1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
3 Copyright © 2014 Axis Communications AB. All rights reserved.
8 #include <netinet/if_ether.h>
12 #include "sd-ipv4acd.h"
14 #include "alloc-util.h"
16 #include "ether-addr-util.h"
17 #include "event-util.h"
19 #include "in-addr-util.h"
20 #include "memory-util.h"
21 #include "network-common.h"
22 #include "random-util.h"
23 #include "siphash24.h"
24 #include "string-table.h"
25 #include "string-util.h"
26 #include "time-util.h"
28 /* Constants from the RFC */
29 #define PROBE_WAIT_USEC (1U * USEC_PER_SEC)
31 #define PROBE_MIN_USEC (1U * USEC_PER_SEC)
32 #define PROBE_MAX_USEC (2U * USEC_PER_SEC)
33 #define ANNOUNCE_WAIT_USEC (2U * USEC_PER_SEC)
34 #define ANNOUNCE_NUM 2U
35 #define ANNOUNCE_INTERVAL_USEC (2U * USEC_PER_SEC)
36 #define MAX_CONFLICTS 10U
37 #define RATE_LIMIT_INTERVAL_USEC (60U * USEC_PER_SEC)
38 #define DEFEND_INTERVAL_USEC (10U * USEC_PER_SEC)
40 typedef enum IPv4ACDState
{
42 IPV4ACD_STATE_STARTED
,
43 IPV4ACD_STATE_WAITING_PROBE
,
44 IPV4ACD_STATE_PROBING
,
45 IPV4ACD_STATE_WAITING_ANNOUNCE
,
46 IPV4ACD_STATE_ANNOUNCING
,
47 IPV4ACD_STATE_RUNNING
,
49 _IPV4ACD_STATE_INVALID
= -EINVAL
,
63 sd_event_source
*receive_message_event_source
;
64 sd_event_source
*timer_event_source
;
67 struct in_addr address
;
70 struct ether_addr mac_addr
;
74 sd_ipv4acd_callback_t callback
;
76 sd_ipv4acd_check_mac_callback_t check_mac_callback
;
77 void *check_mac_userdata
;
80 #define log_ipv4acd_errno(acd, error, fmt, ...) \
81 log_interface_prefix_full_errno( \
84 error, fmt, ##__VA_ARGS__)
85 #define log_ipv4acd(acd, fmt, ...) \
86 log_interface_prefix_full_errno_zerook( \
89 0, fmt, ##__VA_ARGS__)
91 static const char * const ipv4acd_state_table
[_IPV4ACD_STATE_MAX
] = {
92 [IPV4ACD_STATE_INIT
] = "init",
93 [IPV4ACD_STATE_STARTED
] = "started",
94 [IPV4ACD_STATE_WAITING_PROBE
] = "waiting-probe",
95 [IPV4ACD_STATE_PROBING
] = "probing",
96 [IPV4ACD_STATE_WAITING_ANNOUNCE
] = "waiting-announce",
97 [IPV4ACD_STATE_ANNOUNCING
] = "announcing",
98 [IPV4ACD_STATE_RUNNING
] = "running",
101 DEFINE_PRIVATE_STRING_TABLE_LOOKUP_TO_STRING(ipv4acd_state
, IPv4ACDState
);
103 static void ipv4acd_set_state(sd_ipv4acd
*acd
, IPv4ACDState st
, bool reset_counter
) {
105 assert(st
< _IPV4ACD_STATE_MAX
);
107 if (st
!= acd
->state
)
108 log_ipv4acd(acd
, "%s -> %s", ipv4acd_state_to_string(acd
->state
), ipv4acd_state_to_string(st
));
110 if (st
== acd
->state
&& !reset_counter
)
114 acd
->n_iteration
= 0;
118 static void ipv4acd_reset(sd_ipv4acd
*acd
) {
121 (void) event_source_disable(acd
->timer_event_source
);
122 acd
->receive_message_event_source
= sd_event_source_disable_unref(acd
->receive_message_event_source
);
124 acd
->fd
= safe_close(acd
->fd
);
126 ipv4acd_set_state(acd
, IPV4ACD_STATE_INIT
, true);
129 static sd_ipv4acd
*ipv4acd_free(sd_ipv4acd
*acd
) {
133 sd_event_source_unref(acd
->timer_event_source
);
134 sd_ipv4acd_detach_event(acd
);
139 DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_ipv4acd
, sd_ipv4acd
, ipv4acd_free
);
141 int sd_ipv4acd_new(sd_ipv4acd
**ret
) {
142 _cleanup_(sd_ipv4acd_unrefp
) sd_ipv4acd
*acd
= NULL
;
144 assert_return(ret
