]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd-network/sd-radv.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
sd-radv: allow to modify RA header elements without stopping sd-radv
[thirdparty/systemd.git] / src / libsystemd-network / sd-radv.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2 /***
3 Copyright © 2017 Intel Corporation. All rights reserved.
4 ***/
5
6 #include <netinet/icmp6.h>
7 #include <netinet/in.h>
8 #include <arpa/inet.h>
9
10 #include "sd-radv.h"
11
12 #include "alloc-util.h"
13 #include "dns-domain.h"
14 #include "ether-addr-util.h"
15 #include "event-util.h"
16 #include "fd-util.h"
17 #include "icmp6-util.h"
18 #include "in-addr-util.h"
19 #include "iovec-util.h"
20 #include "macro.h"
21 #include "memory-util.h"
22 #include "ndisc-router-solicit-internal.h"
23 #include "network-common.h"
24 #include "radv-internal.h"
25 #include "random-util.h"
26 #include "socket-util.h"
27 #include "string-util.h"
28 #include "strv.h"
29 #include "unaligned.h"
30
31 int sd_radv_new(sd_radv **ret) {
32 _cleanup_(sd_radv_unrefp) sd_radv *ra = NULL;
33
34 assert_return(ret, -EINVAL);
35
36 ra = new(sd_radv, 1);
37 if (!ra)
38 return -ENOMEM;
39
40 *ra = (sd_radv) {
41 .n_ref = 1,
42 .fd = -EBADF,
43 .lifetime_usec = RADV_DEFAULT_ROUTER_LIFETIME_USEC,
44 };
45
46 *ret = TAKE_PTR(ra);
47
48 return 0;
49 }
50
51 int sd_radv_attach_event(sd_radv *ra, sd_event *event, int64_t priority) {
52 int r;
53
54 assert_return(ra, -EINVAL);
55 assert_return(!ra->event, -EBUSY);
56
57 if (event)
58 ra->event = sd_event_ref(event);
59 else {
60 r = sd_event_default(&ra->event);
61 if (r < 0)
62 return 0;
63 }
64
65 ra->event_priority = priority;
66
67 return 0;
68 }
69
70 int sd_radv_detach_event(sd_radv *ra) {
71
72 assert_return(ra, -EINVAL);
73
74 ra->event = sd_event_unref(ra->event);
75 return 0;
76 }
77
78 sd_event *sd_radv_get_event(sd_radv *ra) {
79 assert_return(ra, NULL);
80
81 return ra->event;
82 }
83
84 int sd_radv_is_running(sd_radv *ra) {
85 if (!ra)
86 return false;
87
88 return ra->state != RADV_STATE_IDLE;
89 }
90
91 static void radv_reset(sd_radv *ra) {
92 assert(ra);
93
94 (void) event_source_disable(ra->timeout_event_source);
95
96 ra->recv_event_source = sd_event_source_disable_unref(ra->recv_event_source);
97
98 ra->ra_sent = 0;
99 }
100
101 static sd_radv *radv_free(sd_radv *ra) {
102 if (!ra)
103 return NULL;
104
105 LIST_CLEAR(prefix, ra->prefixes, sd_radv_prefix_unref);
106 LIST_CLEAR(prefix, ra->route_prefixes, sd_radv_route_prefix_unref);
107 LIST_CLEAR(prefix, ra->pref64_prefixes, sd_radv_pref64_prefix_unref);
108
109 free(ra->rdnss);
110 free(ra->dnssl);
111
112 radv_reset(ra);
113
114 sd_event_source_unref(ra->timeout_event_source);
115 sd_radv_detach_event(ra);
116
117 ra->fd = safe_close(ra->fd);
118 free(ra->ifname);
119
120 return mfree(ra);
121 }
122
123 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv, sd_radv, radv_free);
124
125 static bool router_lifetime_is_valid(usec_t lifetime_usec) {
126 assert_cc(RADV_MAX_ROUTER_LIFETIME_USEC <= UINT16_MAX * USEC_PER_SEC);
127 return lifetime_usec == 0 ||
128 (lifetime_usec >= RADV_MIN_ROUTER_LIFETIME_USEC &&
129 lifetime_usec <= RADV_MAX_ROUTER_LIFETIME_USEC);
130 }
131
132 static int radv_send_router_on_stop(sd_radv *ra) {
133 static const struct nd_router_advert adv = {
134 .nd_ra_type = ND_ROUTER_ADVERT,
135 };
136
137 _cleanup_set_free_ Set *options = NULL;
138 usec_t time_now;
139 int r;
140
141 assert(ra);
142
143 r = sd_event_now(ra->event, CLOCK_BOOTTIME, &time_now);
144 if (r < 0)
145 return r;
146
147 if (!ether_addr_is_null(&ra->mac_addr)) {
148 r = ndisc_option_set_link_layer_address(&options, SD_NDISC_OPTION_SOURCE_LL_ADDRESS, &ra->mac_addr);
149 if (r < 0)
150 return r;
151 }
152
153 return ndisc_send(ra->fd, &IN6_ADDR_ALL_NODES_MULTICAST, &adv.nd_ra_hdr, options, time_now);
154 }
155
156 static int radv_send_router(sd_radv *ra, const struct in6_addr *dst) {
157 assert(ra);
158
159 struct sockaddr_in6 dst_addr = {
160 .sin6_family = AF_INET6,
161 .sin6_addr = IN6_ADDR_ALL_NODES_MULTICAST,
