]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/networkd-nexthop.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
network/nexthop: add several assertions related to nexthop ID
[thirdparty/systemd.git] / src / network / networkd-nexthop.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later
2 * Copyright © 2019 VMware, Inc.
3 */
4
5 #include <net/if.h>
6 #include <linux/nexthop.h>
7
8 #include "alloc-util.h"
9 #include "netlink-util.h"
10 #include "networkd-link.h"
11 #include "networkd-manager.h"
12 #include "networkd-network.h"
13 #include "networkd-nexthop.h"
14 #include "networkd-queue.h"
15 #include "networkd-route-util.h"
16 #include "parse-util.h"
17 #include "set.h"
18 #include "stdio-util.h"
19 #include "string-util.h"
20
21 NextHop *nexthop_free(NextHop *nexthop) {
22 if (!nexthop)
23 return NULL;
24
25 if (nexthop->network) {
26 assert(nexthop->section);
27 hashmap_remove(nexthop->network->nexthops_by_section, nexthop->section);
28 }
29
30 config_section_free(nexthop->section);
31
32 if (nexthop->manager) {
33 assert(nexthop->id > 0);
34 hashmap_remove(nexthop->manager->nexthops_by_id, UINT32_TO_PTR(nexthop->id));
35 }
36
37 hashmap_free_free(nexthop->group);
38
39 return mfree(nexthop);
40 }
41
42 DEFINE_SECTION_CLEANUP_FUNCTIONS(NextHop, nexthop_free);
43
44 DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR(
45 nexthop_hash_ops,
46 void,
47 trivial_hash_func,
48 trivial_compare_func,
49 NextHop,
50 nexthop_free);
51
52 static int nexthop_new(NextHop **ret) {
53 _cleanup_(nexthop_freep) NextHop *nexthop = NULL;
54
55 nexthop = new(NextHop, 1);
56 if (!nexthop)
57 return -ENOMEM;
58
59 *nexthop = (NextHop) {
60 .family = AF_UNSPEC,
61 .onlink = -1,
62 };
63
64 *ret = TAKE_PTR(nexthop);
65
66 return 0;
67 }
68
69 static int nexthop_new_static(Network *network, const char *filename, unsigned section_line, NextHop **ret) {
70 _cleanup_(config_section_freep) ConfigSection *n = NULL;
71 _cleanup_(nexthop_freep) NextHop *nexthop = NULL;
72 int r;
73
74 assert(network);
75 assert(ret);
76 assert(filename);
77 assert(section_line > 0);
78
79 r = config_section_new(filename, section_line, &n);
80 if (r < 0)
81 return r;
82
83 nexthop = hashmap_get(network->nexthops_by_section, n);
84 if (nexthop) {
85 *ret = TAKE_PTR(nexthop);
86 return 0;
87 }
88
89 r = nexthop_new(&nexthop);
90 if (r < 0)
91 return r;
92
93 nexthop->protocol = RTPROT_STATIC;
94 nexthop->network = network;
95 nexthop->section = TAKE_PTR(n);
96 nexthop->source = NETWORK_CONFIG_SOURCE_STATIC;
97
98 r = hashmap_ensure_put(&network->nexthops_by_section, &config_section_hash_ops, nexthop->section, nexthop);
99 if (r < 0)
100 return r;
101
102 *ret = TAKE_PTR(nexthop);
103 return 0;
104 }
105
106 static void nexthop_hash_func(const NextHop *nexthop, struct siphash *state) {
107 assert(nexthop);
108 assert(state);
109
110 siphash24_compress(&nexthop->id, sizeof(nexthop->id), state);
111 }
112
113 static int nexthop_compare_func(const NextHop *a, const NextHop *b) {
114 assert(a);
115 assert(b);
116
117 return CMP(a->id, b->id);
118 }
119
120 static int nexthop_compare_full(const NextHop *a, const NextHop *b) {
121 int r;
122
123 assert(a);
124 assert(b);
125
126 /* This compares detailed configs, except for ID and ifindex. */
127
128 r = CMP(a->protocol, b->protocol);
129 if (r != 0)
130 return r;
131
132 r = CMP(a->flags, b->flags);
133 if (r != 0)
134 return r;
135
136 r = CMP(hashmap_size(a->group), hashmap_size(b->group));
137 if (r != 0)
138 return r;
139
140 if (!hashmap_isempty(a->group)) {
141 struct nexthop_grp *ga;
142
143 HASHMAP_FOREACH(ga, a->group) {
144 struct nexthop_grp *gb;
145
146 gb = hashmap_get(b->group, UINT32_TO_PTR(ga->id));
147 if (!gb)
148 return CMP(ga, gb);
149
150 r = CMP(ga->weight, gb->weight);
151 if (r != 0)
152 return r;
153 }
154 }
155
156 r = CMP(a->blackhole, b->blackhole);
157 if (r != 0)
158 return r;
159
160 r = CMP(a->family, b->family);
161 if (r != 0)
162 return r;
163
164 if (IN_SET(a->family, AF_INET, AF_INET6)) {
165 r = memcmp(&a->gw, &b->gw, FAMILY_ADDRESS_SIZE(a->family));
166 if (r != 0)
167 return r;
168 }
169
170 return 0;
171 }
172
173 static int nexthop_dup(const NextHop *src, NextHop **ret) {
174 _cleanup_(nexthop_freep) NextHop *dest = NULL;
175 struct nexthop_grp *nhg;
176 int r;
177
178 assert(src);
179 assert(ret);
180
181 dest = newdup(NextHop, src, 1);
182 if (!dest)
183 return -ENOMEM;
184
185 /* unset all pointers */
186 dest->manager = NULL;
187 dest->network = NULL;
188 dest->section = NULL;
189 dest->group = NULL;
190
191 HASHMAP_FOREACH(nhg, src->group) {
192 _cleanup_free_ struct nexthop_grp *g = NULL;
193
194 g = newdup(struct nexthop_grp, nhg, 1);
195 if (!g)
196 return -ENOMEM;
197
