[thirdparty/systemd.git] / src / libsystemd-network / icmp6-util.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  Copyright © 2014 Intel Corporation. All rights reserved.
***/

#include <errno.h>
#include <netinet/icmp6.h>
#include <netinet/in.h>
#include <netinet/ip6.h>
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <unistd.h>
#include <net/if.h>
#include <linux/if_packet.h>

#include "fd-util.h"
#include "icmp6-util.h"
#include "socket-util.h"
#include "in-addr-util.h"

#define IN6ADDR_ALL_ROUTERS_MULTICAST_INIT \
        { { { 0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
              0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 } } }

#define IN6ADDR_ALL_NODES_MULTICAST_INIT \
        { { { 0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
              0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } } }

static int icmp6_bind_router_message(const struct icmp6_filter *filter,
                                     const struct ipv6_mreq *mreq) {
        int index = mreq->ipv6mr_interface;
        _cleanup_close_ int s = -1;
        char ifname[IF_NAMESIZE] = "";
        int r;

        s = socket(AF_INET6, SOCK_RAW | SOCK_CLOEXEC | SOCK_NONBLOCK, IPPROTO_ICMPV6);
        if (s < 0)
                return -errno;

        r = setsockopt(s, IPPROTO_ICMPV6, ICMP6_FILTER, filter, sizeof(*filter));
        if (r < 0)
                return -errno;

        r = setsockopt(s, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, mreq, sizeof(*mreq));
        if (r < 0)
                return -errno;

        /* RFC 3315, section 6.7, bullet point 2 may indicate that an
           IPV6_PKTINFO socket option also applies for ICMPv6 multicast.
           Empirical experiments indicates otherwise and therefore an
           IPV6_MULTICAST_IF socket option is used here instead */
        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_IF, index);
        if (r < 0)
                return r;

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, false);
        if (r < 0)
                return r;

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 255);
        if (r < 0)
                return r;

        r = setsockopt_int(s, IPPROTO_IPV6, IPV6_UNICAST_HOPS, 255);
        if (r < 0)
                return r;

        r = setsockopt_int(s, SOL_IPV6, IPV6_RECVHOPLIMIT, true);
        if (r < 0)
                return r;

        r = setsockopt_int(s, SOL_SOCKET, SO_TIMESTAMP, true);
        if (r < 0)
                return r;

        if (if_indextoname(index, ifname) == 0)
                return -errno;

        r = setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname));
        if (r < 0)
                return -errno;

        return TAKE_FD(s);
}

int icmp6_bind_router_solicitation(int index) {
        struct icmp6_filter filter = {};
        struct ipv6_mreq mreq = {
                .ipv6mr_multiaddr = IN6ADDR_ALL_NODES_MULTICAST_INIT,
                .ipv6mr_interface = index,
        };

        ICMP6_FILTER_SETBLOCKALL(&filter);
        ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filter);

        return icmp6_bind_router_message(&filter, &mreq);
}

int icmp6_bind_router_advertisement(int index) {
        struct icmp6_filter filter = {};
        struct ipv6_mreq mreq = {
                .ipv6mr_multiaddr = IN6ADDR_ALL_ROUTERS_MULTICAST_INIT,
                .ipv6mr_interface = index,
        };

        ICMP6_FILTER_SETBLOCKALL(&filter);
        ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filter);

        return icmp6_bind_router_message(&filter, &mreq);
}

int icmp6_send_router_solicitation(int s, const struct ether_addr *ether_addr) {
        struct sockaddr_in6 dst = {
                .sin6_family = AF_INET6,
                .sin6_addr = IN6ADDR_ALL_ROUTERS_MULTICAST_INIT,
        };
        struct {
                struct nd_router_solicit rs;
                struct nd_opt_hdr rs_opt;
                struct ether_addr rs_opt_mac;
        } _packed_ rs = {
                .rs.nd_rs_type = ND_ROUTER_SOLICIT,
                .rs_opt.nd_opt_type = ND_OPT_SOURCE_LINKADDR,
                .rs_opt.nd_opt_len = 1,
        };
        struct iovec iov = {
                .iov_base = &rs,
                .iov_len = sizeof(rs),
        };
        struct msghdr msg = {
                .msg_name = &dst,
                .msg_namelen = sizeof(dst),
                .msg_iov = &iov,
                .msg_iovlen = 1,
        };
        int r;

