1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright (C) 2017 Intel Corporation. All rights reserved.
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21 #include <netinet/icmp6.h>
22 #include <netinet/in.h>
23 #include <arpa/inet.h>
28 #include "alloc-util.h"
29 #include "dns-domain.h"
31 #include "icmp6-util.h"
32 #include "in-addr-util.h"
33 #include "radv-internal.h"
34 #include "socket-util.h"
35 #include "string-util.h"
38 #include "random-util.h"
40 _public_
int sd_radv_new(sd_radv
**ret
) {
41 _cleanup_(sd_radv_unrefp
) sd_radv
*ra
= NULL
;
43 assert_return(ret
, -EINVAL
);
45 ra
= new0(sd_radv
, 1);
52 LIST_HEAD_INIT(ra
->prefixes
);
59 _public_
int sd_radv_attach_event(sd_radv
*ra
, sd_event
*event
, int64_t priority
) {
62 assert_return(ra
, -EINVAL
);
63 assert_return(!ra
->event
, -EBUSY
);
66 ra
->event
= sd_event_ref(event
);
68 r
= sd_event_default(&ra
->event
);
73 ra
->event_priority
= priority
;
78 _public_
int sd_radv_detach_event(sd_radv
*ra
) {
80 assert_return(ra
, -EINVAL
);
82 ra
->event
= sd_event_unref(ra
->event
);
86 _public_ sd_event
*sd_radv_get_event(sd_radv
*ra
) {
87 assert_return(ra
, NULL
);
92 static void radv_reset(sd_radv
*ra
) {
94 ra
->timeout_event_source
=
95 sd_event_source_unref(ra
->timeout_event_source
);
97 ra
->recv_event_source
=
98 sd_event_source_unref(ra
->recv_event_source
);
103 _public_ sd_radv
*sd_radv_ref(sd_radv
*ra
) {
107 assert(ra
->n_ref
> 0);
113 _public_ sd_radv
*sd_radv_unref(sd_radv
*ra
) {
117 assert(ra
->n_ref
> 0);
123 while (ra
->prefixes
) {
124 sd_radv_prefix
*p
= ra
->prefixes
;
126 LIST_REMOVE(prefix
, ra
->prefixes
, p
);
127 sd_radv_prefix_unref(p
);
135 sd_radv_detach_event(ra
);
139 static int radv_send(sd_radv
*ra
, const struct in6_addr
*dst
,
140 const uint32_t router_lifetime
) {
141 static const struct ether_addr mac_zero
= {};
143 struct sockaddr_in6 dst_addr
= {
144 .sin6_family
= AF_INET6
,
145 .sin6_addr
= IN6ADDR_ALL_NODES_MULTICAST_INIT
,
147 struct nd_router_advert adv
= {};
149 struct nd_opt_hdr opthdr
;
150 struct ether_addr slladdr
;
151 } _packed_ opt_mac
= {
153 .nd_opt_type
= ND_OPT_SOURCE_LINKADDR
,
154 .nd_opt_len
= (sizeof(struct nd_opt_hdr
) +
155 sizeof(struct ether_addr
) - 1) /8 + 1,
158 struct nd_opt_mtu opt_mtu
= {
159 .nd_opt_mtu_type
= ND_OPT_MTU
,
162 /* Reserve iov space for RA header, linkaddr, MTU, N prefixes, RDNSS
164 struct iovec iov
[5 + ra
->n_prefixes
];
165 struct msghdr msg
= {
166 .msg_name
= &dst_addr
,
167 .msg_namelen
= sizeof(dst_addr
),
173 r
= sd_event_now(ra
->event
, clock_boottime_or_monotonic(), &time_now
);
177 if (dst
&& !in_addr_is_null(AF_INET6
, (union in_addr_union
*) dst
))
178 dst_addr
.sin6_addr