198 r = hashmap_ensure_put(&dest->group, NULL, UINT32_TO_PTR(g->id), g);
199 if (r < 0)
200 return r;
201 if (r > 0)
202 TAKE_PTR(g);
203 }
204
205 *ret = TAKE_PTR(dest);
206 return 0;
207 }
208
209 static bool nexthop_bound_to_link(const NextHop *nexthop) {
210 assert(nexthop);
211 return !nexthop->blackhole && hashmap_isempty(nexthop->group);
212 }
213
214 int nexthop_get_by_id(Manager *manager, uint32_t id, NextHop **ret) {
215 NextHop *nh;
216
217 assert(manager);
218
219 if (id == 0)
220 return -EINVAL;
221
222 nh = hashmap_get(manager->nexthops_by_id, UINT32_TO_PTR(id));
223 if (!nh)
224 return -ENOENT;
225
226 if (ret)
227 *ret = nh;
228 return 0;
229 }
230
231 static int nexthop_get(Link *link, const NextHop *in, NextHop **ret) {
232 NextHop *nexthop;
233 int ifindex;
234
235 assert(link);
236 assert(link->manager);
237 assert(in);
238
239 if (in->id > 0)
240 return nexthop_get_by_id(link->manager, in->id, ret);
241
242 /* If ManageForeignNextHops=no, nexthop with id == 0 should be already filtered by
243 * nexthop_section_verify(). */
244 assert(link->manager->manage_foreign_nexthops);
245
246 ifindex = nexthop_bound_to_link(in) ? link->ifindex : 0;
247
248 HASHMAP_FOREACH(nexthop, link->manager->nexthops_by_id) {
249 if (nexthop->ifindex != ifindex)
250 continue;
251 if (nexthop_compare_full(nexthop, in) != 0)
252 continue;
253
254 if (ret)
255 *ret = nexthop;
256 return 0;
257 }
258
259 return -ENOENT;
260 }
261
262 static int nexthop_get_request_by_id(Manager *manager, uint32_t id, Request **ret) {
263 Request *req;
264
265 assert(manager);
266
267 req = ordered_set_get(
268 manager->request_queue,
269 &(Request) {
270 .type = REQUEST_TYPE_NEXTHOP,
271 .userdata = (void*) &(const NextHop) { .id = id },
272 .hash_func = (hash_func_t) nexthop_hash_func,
273 .compare_func = (compare_func_t) nexthop_compare_func,
274 });
275 if (!req)
276 return -ENOENT;
277
278 if (ret)
279 *ret = req;
280 return 0;
281 }
282
283 static int nexthop_get_request(Link *link, const NextHop *in, Request **ret) {
284 Request *req;
285 int ifindex;
286
287 assert(link);
288 assert(link->manager);
289 assert(in);
290
291 if (in->id > 0)
292 return nexthop_get_request_by_id(link->manager, in->id, ret);
293
294 /* If ManageForeignNextHops=no, nexthop with id == 0 should be already filtered by
295 * nexthop_section_verify(). */
296 assert(link->manager->manage_foreign_nexthops);
297
298 ifindex = nexthop_bound_to_link(in) ? link->ifindex : 0;
299
300 ORDERED_SET_FOREACH(req, link->manager->request_queue) {
301 if (req->type != REQUEST_TYPE_NEXTHOP)
302 continue;
303
304 NextHop *nexthop = ASSERT_PTR(req->userdata);
305 if (nexthop->ifindex != ifindex)
306 continue;
307 if (nexthop_compare_full(nexthop, in) != 0)
308 continue;
309
310 if (ret)
311 *ret = req;
312 return 0;
313 }
314
315 return -ENOENT;
316 }
317
318 static int nexthop_add_new(Manager *manager, uint32_t id, NextHop **ret) {
319 _cleanup_(nexthop_freep) NextHop *nexthop = NULL;
320 int r;
321
322 assert(manager);
323 assert(id > 0);
324
325 r = nexthop_new(&nexthop);
326 if (r < 0)
327 return r;
328
329 nexthop->id = id;
330
331 r = hashmap_ensure_put(&manager->nexthops_by_id, &nexthop_hash_ops, UINT32_TO_PTR(nexthop->id), nexthop);
332 if (r < 0)
333 return r;
334 if (r == 0)
335 return -EEXIST;
336
337 nexthop->manager = manager;
338
339 if (ret)
340 *ret = nexthop;
341
342 TAKE_PTR(nexthop);
343 return 0;
344 }
345
346 static int nexthop_acquire_id(Manager *manager, NextHop *nexthop) {
347 _cleanup_set_free_ Set *ids = NULL;
348 Network *network;
349 int r;
350
351 assert(manager);
352 assert(nexthop);
353
354 if (nexthop->id > 0)
355 return 0;
356
357 /* If ManageForeignNextHops=no, nexthop with id == 0 should be already filtered by
358 * nexthop_section_verify(). */
359 assert(manager->manage_foreign_nexthops);
360
361 /* Find the lowest unused ID. */
362
363 ORDERED_HASHMAP_FOREACH(network, manager->networks) {
364 NextHop *tmp;
365
366 HASHMAP_FOREACH(tmp, network->nexthops_by_section) {
367 if (tmp->id == 0)
368 continue;
369
370 r = set_ensure_put(&ids, NULL, UINT32_TO_PTR(tmp->id));
371 if (r < 0)
372 return r;
373 }
374 }
375
376 for (uint32_t id = 1; id < UINT32_MAX; id++) {
377 if (nexthop_get_by_id(manager, id, NULL) >= 0)
378 continue;
379 if (nexthop_get_request_by_id(manager, id, NULL) >= 0)
380 continue;
381 if (set_contains(ids, UINT32_TO_PTR(id)))
382 continue;
383
384 nexthop->id = id;
385 return 0;
386 }
387
388 return -EBUSY;
389 }
390
391 static void log_nexthop_debug(const NextHop *nexthop, const char *str, Manager *manager) {
392 _cleanup_free_ char *state = NULL, *group = NULL, *flags = NULL;
393 struct nexthop_grp *nhg;
394 Link *link = NULL;
395
396 assert(nexthop);
397 assert(str);
398 assert(manager);
399
400 if (!DEBUG_LOGGING)