162 };
163 struct nd_router_advert adv = {
164 .nd_ra_type = ND_ROUTER_ADVERT,
165 .nd_ra_router_lifetime = usec_to_be16_sec(ra->lifetime_usec),
166 .nd_ra_retransmit = usec_to_be32_msec(ra->retransmit_usec),
167 };
168 struct {
169 struct nd_opt_hdr opthdr;
170 struct ether_addr slladdr;
171 } _packed_ opt_mac = {
172 .opthdr = {
173 .nd_opt_type = ND_OPT_SOURCE_LINKADDR,
174 .nd_opt_len = DIV_ROUND_UP(sizeof(struct nd_opt_hdr) + sizeof(struct ether_addr), 8),
175 },
176 .slladdr = ra->mac_addr,
177 };
178 struct nd_opt_mtu opt_mtu = {
179 .nd_opt_mtu_type = ND_OPT_MTU,
180 .nd_opt_mtu_len = 1,
181 .nd_opt_mtu_mtu = htobe32(ra->mtu),
182 };
183 /* Reserve iov space for RA header, linkaddr, MTU, N prefixes, N routes, N pref64 prefixes, RDNSS,
184 * DNSSL, and home agent. */
185 struct iovec iov[6 + ra->n_prefixes + ra->n_route_prefixes + ra->n_pref64_prefixes];
186 struct msghdr msg = {
187 .msg_name = &dst_addr,
188 .msg_namelen = sizeof(dst_addr),
189 .msg_iov = iov,
190 };
191 usec_t time_now;
192 int r;
193
194 r = sd_event_now(ra->event, CLOCK_BOOTTIME, &time_now);
195 if (r < 0)
196 return r;
197
198 if (dst && in6_addr_is_set(dst))
199 dst_addr.sin6_addr = *dst;
200
201 /* The nd_ra_curhoplimit and nd_ra_flags_reserved fields cannot specified with nd_ra_router_lifetime
202 * simultaneously in the structured initializer in the above. */
203 adv.nd_ra_curhoplimit = ra->hop_limit;
204 adv.nd_ra_flags_reserved = ra->flags;
205 iov[msg.msg_iovlen++] = IOVEC_MAKE(&adv, sizeof(adv));
206
207 /* MAC address is optional, either because the link does not use L2 addresses or load sharing is
208 * desired. See RFC 4861, Section 4.2. */
209 if (!ether_addr_is_null(&ra->mac_addr))
210 iov[msg.msg_iovlen++] = IOVEC_MAKE(&opt_mac, sizeof(opt_mac));
211
212 if (ra->mtu > 0)
213 iov[msg.msg_iovlen++] = IOVEC_MAKE(&opt_mtu, sizeof(opt_mtu));
214
215 LIST_FOREACH(prefix, p, ra->prefixes) {
216 usec_t lifetime_valid_usec, lifetime_preferred_usec;
217
218 lifetime_valid_usec = MIN(usec_sub_unsigned(p->valid_until, time_now),
219 p->lifetime_valid_usec);
220
221 lifetime_preferred_usec = MIN3(usec_sub_unsigned(p->preferred_until, time_now),
222 p->lifetime_preferred_usec,
223 lifetime_valid_usec);
224
225 p->opt.lifetime_valid = usec_to_be32_sec(lifetime_valid_usec);
226 p->opt.lifetime_preferred = usec_to_be32_sec(lifetime_preferred_usec);
227
228 iov[msg.msg_iovlen++] = IOVEC_MAKE(&p->opt, sizeof(p->opt));
229 }
230
231 LIST_FOREACH(prefix, rt, ra->route_prefixes) {
232 rt->opt.lifetime = usec_to_be32_sec(MIN(usec_sub_unsigned(rt->valid_until, time_now),
233 rt->lifetime_usec));
234
235 iov[msg.msg_iovlen++] = IOVEC_MAKE(&rt->opt, sizeof(rt->opt));
236 }
237
238 LIST_FOREACH(prefix, p, ra->pref64_prefixes)
239 iov[msg.msg_iovlen++] = IOVEC_MAKE(&p->opt, sizeof(p->opt));
240
241 if (ra->rdnss)
242 iov[msg.msg_iovlen++] = IOVEC_MAKE(ra->rdnss, ra->rdnss->length * 8);
243
244 if (ra->dnssl)
245 iov[msg.msg_iovlen++] = IOVEC_MAKE(ra->dnssl, ra->dnssl->length * 8);
246
247 if (FLAGS_SET(ra->flags, ND_RA_FLAG_HOME_AGENT)) {
248 ra->home_agent.nd_opt_home_agent_info_type = ND_OPT_HOME_AGENT_INFO;
249 ra->home_agent.nd_opt_home_agent_info_len = 1;
250
251 /* 0 means to place the current Router Lifetime value */
252 if (ra->home_agent.nd_opt_home_agent_info_lifetime == 0)
253 ra->home_agent.nd_opt_home_agent_info_lifetime = adv.nd_ra_router_lifetime;
254
255 iov[msg.msg_iovlen++] = IOVEC_MAKE(&ra->home_agent, sizeof(ra->home_agent));
256 }
257
258 if (sendmsg(ra->fd, &msg, 0) < 0)
259 return -errno;
260
261 return 0;
262 }
263
264 static int radv_process_packet(sd_radv *ra, ICMP6Packet *packet) {
265 int r;
266
267 assert(ra);
268 assert(packet);
269
270 if (icmp6_packet_get_type(packet) != ND_ROUTER_SOLICIT)
271 return log_radv_errno(ra, SYNTHETIC_ERRNO(EBADMSG), "Received ICMP6 packet with unexpected type, ignoring.");
272
273 _cleanup_(sd_ndisc_router_solicit_unrefp) sd_ndisc_router_solicit *rs = NULL;
274 rs = ndisc_router_solicit_new(packet);
275 if (!rs)
276 return log_oom_debug();
277