= *dst
;
180 adv
.nd_ra_type
= ND_ROUTER_ADVERT
;
181 adv
.nd_ra_curhoplimit
= ra
->hop_limit
;
182 adv
.nd_ra_flags_reserved
= ra
->flags
;
183 adv
.nd_ra_router_lifetime
= htobe16(router_lifetime
);
184 iov
[msg
.msg_iovlen
].iov_base
= &adv
;
185 iov
[msg
.msg_iovlen
].iov_len
= sizeof(adv
);
188 /* MAC address is optional, either because the link does not use L2
189 addresses or load sharing is desired. See RFC 4861, Section 4.2 */
190 if (memcmp(&mac_zero
, &ra
->mac_addr
, sizeof(mac_zero
))) {
191 opt_mac
.slladdr
= ra
->mac_addr
;
192 iov
[msg
.msg_iovlen
].iov_base
= &opt_mac
;
193 iov
[msg
.msg_iovlen
].iov_len
= sizeof(opt_mac
);
198 opt_mtu
.nd_opt_mtu_mtu
= htobe32(ra
->mtu
);
199 iov
[msg
.msg_iovlen
].iov_base
= &opt_mtu
;
200 iov
[msg
.msg_iovlen
].iov_len
= sizeof(opt_mtu
);
204 LIST_FOREACH(prefix
, p
, ra
->prefixes
) {
205 if (p
->valid_until
) {
207 if (time_now
> p
->valid_until
)
208 p
->opt
.valid_lifetime
= 0;
210 p
->opt
.valid_lifetime
= htobe32((p
->valid_until
- time_now
) / USEC_PER_SEC
);
212 if (time_now
> p
->preferred_until
)
213 p
->opt
.preferred_lifetime
= 0;
215 p
->opt
.preferred_lifetime
= htobe32((p
->preferred_until
- time_now
) / USEC_PER_SEC
);
217 iov
[msg
.msg_iovlen
].iov_base
= &p
->opt
;
218 iov
[msg
.msg_iovlen
].iov_len
= sizeof(p
->opt
);
223 iov
[msg
.msg_iovlen
].iov_base
= ra
->rdnss
;
224 iov
[msg
.msg_iovlen
].iov_len
= ra
->rdnss
->length
* 8;
229 iov
[msg
.msg_iovlen
].iov_base
= ra
->dnssl
;
230 iov
[msg
.msg_iovlen
].iov_len
= ra
->dnssl
->length
* 8;
234 if (sendmsg(ra
->fd
, &msg
, 0) < 0)
240 static int radv_recv(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
241 sd_radv
*ra
= userdata
;
242 _cleanup_free_
char *addr
= NULL
;
244 triple_timestamp timestamp
;
247 _cleanup_free_
char *buf
= NULL
;
253 buflen
= next_datagram_size_fd(fd
);
255 if ((unsigned) buflen
< sizeof(struct nd_router_solicit
))
256 return log_radv("Too short packet received");
258 buf
= new0(char, buflen
);
262 r
= icmp6_receive(fd
, buf
, buflen
, &src
, ×tamp
);
266 (void) in_addr_to_string(AF_INET6
, (union in_addr_union
*) &src
, &addr
);
267 log_radv("Received RS from non-link-local address %s. Ignoring", addr
);
271 log_radv("Received RS with invalid hop limit. Ignoring.");
275 log_radv("Received invalid source address from ICMPv6 socket. Ignoring.");
279 log_radv_warning_errno(r
, "Error receiving from ICMPv6 socket: %m");
286 (void) in_addr_to_string(AF_INET6
, (union in_addr_union
*) &src
, &addr
);
288 r
= radv_send(ra
, &src
, ra
->lifetime
);
290 log_radv_warning_errno(r
, "Unable to send solicited Router Advertisment to %s: %m", addr
);
292 log_radv("Sent solicited Router Advertisement to %s", addr
