1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
3 Copyright © 2014 Axis Communications AB. All rights reserved.
8 #include <netinet/if_ether.h>
12 #include "sd-ipv4acd.h"
14 #include "alloc-util.h"
16 #include "ether-addr-util.h"
17 #include "event-util.h"
19 #include "in-addr-util.h"
21 #include "memory-util.h"
22 #include "network-common.h"
23 #include "random-util.h"
24 #include "siphash24.h"
25 #include "string-table.h"
26 #include "string-util.h"
27 #include "time-util.h"
29 /* Constants from the RFC */
30 #define PROBE_WAIT_USEC (1U * USEC_PER_SEC)
32 #define PROBE_MIN_USEC (1U * USEC_PER_SEC)
33 #define PROBE_MAX_USEC (2U * USEC_PER_SEC)
34 #define ANNOUNCE_WAIT_USEC (2U * USEC_PER_SEC)
35 #define ANNOUNCE_NUM 2U
36 #define ANNOUNCE_INTERVAL_USEC (2U * USEC_PER_SEC)
37 #define MAX_CONFLICTS 10U
38 #define RATE_LIMIT_INTERVAL_USEC (60U * USEC_PER_SEC)
39 #define DEFEND_INTERVAL_USEC (10U * USEC_PER_SEC)
41 typedef enum IPv4ACDState
{
43 IPV4ACD_STATE_STARTED
,
44 IPV4ACD_STATE_WAITING_PROBE
,
45 IPV4ACD_STATE_PROBING
,
46 IPV4ACD_STATE_WAITING_ANNOUNCE
,
47 IPV4ACD_STATE_ANNOUNCING
,
48 IPV4ACD_STATE_RUNNING
,
50 _IPV4ACD_STATE_INVALID
= -EINVAL
,
64 sd_event_source
*receive_message_event_source
;
65 sd_event_source
*timer_event_source
;
68 struct in_addr address
;
71 struct ether_addr mac_addr
;
75 sd_ipv4acd_callback_t callback
;
77 sd_ipv4acd_check_mac_callback_t check_mac_callback
;
78 void *check_mac_userdata
;
81 #define log_ipv4acd_errno(acd, error, fmt, ...) \
82 log_interface_prefix_full_errno( \
84 sd_ipv4acd_get_ifname(acd), \
85 error, fmt, ##__VA_ARGS__)
86 #define log_ipv4acd(acd, fmt, ...) \
87 log_interface_prefix_full_errno_zerook( \
89 sd_ipv4acd_get_ifname(acd), \
90 0, fmt, ##__VA_ARGS__)
92 static const char * const ipv4acd_state_table
[_IPV4ACD_STATE_MAX
] = {
93 [IPV4ACD_STATE_INIT
] = "init",
94 [IPV4ACD_STATE_STARTED
] = "started",
95 [IPV4ACD_STATE_WAITING_PROBE
] = "waiting-probe",
96 [IPV4ACD_STATE_PROBING
] = "probing",
97 [IPV4ACD_STATE_WAITING_ANNOUNCE
] = "waiting-announce",
98 [IPV4ACD_STATE_ANNOUNCING
] = "announcing",
99 [IPV4ACD_STATE_RUNNING
] = "running",
102 DEFINE_PRIVATE_STRING_TABLE_LOOKUP_TO_STRING(ipv4acd_state
, IPv4ACDState
);
104 static void ipv4acd_set_state(sd_ipv4acd
*acd
, IPv4ACDState st
, bool reset_counter
) {
106 assert(st
< _IPV4ACD_STATE_MAX
);
108 if (st
!= acd
->state
)
109 log_ipv4acd(acd
, "%s -> %s", ipv4acd_state_to_string(acd
->state
), ipv4acd_state_to_string(st
));
111 if (st
== acd
->state
&& !reset_counter
)
115 acd
->n_iteration
= 0;
119 static void ipv4acd_reset(sd_ipv4acd
*acd
) {
122 (void) event_source_disable(acd
->timer_event_source
);
123 acd
->receive_message_event_source
= sd_event_source_unref(acd
->receive_message_event_source
);
125 acd
->fd
= safe_close(acd
->fd
);
127 ipv4acd_set_state(acd
, IPV4ACD_STATE_INIT
, true);
130 static sd_ipv4acd
*ipv4acd_free(sd_ipv4acd
*acd
) {
133 acd
->timer_event_source
= sd_event_source_unref(acd
->timer_event_source
);
136 sd_ipv4acd_detach_event(acd
);
141 DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_ipv4acd
, sd_ipv4acd
, ipv4acd_free
);
143 int sd_ipv4acd_new(sd_ipv4acd
**ret
) {
144 _cleanup_(sd_ipv4acd_unrefp
) sd_ipv4acd
*acd
= NULL
;