278 r = ndisc_router_solicit_parse(ra, rs);
279 if (r < 0)
280 return r;
281
282 struct in6_addr src = {};
283 r = sd_ndisc_router_solicit_get_sender_address(rs, &src);
284 if (r < 0 && r != -ENODATA) /* null address is allowed */
285 return log_radv_errno(ra, r, "Failed to get sender address of RS, ignoring: %m");
286 if (r >= 0 && in6_addr_equal(&src, &ra->ipv6ll))
287 /* This should be definitely caused by a misconfiguration. If we send RA to ourself, the
288 * kernel complains about that. Let's ignore the packet. */
289 return log_radv_errno(ra, SYNTHETIC_ERRNO(EADDRINUSE), "Received RS from the same interface, ignoring.");
290
291 r = radv_send_router(ra, &src);
292 if (r < 0)
293 return log_radv_errno(ra, r, "Unable to send solicited Router Advertisement to %s, ignoring: %m", IN6_ADDR_TO_STRING(&src));
294
295 log_radv(ra, "Sent solicited Router Advertisement to %s.", IN6_ADDR_TO_STRING(&src));
296 return 0;
297 }
298
299 static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
300 _cleanup_(icmp6_packet_unrefp) ICMP6Packet *packet = NULL;
301 sd_radv *ra = ASSERT_PTR(userdata);
302 int r;
303
304 assert(fd >= 0);
305
306 r = icmp6_packet_receive(fd, &packet);
307 if (r < 0) {
308 log_radv_errno(ra, r, "Failed to receive ICMPv6 packet, ignoring: %m");
309 return 0;
310 }
311
312 (void) radv_process_packet(ra, packet);
313 return 0;
314 }
315
316 static int radv_timeout(sd_event_source *s, uint64_t usec, void *userdata) {
317 usec_t min_timeout, max_timeout, time_now, timeout;
318 sd_radv *ra = ASSERT_PTR(userdata);
319 int r;
320
321 assert(s);
322 assert(ra->event);
323 assert(router_lifetime_is_valid(ra->lifetime_usec));
324
325 r = sd_event_now(ra->event, CLOCK_BOOTTIME, &time_now);
326 if (r < 0)
327 goto fail;
328
329 r = radv_send_router(ra, NULL);
330 if (r < 0)
331 log_radv_errno(ra, r, "Unable to send Router Advertisement, ignoring: %m");
332
333 /* RFC 4861, Section 6.2.4, sending initial Router Advertisements */
334 if (ra->ra_sent < RADV_MAX_INITIAL_RTR_ADVERTISEMENTS)
335 max_timeout = RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC;
336 else
337 max_timeout = RADV_DEFAULT_MAX_TIMEOUT_USEC;
338
339 /* RFC 4861, Section 6.2.1, lifetime must be at least MaxRtrAdvInterval,
340 * so lower the interval here */
341 if (ra->lifetime_usec > 0)
342 max_timeout = MIN(max_timeout, ra->lifetime_usec);
343
344 if (max_timeout >= 9 * USEC_PER_SEC)
345 min_timeout = max_timeout / 3;
346 else
347 min_timeout = max_timeout * 3 / 4;
348
349 /* RFC 4861, Section 6.2.1.
350 * MaxRtrAdvInterval MUST be no less than 4 seconds and no greater than 1800 seconds.
351 * MinRtrAdvInterval MUST be no less than 3 seconds and no greater than .75 * MaxRtrAdvInterval. */
352 assert(max_timeout >= RADV_MIN_MAX_TIMEOUT_USEC);
353 assert(max_timeout <= RADV_MAX_MAX_TIMEOUT_USEC);
354 assert(min_timeout >= RADV_MIN_MIN_TIMEOUT_USEC);
355 assert(min_timeout <= max_timeout * 3 / 4);
356
357 timeout = min_timeout + random_u64_range(max_timeout - min_timeout);
358 log_radv(ra, "Next Router Advertisement in %s", FORMAT_TIMESPAN(timeout, USEC_PER_SEC));
359
360 r = event_reset_time(ra->event, &ra->timeout_event_source,
361 CLOCK_BOOTTIME,
362 usec_add(time_now, timeout), MSEC_PER_SEC,
363 radv_timeout, ra,
364 ra->event_priority, "radv-timeout", true);
365 if (r < 0)
366 goto fail;
367
368 ra->ra_sent++;
369
370 return 0;
371
372 fail:
373 sd_radv_stop(ra);
374
375 return 0;
376 }
377
378 int sd_radv_stop(sd_radv *ra) {
379 int r;
380
381 if (!ra)
382 return 0;
383
384 if (ra->state == RADV_STATE_IDLE)
385 return 0;
386
387 log_radv(ra, "Stopping IPv6 Router Advertisement daemon");
388
389 /* RFC 4861, Section 6.2.5:
390 * the router SHOULD transmit one or more (but not more than MAX_FINAL_RTR_ADVERTISEMENTS) final
391 * multicast Router Advertisements on the interface with a Router Lifetime field of zero. */
392 r = radv_send_router_on_stop(ra);
393 if (r < 0)
394 log_radv_errno(ra, r, "Unable to send last Router Advertisement with router lifetime set to zero, ignoring: %m");
395
396 radv_reset(ra);
397 ra->fd = safe_close(ra->fd);