);
297 static usec_t
radv_compute_timeout(usec_t min
, usec_t max
) {
298 assert_return(min
<= max
, SD_RADV_DEFAULT_MIN_TIMEOUT_USEC
);
300 return min
+ (random_u32() % (max
- min
));
303 static int radv_timeout(sd_event_source
*s
, uint64_t usec
, void *userdata
) {
305 sd_radv
*ra
= userdata
;
306 usec_t min_timeout
= SD_RADV_DEFAULT_MIN_TIMEOUT_USEC
;
307 usec_t max_timeout
= SD_RADV_DEFAULT_MAX_TIMEOUT_USEC
;
308 usec_t time_now
, timeout
;
309 char time_string
[FORMAT_TIMESPAN_MAX
];
315 ra
->timeout_event_source
= sd_event_source_unref(ra
->timeout_event_source
);
317 r
= sd_event_now(ra
->event
, clock_boottime_or_monotonic(), &time_now
);
321 r
= radv_send(ra
, NULL
, ra
->lifetime
);
323 log_radv_warning_errno(r
, "Unable to send Router Advertisement: %m");
325 /* RFC 4861, Section 6.2.4, sending initial Router Advertisements */
326 if (ra
->ra_sent
< SD_RADV_MAX_INITIAL_RTR_ADVERTISEMENTS
) {
327 max_timeout
= SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC
;
328 min_timeout
= SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC
/ 3;
331 timeout
= radv_compute_timeout(min_timeout
, max_timeout
);
333 log_radv("Next Router Advertisement in %s",
334 format_timespan(time_string
, FORMAT_TIMESPAN_MAX
,
335 timeout
, USEC_PER_SEC
));
337 r
= sd_event_add_time(ra
->event
, &ra
->timeout_event_source
,
338 clock_boottime_or_monotonic(),
339 time_now
+ timeout
, MSEC_PER_SEC
,
344 r
= sd_event_source_set_priority(ra
->timeout_event_source
,
349 r
= sd_event_source_set_description(ra
->timeout_event_source
,
363 _public_
int sd_radv_stop(sd_radv
*ra
) {
366 assert_return(ra
, -EINVAL
);
368 log_radv("Stopping IPv6 Router Advertisement daemon");
370 /* RFC 4861, Section 6.2.5, send at least one Router Advertisement
371 with zero lifetime */
372 r
= radv_send(ra
, NULL
, 0);
374 log_radv_warning_errno(r
, "Unable to send last Router Advertisement with router lifetime set to zero: %m");
377 ra
->fd
= safe_close(ra
->fd
);
378 ra
->state
= SD_RADV_STATE_IDLE
;
383 _public_
int sd_radv_start(sd_radv
*ra
) {
386 assert_return(ra
, -EINVAL
);
387 assert_return(ra
->event
, -EINVAL
);
388 assert_return(ra
->ifindex
> 0, -EINVAL
);
390 if (ra
->state
!= SD_RADV_STATE_IDLE
)
393 r
= sd_event_add_time(ra
->event
, &ra
->timeout_event_source
,
394 clock_boottime_or_monotonic(), 0, 0,
399 r
= sd_event_source_set_priority(ra
->timeout_event_source
,
404 (void) sd_event_source_set_description(ra
->timeout_event_source
,
407 r
= icmp6_bind_router_advertisement(ra
->ifindex
);
413 r
= sd_event_add_io(ra
->event
, &ra
->recv_event_source
, ra
->fd
, EPOLLIN
, radv_recv
, ra
);
417 r
= sd_event_source_set_priority(ra
->recv_event_source