146 assert_return(ret
, -EINVAL
);
148 acd
= new(sd_ipv4acd
, 1);
152 *acd
= (sd_ipv4acd
) {
154 .state
= IPV4ACD_STATE_INIT
,
159 *ret
= TAKE_PTR(acd
);
164 static void ipv4acd_client_notify(sd_ipv4acd
*acd
, int event
) {
170 acd
->callback(acd
, event
, acd
->userdata
);
173 int sd_ipv4acd_stop(sd_ipv4acd
*acd
) {
174 IPv4ACDState old_state
;
179 old_state
= acd
->state
;
183 if (old_state
== IPV4ACD_STATE_INIT
)
186 log_ipv4acd(acd
, "STOPPED");
188 ipv4acd_client_notify(acd
, SD_IPV4ACD_EVENT_STOP
);
193 static int ipv4acd_on_timeout(sd_event_source
*s
, uint64_t usec
, void *userdata
);
195 static int ipv4acd_set_next_wakeup(sd_ipv4acd
*acd
, usec_t usec
, usec_t random_usec
) {
196 usec_t next_timeout
, time_now
;
203 next_timeout
+= (usec_t
) random_u64() % random_usec
;
205 assert_se(sd_event_now(acd
->event
, clock_boottime_or_monotonic(), &time_now
) >= 0);
207 return event_reset_time(acd
->event
, &acd
->timer_event_source
,
208 clock_boottime_or_monotonic(),
209 time_now
+ next_timeout
, 0,
210 ipv4acd_on_timeout
, acd
,
211 acd
->event_priority
, "ipv4acd-timer", true);
214 static int ipv4acd_on_timeout(sd_event_source
*s
, uint64_t usec
, void *userdata
) {
215 sd_ipv4acd
*acd
= userdata
;
220 switch (acd
->state
) {
222 case IPV4ACD_STATE_STARTED
:
223 acd
->defend_window
= 0;
225 ipv4acd_set_state(acd
, IPV4ACD_STATE_WAITING_PROBE
, true);
227 if (acd
->n_conflict
>= MAX_CONFLICTS
) {
228 log_ipv4acd(acd
, "Max conflicts reached, delaying by %s",
229 FORMAT_TIMESPAN(RATE_LIMIT_INTERVAL_USEC
, 0));
230 r
= ipv4acd_set_next_wakeup(acd
, RATE_LIMIT_INTERVAL_USEC
, PROBE_WAIT_USEC
);
232 r
= ipv4acd_set_next_wakeup(acd
, 0, PROBE_WAIT_USEC
);
238 case IPV4ACD_STATE_WAITING_PROBE
:
239 case IPV4ACD_STATE_PROBING
:
241 r
= arp_send_probe(acd
->fd
, acd
->ifindex
, &acd
->address
, &acd
->mac_addr
);
243 log_ipv4acd_errno(acd
, r
, "Failed to send ARP probe: %m");
247 log_ipv4acd(acd
, "Probing "IPV4_ADDRESS_FMT_STR
, IPV4_ADDRESS_FMT_VAL(acd
->address
));
249 if (acd
->n_iteration
< PROBE_NUM
- 2) {
250 ipv4acd_set_state(acd
, IPV4ACD_STATE_PROBING
, false);
252 r
= ipv4acd_set_next_wakeup(acd
, PROBE_MIN_USEC
, (PROBE_MAX_USEC
-PROBE_MIN_USEC
));
256 ipv4acd_set_state(acd
, IPV4ACD_STATE_WAITING_ANNOUNCE
, true);
258 r
= ipv4acd_set_next_wakeup(acd
, ANNOUNCE_WAIT_USEC
, 0);
265 case IPV4ACD_STATE_ANNOUNCING
:
266 if (acd
->n_iteration
>= ANNOUNCE_NUM
- 1) {
267 ipv4acd_set_state(acd
, IPV4ACD_STATE_RUNNING
, false);
272 case IPV4ACD_STATE_WAITING_ANNOUNCE
:
273 /* Send announcement packet */
274 r
= arp_send_announcement(acd
->fd
, acd
->ifindex
, &acd
->address
, &acd
->mac_addr
);
276 log_ipv4acd_errno(acd
, r
, "Failed to send ARP announcement: %m");
280 log_ipv4acd(acd
, "Announcing "IPV4_ADDRESS_FMT_STR
, IPV4_ADDRESS_FMT_VAL(acd
->address
));
282 ipv4acd_set_state(acd
, IPV4ACD_STATE_ANNOUNCING
, false);
284 r
= ipv4acd_set_next_wakeup(acd
, ANNOUNCE_INTERVAL_USEC
, 0);
288 if (acd
->n_iteration
== 0) {
290 ipv4acd_client_notify(acd
, SD_IPV4ACD_EVENT_BIND
);
296 assert_not_reached("Invalid state.");
302 sd_ipv4acd_stop(acd
);
306 static bool ipv4acd_arp_conflict(sd_ipv4acd
*acd
, const struct ether_arp
*arp
, bool announced
) {
310 /* RFC 5227 section 2.1.1.