401 return;
402
403 (void) link_get_by_index(manager, nexthop->ifindex, &link);
404 (void) network_config_state_to_string_alloc(nexthop->state, &state);
405 (void) route_flags_to_string_alloc(nexthop->flags, &flags);
406
407 HASHMAP_FOREACH(nhg, nexthop->group)
408 (void) strextendf_with_separator(&group, ",", "%"PRIu32":%"PRIu32, nhg->id, nhg->weight+1u);
409
410 log_link_debug(link, "%s %s nexthop (%s): id: %"PRIu32", gw: %s, blackhole: %s, group: %s, flags: %s",
411 str, strna(network_config_source_to_string(nexthop->source)), strna(state),
412 nexthop->id,
413 IN_ADDR_TO_STRING(nexthop->family, &nexthop->gw),
414 yes_no(nexthop->blackhole), strna(group), strna(flags));
415 }
416
417 static int nexthop_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
418 int r;
419
420 assert(m);
421
422 /* link may be NULL. */
423
424 if (link && IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
425 return 1;
426
427 r = sd_netlink_message_get_errno(m);
428 if (r < 0 && r != -ENOENT)
429 log_link_message_warning_errno(link, m, r, "Could not drop nexthop, ignoring");
430
431 return 1;
432 }
433
434 static int nexthop_remove(NextHop *nexthop) {
435 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
436 Manager *manager;
437 Link *link = NULL;
438 Request *req;
439 int r;
440
441 assert(nexthop);
442 assert(nexthop->id > 0);
443
444 manager = ASSERT_PTR(nexthop->manager);
445
446 /* link may be NULL. */
447 (void) link_get_by_index(manager, nexthop->ifindex, &link);
448
449 log_nexthop_debug(nexthop, "Removing", manager);
450
451 r = sd_rtnl_message_new_nexthop(manager->rtnl, &m, RTM_DELNEXTHOP, AF_UNSPEC, RTPROT_UNSPEC);
452 if (r < 0)
453 return log_link_error_errno(link, r, "Could not create RTM_DELNEXTHOP message: %m");
454
455 r = sd_netlink_message_append_u32(m, NHA_ID, nexthop->id);
456 if (r < 0)
457 return log_link_error_errno(link, r, "Could not append NHA_ID attribute: %m");
458
459 r = netlink_call_async(manager->rtnl, NULL, m, nexthop_remove_handler,
460 link ? link_netlink_destroy_callback : NULL, link);
461 if (r < 0)
462 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
463
464 link_ref(link); /* link may be NULL, link_ref() is OK with that */
465
466 nexthop_enter_removing(nexthop);
467 if (nexthop_get_request_by_id(manager, nexthop->id, &req) >= 0)
468 nexthop_enter_removing(req->userdata);
469
470 return 0;
471 }
472
473 static int nexthop_configure(NextHop *nexthop, Link *link, Request *req) {
474 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
475 int r;
476
477 assert(nexthop);
478 assert(nexthop->id > 0);
479 assert(IN_SET(nexthop->family, AF_UNSPEC, AF_INET, AF_INET6));
480 assert(link);
481 assert(link->manager);
482 assert(link->manager->rtnl);
483 assert(link->ifindex > 0);
484 assert(req);
485
486 log_nexthop_debug(nexthop, "Configuring", link->manager);
487
488 r = sd_rtnl_message_new_nexthop(link->manager->rtnl, &m, RTM_NEWNEXTHOP, nexthop->family, nexthop->protocol);
489 if (r < 0)
490 return r;
491
492 r = sd_netlink_message_append_u32(m, NHA_ID, nexthop->id);
493 if (r < 0)
494 return r;
495
496 if (!hashmap_isempty(nexthop->group)) {
497 _cleanup_free_ struct nexthop_grp *group = NULL;
498 struct nexthop_grp *p, *nhg;
499
500 group = new(struct nexthop_grp, hashmap_size(nexthop->group));
501 if (!group)
502 return log_oom();
503
504 p = group;
505 HASHMAP_FOREACH(nhg, nexthop->group)
506 *p++ = *nhg;
507
508 r = sd_netlink_message_append_data(m, NHA_GROUP, group, sizeof(struct nexthop_grp) * hashmap_size(nexthop->group));
509 if (r < 0)
510 return r;
511
512 } else if (nexthop->blackhole) {
513 r = sd_netlink_message_append_flag(m, NHA_BLACKHOLE);
514 if (r < 0)
515 return r;
516 } else {
517 assert(nexthop->ifindex == link->ifindex);
518
519 r = sd_netlink_message_append_u32(m, NHA_OIF, nexthop->ifindex);
520 if (r < 0)
521 return r;
522
523 if (in_addr_is_set(nexthop->family, &nexthop->gw)) {
524 r = netlink_message_append_in_addr_union(m, NHA_GATEWAY, nexthop->family, &nexthop->gw);
525 if (r < 0)
526 return r;
527
528 r = sd_rtnl_message_nexthop_set_flags(m, nexthop->flags & RTNH_F_ONLINK);
529 if (r < 0)
530 return r;
531 }
532 }
533
534 return request_call_netlink_async(link->manager->rtnl, m, req);
535 }
536
537 static int static_nexthop_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, NextHop *nexthop) {
538 int r;
539
540 assert(m);
541 assert(link);
542
543 r = sd_netlink_message_get_errno(m);
544 if (r < 0 && r != -EEXIST) {
545 log_link_message_warning_errno(link, m, r, "Could not set nexthop");
546 link_enter_failed(link);
547 return 1;
548 }
549
550 if (link->static_nexthop_messages == 0) {
551 log_link_debug(link, "Nexthops set");
552 link->static_nexthops_configured = true;
553 link_check_ready(link);
554 }