, ra
->event_priority
);
421 (void) sd_event_source_set_description(ra
->recv_event_source
, "radv-receive-message");
423 ra
->state
= SD_RADV_STATE_ADVERTISING
;
425 log_radv("Started IPv6 Router Advertisement daemon");
435 _public_
int sd_radv_set_ifindex(sd_radv
*ra
, int ifindex
) {
436 assert_return(ra
, -EINVAL
);
437 assert_return(ifindex
>= -1, -EINVAL
);
439 if (ra
->state
!= SD_RADV_STATE_IDLE
)
442 ra
->ifindex
= ifindex
;
447 _public_
int sd_radv_set_mac(sd_radv
*ra
, const struct ether_addr
*mac_addr
) {
448 assert_return(ra
, -EINVAL
);
450 if (ra
->state
!= SD_RADV_STATE_IDLE
)
454 ra
->mac_addr
= *mac_addr
;
461 _public_
int sd_radv_set_mtu(sd_radv
*ra
, uint32_t mtu
) {
462 assert_return(ra
, -EINVAL
);
463 assert_return(mtu
>= 1280, -EINVAL
);
470 _public_
int sd_radv_set_hop_limit(sd_radv
*ra
, uint8_t hop_limit
) {
471 assert_return(ra
, -EINVAL
);
473 if (ra
->state
!= SD_RADV_STATE_IDLE
)
476 ra
->hop_limit
= hop_limit
;
481 _public_
int sd_radv_set_router_lifetime(sd_radv
*ra
, uint32_t router_lifetime
) {
482 assert_return(ra
, -EINVAL
);
484 if (ra
->state
!= SD_RADV_STATE_IDLE
)
487 /* RFC 4191, Section 2.2, "...If the Router Lifetime is zero, the
488 preference value MUST be set to (00) by the sender..." */
489 if (router_lifetime
== 0 &&
490 (ra
->flags
& (0x3 << 3)) != (SD_NDISC_PREFERENCE_MEDIUM
<< 3))
493 ra
->lifetime
= router_lifetime
;
498 _public_
int sd_radv_set_managed_information(sd_radv
*ra
, int managed
) {
499 assert_return(ra
, -EINVAL
);
501 if (ra
->state
!= SD_RADV_STATE_IDLE
)
504 SET_FLAG(ra
->flags
, ND_RA_FLAG_MANAGED
, managed
);
509 _public_
int sd_radv_set_other_information(sd_radv
*ra
, int other
) {
510 assert_return(ra
, -EINVAL
);
512 if (ra
->state
!= SD_RADV_STATE_IDLE
)
515 SET_FLAG(ra
->flags
, ND_RA_FLAG_OTHER
, other
);
520 _public_
int sd_radv_set_preference(sd_radv
*ra
, unsigned preference
) {
523 assert_return(ra
, -EINVAL
);
524 assert_return(IN_SET(preference
,
525 SD_NDISC_PREFERENCE_LOW
,
526 SD_NDISC_PREFERENCE_MEDIUM
,
527 SD_NDISC_PREFERENCE_HIGH
), -EINVAL
);
529 ra
->flags
= (ra
->flags
& ~(0x3 << 3)) | (preference
<< 3);
534 _public_
int sd_radv_add_prefix(sd_radv
*ra
, sd_radv_prefix
*p
, bool dynamic
) {
537 _cleanup_free_
char *addr_p
= NULL
;
538 char time_string_preferred
[FORMAT_TIMESPAN_MAX
];
539 char time_string_valid
[FORMAT_TIMESPAN_MAX
];
540 usec_t time_now
, valid
, preferred
, valid_until
, preferred_until
;
542 assert_return(ra
, -EINVAL
);
547 LIST_FOREACH(prefix
, cur
, ra
->prefixes
) {
549 r
= in_addr_prefix_intersect(AF_INET6
,
550 (union in_addr_union
*) &cur
->opt
.in6_addr
,
552 (union in_addr_union
*) &p
->opt
.in6_addr
,
555 _cleanup_free_