398 ra->state = RADV_STATE_IDLE;
399
400 return 0;
401 }
402
403 static int radv_setup_recv_event(sd_radv *ra) {
404 int r;
405
406 assert(ra);
407 assert(ra->event);
408 assert(ra->ifindex > 0);
409
410 _cleanup_close_ int fd = -EBADF;
411 fd = icmp6_bind(ra->ifindex, /* is_router = */ true);
412 if (fd < 0)
413 return fd;
414
415 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
416 r = sd_event_add_io(ra->event, &s, fd, EPOLLIN, radv_recv, ra);
417 if (r < 0)
418 return r;
419
420 r = sd_event_source_set_priority(s, ra->event_priority);
421 if (r < 0)
422 return r;
423
424 (void) sd_event_source_set_description(s, "radv-receive-message");
425
426 ra->fd = TAKE_FD(fd);
427 ra->recv_event_source = TAKE_PTR(s);
428 return 0;
429 }
430
431 int sd_radv_start(sd_radv *ra) {
432 int r;
433
434 assert_return(ra, -EINVAL);
435 assert_return(ra->event, -EINVAL);
436 assert_return(ra->ifindex > 0, -EINVAL);
437
438 if (ra->state != RADV_STATE_IDLE)
439 return 0;
440
441 r = radv_setup_recv_event(ra);
442 if (r < 0)
443 goto fail;
444
445 r = event_reset_time(ra->event, &ra->timeout_event_source,
446 CLOCK_BOOTTIME,
447 0, 0,
448 radv_timeout, ra,
449 ra->event_priority, "radv-timeout", true);
450 if (r < 0)
451 goto fail;
452
453 ra->state = RADV_STATE_ADVERTISING;
454
455 log_radv(ra, "Started IPv6 Router Advertisement daemon");
456
457 return 0;
458
459 fail:
460 radv_reset(ra);
461
462 return r;
463 }
464
465 int sd_radv_set_ifindex(sd_radv *ra, int ifindex) {
466 assert_return(ra, -EINVAL);
467 assert_return(ifindex > 0, -EINVAL);
468
469 if (ra->state != RADV_STATE_IDLE)
470 return -EBUSY;
471
472 ra->ifindex = ifindex;
473
474 return 0;
475 }
476
477 int sd_radv_set_ifname(sd_radv *ra, const char *ifname) {
478 assert_return(ra, -EINVAL);
479 assert_return(ifname, -EINVAL);
480
481 if (!ifname_valid_full(ifname, IFNAME_VALID_ALTERNATIVE))
482 return -EINVAL;
483
484 return free_and_strdup(&ra->ifname, ifname);
485 }
486
487 int sd_radv_get_ifname(sd_radv *ra, const char **ret) {
488 int r;
489
490 assert_return(ra, -EINVAL);
491
492 r = get_ifname(ra->ifindex, &ra->ifname);
493 if (r < 0)
494 return r;
495
496 if (ret)
497 *ret = ra->ifname;
498
499 return 0;
500 }
501
502 int sd_radv_set_link_local_address(sd_radv *ra, const struct in6_addr *addr) {
503 assert_return(ra, -EINVAL);
504 assert_return(!addr || in6_addr_is_link_local(addr), -EINVAL);
505
506 if (addr)
507 ra->ipv6ll = *addr;
508 else
509 zero(ra->ipv6ll);
510
511 return 0;
512 }
513
514 int sd_radv_set_mac(sd_radv *ra, const struct ether_addr *mac_addr) {
515 assert_return(ra, -EINVAL);
516
517 if (ra->state != RADV_STATE_IDLE)
518 return -EBUSY;
519
520 if (mac_addr)
521 ra->mac_addr = *mac_addr;
522 else
523 zero(ra->mac_addr);
524
525 return 0;
526 }
527
528 int sd_radv_set_mtu(sd_radv *ra, uint32_t mtu) {
529 assert_return(ra, -EINVAL);
530 assert_return(mtu >= 1280, -EINVAL);
531
532 ra->mtu = mtu;
533
534 return 0;
535 }
536
537 int sd_radv_set_hop_limit(sd_radv *ra, uint8_t hop_limit) {
538 assert_return(ra, -EINVAL);
539
540 ra->hop_limit = hop_limit;
541 return 0;
542 }
543
544 int sd_radv_set_retransmit(sd_radv *ra, uint64_t usec) {
545 assert_return(ra, -EINVAL);
546
547 ra->retransmit_usec = usec;
548 return 0;
549 }
550
551 int sd_radv_set_router_lifetime(sd_radv *ra, uint64_t usec) {
552 assert_return(ra, -EINVAL);
553
554 if (!router_lifetime_is_valid(usec))
555 return -EINVAL;
556
557 /* RFC 4191, Section 2.2, "...If the Router Lifetime is zero, the preference value MUST be set
558 * to (00) by the sender..." */
559 if (usec == 0 &&
560 (ra->flags & (0x3 << 3)) != (SD_NDISC_PREFERENCE_MEDIUM << 3))
561 return -EINVAL;
562
563 ra->lifetime_usec = usec;
564 return 0;
565 }
566
567 int sd_radv_set_managed_information(sd_radv *ra, int b) {
568 assert_return(ra, -EINVAL);
569
570 SET_FLAG(ra->flags, ND_RA_FLAG_MANAGED, b);
571 return 0;
572 }
573
574 int sd_radv_set_other_information(sd_radv *ra, int b) {
575 assert_return(ra, -EINVAL);
576
577 SET_FLAG(ra->flags, ND_RA_FLAG_OTHER, b);
578 return 0;
579 }