555
556 return 1;
557 }
558
559 static bool nexthop_is_ready_to_configure(Link *link, const NextHop *nexthop) {
560 struct nexthop_grp *nhg;
561
562 assert(link);
563 assert(nexthop);
564 assert(nexthop->id > 0);
565
566 if (!link_is_ready_to_configure(link, false))
567 return false;
568
569 if (nexthop_bound_to_link(nexthop)) {
570 assert(nexthop->ifindex == link->ifindex);
571
572 /* TODO: fdb nexthop does not require IFF_UP. The conditions below needs to be updated
573 * when fdb nexthop support is added. See rtm_to_nh_config() in net/ipv4/nexthop.c of
574 * kernel. */
575 if (link->set_flags_messages > 0)
576 return false;
577 if (!FLAGS_SET(link->flags, IFF_UP))
578 return false;
579 }
580
581 /* All group members must be configured first. */
582 HASHMAP_FOREACH(nhg, nexthop->group) {
583 NextHop *g;
584
585 if (nexthop_get_by_id(link->manager, nhg->id, &g) < 0)
586 return false;
587
588 if (!nexthop_exists(g))
589 return false;
590 }
591
592 return gateway_is_ready(link, FLAGS_SET(nexthop->flags, RTNH_F_ONLINK), nexthop->family, &nexthop->gw);
593 }
594
595 static int nexthop_process_request(Request *req, Link *link, NextHop *nexthop) {
596 NextHop *existing;
597 int r;
598
599 assert(req);
600 assert(link);
601 assert(link->manager);
602 assert(nexthop);
603
604 if (!nexthop_is_ready_to_configure(link, nexthop))
605 return 0;
606
607 r = nexthop_configure(nexthop, link, req);
608 if (r < 0)
609 return log_link_warning_errno(link, r, "Failed to configure nexthop");
610
611 nexthop_enter_configuring(nexthop);
612 if (nexthop_get_by_id(link->manager, nexthop->id, &existing) >= 0)
613 nexthop_enter_configuring(existing);
614
615 return 1;
616 }
617
618 static int link_request_nexthop(Link *link, const NextHop *nexthop) {
619 _cleanup_(nexthop_freep) NextHop *tmp = NULL;
620 NextHop *existing = NULL;
621 int r;
622
623 assert(link);
624 assert(link->manager);
625 assert(nexthop);
626 assert(nexthop->source != NETWORK_CONFIG_SOURCE_FOREIGN);
627
628 if (nexthop_get_request(link, nexthop, NULL) >= 0)
629 return 0; /* already requested, skipping. */
630
631 r = nexthop_dup(nexthop, &tmp);
632 if (r < 0)
633 return r;
634
635 if (nexthop_get(link, nexthop, &existing) < 0) {
636 r = nexthop_acquire_id(link->manager, tmp);
637 if (r < 0)
638 return r;
639 } else {
640 /* Copy ID */
641 assert(tmp->id == 0 || tmp->id == existing->id);
642 tmp->id = existing->id;
643
644 /* Copy state for logging below. */
645 tmp->state = existing->state;
646 }
647
648 if (nexthop_bound_to_link(tmp))
649 tmp->ifindex = link->ifindex;
650
651 log_nexthop_debug(tmp, "Requesting", link->manager);
652 r = link_queue_request_safe(link, REQUEST_TYPE_NEXTHOP,
653 tmp,
654 nexthop_free,
655 nexthop_hash_func,
656 nexthop_compare_func,
657 nexthop_process_request,
658 &link->static_nexthop_messages,
659 static_nexthop_handler,
660 NULL);
661 if (r <= 0)
662 return r;
663
664 nexthop_enter_requesting(tmp);
665 if (existing)
666 nexthop_enter_requesting(existing);
667
668 TAKE_PTR(tmp);
669 return 1;
670 }
671
672 int link_request_static_nexthops(Link *link, bool only_ipv4) {
673 NextHop *nh;
674 int r;
675
676 assert(link);
677 assert(link->network);
678
679 link->static_nexthops_configured = false;
680
681 HASHMAP_FOREACH(nh, link->network->nexthops_by_section) {
682 if (only_ipv4 && nh->family != AF_INET)
683 continue;
684
685 r = link_request_nexthop(link, nh);
686 if (r < 0)
687 return log_link_warning_errno(link, r, "Could not request nexthop: %m");
688 }
689
690 if (link->static_nexthop_messages == 0) {
691 link->static_nexthops_configured = true;
692 link_check_ready(link);
693 } else {
694 log_link_debug(link, "Requesting nexthops");
695 link_set_state(link, LINK_STATE_CONFIGURING);
696 }
697
698 return 0;
699 }
700
701 static bool nexthop_can_update(const NextHop *assigned_nexthop, const NextHop *requested_nexthop) {
702 assert(assigned_nexthop);
703 assert(assigned_nexthop->manager);
704 assert(requested_nexthop);
705 assert(requested_nexthop->network);
706
707 /* A group nexthop cannot be replaced with a non-group nexthop, and vice versa.
708 * See replace_nexthop_grp() and replace_nexthop_single() in net/ipv4/nexthop.c of the kernel. */
709 if (hashmap_isempty(assigned_nexthop->group) != hashmap_isempty(requested_nexthop->group))
710 return false;
711
712 /* There are several more conditions if we can replace a group nexthop, e.g. hash threshold and
713 * resilience. But, currently we do not support to modify that. Let's add checks for them in the
714 * future when we support to configure them.*/
715
716 /* When a nexthop is replaced with a blackhole nexthop, and a group nexthop has multiple nexthops
717 * including this nexthop, then the kernel refuses to replace the existing nexthop.