, -EINVAL
);
146 acd
= new(sd_ipv4acd
, 1);
150 *acd
= (sd_ipv4acd
) {
152 .state
= IPV4ACD_STATE_INIT
,
157 *ret
= TAKE_PTR(acd
);
162 static void ipv4acd_client_notify(sd_ipv4acd
*acd
, int event
) {
168 acd
->callback(acd
, event
, acd
->userdata
);
171 int sd_ipv4acd_stop(sd_ipv4acd
*acd
) {
172 IPv4ACDState old_state
;
177 old_state
= acd
->state
;
181 if (old_state
== IPV4ACD_STATE_INIT
)
184 log_ipv4acd(acd
, "STOPPED");
186 ipv4acd_client_notify(acd
, SD_IPV4ACD_EVENT_STOP
);
191 static int ipv4acd_on_timeout(sd_event_source
*s
, uint64_t usec
, void *userdata
);
193 static int ipv4acd_set_next_wakeup(sd_ipv4acd
*acd
, usec_t usec
, usec_t random_usec
) {
194 usec_t next_timeout
, time_now
;
201 next_timeout
+= (usec_t
) random_u64() % random_usec
;
203 assert_se(sd_event_now(acd
->event
, CLOCK_BOOTTIME
, &time_now
) >= 0);
205 return event_reset_time(acd
->event
, &acd
->timer_event_source
,
207 time_now
+ next_timeout
, 0,
208 ipv4acd_on_timeout
, acd
,
209 acd
->event_priority
, "ipv4acd-timer", true);
212 static int ipv4acd_on_timeout(sd_event_source
*s
, uint64_t usec
, void *userdata
) {
213 sd_ipv4acd
*acd
= ASSERT_PTR(userdata
);
216 switch (acd
->state
) {
218 case IPV4ACD_STATE_STARTED
:
219 acd
->defend_window
= 0;
221 ipv4acd_set_state(acd
, IPV4ACD_STATE_WAITING_PROBE
, true);
223 if (acd
->n_conflict
>= MAX_CONFLICTS
) {
224 log_ipv4acd(acd
, "Max conflicts reached, delaying by %s",
225 FORMAT_TIMESPAN(RATE_LIMIT_INTERVAL_USEC
, 0));
226 r
= ipv4acd_set_next_wakeup(acd
, RATE_LIMIT_INTERVAL_USEC
, PROBE_WAIT_USEC
);
228 r
= ipv4acd_set_next_wakeup(acd
, 0, PROBE_WAIT_USEC
);
234 case IPV4ACD_STATE_WAITING_PROBE
:
235 case IPV4ACD_STATE_PROBING
:
237 r
= arp_send_probe(acd
->fd
, acd
->ifindex
, &acd
->address
, &acd
->mac_addr
);
239 log_ipv4acd_errno(acd
, r
, "Failed to send ARP probe: %m");
243 log_ipv4acd(acd
, "Probing "IPV4_ADDRESS_FMT_STR
, IPV4_ADDRESS_FMT_VAL(acd
->address
));
245 if (acd
->n_iteration
< PROBE_NUM
- 2) {
246 ipv4acd_set_state(acd
, IPV4ACD_STATE_PROBING
, false);
248 r
= ipv4acd_set_next_wakeup(acd
, PROBE_MIN_USEC
, (PROBE_MAX_USEC
-PROBE_MIN_USEC
));
252 ipv4acd_set_state(acd
, IPV4ACD_STATE_WAITING_ANNOUNCE
, true);
254 r
= ipv4acd_set_next_wakeup(acd
, ANNOUNCE_WAIT_USEC
, 0);
261 case IPV4ACD_STATE_ANNOUNCING
:
262 if (acd
->n_iteration
>= ANNOUNCE_NUM
- 1) {
263 ipv4acd_set_state(acd
, IPV4ACD_STATE_RUNNING
, false);
268 case IPV4ACD_STATE_WAITING_ANNOUNCE
:
269 /* Send announcement packet */
270 r
= arp_send_announcement(acd
->fd
, acd
->ifindex
, &acd
->address
, &acd
->mac_addr
);
272 log_ipv4acd_errno(acd
, r
, "Failed to send ARP announcement: %m");
276 log_ipv4acd(acd
, "Announcing "IPV4_ADDRESS_FMT_STR
, IPV4_ADDRESS_FMT_VAL(acd
->address
));
278 ipv4acd_set_state(acd
, IPV4ACD_STATE_ANNOUNCING
, false);
280 r
= ipv4acd_set_next_wakeup(acd
, ANNOUNCE_INTERVAL_USEC
, 0);
284 if (acd
->n_iteration
== 0) {
286 ipv4acd_client_notify(acd
, SD_IPV4ACD_EVENT_BIND
);
292 assert_not_reached();
298 sd_ipv4acd_stop(acd
);
302 static bool ipv4acd_arp_conflict(sd_ipv4acd
*acd
, const struct ether_arp
*arp
, bool announced
) {
306 /* RFC 5227 section 2.1.1.