580
581 int sd_radv_set_preference(sd_radv *ra, unsigned preference) {
582 assert_return(ra, -EINVAL);
583 assert_return(IN_SET(preference,
584 SD_NDISC_PREFERENCE_LOW,
585 SD_NDISC_PREFERENCE_MEDIUM,
586 SD_NDISC_PREFERENCE_HIGH), -EINVAL);
587
588 /* RFC 4191, Section 2.2, "...If the Router Lifetime is zero, the preference value MUST be set
589 * to (00) by the sender..." */
590 if (ra->lifetime_usec == 0 && preference != SD_NDISC_PREFERENCE_MEDIUM)
591 return -EINVAL;
592
593 ra->flags = (ra->flags & ~(0x3 << 3)) | (preference << 3);
594
595 return 0;
596 }
597
598 int sd_radv_set_home_agent_information(sd_radv *ra, int home_agent) {
599 assert_return(ra, -EINVAL);
600
601 if (ra->state != RADV_STATE_IDLE)
602 return -EBUSY;
603
604 SET_FLAG(ra->flags, ND_RA_FLAG_HOME_AGENT, home_agent);
605
606 return 0;
607 }
608
609 int sd_radv_set_home_agent_preference(sd_radv *ra, uint16_t preference) {
610 assert_return(ra, -EINVAL);
611
612 if (ra->state != RADV_STATE_IDLE)
613 return -EBUSY;
614
615 ra->home_agent.nd_opt_home_agent_info_preference = htobe16(preference);
616
617 return 0;
618 }
619
620 int sd_radv_set_home_agent_lifetime(sd_radv *ra, uint64_t lifetime_usec) {
621 assert_return(ra, -EINVAL);
622
623 if (ra->state != RADV_STATE_IDLE)
624 return -EBUSY;
625
626 if (lifetime_usec > RADV_HOME_AGENT_MAX_LIFETIME_USEC)
627 return -EINVAL;
628
629 ra->home_agent.nd_opt_home_agent_info_lifetime = usec_to_be16_sec(lifetime_usec);
630 return 0;
631 }
632
633 int sd_radv_add_prefix(sd_radv *ra, sd_radv_prefix *p) {
634 sd_radv_prefix *found = NULL;
635 int r;
636
637 assert_return(ra, -EINVAL);
638 assert_return(p, -EINVAL);
639
640 /* Refuse prefixes that don't have a prefix set */
641 if (in6_addr_is_null(&p->opt.in6_addr))
642 return -ENOEXEC;
643
644 const char *addr_p = IN6_ADDR_PREFIX_TO_STRING(&p->opt.in6_addr, p->opt.prefixlen);
645
646 LIST_FOREACH(prefix, cur, ra->prefixes) {
647 r = in_addr_prefix_intersect(AF_INET6,
648 (const union in_addr_union*) &cur->opt.in6_addr,
649 cur->opt.prefixlen,
650 (const union in_addr_union*) &p->opt.in6_addr,
651 p->opt.prefixlen);
652 if (r < 0)
653 return r;
654 if (r == 0)
655 continue;
656
657 if (cur->opt.prefixlen == p->opt.prefixlen) {
658 found = cur;
659 break;
660 }
661
662 return log_radv_errno(ra, SYNTHETIC_ERRNO(EEXIST),
663 "IPv6 prefix %s conflicts with %s, ignoring.",
664 addr_p,
665 IN6_ADDR_PREFIX_TO_STRING(&cur->opt.in6_addr, cur->opt.prefixlen));
666 }
667
668 if (found) {
669 /* p and cur may be equivalent. First increment the reference counter. */
670 sd_radv_prefix_ref(p);
671
672 /* Then, remove the old entry. */
673 LIST_REMOVE(prefix, ra->prefixes, found);
674 sd_radv_prefix_unref(found);
675
676 /* Finally, add the new entry. */
677 LIST_APPEND(prefix, ra->prefixes, p);
678
679 log_radv(ra, "Updated/replaced IPv6 prefix %s (preferred: %s, valid: %s)",
680 addr_p,
681 FORMAT_TIMESPAN(p->lifetime_preferred_usec, USEC_PER_SEC),
682 FORMAT_TIMESPAN(p->lifetime_valid_usec, USEC_PER_SEC));
683 } else {
684 /* The prefix is new. Let's simply add it. */
685
686 sd_radv_prefix_ref(p);
687 LIST_APPEND(prefix, ra->prefixes, p);
688 ra->n_prefixes++;
689
690 log_radv(ra, "Added prefix %s", addr_p);
691 }
692
693 if (ra->state == RADV_STATE_IDLE)
694 return 0;
695
696 if (ra->ra_sent == 0)
697 return 0;
698
699 /* If RAs have already been sent, send an RA immediately to announce the newly-added prefix */
700 r = radv_send_router(ra, NULL);
701 if (r < 0)
702 log_radv_errno(ra, r, "Unable to send Router Advertisement for added prefix %s, ignoring: %m", addr_p);
703 else
704 log_radv(ra, "Sent Router Advertisement for added/updated prefix %s.", addr_p);
705
706 return 0;
707 }
708
709 void sd_radv_remove_prefix(
710 sd_radv *ra,
711 const struct in6_addr *prefix,
712 unsigned char prefixlen) {
713
714 if (!ra)
715 return;
716
717 if (!prefix)
718 return;
719
720 LIST_FOREACH(prefix, cur, ra->prefixes) {
721 if (prefixlen != cur->opt.prefixlen)
722 continue;
723
724 if (!in6_addr_equal(prefix, &cur->opt.in6_addr))
725 continue;
726