718 * So, here, for simplicity, let's unconditionally refuse to replace a non-blackhole nexthop with
719 * a blackhole nexthop. See replace_nexthop() in net/ipv4/nexthop.c of the kernel. */
720 if (!assigned_nexthop->blackhole && requested_nexthop->blackhole)
721 return false;
722
723 return true;
724 }
725
726 static void link_mark_nexthops(Link *link, bool foreign) {
727 NextHop *nexthop;
728 Link *other;
729
730 assert(link);
731 assert(link->manager);
732
733 /* First, mark all nexthops. */
734 HASHMAP_FOREACH(nexthop, link->manager->nexthops_by_id) {
735 /* do not touch nexthop created by the kernel */
736 if (nexthop->protocol == RTPROT_KERNEL)
737 continue;
738
739 /* When 'foreign' is true, mark only foreign nexthops, and vice versa. */
740 if (foreign != (nexthop->source == NETWORK_CONFIG_SOURCE_FOREIGN))
741 continue;
742
743 /* Ignore nexthops not assigned yet or already removed. */
744 if (!nexthop_exists(nexthop))
745 continue;
746
747 /* Ignore nexthops bound to other links. */
748 if (nexthop->ifindex > 0 && nexthop->ifindex != link->ifindex)
749 continue;
750
751 nexthop_mark(nexthop);
752 }
753
754 /* Then, unmark all nexthops requested by active links. */
755 HASHMAP_FOREACH(other, link->manager->links_by_index) {
756 if (!foreign && other == link)
757 continue;
758
759 if (!IN_SET(other->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
760 continue;
761
762 HASHMAP_FOREACH(nexthop, other->network->nexthops_by_section) {
763 NextHop *existing;
764
765 if (nexthop_get(other, nexthop, &existing) < 0)
766 continue;
767
768 if (!nexthop_can_update(existing, nexthop))
769 continue;
770
771 /* Found matching static configuration. Keep the existing nexthop. */
772 nexthop_unmark(existing);
773 }
774 }
775 }
776
777 int link_drop_nexthops(Link *link, bool foreign) {
778 NextHop *nexthop;
779 int r = 0;
780
781 assert(link);
782 assert(link->manager);
783
784 link_mark_nexthops(link, foreign);
785
786 HASHMAP_FOREACH(nexthop, link->manager->nexthops_by_id) {
787 if (!nexthop_is_marked(nexthop))
788 continue;
789
790 RET_GATHER(r, nexthop_remove(nexthop));
791 }
792
793 return r;
794 }
795
796 void link_foreignize_nexthops(Link *link) {
797 NextHop *nexthop;
798
799 assert(link);
800 assert(link->manager);
801
802 link_mark_nexthops(link, /* foreign = */ false);
803
804 HASHMAP_FOREACH(nexthop, link->manager->nexthops_by_id) {
805 if (!nexthop_is_marked(nexthop))
806 continue;
807
808 nexthop->source = NETWORK_CONFIG_SOURCE_FOREIGN;
809 }
810 }
811
812 static int nexthop_update_group(NextHop *nexthop, const struct nexthop_grp *group, size_t size) {
813 _cleanup_hashmap_free_free_ Hashmap *h = NULL;
814 size_t n_group;
815 int r;
816
817 assert(nexthop);
818 assert(group || size == 0);
819
820 if (size == 0 || size % sizeof(struct nexthop_grp) != 0)
821 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
822 "rtnl: received nexthop message with invalid nexthop group size, ignoring.");
823
824 if ((uintptr_t) group % alignof(struct nexthop_grp) != 0)
825 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
826 "rtnl: received nexthop message with invalid alignment, ignoring.");
827
828 n_group = size / sizeof(struct nexthop_grp);
829 for (size_t i = 0; i < n_group; i++) {
830 _cleanup_free_ struct nexthop_grp *nhg = NULL;
831
832 if (group[i].id == 0) {
833 log_debug("rtnl: received nexthop message with invalid ID in group, ignoring.");
834 continue;
835 }
836
837 if (group[i].weight > 254) {
838 log_debug("rtnl: received nexthop message with invalid weight in group, ignoring.");
839 continue;
840 }
841
842 nhg = newdup(struct nexthop_grp, group + i, 1);
843 if (!nhg)
844 return log_oom();
845
846 r = hashmap_ensure_put(&h, NULL, UINT32_TO_PTR(nhg->id), nhg);
847 if (r == -ENOMEM)
848 return log_oom();
849 if (r < 0) {
850 log_debug_errno(r, "Failed to store nexthop group, ignoring: %m");
851 continue;
852 }
853 if (r > 0)
854 TAKE_PTR(nhg);
855 }
856
857 hashmap_free_free(nexthop->group);
858 nexthop->group = TAKE_PTR(h);
859 return 0;
860 }
861
862 int manager_rtnl_process_nexthop(sd_netlink *rtnl, sd_netlink_message *message, Manager *m) {
863 _cleanup_free_ void *raw_group = NULL;
864 size_t raw_group_size;
865 uint16_t type;
866 uint32_t id, ifindex;
867 NextHop *nexthop = NULL;
868 Request *req = NULL;
869 bool is_new = false;
870 int r;
871
872 assert(rtnl);
873 assert(message);
874 assert(m);
875
876 if (sd_netlink_message_is_error(message)) {
877 r = sd_netlink_message_get_errno(message);
878 if (r < 0)
879 log_message_warning_errno(message, r, "rtnl: failed to receive rule message, ignoring");
880
881 return 0;
882 }
883
884 r = sd_netlink_message_get_type(message, &type);
885 if (r < 0) {
886 log_warning_errno(r, "rtnl: could not get message type, ignoring: %m");
887 return 0;
888 } else if (!IN_SET(type, RTM_NEWNEXTHOP, RTM_DELNEXTHOP)) {
889 log_warning("rtnl: received unexpected message type %u when processing nexthop, ignoring.", type);
890 return 0;
891 }
892
893 r = sd_netlink_message_read_u32(message, NHA_ID, &id);
894 if (r == -ENODATA) {
895 log_warning_errno(r, "rtnl: received nexthop message without NHA_ID attribute, ignoring: %m");
896 return 0;
897 } else if (r < 0) {
898 log_warning_errno(r, "rtnl: could not get NHA_ID attribute, ignoring: %m");