307 * "the host receives any ARP packet (Request *or* Reply) on the interface where the probe is
308 * being performed, where the packet's 'sender IP address' is the address being probed for,
309 * then the host MUST treat this address as being in use by some other host" */
310 if (memcmp(arp
->arp_spa
, &acd
->address
, sizeof(struct in_addr
)) == 0)
314 /* the TPA matched instead of SPA, this is not a conflict */
317 /* "any ARP Probe where the packet's 'target IP address' is the address being probed for, and
318 * the packet's 'sender hardware address' is not the hardware address of any of the host's
319 * interfaces, then the host SHOULD similarly treat this as an address conflict" */
320 if (arp
->ea_hdr
.ar_op
!= htobe16(ARPOP_REQUEST
))
321 return false; /* not ARP Request, ignoring. */
322 if (memeqzero(arp
->arp_spa
, sizeof(struct in_addr
)) == 0)
323 return false; /* not ARP Probe, ignoring. */
324 if (memcmp(arp
->arp_tpa
, &acd
->address
, sizeof(struct in_addr
)) != 0)
325 return false; /* target IP address does not match, BPF code is broken? */
327 if (acd
->check_mac_callback
&&
328 acd
->check_mac_callback(acd
, (const struct ether_addr
*) arp
->arp_sha
, acd
->check_mac_userdata
) > 0)
329 /* sender hardware is one of the host's interfaces, ignoring. */
332 return true; /* conflict! */
335 static void ipv4acd_on_conflict(sd_ipv4acd
*acd
) {
340 log_ipv4acd(acd
, "Conflict on "IPV4_ADDRESS_FMT_STR
" (%u)", IPV4_ADDRESS_FMT_VAL(acd
->address
), acd
->n_conflict
);
343 ipv4acd_client_notify(acd
, SD_IPV4ACD_EVENT_CONFLICT
);
346 static int ipv4acd_on_packet(
352 sd_ipv4acd
*acd
= ASSERT_PTR(userdata
);
353 struct ether_arp packet
;
360 n
= recv(fd
, &packet
, sizeof(struct ether_arp
), 0);
362 if (ERRNO_IS_TRANSIENT(errno
) || ERRNO_IS_DISCONNECT(errno
))
365 log_ipv4acd_errno(acd
, errno
, "Failed to read ARP packet: %m");
368 if ((size_t) n
!= sizeof(struct ether_arp
)) {
369 log_ipv4acd(acd
, "Ignoring too short ARP packet.");
373 switch (acd
->state
) {
375 case IPV4ACD_STATE_ANNOUNCING
:
376 case IPV4ACD_STATE_RUNNING
:
378 if (ipv4acd_arp_conflict(acd
, &packet
, true)) {
381 assert_se(sd_event_now(acd
->event
, CLOCK_BOOTTIME
, &ts
) >= 0);
384 if (ts
> acd
->defend_window
) {
385 acd
->defend_window
= ts
+ DEFEND_INTERVAL_USEC
;
386 r
= arp_send_announcement(acd
->fd
, acd
->ifindex
, &acd
->address
, &acd
->mac_addr
);
388 log_ipv4acd_errno(acd
, r
, "Failed to send ARP announcement: %m");
392 log_ipv4acd(acd
, "Defending "IPV4_ADDRESS_FMT_STR
, IPV4_ADDRESS_FMT_VAL(acd
->address
));
395 ipv4acd_on_conflict(acd
);
399 case IPV4ACD_STATE_WAITING_PROBE
:
400 case IPV4ACD_STATE_PROBING
:
401 case IPV4ACD_STATE_WAITING_ANNOUNCE
:
402 if (ipv4acd_arp_conflict(acd
, &packet
, false))
403 ipv4acd_on_conflict(acd
);
407 assert_not_reached();
413 sd_ipv4acd_stop(acd
);
417 int sd_ipv4acd_set_ifindex(sd_ipv4acd
*acd
, int ifindex
) {
418 assert_return(acd
, -EINVAL
);
419 assert_return(ifindex
> 0, -EINVAL
);
420 assert_return(acd
->state
== IPV4ACD_STATE_INIT
, -EBUSY
);
422 acd
->ifindex
= ifindex
;
427 int sd_ipv4acd_get_ifindex(sd_ipv4acd
*acd
) {
434 int sd_ipv4acd_set_ifname(sd_ipv4acd
*acd
, const char *ifname
) {
435 assert_return(acd
, -EINVAL
);
436 assert_return(ifname
, -EINVAL
);
438 if (!ifname_valid_full(ifname
, IFNAME_VALID_ALTERNATIVE
))
441 return free_and_strdup(&acd