727 LIST_REMOVE(prefix, ra->prefixes, cur);
728 ra->n_prefixes--;
729 sd_radv_prefix_unref(cur);
730 return;
731 }
732 }
733
734 int sd_radv_add_route_prefix(sd_radv *ra, sd_radv_route_prefix *p) {
735 sd_radv_route_prefix *found = NULL;
736 int r;
737
738 assert_return(ra, -EINVAL);
739 assert_return(p, -EINVAL);
740
741 const char *addr_p = IN6_ADDR_PREFIX_TO_STRING(&p->opt.in6_addr, p->opt.prefixlen);
742
743 LIST_FOREACH(prefix, cur, ra->route_prefixes) {
744 r = in_addr_prefix_intersect(AF_INET6,
745 (const union in_addr_union*) &cur->opt.in6_addr,
746 cur->opt.prefixlen,
747 (const union in_addr_union*) &p->opt.in6_addr,
748 p->opt.prefixlen);
749 if (r < 0)
750 return r;
751 if (r == 0)
752 continue;
753
754 if (cur->opt.prefixlen == p->opt.prefixlen) {
755 found = cur;
756 break;
757 }
758
759 return log_radv_errno(ra, SYNTHETIC_ERRNO(EEXIST),
760 "IPv6 route prefix %s conflicts with %s, ignoring.",
761 addr_p,
762 IN6_ADDR_PREFIX_TO_STRING(&cur->opt.in6_addr, cur->opt.prefixlen));
763 }
764
765 if (found) {
766 /* p and cur may be equivalent. First increment the reference counter. */
767 sd_radv_route_prefix_ref(p);
768
769 /* Then, remove the old entry. */
770 LIST_REMOVE(prefix, ra->route_prefixes, found);
771 sd_radv_route_prefix_unref(found);
772
773 /* Finally, add the new entry. */
774 LIST_APPEND(prefix, ra->route_prefixes, p);
775
776 log_radv(ra, "Updated/replaced IPv6 route prefix %s (lifetime: %s)",
777 strna(addr_p),
778 FORMAT_TIMESPAN(p->lifetime_usec, USEC_PER_SEC));
779 } else {
780 /* The route prefix is new. Let's simply add it. */
781
782 sd_radv_route_prefix_ref(p);
783 LIST_APPEND(prefix, ra->route_prefixes, p);
784 ra->n_route_prefixes++;
785
786 log_radv(ra, "Added route prefix %s", strna(addr_p));
787 }
788
789 if (ra->state == RADV_STATE_IDLE)
790 return 0;
791
792 if (ra->ra_sent == 0)
793 return 0;
794
795 /* If RAs have already been sent, send an RA immediately to announce the newly-added route prefix */
796 r = radv_send_router(ra, NULL);
797 if (r < 0)
798 log_radv_errno(ra, r, "Unable to send Router Advertisement for added route prefix %s, ignoring: %m",
799 strna(addr_p));
800 else
801 log_radv(ra, "Sent Router Advertisement for added route prefix %s.", strna(addr_p));
802
803 return 0;
804 }
805
806 int sd_radv_add_pref64_prefix(sd_radv *ra, sd_radv_pref64_prefix *p) {
807 sd_radv_pref64_prefix *found = NULL;
808 int r;
809
810 assert_return(ra, -EINVAL);
811 assert_return(p, -EINVAL);
812
813 const char *addr_p = IN6_ADDR_PREFIX_TO_STRING(&p->in6_addr, p->prefixlen);
814
815 LIST_FOREACH(prefix, cur, ra->pref64_prefixes) {
816 r = in_addr_prefix_intersect(AF_INET6,
817 (const union in_addr_union*) &cur->in6_addr,
818 cur->prefixlen,
819 (const union in_addr_union*) &p->in6_addr,
820 p->prefixlen);
821 if (r < 0)
822 return r;
823 if (r == 0)
824 continue;
825
826 if (cur->prefixlen == p->prefixlen) {
827 found = cur;
828 break;
829 }
830
831 return log_radv_errno(ra, SYNTHETIC_ERRNO(EEXIST),
832 "IPv6 PREF64 prefix %s conflicts with %s, ignoring.",
833 addr_p,
834 IN6_ADDR_PREFIX_TO_STRING(&cur->in6_addr, cur->prefixlen));
835 }
836
837 if (found) {
838 /* p and cur may be equivalent. First increment the reference counter. */
839 sd_radv_pref64_prefix_ref(p);
840
841 /* Then, remove the old entry. */
842 LIST_REMOVE(prefix, ra->pref64_prefixes, found);
843 sd_radv_pref64_prefix_unref(found);
844
845 /* Finally, add the new entry. */
846 LIST_APPEND(prefix, ra->pref64_prefixes, p);
847
848 log_radv(ra, "Updated/replaced IPv6 PREF64 prefix %s (lifetime: %s)",
849 strna(addr_p),
850 FORMAT_TIMESPAN(p->lifetime_usec, USEC_PER_SEC));
851 } else {
852 /* The route prefix is new. Let's simply add it. */
853
854 sd_radv_pref64_prefix_ref(p);
855 LIST_APPEND(prefix, ra->pref64_prefixes, p);
856 ra->n_pref64_prefixes++;
857
858 log_radv(ra, "Added PREF64 prefix %s", strna(addr_p));
859 }
860
861 if (ra->state == RADV_STATE_IDLE)
862 return 0;
863
864 if (ra->ra_sent == 0)
865 return 0;
866
867 /* If RAs have already been sent, send an RA immediately to announce the newly-added route prefix */
