]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
53cb501a | 2 | |
4502a61c | 3 | #include <linux/fou.h> |
53cb501a | 4 | #include <net/if.h> |
9aa5d8ba | 5 | #include <netinet/in.h> |
53cb501a SS |
6 | #include <linux/ip.h> |
7 | ||
8 | #include "conf-parser.h" | |
737f1405 | 9 | #include "fou-tunnel.h" |
7df5c6ba | 10 | #include "ip-protocol-list.h" |
881c74bd | 11 | #include "netlink-util.h" |
53cb501a SS |
12 | #include "networkd-manager.h" |
13 | #include "parse-util.h" | |
53cb501a SS |
14 | #include "string-table.h" |
15 | #include "string-util.h" | |
16 | #include "util.h" | |
17 | ||
18 | static const char* const fou_encap_type_table[_NETDEV_FOO_OVER_UDP_ENCAP_MAX] = { | |
19 | [NETDEV_FOO_OVER_UDP_ENCAP_DIRECT] = "FooOverUDP", | |
20 | [NETDEV_FOO_OVER_UDP_ENCAP_GUE] = "GenericUDPEncapsulation", | |
21 | }; | |
22 | ||
23 | DEFINE_STRING_TABLE_LOOKUP(fou_encap_type, FooOverUDPEncapType); | |
e3bb989b ZJS |
24 | DEFINE_CONFIG_PARSE_ENUM(config_parse_fou_encap_type, fou_encap_type, FooOverUDPEncapType, |
25 | "Failed to parse Encapsulation="); | |
53cb501a SS |
26 | |
27 | static int netdev_fill_fou_tunnel_message(NetDev *netdev, sd_netlink_message **ret) { | |
28 | _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; | |
29 | FouTunnel *t; | |
3abf950f | 30 | uint8_t encap_type; |
53cb501a SS |
31 | int r; |
32 | ||
33 | assert(netdev); | |
34 | ||
35 | t = FOU(netdev); | |
36 | ||
37 | assert(t); | |
38 | ||
56fdc16d | 39 | r = sd_genl_message_new(netdev->manager->genl, FOU_GENL_NAME, FOU_CMD_ADD, &m); |
53cb501a SS |
40 | if (r < 0) |
41 | return log_netdev_error_errno(netdev, r, "Failed to allocate generic netlink message: %m"); | |
42 | ||
43 | r = sd_netlink_message_append_u16(m, FOU_ATTR_PORT, htobe16(t->port)); | |
44 | if (r < 0) | |
45 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_PORT attribute: %m"); | |
46 | ||
8f02c9b0 SS |
47 | if (IN_SET(t->peer_family, AF_INET, AF_INET6)) { |
48 | r = sd_netlink_message_append_u16(m, FOU_ATTR_PEER_PORT, htobe16(t->peer_port)); | |
49 | if (r < 0) | |
50 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_PEER_PORT attribute: %m"); | |
51 | } | |
52 | ||
3abf950f YW |
53 | switch (t->fou_encap_type) { |
54 | case NETDEV_FOO_OVER_UDP_ENCAP_DIRECT: | |
55 | encap_type = FOU_ENCAP_DIRECT; | |
56 | break; | |
57 | case NETDEV_FOO_OVER_UDP_ENCAP_GUE: | |
58 | encap_type = FOU_ENCAP_GUE; | |
59 | break; | |
60 | default: | |
04499a70 | 61 | assert_not_reached(); |
3abf950f YW |
62 | } |
63 | ||
64 | r = sd_netlink_message_append_u8(m, FOU_ATTR_TYPE, encap_type); | |
53cb501a SS |
65 | if (r < 0) |
66 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_TYPE attribute: %m"); | |
67 | ||
68 | r = sd_netlink_message_append_u8(m, FOU_ATTR_AF, AF_INET); | |
69 | if (r < 0) | |
70 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_AF attribute: %m"); | |
71 | ||
72 | r = sd_netlink_message_append_u8(m, FOU_ATTR_IPPROTO, t->fou_protocol); | |
73 | if (r < 0) | |
74 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_IPPROTO attribute: %m"); | |
75 | ||
4502a61c SS |
76 | if (t->local_family == AF_INET) { |
77 | r = sd_netlink_message_append_in_addr(m, FOU_ATTR_LOCAL_V4, &t->local.in); | |
78 | if (r < 0) | |
79 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_LOCAL_V4 attribute: %m"); | |
8f02c9b0 | 80 | } else if (t->local_family == AF_INET6) { |
4502a61c SS |
81 | r = sd_netlink_message_append_in6_addr(m, FOU_ATTR_LOCAL_V6, &t->local.in6); |
82 | if (r < 0) | |
