* All blackhole or group nexthops are managed by Manager. Note that the linux kernel does not
961 * set NHA_OID attribute when NHA_BLACKHOLE or NHA_GROUP is set. Just for safety. */
962 if (!nexthop_owned_by_link(tmp))
963 link = NULL;
964
965 (void) nexthop_get(m, link, tmp, &nexthop);
966
967 switch (type) {
968 case RTM_NEWNEXTHOP:
969 if (nexthop) {
970 nexthop->flags = tmp->flags;
971 nexthop_enter_configured(nexthop);
972 log_nexthop_debug(tmp, "Received remembered", link);
973 } else {
974 nexthop_enter_configured(tmp);
975 log_nexthop_debug(tmp, "Remembering", link);
976
977 r = nexthop_add(m, link, tmp);
978 if (r < 0) {
979 log_link_warning_errno(link, r, "Could not remember foreign nexthop, ignoring: %m");
980 return 0;
981 }
982
983 TAKE_PTR(tmp);
984 }
985
986 break;
987 case RTM_DELNEXTHOP:
988 if (nexthop) {
989 nexthop_enter_removed(nexthop);
990 if (nexthop->state == 0) {
991 log_nexthop_debug(nexthop, "Forgetting", link);
992 nexthop_free(nexthop);
993 } else
994 log_nexthop_debug(nexthop, "Removed", link);
995 } else
996 log_nexthop_debug(tmp, "Kernel removed unknown", link);
997 break;
998
999 default:
1000 assert_not_reached();
1001 }
1002
1003 return 1;
1004 }
1005
1006 static int nexthop_section_verify(NextHop *nh) {
1007 if (section_is_invalid(nh->section))
1008 return -EINVAL;
1009
1010 if (!nh->network->manager->manage_foreign_nexthops && nh->id == 0)
1011 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1012 "%s: [NextHop] section without specifying Id= is not supported "
1013 "if ManageForeignNextHops=no is set in networkd.conf. "
1014 "Ignoring [NextHop] section from line %u.",
1015 nh->section->filename, nh->section->line);
1016
1017 if (!hashmap_isempty(nh->group)) {
1018 if (in_addr_is_set(nh->family, &nh->gw))
1019 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1020 "%s: nexthop group cannot have gateway address. "
1021 "Ignoring [NextHop] section from line %u.",
1022 nh->section->filename, nh->section->line);
1023
1024 if (nh->family != AF_UNSPEC)
1025 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1026 "%s: nexthop group cannot have Family= setting. "
1027 "Ignoring [NextHop] section from line %u.",
1028 nh->section->filename, nh->section->line);
1029
1030 if (nh->blackhole && in_addr_is_set(nh->family, &nh->gw))
1031 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1032 "%s: nexthop group cannot be a blackhole. "
1033 "Ignoring [NextHop] section from line %u.",
1034 nh->section->filename, nh->section->line);
1035 } else if (nh->family == AF_UNSPEC)
1036 /* When neither Family=, Gateway=, nor Group= is specified, assume IPv4. */
1037 nh->family = AF_INET;
1038
1039 if (nh->blackhole && in_addr_is_set(nh->family, &nh->gw))
1040 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1041 "%s: blackhole nexthop cannot have gateway address. "
1042 "Ignoring [NextHop] section from line %u.",
1043 nh->section->filename, nh->section->line);
1044
1045 if (nh->onlink < 0 && in_addr_is_set(nh->family, &nh->gw) &&
1046 ordered_hashmap_isempty(nh->network->addresses_by_section)) {
1047 /* If no address is configured, in most cases the gateway cannot be reachable.