868 r = radv_send_router(ra, NULL);
869 if (r < 0)
870 log_radv_errno(ra, r, "Unable to send Router Advertisement for added PREF64 prefix %s, ignoring: %m",
871 strna(addr_p));
872 else
873 log_radv(ra, "Sent Router Advertisement for added PREF64 prefix %s.", strna(addr_p));
874
875 return 0;
876 }
877
878 int sd_radv_set_rdnss(
879 sd_radv *ra,
880 uint64_t lifetime_usec,
881 const struct in6_addr *dns,
882 size_t n_dns) {
883
884 _cleanup_free_ struct sd_radv_opt_dns *opt_rdnss = NULL;
885 size_t len;
886
887 assert_return(ra, -EINVAL);
888 assert_return(n_dns < 128, -EINVAL);
889
890 if (lifetime_usec > RADV_RDNSS_MAX_LIFETIME_USEC)
891 return -EINVAL;
892
893 if (!dns || n_dns == 0) {
894 ra->rdnss = mfree(ra->rdnss);
895 ra->n_rdnss = 0;
896
897 return 0;
898 }
899
900 len = sizeof(struct sd_radv_opt_dns) + sizeof(struct in6_addr) * n_dns;
901
902 opt_rdnss = malloc0(len);
903 if (!opt_rdnss)
904 return -ENOMEM;
905
906 opt_rdnss->type = RADV_OPT_RDNSS;
907 opt_rdnss->length = len / 8;
908 opt_rdnss->lifetime = usec_to_be32_sec(lifetime_usec);
909
910 memcpy(opt_rdnss + 1, dns, n_dns * sizeof(struct in6_addr));
911
912 free_and_replace(ra->rdnss, opt_rdnss);
913
914 ra->n_rdnss = n_dns;
915
916 return 0;
917 }
918
919 int sd_radv_set_dnssl(
920 sd_radv *ra,
921 uint64_t lifetime_usec,
922 char **search_list) {
923
924 _cleanup_free_ struct sd_radv_opt_dns *opt_dnssl = NULL;
925 size_t len = 0;
926 uint8_t *p;
927
928 assert_return(ra, -EINVAL);
929
930 if (lifetime_usec > RADV_DNSSL_MAX_LIFETIME_USEC)
931 return -EINVAL;
932
933 if (strv_isempty(search_list)) {
934 ra->dnssl = mfree(ra->dnssl);
935 return 0;
936 }
937
938 STRV_FOREACH(s, search_list)
939 len += strlen(*s) + 2;
940
941 len = (sizeof(struct sd_radv_opt_dns) + len + 7) & ~0x7;
942
943 opt_dnssl = malloc0(len);
944 if (!opt_dnssl)
945 return -ENOMEM;
946
947 opt_dnssl->type = RADV_OPT_DNSSL;
948 opt_dnssl->length = len / 8;
949 opt_dnssl->lifetime = usec_to_be32_sec(lifetime_usec);
950
951 p = (uint8_t *)(opt_dnssl + 1);
952 len -= sizeof(struct sd_radv_opt_dns);
953
954 STRV_FOREACH(s, search_list) {
955 int r;
956
957 r = dns_name_to_wire_format(*s, p, len, false);
958 if (r < 0)
959 return r;
960
961 if (len < (size_t)r)
962 return -ENOBUFS;
963
964 p += r;
965 len -= r;
966 }
967
968 free_and_replace(ra->dnssl, opt_dnssl);
969
970 return 0;
971 }
972
973 int sd_radv_prefix_new(sd_radv_prefix **ret) {
974 sd_radv_prefix *p;
975
976 assert_return(ret, -EINVAL);
977
978 p = new(sd_radv_prefix, 1);
979 if (!p)
980 return -ENOMEM;
981
982 *p = (sd_radv_prefix) {
983 .n_ref = 1,
984
985 .opt.type = ND_OPT_PREFIX_INFORMATION,
986 .opt.length = (sizeof(p->opt) - 1)/8 + 1,
987 .opt.prefixlen = 64,
988
989 /* RFC 4861, Section 6.2.1 */
990 .opt.flags = ND_OPT_PI_FLAG_ONLINK|ND_OPT_PI_FLAG_AUTO,
991
992 .lifetime_valid_usec = RADV_DEFAULT_VALID_LIFETIME_USEC,
993 .lifetime_preferred_usec = RADV_DEFAULT_PREFERRED_LIFETIME_USEC,
994 .valid_until = USEC_INFINITY,
995 .preferred_until = USEC_INFINITY,
996 };
997
998 *ret = p;
999 return 0;
1000 }
1001
1002 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_prefix, sd_radv_prefix, mfree);
1003
1004 int sd_radv_prefix_set_prefix(
1005 sd_radv_prefix *p,
1006 const struct in6_addr *in6_addr,
1007 unsigned char prefixlen) {
1008
1009 assert_return(p, -EINVAL);
1010 assert_return(in6_addr, -EINVAL);
1011
1012 if (prefixlen < 3 || prefixlen > 128)
1013 return -EINVAL;
1014
1015 if (prefixlen > 64)
1016 /* unusual but allowed, log it */
1017 log_radv(NULL, "Unusual prefix length %d greater than 64", prefixlen);
1018
1019 p->opt.in6_addr = *in6_addr;
1020 p->opt.prefixlen = prefixlen;
1021
1022 return 0;
1023 }
1024
1025 int sd_radv_prefix_get_prefix(
1026 sd_radv_prefix *p,
1027 struct in6_addr *ret_in6_addr,
1028 unsigned char *ret_prefixlen) {
1029
1030 assert_return(p, -EINVAL);
1031 assert_return(ret_in6_addr, -EINVAL);
1032 assert_return(ret_prefixlen, -EINVAL);
1033
1034 *ret_in6_addr = p->opt.in6_addr;
1035 *ret_prefixlen = p->opt.prefixlen;
1036