        assert(s >= 0);
        assert(ether_addr);

        rs.rs_opt_mac = *ether_addr;

        r = sendmsg(s, &msg, 0);
        if (r < 0)
                return -errno;

        return 0;
}

int icmp6_receive(int fd, void *buffer, size_t size, struct in6_addr *dst,
                  triple_timestamp *timestamp) {
        union {
                struct cmsghdr cmsghdr;
                uint8_t buf[CMSG_SPACE(sizeof(int)) + /* ttl */
                            CMSG_SPACE(sizeof(struct timeval))];
        } control = {};
        struct iovec iov = {};
        union sockaddr_union sa = {};
        struct msghdr msg = {
                .msg_name = &sa.sa,
                .msg_namelen = sizeof(sa),
                .msg_iov = &iov,
                .msg_iovlen = 1,
                .msg_control = &control,
                .msg_controllen = sizeof(control),
        };
        struct cmsghdr *cmsg;
        ssize_t len;

        iov.iov_base = buffer;
        iov.iov_len = size;

        len = recvmsg(fd, &msg, MSG_DONTWAIT);
        if (len < 0)
                return -errno;

        if ((size_t) len != size)
                return -EINVAL;

        if (msg.msg_namelen == sizeof(struct sockaddr_in6) &&
            sa.in6.sin6_family == AF_INET6)  {

                *dst = sa.in6.sin6_addr;
                if (in_addr_is_link_local(AF_INET6, (union in_addr_union*) dst) <= 0)
                        return -EADDRNOTAVAIL;

        } else if (msg.msg_namelen > 0)
                return -EPFNOSUPPORT;

        /* namelen == 0 only happens when running the test-suite over a socketpair */

        assert(!(msg.msg_flags & MSG_CTRUNC));
        assert(!(msg.msg_flags & MSG_TRUNC));

        CMSG_FOREACH(cmsg, &msg) {
                if (cmsg->cmsg_level == SOL_IPV6 &&
                    cmsg->cmsg_type == IPV6_HOPLIMIT &&
                    cmsg->cmsg_len == CMSG_LEN(sizeof(int))) {
                        int hops = *(int*) CMSG_DATA(cmsg);

                        if (hops != 255)
                                return -EMULTIHOP;
                }

                if (cmsg->cmsg_level == SOL_SOCKET &&
                    cmsg->cmsg_type == SO_TIMESTAMP &&
                    cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
                        triple_timestamp_from_realtime(timestamp, timeval_load((struct timeval*) CMSG_DATA(cmsg)));
        }

        if (!triple_timestamp_is_set(timestamp))
                triple_timestamp_get(timestamp);