char *addr_cur
= NULL
;
557 (void) in_addr_to_string(AF_INET6
,
558 (union in_addr_union
*) &p
->opt
.in6_addr
,
561 if (dynamic
&& cur
->opt
.prefixlen
== p
->opt
.prefixlen
)
564 (void) in_addr_to_string(AF_INET6
,
565 (union in_addr_union
*) &cur
->opt
.in6_addr
,
567 log_radv("IPv6 prefix %s/%u already configured, ignoring %s/%u",
568 addr_cur
, cur
->opt
.prefixlen
,
569 addr_p
, p
->opt
.prefixlen
);
575 p
= sd_radv_prefix_ref(p
);
577 LIST_APPEND(prefix
, ra
->prefixes
, p
);
581 (void) in_addr_to_string(AF_INET6
, (union in_addr_union
*) &p
->opt
.in6_addr
, &addr_p
);
584 log_radv("Added prefix %s/%d", addr_p
, p
->opt
.prefixlen
);
591 r
= sd_event_now(ra
->event
, clock_boottime_or_monotonic(), &time_now
);
595 valid
= be32toh(p
->opt
.valid_lifetime
) * USEC_PER_SEC
;
596 valid_until
= usec_add(valid
, time_now
);
597 if (valid_until
== USEC_INFINITY
)
600 preferred
= be32toh(p
->opt
.preferred_lifetime
) * USEC_PER_SEC
;
601 preferred_until
= usec_add(preferred
, time_now
);
602 if (preferred_until
== USEC_INFINITY
)
605 cur
->valid_until
= valid_until
;
606 cur
->preferred_until
= preferred_until
;
608 log_radv("%s prefix %s/%u preferred %s valid %s",
609 cur
? "Updated": "Added",
610 addr_p
, p
->opt
.prefixlen
,
611 format_timespan(time_string_preferred
, FORMAT_TIMESPAN_MAX
,
612 preferred
, USEC_PER_SEC
),
613 format_timespan(time_string_valid
, FORMAT_TIMESPAN_MAX
,
614 valid
, USEC_PER_SEC
));
619 _public_ sd_radv_prefix
*sd_radv_remove_prefix(sd_radv
*ra
,
620 struct in6_addr
*prefix
,
622 sd_radv_prefix
*cur
, *next
;
624 assert_return(ra
, NULL
);
625 assert_return(prefix
, NULL
);
627 LIST_FOREACH_SAFE(prefix
, cur
, next
, ra
->prefixes
) {
628 if (prefixlen
!= cur
->opt
.prefixlen
)
631 if (!in_addr_equal(AF_INET6
,
632 (union in_addr_union
*)prefix
,
633 (union in_addr_union
*)&cur
->opt
.in6_addr
))
636 LIST_REMOVE(prefix
, ra
->prefixes
, cur
);
645 _public_
int sd_radv_set_rdnss(sd_radv
*ra
, uint32_t lifetime
,
646 const struct in6_addr
*dns
, size_t n_dns
) {
647 _cleanup_free_
struct sd_radv_opt_dns
*opt_rdnss
= NULL
;
650 assert_return(ra
, -EINVAL
);
651 assert_return(n_dns
< 128, -EINVAL
);
653 if (!dns
|| n_dns
== 0) {
654 ra
->rdnss
= mfree(ra
->rdnss
);
660 len
= sizeof(struct sd_radv_opt_dns
) + sizeof(struct in6_addr
) * n_dns
;
662 opt_rdnss
= malloc0(len
);
666 opt_rdnss
->type
= SD_RADV_OPT_RDNSS
;
667 opt_rdnss
->length
= len
/ 8;
668 opt_rdnss
->lifetime
= htobe32(lifetime
);
670 memcpy(opt_rdnss
+ 1, dns
, n_dns
* sizeof(struct in6_addr
));
672 free_and_replace(ra
->rdnss
, opt_rdnss
);
679 _public_
int sd_radv_set_dnssl(sd_radv
*ra
, uint32_t lifetime
,
680 char **search_list
) {
681 _cleanup_free_