1037 return 0;
1038 }
1039
1040 int sd_radv_prefix_set_onlink(sd_radv_prefix *p, int onlink) {
1041 assert_return(p, -EINVAL);
1042
1043 SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_ONLINK, onlink);
1044
1045 return 0;
1046 }
1047
1048 int sd_radv_prefix_set_address_autoconfiguration(sd_radv_prefix *p, int address_autoconfiguration) {
1049 assert_return(p, -EINVAL);
1050
1051 SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_AUTO, address_autoconfiguration);
1052
1053 return 0;
1054 }
1055
1056 int sd_radv_prefix_set_valid_lifetime(sd_radv_prefix *p, uint64_t lifetime_usec, uint64_t valid_until) {
1057 assert_return(p, -EINVAL);
1058
1059 p->lifetime_valid_usec = lifetime_usec;
1060 p->valid_until = valid_until;
1061
1062 return 0;
1063 }
1064
1065 int sd_radv_prefix_set_preferred_lifetime(sd_radv_prefix *p, uint64_t lifetime_usec, uint64_t valid_until) {
1066 assert_return(p, -EINVAL);
1067
1068 p->lifetime_preferred_usec = lifetime_usec;
1069 p->preferred_until = valid_until;
1070
1071 return 0;
1072 }
1073
1074 int sd_radv_route_prefix_new(sd_radv_route_prefix **ret) {
1075 sd_radv_route_prefix *p;
1076
1077 assert_return(ret, -EINVAL);
1078
1079 p = new(sd_radv_route_prefix, 1);
1080 if (!p)
1081 return -ENOMEM;
1082
1083 *p = (sd_radv_route_prefix) {
1084 .n_ref = 1,
1085
1086 .opt.type = RADV_OPT_ROUTE_INFORMATION,
1087 .opt.length = DIV_ROUND_UP(sizeof(p->opt), 8),
1088 .opt.prefixlen = 64,
1089
1090 .lifetime_usec = RADV_DEFAULT_VALID_LIFETIME_USEC,
1091 .valid_until = USEC_INFINITY,
1092 };
1093
1094 *ret = p;
1095 return 0;
1096 }
1097
1098 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_route_prefix, sd_radv_route_prefix, mfree);
1099
1100 int sd_radv_route_prefix_set_prefix(
1101 sd_radv_route_prefix *p,
1102 const struct in6_addr *in6_addr,
1103 unsigned char prefixlen) {
1104
1105 assert_return(p, -EINVAL);
1106 assert_return(in6_addr, -EINVAL);
1107
1108 if (prefixlen > 128)
1109 return -EINVAL;
1110
1111 if (prefixlen > 64)
1112 /* unusual but allowed, log it */
1113 log_radv(NULL, "Unusual prefix length %u greater than 64", prefixlen);
1114
1115 p->opt.in6_addr = *in6_addr;
1116 p->opt.prefixlen = prefixlen;
1117
1118 return 0;
1119 }
1120
1121 int sd_radv_route_prefix_set_lifetime(sd_radv_route_prefix *p, uint64_t lifetime_usec, uint64_t valid_until) {
1122 assert_return(p, -EINVAL);
1123
1124 p->lifetime_usec = lifetime_usec;
1125 p->valid_until = valid_until;
1126
1127 return 0;
1128 }
1129
1130 int sd_radv_pref64_prefix_new(sd_radv_pref64_prefix **ret) {
1131 sd_radv_pref64_prefix *p;
1132
1133 assert_return(ret, -EINVAL);
1134
1135 p = new(sd_radv_pref64_prefix, 1);
1136 if (!p)
1137 return -ENOMEM;
1138
1139 *p = (sd_radv_pref64_prefix) {
1140 .n_ref = 1,
1141
1142 .opt.type = RADV_OPT_PREF64,
1143 .opt.length = 2,
1144 };
1145
1146 *ret = p;
1147 return 0;
1148 }
1149
1150 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_pref64_prefix, sd_radv_pref64_prefix, mfree);
1151
1152 int sd_radv_pref64_prefix_set_prefix(
1153 sd_radv_pref64_prefix *p,
1154 const struct in6_addr *prefix,
1155 uint8_t prefixlen,
1156 uint64_t lifetime_usec) {
1157
1158 uint16_t pref64_lifetime;
1159 uint8_t prefixlen_code;
1160 int r;
1161
1162 assert_return(p, -EINVAL);
1163 assert_return(prefix, -EINVAL);
1164
1165 r = pref64_prefix_length_to_plc(prefixlen, &prefixlen_code);
1166 if (r < 0)
1167 return log_radv_errno(NULL, r,
1168 "Unsupported PREF64 prefix length %u. Valid lengths are 32, 40, 48, 56, 64 and 96", prefixlen);
1169
1170 if (lifetime_usec > PREF64_MAX_LIFETIME_USEC)
1171 return -EINVAL;
1172
1173 /* RFC 8781 - 4.1 rounding up lifetime to multiply of 8 */
1174 pref64_lifetime = DIV_ROUND_UP(lifetime_usec, 8 * USEC_PER_SEC) << 3;
1175 pref64_lifetime |= prefixlen_code;
1176
1177 unaligned_write_be16(&p->opt.lifetime_and_plc, pref64_lifetime);
1178 memcpy(&p->opt.prefix, prefix, sizeof(p->opt.prefix));
1179
1180 p->in6_addr = *prefix;
1181 p->prefixlen = prefixlen;
1182
1183 return 0;
1184 }
Unnamed repository; edit this file 'description' to name the repository.