83 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_LOCAL_V6 attribute: %m"); | |
84 | } | |
85 | ||
86 | if (t->peer_family == AF_INET) { | |
87 | r = sd_netlink_message_append_in_addr(m, FOU_ATTR_PEER_V4, &t->peer.in); | |
88 | if (r < 0) | |
89 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_PEER_V4 attribute: %m"); | |
8f02c9b0 | 90 | } else if (t->peer_family == AF_INET6){ |
4502a61c SS |
91 | r = sd_netlink_message_append_in6_addr(m, FOU_ATTR_PEER_V6, &t->peer.in6); |
92 | if (r < 0) | |
93 | return log_netdev_error_errno(netdev, r, "Could not append FOU_ATTR_PEER_V6 attribute: %m"); | |
94 | } | |
95 | ||
3abf950f | 96 | *ret = TAKE_PTR(m); |
53cb501a SS |
97 | return 0; |
98 | } | |
99 | ||
881c74bd YW |
100 | static int fou_tunnel_create_handler(sd_netlink *rtnl, sd_netlink_message *m, NetDev *netdev) { |
101 | int r; | |
102 | ||
103 | assert(netdev); | |
104 | assert(netdev->state != _NETDEV_STATE_INVALID); | |
105 | ||
106 | r = sd_netlink_message_get_errno(m); | |
107 | if (r == -EEXIST) | |
108 | log_netdev_info(netdev, "netdev exists, using existing without changing its parameters"); | |
109 | else if (r < 0) { | |
110 | log_netdev_warning_errno(netdev, r, "netdev could not be created: %m"); | |
8f65304c | 111 | netdev_enter_failed(netdev); |
881c74bd YW |
112 | |
113 | return 1; | |
114 | } | |
115 | ||
116 | log_netdev_debug(netdev, "FooOverUDP tunnel is created"); | |
117 | return 1; | |
118 | } | |
119 | ||
53cb501a | 120 | static int netdev_fou_tunnel_create(NetDev *netdev) { |
7dd05e94 | 121 | _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; |
53cb501a SS |
122 | int r; |
123 | ||
124 | assert(netdev); | |
10c353e1 | 125 | assert(FOU(netdev)); |
53cb501a SS |
126 | |
127 | r = netdev_fill_fou_tunnel_message(netdev, &m); | |
128 | if (r < 0) | |
129 | return r; | |
130 | ||
881c74bd YW |
131 | r = netlink_call_async(netdev->manager->genl, NULL, m, fou_tunnel_create_handler, |
132 | netdev_destroy_callback, netdev); | |
133 | if (r < 0) | |
134 | return log_netdev_error_errno(netdev, r, "Failed to create FooOverUDP tunnel: %m"); | |
53cb501a | 135 | |
881c74bd | 136 | netdev_ref(netdev); |
53cb501a SS |
137 | return 0; |
138 | } | |
139 | ||
7df5c6ba YW |
140 | int config_parse_ip_protocol( |
141 | const char *unit, | |
142 | const char *filename, | |
143 | unsigned line, | |
144 | const char *section, | |
145 | unsigned section_line, | |
146 | const char *lvalue, | |
147 | int ltype, | |
148 | const char *rvalue, | |
149 | void *data, | |
150 | void *userdata) { | |
151 | ||
3d58d732 ZJS |
152 | uint8_t *ret = data; |
153 | unsigned protocol; | |
154 | /* linux/fou.h defines the netlink field as one byte, so we need to reject protocols numbers that | |
155 | * don't fit in one byte. */ | |
7df5c6ba YW |
156 | int r; |
157 | ||
158 | assert(filename); | |
159 | assert(section); | |
160 | assert(lvalue); | |
161 | assert(rvalue); | |
162 | assert(data); | |
163 | ||
7df5c6ba | 164 | r = parse_ip_protocol(rvalue); |
3d58d732 ZJS |
165 | if (r >= 0) |
166 | protocol = r; | |
167 | else { | |
168 | r = safe_atou(rvalue, &protocol); | |
7df5c6ba | 169 | if (r < 0) |
d96edb2c | 170 | log_syntax(unit, LOG_WARNING, filename, line, r, |
fac21663 | 171 | "Failed to parse IP protocol '%s' for FooOverUDP tunnel, " |
7df5c6ba YW |
172 | "ignoring assignment: %m", rvalue); |
173 | return 0; | |
174 | } | |
175 | ||
3d58d732 | 176 | if (protocol > UINT8_MAX) { |
d96edb2c | 177 | log_syntax(unit, LOG_WARNING, filename, line, 0, |