899 return 0;
900 } else if (id == 0) {
901 log_warning("rtnl: received nexthop message with invalid nexthop ID, ignoring: %m");
902 return 0;
903 }
904
905 (void) nexthop_get_by_id(m, id, &nexthop);
906 (void) nexthop_get_request_by_id(m, id, &req);
907
908 if (type == RTM_DELNEXTHOP) {
909 if (nexthop) {
910 nexthop_enter_removed(nexthop);
911 log_nexthop_debug(nexthop, "Forgetting removed", m);
912 nexthop_free(nexthop);
913 } else
914 log_nexthop_debug(&(const NextHop) { .id = id }, "Kernel removed unknown", m);
915
916 if (req)
917 nexthop_enter_removed(req->userdata);
918
919 return 0;
920 }
921
922 /* If we did not know the nexthop, then save it. */
923 if (!nexthop) {
924 r = nexthop_add_new(m, id, &nexthop);
925 if (r < 0) {
926 log_warning_errno(r, "Failed to add received nexthop, ignoring: %m");
927 return 0;
928 }
929
930 is_new = true;
931 }
932
933 /* Also update information that cannot be obtained through netlink notification. */
934 if (req && req->waiting_reply) {
935 NextHop *n = ASSERT_PTR(req->userdata);
936
937 nexthop->source = n->source;
938 }
939
940 r = sd_rtnl_message_get_family(message, &nexthop->family);
941 if (r < 0)
942 log_debug_errno(r, "rtnl: could not get nexthop family, ignoring: %m");
943
944 r = sd_rtnl_message_nexthop_get_protocol(message, &nexthop->protocol);
945 if (r < 0)
946 log_debug_errno(r, "rtnl: could not get nexthop protocol, ignoring: %m");
947
948 r = sd_rtnl_message_nexthop_get_flags(message, &nexthop->flags);
949 if (r < 0)
950 log_debug_errno(r, "rtnl: could not get nexthop flags, ignoring: %m");
951
952 r = sd_netlink_message_read_data(message, NHA_GROUP, &raw_group_size, &raw_group);
953 if (r == -ENODATA)
954 nexthop->group = hashmap_free_free(nexthop->group);
955 else if (r < 0)
956 log_debug_errno(r, "rtnl: could not get NHA_GROUP attribute, ignoring: %m");
957 else
958 (void) nexthop_update_group(nexthop, raw_group, raw_group_size);
959
960 if (nexthop->family != AF_UNSPEC) {
961 r = netlink_message_read_in_addr_union(message, NHA_GATEWAY, nexthop->family, &nexthop->gw);
962 if (r == -ENODATA)
963 nexthop->gw = IN_ADDR_NULL;
964 else if (r < 0)
965 log_debug_errno(r, "rtnl: could not get NHA_GATEWAY attribute, ignoring: %m");
966 }
967
968 r = sd_netlink_message_has_flag(message, NHA_BLACKHOLE);
969 if (r < 0)
970 log_debug_errno(r, "rtnl: could not get NHA_BLACKHOLE attribute, ignoring: %m");
971 else
972 nexthop->blackhole = r;
973
974 r = sd_netlink_message_read_u32(message, NHA_OIF, &ifindex);
975 if (r == -ENODATA)
976 nexthop->ifindex = 0;
977 else if (r < 0)
978 log_debug_errno(r, "rtnl: could not get NHA_OIF attribute, ignoring: %m");
979 else if (ifindex > INT32_MAX)
980 log_debug_errno(r, "rtnl: received invalid NHA_OIF attribute, ignoring: %m");
981 else
982 nexthop->ifindex = (int) ifindex;
983
984 /* All blackhole or group nexthops are managed by Manager. Note that the linux kernel does not
985 * set NHA_OID attribute when NHA_BLACKHOLE or NHA_GROUP is set. Just for safety. */
986 if (!nexthop_bound_to_link(nexthop))
987 nexthop->ifindex = 0;
988
989 nexthop_enter_configured(nexthop);
990 if (req)
991 nexthop_enter_configured(req->userdata);
992
993 log_nexthop_debug(nexthop, is_new ? "Remembering" : "Received remembered", m);
994 return 1;
995 }
996
997 static int nexthop_section_verify(NextHop *nh) {
998 if (section_is_invalid(nh->section))
999 return -EINVAL;
1000
1001 if (!nh->network->manager->manage_foreign_nexthops && nh->id == 0)
1002 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1003 "%s: [NextHop] section without specifying Id= is not supported "
1004 "if ManageForeignNextHops=no is set in networkd.conf. "
1005 "Ignoring [NextHop] section from line %u.",
1006 nh->section->filename, nh->section->line);
1007
1008 if (!hashmap_isempty(nh->group)) {
1009 if (in_addr_is_set(nh->family, &nh->gw))
1010 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1011 "%s: nexthop group cannot have gateway address. "
1012 "Ignoring [NextHop] section from line %u.",
1013 nh->section->filename, nh->section->line);
1014
1015 if (nh->family != AF_UNSPEC)
1016 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1017 "%s: nexthop group cannot have Family= setting. "
1018 "Ignoring [NextHop] section from line %u.",
1019 nh->section->filename, nh->section->line);
1020
1021 if (nh->blackhole && in_addr_is_set(nh->family, &nh->gw))
1022 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1023 "%s: nexthop group cannot be a blackhole. "
1024 "Ignoring [NextHop] section from line %u.",
1025 nh->section->filename, nh->section->line);
1026 } else if (nh->family == AF_UNSPEC)
1027 /* When neither Family=, Gateway=, nor Group= is specified, assume IPv4. */
1028 nh->family = AF_INET;
1029
1030 if (nh->blackhole && in_addr_is_set(nh->family, &nh->gw))
1031 return log_warning_errno(SYNTHETIC_ERRNO(EINVAL),
1032 "%s: blackhole nexthop cannot have gateway address. "
1033 "Ignoring [NextHop] section from line %u.",
1034 nh->section->filename, nh->section->line);
1035
1036 if (nh->onlink < 0 && in_addr_is_set(nh->family, &nh->gw) &&
1037 ordered_hashmap_isempty(nh->network->addresses_by_section)) {
1038 /* If no address is configured, in most cases the gateway cannot be reachable.