1048 * TODO: we may need to improve the condition above. */
1049 log_warning("%s: Gateway= without static address configured. "
1050 "Enabling OnLink= option.",
1051 nh->section->filename);
1052 nh->onlink = true;
1053 }
1054
1055 if (nh->onlink >= 0)
1056 SET_FLAG(nh->flags, RTNH_F_ONLINK, nh->onlink);
1057
1058 return 0;
1059 }
1060
1061 void network_drop_invalid_nexthops(Network *network) {
1062 NextHop *nh;
1063
1064 assert(network);
1065
1066 HASHMAP_FOREACH(nh, network->nexthops_by_section)
1067 if (nexthop_section_verify(nh) < 0)
1068 nexthop_free(nh);
1069 }
1070
1071 int config_parse_nexthop_id(
1072 const char *unit,
1073 const char *filename,
1074 unsigned line,
1075 const char *section,
1076 unsigned section_line,
1077 const char *lvalue,
1078 int ltype,
1079 const char *rvalue,
1080 void *data,
1081 void *userdata) {
1082
1083 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1084 Network *network = userdata;
1085 uint32_t id;
1086 int r;
1087
1088 assert(filename);
1089 assert(section);
1090 assert(lvalue);
1091 assert(rvalue);
1092 assert(data);
1093
1094 r = nexthop_new_static(network, filename, section_line, &n);
1095 if (r < 0)
1096 return log_oom();
1097
1098 if (isempty(rvalue)) {
1099 n->id = 0;
1100 TAKE_PTR(n);
1101 return 0;
1102 }
1103
1104 r = safe_atou32(rvalue, &id);
1105 if (r < 0) {
1106 log_syntax(unit, LOG_WARNING, filename, line, r,
1107 "Could not parse nexthop id \"%s\", ignoring assignment: %m", rvalue);
1108 return 0;
1109 }
1110 if (id == 0) {
1111 log_syntax(unit, LOG_WARNING, filename, line, 0,
1112 "Invalid nexthop id \"%s\", ignoring assignment: %m", rvalue);
1113 return 0;
1114 }
1115
1116 n->id = id;
1117 TAKE_PTR(n);
1118 return 0;
1119 }
1120
1121 int config_parse_nexthop_gateway(
1122 const char *unit,
1123 const char *filename,
1124 unsigned line,
1125 const char *section,
1126 unsigned section_line,
1127 const char *lvalue,
1128 int ltype,
1129 const char *rvalue,
1130 void *data,
1131 void *userdata) {
1132
1133 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1134 Network *network = userdata;
1135 int r;
1136
1137 assert(filename);
1138 assert(section);
1139 assert(lvalue);
1140 assert(rvalue);
1141 assert(data);
1142
1143 r = nexthop_new_static(network, filename, section_line, &n);
1144 if (r < 0)
1145 return log_oom();
1146
1147 if (isempty(rvalue)) {
1148 n->family = AF_UNSPEC;
1149 n->gw = IN_ADDR_NULL;
1150
1151 TAKE_PTR(n);
1152 return 0;
1153 }
1154
1155 r = in_addr_from_string_auto(rvalue, &n->family, &n->gw);
1156 if (r < 0) {
1157 log_syntax(unit, LOG_WARNING, filename, line, r,
1158 "Invalid %s='%s', ignoring assignment: %m", lvalue, rvalue);
1159 return 0;
1160 }
1161
1162 TAKE_PTR(n);
1163 return 0;
1164 }
1165
1166 int config_parse_nexthop_family(
1167 const char *unit,
1168 const char *filename,
1169 unsigned line,
1170 const char *section,
1171 unsigned section_line,
1172 const char *lvalue,
1173 int ltype,
1174 const char *rvalue,
1175 void *data,
1176 void *userdata) {
1177
1178 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1179 Network *network = userdata;
1180 AddressFamily a;
1181 int r;
1182
1183 assert(filename);
1184 assert(section);
1185 assert(lvalue);
1186 assert(rvalue);
1187 assert(data);
1188
1189 r = nexthop_new_static(network, filename, section_line, &n);
1190 if (r < 0)
1191 return log_oom();
1192
1193 if (isempty(rvalue) &&
1194 !in_addr_is_set(n->family, &n->gw)) {
1195 /* Accept an empty string only when Gateway= is null or not specified. */
1196 n->family = AF_UNSPEC;
1197 TAKE_PTR(n);
1198 return 0;
1199 }
1200
1201 a = nexthop_address_family_from_string(rvalue);
1202 if (a < 0) {
1203 log_syntax(unit, LOG_WARNING, filename, line, 0,
1204 "Invalid %s='%s', ignoring assignment: %m", lvalue, rvalue);
1205 return 0;
1206 }
1207
1208 if (in_addr_is_set(n->family, &n->gw) &&
1209 ((a == ADDRESS_FAMILY_IPV4 && n->family == AF_INET6) ||
1210 (a == ADDRESS_FAMILY_IPV6 && n->family == AF_INET))) {
1211 log_syntax(unit, LOG_WARNING, filename, line, 0,
1212 "Specified family '%s' conflicts with the family of the previously specified Gateway=, "
1213 "ignoring assignment.", rvalue);
1214 return 0;
1215 }
1216
1217 switch (a) {
1218 case ADDRESS_FAMILY_IPV4:
1219 n->family = AF_INET;
1220 break;
1221 case ADDRESS_FAMILY_IPV6:
1222 n->family = AF_INET6;
1223 break;
1224 default:
1225 assert_not_reached();
1226 }
1227
1228 TAKE_PTR(n);
1229 return 0;
1230 }
1231
1232 int config_parse_nexthop_onlink(
1233 const char *unit,
1234 const char *filename,