311 * "the host receives any ARP packet (Request *or* Reply) on the interface where the probe is
312 * being performed, where the packet's 'sender IP address' is the address being probed for,
313 * then the host MUST treat this address as being in use by some other host" */
314 if (memcmp(arp
->arp_spa
, &acd
->address
, sizeof(struct in_addr
)) == 0)
318 /* the TPA matched instead of SPA, this is not a conflict */
321 /* "any ARP Probe where the packet's 'target IP address' is the address being probed for, and
322 * the packet's 'sender hardware address' is not the hardware address of any of the host's
323 * interfaces, then the host SHOULD similarly treat this as an address conflict" */
324 if (arp
->ea_hdr
.ar_op
!= htobe16(ARPOP_REQUEST
))
325 return false; /* not ARP Request, ignoring. */
326 if (memeqzero(arp
->arp_spa
, sizeof(struct in_addr
)) == 0)
327 return false; /* not ARP Probe, ignoring. */
328 if (memcmp(arp
->arp_tpa
, &acd
->address
, sizeof(struct in_addr
)) != 0)
329 return false; /* target IP address does not match, BPF code is broken? */
331 if (acd
->check_mac_callback
&&
332 acd
->check_mac_callback(acd
, (const struct ether_addr
*) arp
->arp_sha
, acd
->check_mac_userdata
) > 0)
333 /* sender hardware is one of the host's interfaces, ignoring. */
336 return true; /* conflict! */
339 static void ipv4acd_on_conflict(sd_ipv4acd
*acd
) {
344 log_ipv4acd(acd
, "Conflict on "IPV4_ADDRESS_FMT_STR
" (%u)", IPV4_ADDRESS_FMT_VAL(acd
->address
), acd
->n_conflict
);
347 ipv4acd_client_notify(acd
, SD_IPV4ACD_EVENT_CONFLICT
);
350 static int ipv4acd_on_packet(
356 sd_ipv4acd
*acd
= userdata
;
357 struct ether_arp packet
;
365 n
= recv(fd
, &packet
, sizeof(struct ether_arp
), 0);
367 if (IN_SET(errno
, EAGAIN
, EINTR
))
370 log_ipv4acd_errno(acd
, errno
, "Failed to read ARP packet: %m");
373 if ((size_t) n
!= sizeof(struct ether_arp
)) {
374 log_ipv4acd(acd
, "Ignoring too short ARP packet.");
378 switch (acd
->state
) {
380 case IPV4ACD_STATE_ANNOUNCING
:
381 case IPV4ACD_STATE_RUNNING
:
383 if (ipv4acd_arp_conflict(acd
, &packet
, true)) {
386 assert_se(sd_event_now(acd
->event
, clock_boottime_or_monotonic(), &ts
) >= 0);
389 if (ts
> acd
->defend_window
) {
390 acd
->defend_window
= ts
+ DEFEND_INTERVAL_USEC
;
391 r
= arp_send_announcement(acd
->fd
, acd
->ifindex
, &acd
->address
, &acd
->mac_addr
);
393 log_ipv4acd_errno(acd
, r
, "Failed to send ARP announcement: %m");
397 log_ipv4acd(acd
, "Defending "IPV4_ADDRESS_FMT_STR
, IPV4_ADDRESS_FMT_VAL(acd
->address
));
400 ipv4acd_on_conflict(acd
);
404 case IPV4ACD_STATE_WAITING_PROBE
:
405 case IPV4ACD_STATE_PROBING
:
406 case IPV4ACD_STATE_WAITING_ANNOUNCE
:
407 if (ipv4acd_arp_conflict(acd
, &packet
, false))
408 ipv4acd_on_conflict(acd
);
412 assert_not_reached("Invalid state.");
418 sd_ipv4acd_stop(acd
);
422 int sd_ipv4acd_set_ifindex(sd_ipv4acd
*acd
, int ifindex
) {
423 assert_return(acd
, -EINVAL
);
424 assert_return(ifindex
> 0, -EINVAL
);
425 assert_return(acd
->state
== IPV4ACD_STATE_INIT
, -EBUSY
);
427 acd
->ifindex
= ifindex
;
432 int sd_ipv4acd_get_ifindex(sd_ipv4acd
*acd
) {
439 int sd_ipv4acd_set_ifname(sd_ipv4acd
*acd
, const char *ifname
) {
440 assert_return(acd
, -EINVAL
);
441 assert_return(ifname