        return 0;
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
940367a0	2	/***
810adae9	3	Copyright © 2014 Intel Corporation. All rights reserved.
940367a0 TG	4	***/
	5
	6	#include <errno.h>
940367a0 TG	7	#include <netinet/icmp6.h>
940367a0 TG	8	#include <netinet/in.h>
3ffd4af2 LP	9	#include <netinet/ip6.h>
	10	#include <stdio.h>
	11	#include <string.h>
	12	#include <sys/socket.h>
	13	#include <sys/types.h>
	14	#include <unistd.h>
15fec93b	15	#include <net/if.h>
3ffd4af2	16	#include <linux/if_packet.h>
940367a0	17
3ffd4af2	18	#include "fd-util.h"
940367a0	19	#include "icmp6-util.h"
3ffd4af2	20	#include "socket-util.h"
88d5a3db	21	#include "in-addr-util.h"
940367a0 TG	22
	23	#define IN6ADDR_ALL_ROUTERS_MULTICAST_INIT \
	24	{ { { 0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
	25	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 } } }
	26
	27	#define IN6ADDR_ALL_NODES_MULTICAST_INIT \
	28	{ { { 0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
	29	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } } }
	30
6142bb37 PF	31	static int icmp6_bind_router_message(const struct icmp6_filter *filter,
	32	const struct ipv6_mreq *mreq) {
	33	int index = mreq->ipv6mr_interface;
940367a0	34	_cleanup_close_ int s = -1;
15fec93b	35	char ifname[IF_NAMESIZE] = "";
1e7a0e21	36	int r;
940367a0	37
cddf4d81	38	s = socket(AF_INET6, SOCK_RAW \| SOCK_CLOEXEC \| SOCK_NONBLOCK, IPPROTO_ICMPV6);
940367a0 TG	39	if (s < 0)
	40	return -errno;
	41
6142bb37 PF	42	r = setsockopt(s, IPPROTO_ICMPV6, ICMP6_FILTER, filter, sizeof(*filter));
	43	if (r < 0)
	44	return -errno;
	45
	46	r = setsockopt(s, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, mreq, sizeof(*mreq));
940367a0 TG	47	if (r < 0)
	48	return -errno;
	49
	50	/* RFC 3315, section 6.7, bullet point 2 may indicate that an
	51	IPV6_PKTINFO socket option also applies for ICMPv6 multicast.
	52	Empirical experiments indicates otherwise and therefore an
	53	IPV6_MULTICAST_IF socket option is used here instead */
9e5b6496	54	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_IF, index);
940367a0	55	if (r < 0)
9e5b6496	56	return r;
940367a0	57
2ff48e98	58	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, false);
940367a0	59	if (r < 0)
2ff48e98	60	return r;
940367a0	61
9e5b6496	62	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 255);
940367a0	63	if (r < 0)
9e5b6496	64	return r;
940367a0	65
9e5b6496	66	r = setsockopt_int(s, IPPROTO_IPV6, IPV6_UNICAST_HOPS, 255);
cddf4d81	67	if (r < 0)
9e5b6496	68	return r;
cddf4d81	69
2ff48e98	70	r = setsockopt_int(s, SOL_IPV6, IPV6_RECVHOPLIMIT, true);
940367a0	71	if (r < 0)
2ff48e98	72	return r;
940367a0	73
2ff48e98	74	r = setsockopt_int(s, SOL_SOCKET, SO_TIMESTAMP, true);
1e7a0e21	75	if (r < 0)
2ff48e98	76	return r;
1e7a0e21	77
15fec93b SS	78	if (if_indextoname(index, ifname) == 0)
	79	return -errno;
	80
	81	r = setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname));
	82	if (r < 0)
	83	return -errno;
	84
c10d6bdb	85	return TAKE_FD(s);
940367a0 TG	86	}
940367a0 TG	87
6142bb37 PF	88	int icmp6_bind_router_solicitation(int index) {
	89	struct icmp6_filter filter = {};
	90	struct ipv6_mreq mreq = {
	91	.ipv6mr_multiaddr = IN6ADDR_ALL_NODES_MULTICAST_INIT,
	92	.ipv6mr_interface = index,
	93	};
	94
	95	ICMP6_FILTER_SETBLOCKALL(&filter);
	96	ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filter);
	97
	98	return icmp6_bind_router_message(&filter, &mreq);