1039 * TODO: we may need to improve the condition above. */
1040 log_warning("%s: Gateway= without static address configured. "
1041 "Enabling OnLink= option.",
1042 nh->section->filename);
1043 nh->onlink = true;
1044 }
1045
1046 if (nh->onlink >= 0)
1047 SET_FLAG(nh->flags, RTNH_F_ONLINK, nh->onlink);
1048
1049 return 0;
1050 }
1051
1052 void network_drop_invalid_nexthops(Network *network) {
1053 NextHop *nh;
1054
1055 assert(network);
1056
1057 HASHMAP_FOREACH(nh, network->nexthops_by_section)
1058 if (nexthop_section_verify(nh) < 0)
1059 nexthop_free(nh);
1060 }
1061
1062 int config_parse_nexthop_id(
1063 const char *unit,
1064 const char *filename,
1065 unsigned line,
1066 const char *section,
1067 unsigned section_line,
1068 const char *lvalue,
1069 int ltype,
1070 const char *rvalue,
1071 void *data,
1072 void *userdata) {
1073
1074 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1075 Network *network = userdata;
1076 uint32_t id;
1077 int r;
1078
1079 assert(filename);
1080 assert(section);
1081 assert(lvalue);
1082 assert(rvalue);
1083 assert(data);
1084
1085 r = nexthop_new_static(network, filename, section_line, &n);
1086 if (r < 0)
1087 return log_oom();
1088
1089 if (isempty(rvalue)) {
1090 n->id = 0;
1091 TAKE_PTR(n);
1092 return 0;
1093 }
1094
1095 r = safe_atou32(rvalue, &id);
1096 if (r < 0) {
1097 log_syntax(unit, LOG_WARNING, filename, line, r,
1098 "Could not parse nexthop id \"%s\", ignoring assignment: %m", rvalue);
1099 return 0;
1100 }
1101 if (id == 0) {
1102 log_syntax(unit, LOG_WARNING, filename, line, 0,
1103 "Invalid nexthop id \"%s\", ignoring assignment: %m", rvalue);
1104 return 0;
1105 }
1106
1107 n->id = id;
1108 TAKE_PTR(n);
1109 return 0;
1110 }
1111
1112 int config_parse_nexthop_gateway(
1113 const char *unit,
1114 const char *filename,
1115 unsigned line,
1116 const char *section,
1117 unsigned section_line,
1118 const char *lvalue,
1119 int ltype,
1120 const char *rvalue,
1121 void *data,
1122 void *userdata) {
1123
1124 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1125 Network *network = userdata;
1126 int r;
1127
1128 assert(filename);
1129 assert(section);
1130 assert(lvalue);
1131 assert(rvalue);
1132 assert(data);
1133
1134 r = nexthop_new_static(network, filename, section_line, &n);
1135 if (r < 0)
1136 return log_oom();
1137
1138 if (isempty(rvalue)) {
1139 n->family = AF_UNSPEC;
1140 n->gw = IN_ADDR_NULL;
1141
1142 TAKE_PTR(n);
1143 return 0;
1144 }
1145
1146 r = in_addr_from_string_auto(rvalue, &n->family, &n->gw);
1147 if (r < 0) {
1148 log_syntax(unit, LOG_WARNING, filename, line, r,
1149 "Invalid %s='%s', ignoring assignment: %m", lvalue, rvalue);
1150 return 0;
1151 }
1152
1153 TAKE_PTR(n);
1154 return 0;
1155 }
1156
1157 int config_parse_nexthop_family(
1158 const char *unit,
1159 const char *filename,
1160 unsigned line,
1161 const char *section,
1162 unsigned section_line,
1163 const char *lvalue,
1164 int ltype,
1165 const char *rvalue,
1166 void *data,
1167 void *userdata) {
1168
1169 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1170 Network *network = userdata;
1171 AddressFamily a;
1172 int r;
1173
1174 assert(filename);
1175 assert(section);
1176 assert(lvalue);
1177 assert(rvalue);
1178 assert(data);
1179
1180 r = nexthop_new_static(network, filename, section_line, &n);
1181 if (r < 0)
1182 return log_oom();
1183
1184 if (isempty(rvalue) &&
1185 !in_addr_is_set(n->family, &n->gw)) {
1186 /* Accept an empty string only when Gateway= is null or not specified. */
1187 n->family = AF_UNSPEC;
1188 TAKE_PTR(n);
1189 return 0;
1190 }
1191
1192 a = nexthop_address_family_from_string(rvalue);
1193 if (a < 0) {
1194 log_syntax(unit, LOG_WARNING, filename, line, 0,
1195 "Invalid %s='%s', ignoring assignment: %m", lvalue, rvalue);
1196 return 0;
1197 }
1198
1199 if (in_addr_is_set(n->family, &n->gw) &&
1200 ((a == ADDRESS_FAMILY_IPV4 && n->family == AF_INET6) ||
1201 (a == ADDRESS_FAMILY_IPV6 && n->family == AF_INET))) {
1202 log_syntax(unit, LOG_WARNING, filename, line, 0,
1203 "Specified family '%s' conflicts with the family of the previously specified Gateway=, "
1204 "ignoring assignment.", rvalue);
1205 return 0;
1206 }
1207
1208 switch (a) {
1209 case ADDRESS_FAMILY_IPV4:
1210 n->family = AF_INET;
1211 break;
1212 case ADDRESS_FAMILY_IPV6:
1213 n->family = AF_INET6;
1214 break;
1215 default:
1216 assert_not_reached();
1217 }
1218
1219 TAKE_PTR(n);
1220 return 0;
1221 }
1222
1223 int config_parse_nexthop_onlink(
1224 const char *unit,
1225 const char *filename,