1235 unsigned line,
1236 const char *section,
1237 unsigned section_line,
1238 const char *lvalue,
1239 int ltype,
1240 const char *rvalue,
1241 void *data,
1242 void *userdata) {
1243
1244 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1245 Network *network = userdata;
1246 int r;
1247
1248 assert(filename);
1249 assert(section);
1250 assert(lvalue);
1251 assert(rvalue);
1252 assert(data);
1253
1254 r = nexthop_new_static(network, filename, section_line, &n);
1255 if (r < 0)
1256 return log_oom();
1257
1258 r = parse_tristate(rvalue, &n->onlink);
1259 if (r < 0) {
1260 log_syntax(unit, LOG_WARNING, filename, line, r,
1261 "Failed to parse %s=, ignoring assignment: %s", lvalue, rvalue);
1262 return 0;
1263 }
1264
1265 TAKE_PTR(n);
1266 return 0;
1267 }
1268
1269 int config_parse_nexthop_blackhole(
1270 const char *unit,
1271 const char *filename,
1272 unsigned line,
1273 const char *section,
1274 unsigned section_line,
1275 const char *lvalue,
1276 int ltype,
1277 const char *rvalue,
1278 void *data,
1279 void *userdata) {
1280
1281 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1282 Network *network = userdata;
1283 int r;
1284
1285 assert(filename);
1286 assert(section);
1287 assert(lvalue);
1288 assert(rvalue);
1289 assert(data);
1290
1291 r = nexthop_new_static(network, filename, section_line, &n);
1292 if (r < 0)
1293 return log_oom();
1294
1295 r = parse_boolean(rvalue);
1296 if (r < 0) {
1297 log_syntax(unit, LOG_WARNING, filename, line, r,
1298 "Failed to parse %s=, ignoring assignment: %s", lvalue, rvalue);
1299 return 0;
1300 }
1301
1302 n->blackhole = r;
1303
1304 TAKE_PTR(n);
1305 return 0;
1306 }
1307
1308 int config_parse_nexthop_group(
1309 const char *unit,
1310 const char *filename,
1311 unsigned line,
1312 const char *section,
1313 unsigned section_line,
1314 const char *lvalue,
1315 int ltype,
1316 const char *rvalue,
1317 void *data,
1318 void *userdata) {
1319
1320 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1321 Network *network = userdata;
1322 int r;
1323
1324 assert(filename);
1325 assert(section);
1326 assert(lvalue);
1327 assert(rvalue);
1328 assert(data);
1329
1330 r = nexthop_new_static(network, filename, section_line, &n);
1331 if (r < 0)
1332 return log_oom();
1333
1334 if (isempty(rvalue)) {
1335 n->group = hashmap_free_free(n->group);
1336 TAKE_PTR(n);
1337 return 0;
1338 }
1339
1340 for (const char *p = rvalue;;) {
1341 _cleanup_free_ struct nexthop_grp *nhg = NULL;
1342 _cleanup_free_ char *word = NULL;
1343 uint32_t w;
1344 char *sep;
1345
1346 r = extract_first_word(&p, &word, NULL, 0);
1347 if (r == -ENOMEM)
1348 return log_oom();
1349 if (r < 0) {
1350 log_syntax(unit, LOG_WARNING, filename, line, r,
1351 "Invalid %s=, ignoring assignment: %s", lvalue, rvalue);
1352 return 0;
1353 }
1354 if (r == 0)
1355 break;
1356
1357 nhg = new0(struct nexthop_grp, 1);
1358 if (!nhg)
1359 return log_oom();
1360
1361 sep = strchr(word, ':');
1362 if (sep) {
1363 *sep++ = '\0';
1364 r = safe_atou32(sep, &w);
1365 if (r < 0) {
1366 log_syntax(unit, LOG_WARNING, filename, line, r,
1367 "Failed to parse weight for nexthop group, ignoring assignment: %s:%s",
1368 word, sep);
1369 continue;
1370 }
1371 if (w == 0 || w > 256) {
1372 log_syntax(unit, LOG_WARNING, filename, line, 0,
1373 "Invalid weight for nexthop group, ignoring assignment: %s:%s",
1374 word, sep);
1375 continue;
1376 }
1377 /* See comments in config_parse_multipath_route(). */
1378 nhg->weight = w - 1;
1379 }
1380
1381 r = safe_atou32(word, &nhg->id);
1382 if (r < 0) {
1383 log_syntax(unit, LOG_WARNING, filename, line, r,
1384 "Failed to parse nexthop ID in %s=, ignoring assignment: %s%s%s",
1385 lvalue, word, sep ? ":" : "", strempty(sep));
1386 continue;
1387 }
1388 if (nhg->id == 0) {
1389 log_syntax(unit, LOG_WARNING, filename, line, 0,
1390 "Nexthop ID in %s= must be positive, ignoring assignment: %s%s%s",
1391 lvalue, word, sep ? ":" : "", strempty(sep));
1392 continue;
1393 }
1394
1395 r = hashmap_ensure_put(&n->group, NULL, UINT32_TO_PTR(nhg->id), nhg);
1396 if (r == -ENOMEM)
1397 return log_oom();
1398 if (r == -EEXIST) {
1399 log_syntax(unit, LOG_WARNING, filename, line, r,
1400 "Nexthop ID %"PRIu32" is specified multiple times in %s=, ignoring assignment: %s%s%s",
1401 nhg->id, lvalue, word, sep ? ":" : "", strempty(sep));
1402 continue;
1403 }
1404 assert(r > 0);
1405 TAKE_PTR(nhg);
1406 }
1407
1408 TAKE_PTR(n);
1409 return 0;
1410 }
Unnamed repository; edit this file 'description' to name the repository.