->ifname
, ifname
);
444 int sd_ipv4acd_get_ifname(sd_ipv4acd
*acd
, const char **ret
) {
447 assert_return(acd
, -EINVAL
);
449 r
= get_ifname(acd
->ifindex
, &acd
->ifname
);
459 int sd_ipv4acd_set_mac(sd_ipv4acd
*acd
, const struct ether_addr
*addr
) {
462 assert_return(acd
, -EINVAL
);
463 assert_return(addr
, -EINVAL
);
464 assert_return(!ether_addr_is_null(addr
), -EINVAL
);
466 acd
->mac_addr
= *addr
;
468 if (!sd_ipv4acd_is_running(acd
))
471 assert(acd
->fd
>= 0);
472 r
= arp_update_filter(acd
->fd
, &acd
->address
, &acd
->mac_addr
);
481 int sd_ipv4acd_detach_event(sd_ipv4acd
*acd
) {
482 assert_return(acd
, -EINVAL
);
484 acd
->event
= sd_event_unref(acd
->event
);
489 int sd_ipv4acd_attach_event(sd_ipv4acd
*acd
, sd_event
*event
, int64_t priority
) {
492 assert_return(acd
, -EINVAL
);
493 assert_return(!acd
->event
, -EBUSY
);
496 acd
->event
= sd_event_ref(event
);
498 r
= sd_event_default(&acd
->event
);
503 acd
->event_priority
= priority
;
508 int sd_ipv4acd_set_callback(sd_ipv4acd
*acd
, sd_ipv4acd_callback_t cb
, void *userdata
) {
509 assert_return(acd
, -EINVAL
);
512 acd
->userdata
= userdata
;
517 int sd_ipv4acd_set_check_mac_callback(sd_ipv4acd
*acd
, sd_ipv4acd_check_mac_callback_t cb
, void *userdata
) {
518 assert_return(acd
, -EINVAL
);
520 acd
->check_mac_callback
= cb
;
521 acd
->check_mac_userdata
= userdata
;
525 int sd_ipv4acd_set_address(sd_ipv4acd
*acd
, const struct in_addr
*address
) {
528 assert_return(acd
, -EINVAL
);
529 assert_return(address
, -EINVAL
);
530 assert_return(in4_addr_is_set(address
), -EINVAL
);
532 if (in4_addr_equal(&acd
->address
, address
))
535 acd
->address
= *address
;
537 if (!sd_ipv4acd_is_running(acd
))
540 assert(acd
->fd
>= 0);
541 r
= arp_update_filter(acd
->fd
, &acd
->address
, &acd
->mac_addr
);
545 r
= ipv4acd_set_next_wakeup(acd
, 0, 0);
549 ipv4acd_set_state(acd
, IPV4ACD_STATE_STARTED
, true);
557 int sd_ipv4acd_get_address(sd_ipv4acd
*acd
, struct in_addr
*address
) {
558 assert_return(acd
, -EINVAL
);
559 assert_return(address
, -EINVAL
);
561 *address
= acd
->address
;
566 int sd_ipv4acd_is_running(sd_ipv4acd
*acd
) {
570 return acd
->state
!= IPV4ACD_STATE_INIT
;
573 int sd_ipv4acd_is_bound(sd_ipv4acd
*acd
) {
574 assert_return(acd
, false);
576 return IN_SET(acd
->state
, IPV4ACD_STATE_ANNOUNCING
, IPV4ACD_STATE_RUNNING
);
579 int sd_ipv4acd_start(sd_ipv4acd
*acd
, bool reset_conflicts
) {
582 assert_return(acd
, -EINVAL
);
583 assert_return(acd
->event
, -EINVAL
);
584 assert_return(acd
->ifindex
> 0, -EINVAL
);
585 assert_return(in4_addr_is_set(&acd
->address
), -EINVAL
);
586 assert_return(!ether_addr_is_null(&acd
->mac_addr
), -EINVAL
);
587 assert_return(acd
->state
== IPV4ACD_STATE_INIT
, -EBUSY
);
589 r
= sd_event_get_state(acd
->event
);
592 if (r
== SD_EVENT_FINISHED
)
595 r
= arp_network_bind_raw_socket(acd
->ifindex
, &acd
->address
, &acd
->mac_addr
);
599 close_and_replace(acd
->fd
, r
);
604 r
= sd_event_add_io(acd
->event
, &acd
->receive_message_event_source
, acd
->fd
, EPOLLIN
, ipv4acd_on_packet
, acd
);
608 r
= sd_event_source_set_priority(acd
->receive_message_event_source
, acd
->event_priority
);
612 (void) sd_event_source_set_description(acd
->receive_message_event_source
, "ipv4acd-receive-message");
614 r
= ipv4acd_set_next_wakeup(acd
, 0, 0);
618 ipv4acd_set_state(acd
, IPV4ACD_STATE_STARTED
, true);