1226 unsigned line,
1227 const char *section,
1228 unsigned section_line,
1229 const char *lvalue,
1230 int ltype,
1231 const char *rvalue,
1232 void *data,
1233 void *userdata) {
1234
1235 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1236 Network *network = userdata;
1237 int r;
1238
1239 assert(filename);
1240 assert(section);
1241 assert(lvalue);
1242 assert(rvalue);
1243 assert(data);
1244
1245 r = nexthop_new_static(network, filename, section_line, &n);
1246 if (r < 0)
1247 return log_oom();
1248
1249 r = parse_tristate(rvalue, &n->onlink);
1250 if (r < 0) {
1251 log_syntax(unit, LOG_WARNING, filename, line, r,
1252 "Failed to parse %s=, ignoring assignment: %s", lvalue, rvalue);
1253 return 0;
1254 }
1255
1256 TAKE_PTR(n);
1257 return 0;
1258 }
1259
1260 int config_parse_nexthop_blackhole(
1261 const char *unit,
1262 const char *filename,
1263 unsigned line,
1264 const char *section,
1265 unsigned section_line,
1266 const char *lvalue,
1267 int ltype,
1268 const char *rvalue,
1269 void *data,
1270 void *userdata) {
1271
1272 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1273 Network *network = userdata;
1274 int r;
1275
1276 assert(filename);
1277 assert(section);
1278 assert(lvalue);
1279 assert(rvalue);
1280 assert(data);
1281
1282 r = nexthop_new_static(network, filename, section_line, &n);
1283 if (r < 0)
1284 return log_oom();
1285
1286 r = parse_boolean(rvalue);
1287 if (r < 0) {
1288 log_syntax(unit, LOG_WARNING, filename, line, r,
1289 "Failed to parse %s=, ignoring assignment: %s", lvalue, rvalue);
1290 return 0;
1291 }
1292
1293 n->blackhole = r;
1294
1295 TAKE_PTR(n);
1296 return 0;
1297 }
1298
1299 int config_parse_nexthop_group(
1300 const char *unit,
1301 const char *filename,
1302 unsigned line,
1303 const char *section,
1304 unsigned section_line,
1305 const char *lvalue,
1306 int ltype,
1307 const char *rvalue,
1308 void *data,
1309 void *userdata) {
1310
1311 _cleanup_(nexthop_free_or_set_invalidp) NextHop *n = NULL;
1312 Network *network = userdata;
1313 int r;
1314
1315 assert(filename);
1316 assert(section);
1317 assert(lvalue);
1318 assert(rvalue);
1319 assert(data);
1320
1321 r = nexthop_new_static(network, filename, section_line, &n);
1322 if (r < 0)
1323 return log_oom();
1324
1325 if (isempty(rvalue)) {
1326 n->group = hashmap_free_free(n->group);
1327 TAKE_PTR(n);
1328 return 0;
1329 }
1330
1331 for (const char *p = rvalue;;) {
1332 _cleanup_free_ struct nexthop_grp *nhg = NULL;
1333 _cleanup_free_ char *word = NULL;
1334 uint32_t w;
1335 char *sep;
1336
1337 r = extract_first_word(&p, &word, NULL, 0);
1338 if (r == -ENOMEM)
1339 return log_oom();
1340 if (r < 0) {
1341 log_syntax(unit, LOG_WARNING, filename, line, r,
1342 "Invalid %s=, ignoring assignment: %s", lvalue, rvalue);
1343 return 0;
1344 }
1345 if (r == 0)
1346 break;
1347
1348 nhg = new0(struct nexthop_grp, 1);
1349 if (!nhg)
1350 return log_oom();
1351
1352 sep = strchr(word, ':');
1353 if (sep) {
1354 *sep++ = '\0';
1355 r = safe_atou32(sep, &w);
1356 if (r < 0) {
1357 log_syntax(unit, LOG_WARNING, filename, line, r,
1358 "Failed to parse weight for nexthop group, ignoring assignment: %s:%s",
1359 word, sep);
1360 continue;
1361 }
1362 if (w == 0 || w > 256) {
1363 log_syntax(unit, LOG_WARNING, filename, line, 0,
1364 "Invalid weight for nexthop group, ignoring assignment: %s:%s",
1365 word, sep);
1366 continue;
1367 }
1368 /* See comments in config_parse_multipath_route(). */
1369 nhg->weight = w - 1;
1370 }
1371
1372 r = safe_atou32(word, &nhg->id);
1373 if (r < 0) {
1374 log_syntax(unit, LOG_WARNING, filename, line, r,
1375 "Failed to parse nexthop ID in %s=, ignoring assignment: %s%s%s",
1376 lvalue, word, sep ? ":" : "", strempty(sep));
1377 continue;
1378 }
1379 if (nhg->id == 0) {
1380 log_syntax(unit, LOG_WARNING, filename, line, 0,
1381 "Nexthop ID in %s= must be positive, ignoring assignment: %s%s%s",
1382 lvalue, word, sep ? ":" : "", strempty(sep));
1383 continue;
1384 }
1385
1386 r = hashmap_ensure_put(&n->group, NULL, UINT32_TO_PTR(nhg->id), nhg);
1387 if (r == -ENOMEM)
1388 return log_oom();
1389 if (r == -EEXIST) {
1390 log_syntax(unit, LOG_WARNING, filename, line, r,
1391 "Nexthop ID %"PRIu32" is specified multiple times in %s=, ignoring assignment: %s%s%s",
1392 nhg->id, lvalue, word, sep ? ":" : "", strempty(sep));
1393 continue;
1394 }
1395 assert(r > 0);
1396 TAKE_PTR(nhg);
1397 }
1398
1399 TAKE_PTR(n);
1400 return 0;
1401 }
Unnamed repository; edit this file 'description' to name the repository.