3d58d732 ZJS |
178 | "IP protocol '%s' for FooOverUDP tunnel out of range, " |
179 | "ignoring assignment: %m", rvalue); | |
180 | return 0; | |
181 | } | |
182 | ||
183 | *ret = protocol; | |
7df5c6ba YW |
184 | return 0; |
185 | } | |
186 | ||
4502a61c SS |
187 | int config_parse_fou_tunnel_address( |
188 | const char *unit, | |
189 | const char *filename, | |
190 | unsigned line, | |
191 | const char *section, | |
192 | unsigned section_line, | |
193 | const char *lvalue, | |
194 | int ltype, | |
195 | const char *rvalue, | |
196 | void *data, | |
197 | void *userdata) { | |
198 | ||
199 | union in_addr_union *addr = data; | |
200 | FouTunnel *t = userdata; | |
201 | int r, *f; | |
202 | ||
203 | assert(filename); | |
204 | assert(lvalue); | |
205 | assert(rvalue); | |
206 | assert(data); | |
207 | ||
208 | if (streq(lvalue, "Local")) | |
209 | f = &t->local_family; | |
210 | else | |
211 | f = &t->peer_family; | |
212 | ||
213 | r = in_addr_from_string_auto(rvalue, f, addr); | |
214 | if (r < 0) | |
d96edb2c | 215 | log_syntax(unit, LOG_WARNING, filename, line, r, |
fac21663 | 216 | "FooOverUDP tunnel '%s' address is invalid, ignoring assignment: %s", |
4502a61c SS |
217 | lvalue, rvalue); |
218 | ||
219 | return 0; | |
220 | } | |
221 | ||
53cb501a SS |
222 | static int netdev_fou_tunnel_verify(NetDev *netdev, const char *filename) { |
223 | FouTunnel *t; | |
224 | ||
225 | assert(netdev); | |
226 | assert(filename); | |
227 | ||
228 | t = FOU(netdev); | |
229 | ||
230 | assert(t); | |
231 | ||
3abf950f YW |
232 | switch (t->fou_encap_type) { |
233 | case NETDEV_FOO_OVER_UDP_ENCAP_DIRECT: | |
234 | if (t->fou_protocol <= 0) | |
235 | return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), | |
236 | "FooOverUDP protocol not configured in %s. Rejecting configuration.", | |
237 | filename); | |
238 | break; | |
239 | case NETDEV_FOO_OVER_UDP_ENCAP_GUE: | |
240 | if (t->fou_protocol > 0) | |
241 | return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), | |
242 | "FooOverUDP GUE can't be set with protocol configured in %s. Rejecting configuration.", | |
243 | filename); | |
244 | break; | |
245 | default: | |
04499a70 | 246 | assert_not_reached(); |
53cb501a SS |
247 | } |
248 | ||
8f02c9b0 SS |
249 | if (t->peer_family == AF_UNSPEC && t->peer_port > 0) |
250 | return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), | |
251 | "FooOverUDP peer port is set but peer address not configured in %s. Rejecting configuration.", | |
252 | filename); | |
253 | else if (t->peer_family != AF_UNSPEC && t->peer_port == 0) | |
254 | return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL), | |
255 | "FooOverUDP peer port not set but peer address is configured in %s. Rejecting configuration.", | |
256 | filename); | |
53cb501a SS |
257 | return 0; |
258 | } | |
259 | ||
260 | static void fou_tunnel_init(NetDev *netdev) { | |
261 | FouTunnel *t; | |
262 | ||
263 | assert(netdev); | |
264 | ||
265 | t = FOU(netdev); | |
266 | ||
267 | assert(t); | |
268 | ||
269 | t->fou_encap_type = NETDEV_FOO_OVER_UDP_ENCAP_DIRECT; | |
270 | } | |
271 | ||
272 | const NetDevVTable foutnl_vtable = { | |
273 | .object_size = sizeof(FouTunnel), | |
274 | .init = fou_tunnel_init, | |
130b812f | 275 | .sections = NETDEV_COMMON_SECTIONS "FooOverUDP\0", |
53cb501a SS |
276 | .create = netdev_fou_tunnel_create, |
277 | .create_type = NETDEV_CREATE_INDEPENDENT, | |
278 | .config_verify = netdev_fou_tunnel_verify, | |
279 | }; |