	99	}
	100
	101	int icmp6_bind_router_advertisement(int index) {
	102	struct icmp6_filter filter = {};
	103	struct ipv6_mreq mreq = {
	104	.ipv6mr_multiaddr = IN6ADDR_ALL_ROUTERS_MULTICAST_INIT,
	105	.ipv6mr_interface = index,
	106	};
	107
	108	ICMP6_FILTER_SETBLOCKALL(&filter);
	109	ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filter);
	110
	111	return icmp6_bind_router_message(&filter, &mreq);
	112	}
	113
940367a0 TG	114	int icmp6_send_router_solicitation(int s, const struct ether_addr *ether_addr) {
	115	struct sockaddr_in6 dst = {
	116	.sin6_family = AF_INET6,
	117	.sin6_addr = IN6ADDR_ALL_ROUTERS_MULTICAST_INIT,
	118	};
	119	struct {
	120	struct nd_router_solicit rs;
	121	struct nd_opt_hdr rs_opt;
	122	struct ether_addr rs_opt_mac;
	123	} _packed_ rs = {
	124	.rs.nd_rs_type = ND_ROUTER_SOLICIT,
6d06ac1f TG	125	.rs_opt.nd_opt_type = ND_OPT_SOURCE_LINKADDR,
6d06ac1f TG	126	.rs_opt.nd_opt_len = 1,
940367a0	127	};
6d06ac1f TG	128	struct iovec iov = {
	129	.iov_base = &rs,
	130	.iov_len = sizeof(rs),
940367a0 TG	131	};
	132	struct msghdr msg = {
	133	.msg_name = &dst,
	134	.msg_namelen = sizeof(dst),
6d06ac1f	135	.msg_iov = &iov,
940367a0 TG	136	.msg_iovlen = 1,
	137	};
	138	int r;
	139
6d06ac1f TG	140	assert(s >= 0);
	141	assert(ether_addr);
	142
	143	rs.rs_opt_mac = *ether_addr;
940367a0 TG	144
	145	r = sendmsg(s, &msg, 0);
	146	if (r < 0)
	147	return -errno;
	148
	149	return 0;
	150	}
88d5a3db PF	151
	152	int icmp6_receive(int fd, void buffer, size_t size, struct in6_addr dst,
	153	triple_timestamp *timestamp) {
	154	union {
	155	struct cmsghdr cmsghdr;
	156	uint8_t buf[CMSG_SPACE(sizeof(int)) + /* ttl */
	157	CMSG_SPACE(sizeof(struct timeval))];
	158	} control = {};
	159	struct iovec iov = {};
	160	union sockaddr_union sa = {};
	161	struct msghdr msg = {
	162	.msg_name = &sa.sa,
	163	.msg_namelen = sizeof(sa),
	164	.msg_iov = &iov,
	165	.msg_iovlen = 1,
	166	.msg_control = &control,
	167	.msg_controllen = sizeof(control),
	168	};
	169	struct cmsghdr *cmsg;
	170	ssize_t len;
	171
	172	iov.iov_base = buffer;
	173	iov.iov_len = size;
	174
	175	len = recvmsg(fd, &msg, MSG_DONTWAIT);
14f37112	176	if (len < 0)
88d5a3db	177	return -errno;
88d5a3db PF	178
	179	if ((size_t) len != size)
	180	return -EINVAL;
	181
	182	if (msg.msg_namelen == sizeof(struct sockaddr_in6) &&
	183	sa.in6.sin6_family == AF_INET6) {
	184
	185	*dst = sa.in6.sin6_addr;
	186	if (in_addr_is_link_local(AF_INET6, (union in_addr_union*) dst) <= 0)
	187	return -EADDRNOTAVAIL;
	188
	189	} else if (msg.msg_namelen > 0)
	190	return -EPFNOSUPPORT;
	191
	192	/* namelen == 0 only happens when running the test-suite over a socketpair */
	193
	194	assert(!(msg.msg_flags & MSG_CTRUNC));
	195	assert(!(msg.msg_flags & MSG_TRUNC));
	196
	197	CMSG_FOREACH(cmsg, &msg) {
	198	if (cmsg->cmsg_level == SOL_IPV6 &&
	199	cmsg->cmsg_type == IPV6_HOPLIMIT &&
	200	cmsg->cmsg_len == CMSG_LEN(sizeof(int))) {
	201	int hops = (int) CMSG_DATA(cmsg);
	202
	203	if (hops != 255)
	204	return -EMULTIHOP;
	205	}
	206
	207	if (cmsg->cmsg_level == SOL_SOCKET &&
	208	cmsg->cmsg_type == SO_TIMESTAMP &&
	209	cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
	210	triple_timestamp_from_realtime(timestamp, timeval_load((struct timeval*) CMSG_DATA(cmsg)));
	211	}
	212
	213	if (!triple_timestamp_is_set(timestamp))
	214	triple_timestamp_get(timestamp);
	215
	216	return 0;
	217	}