struct sd_radv_opt_dns
*opt_dnssl
= NULL
;
686 assert_return(ra
, -EINVAL
);
688 if (!search_list
|| *search_list
== NULL
) {
689 ra
->dnssl
= mfree(ra
->dnssl
);
694 STRV_FOREACH(s
, search_list
)
695 len
+= strlen(*s
) + 2;
697 len
= (sizeof(struct sd_radv_opt_dns
) + len
+ 7) & ~0x7;
699 opt_dnssl
= malloc0(len
);
703 opt_dnssl
->type
= SD_RADV_OPT_DNSSL
;
704 opt_dnssl
->length
= len
/ 8;
705 opt_dnssl
->lifetime
= htobe32(lifetime
);
707 p
= (uint8_t *)(opt_dnssl
+ 1);
708 len
-= sizeof(struct sd_radv_opt_dns
);
710 STRV_FOREACH(s
, search_list
) {
713 r
= dns_name_to_wire_format(*s
, p
, len
, false);
724 free_and_replace(ra
->dnssl
, opt_dnssl
);
729 _public_
int sd_radv_prefix_new(sd_radv_prefix
**ret
) {
730 _cleanup_(sd_radv_prefix_unrefp
) sd_radv_prefix
*p
= NULL
;
732 assert_return(ret
, -EINVAL
);
734 p
= new0(sd_radv_prefix
, 1);
740 p
->opt
.type
= ND_OPT_PREFIX_INFORMATION
;
741 p
->opt
.length
= (sizeof(p
->opt
) - 1) /8 + 1;
743 p
->opt
.prefixlen
= 64;
745 /* RFC 4861, Section 6.2.1 */
746 SET_FLAG(p
->opt
.flags
, ND_OPT_PI_FLAG_ONLINK
, true);
747 SET_FLAG(p
->opt
.flags
, ND_OPT_PI_FLAG_AUTO
, true);
748 p
->opt
.preferred_lifetime
= htobe32(604800);
749 p
->opt
.valid_lifetime
= htobe32(2592000);
751 LIST_INIT(prefix
, p
);
758 _public_ sd_radv_prefix
*sd_radv_prefix_ref(sd_radv_prefix
*p
) {
762 assert(p
->n_ref
> 0);
768 _public_ sd_radv_prefix
*sd_radv_prefix_unref(sd_radv_prefix
*p
) {
772 assert(p
->n_ref
> 0);
781 _public_
int sd_radv_prefix_set_prefix(sd_radv_prefix
*p
, struct in6_addr
*in6_addr
,
782 unsigned char prefixlen
) {
783 assert_return(p
, -EINVAL
);
784 assert_return(in6_addr
, -EINVAL
);
786 if (prefixlen
< 3 || prefixlen
> 128)
790 /* unusual but allowed, log it */
791 log_radv("Unusual prefix length %d greater than 64", prefixlen
);
793 p
->opt
.in6_addr
= *in6_addr
;
794 p
->opt
.prefixlen
= prefixlen
;
799 _public_
int sd_radv_prefix_set_onlink(sd_radv_prefix
*p
, int onlink
) {
800 assert_return(p
, -EINVAL
);
802 SET_FLAG(p
->opt
.flags
, ND_OPT_PI_FLAG_ONLINK
, onlink
);
807 _public_
int sd_radv_prefix_set_address_autoconfiguration(sd_radv_prefix
*p
,
808 int address_autoconfiguration
) {
809 assert_return(p
, -EINVAL
);
811 SET_FLAG(p
->opt
.flags
, ND_OPT_PI_FLAG_AUTO
, address_autoconfiguration
);
816 _public_
int sd_radv_prefix_set_valid_lifetime(sd_radv_prefix
*p
,
817 uint32_t valid_lifetime
) {
818 assert_return(p
, -EINVAL
);
820 p
->opt
.valid_lifetime
= htobe32(valid_lifetime
);
825 _public_
int sd_radv_prefix_set_preferred_lifetime(sd_radv_prefix
*p
,
826 uint32_t preferred_lifetime
) {
827 assert_return(p
, -EINVAL
);
829 p
->opt
.preferred_lifetime
= htobe32(preferred_lifetime
);