, -EINVAL
);
443 if (!ifname_valid_full(ifname
, IFNAME_VALID_ALTERNATIVE
))
446 return free_and_strdup(&acd
->ifname
, ifname
);
449 const char *sd_ipv4acd_get_ifname(sd_ipv4acd
*acd
) {
453 return get_ifname(acd
->ifindex
, &acd
->ifname
);
456 int sd_ipv4acd_set_mac(sd_ipv4acd
*acd
, const struct ether_addr
*addr
) {
459 assert_return(acd
, -EINVAL
);
460 assert_return(addr
, -EINVAL
);
461 assert_return(!ether_addr_is_null(addr
), -EINVAL
);
463 acd
->mac_addr
= *addr
;
465 if (!sd_ipv4acd_is_running(acd
))
468 assert(acd
->fd
>= 0);
469 r
= arp_update_filter(acd
->fd
, &acd
->address
, &acd
->mac_addr
);
478 int sd_ipv4acd_detach_event(sd_ipv4acd
*acd
) {
479 assert_return(acd
, -EINVAL
);
481 acd
->event
= sd_event_unref(acd
->event
);
486 int sd_ipv4acd_attach_event(sd_ipv4acd
*acd
, sd_event
*event
, int64_t priority
) {
489 assert_return(acd
, -EINVAL
);
490 assert_return(!acd
->event
, -EBUSY
);
493 acd
->event
= sd_event_ref(event
);
495 r
= sd_event_default(&acd
->event
);
500 acd
->event_priority
= priority
;
505 int sd_ipv4acd_set_callback(sd_ipv4acd
*acd
, sd_ipv4acd_callback_t cb
, void *userdata
) {
506 assert_return(acd
, -EINVAL
);
509 acd
->userdata
= userdata
;
514 int sd_ipv4acd_set_check_mac_callback(sd_ipv4acd
*acd
, sd_ipv4acd_check_mac_callback_t cb
, void *userdata
) {
515 assert_return(acd
, -EINVAL
);
517 acd
->check_mac_callback
= cb
;
518 acd
->check_mac_userdata
= userdata
;
522 int sd_ipv4acd_set_address(sd_ipv4acd
*acd
, const struct in_addr
*address
) {
525 assert_return(acd
, -EINVAL
);
526 assert_return(address
, -EINVAL
);
527 assert_return(in4_addr_is_set(address
), -EINVAL
);
529 if (in4_addr_equal(&acd
->address
, address
))
532 acd
->address
= *address
;
534 if (!sd_ipv4acd_is_running(acd
))
537 assert(acd
->fd
>= 0);
538 r
= arp_update_filter(acd
->fd
, &acd
->address
, &acd
->mac_addr
);
542 r
= ipv4acd_set_next_wakeup(acd
, 0, 0);
546 ipv4acd_set_state(acd
, IPV4ACD_STATE_STARTED
, true);
554 int sd_ipv4acd_get_address(sd_ipv4acd
*acd
, struct in_addr
*address
) {
555 assert_return(acd
, -EINVAL
);
556 assert_return(address
, -EINVAL
);
558 *address
= acd
->address
;
563 int sd_ipv4acd_is_running(sd_ipv4acd
*acd
) {
564 assert_return(acd
, false);
566 return acd
->state
!= IPV4ACD_STATE_INIT
;
569 int sd_ipv4acd_start(sd_ipv4acd
*acd
, bool reset_conflicts
) {
572 assert_return(acd
, -EINVAL
);
573 assert_return(acd
->event
, -EINVAL
);
574 assert_return(acd
->ifindex
> 0, -EINVAL
);
575 assert_return(in4_addr_is_set(&acd
->address
), -EINVAL
);
576 assert_return(!ether_addr_is_null(&acd
->mac_addr
), -EINVAL
);
577 assert_return(acd
->state
== IPV4ACD_STATE_INIT
, -EBUSY
);
579 r
= arp_network_bind_raw_socket(acd
->ifindex
, &acd
->address
, &acd
->mac_addr
);
583 CLOSE_AND_REPLACE(acd
->fd
, r
);
588 r
= sd_event_add_io(acd
->event
, &acd
->receive_message_event_source
, acd
->fd
, EPOLLIN
, ipv4acd_on_packet
, acd
);
592 r
= sd_event_source_set_priority(acd
->receive_message_event_source
, acd
->event_priority
);
596 (void) sd_event_source_set_description(acd
->receive_message_event_source
, "ipv4acd-receive-message");
598 r
= ipv4acd_set_next_wakeup(acd
, 0, 0);
602 ipv4acd_set_state(acd
, IPV4ACD_STATE_STARTED
, true);