1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 Copyright © 2017 Intel Corporation. All rights reserved.
6 #include <netinet/icmp6.h>
7 #include <netinet/in.h>
13 #include "alloc-util.h"
14 #include "dns-domain.h"
15 #include "ether-addr-util.h"
16 #include "event-util.h"
18 #include "icmp6-util.h"
19 #include "in-addr-util.h"
20 #include "radv-internal.h"
21 #include "socket-util.h"
22 #include "string-util.h"
25 #include "random-util.h"
27 _public_
int sd_radv_new(sd_radv
**ret
) {
28 _cleanup_(sd_radv_unrefp
) sd_radv
*ra
= NULL
;
30 assert_return(ret
, -EINVAL
);
46 _public_
int sd_radv_attach_event(sd_radv
*ra
, sd_event
*event
, int64_t priority
) {
49 assert_return(ra
, -EINVAL
);
50 assert_return(!ra
->event
, -EBUSY
);
53 ra
->event
= sd_event_ref(event
);
55 r
= sd_event_default(&ra
->event
);
60 ra
->event_priority
= priority
;
65 _public_
int sd_radv_detach_event(sd_radv
*ra
) {
67 assert_return(ra
, -EINVAL
);
69 ra
->event
= sd_event_unref(ra
->event
);
73 _public_ sd_event
*sd_radv_get_event(sd_radv
*ra
) {
74 assert_return(ra
, NULL
);
79 static void radv_reset(sd_radv
*ra
) {
82 (void) event_source_disable(ra
->timeout_event_source
);
84 ra
->recv_event_source
=
85 sd_event_source_unref(ra
->recv_event_source
);
90 static sd_radv
*radv_free(sd_radv
*ra
) {
93 while (ra
->prefixes
) {
94 sd_radv_prefix
*p
= ra
->prefixes
;
96 LIST_REMOVE(prefix
, ra
->prefixes
, p
);
97 sd_radv_prefix_unref(p
);
103 ra
->timeout_event_source
= sd_event_source_unref(ra
->timeout_event_source
);
107 sd_radv_detach_event(ra
);
109 ra
->fd
= safe_close(ra
->fd
);
114 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv
, sd_radv
, radv_free
);
116 static int radv_send(sd_radv
*ra
, const struct in6_addr
*dst
, uint32_t router_lifetime
) {
118 struct sockaddr_in6 dst_addr
= {
119 .sin6_family
= AF_INET6
,
120 .sin6_addr
= IN6ADDR_ALL_NODES_MULTICAST_INIT
,
122 struct nd_router_advert adv
= {};
124 struct nd_opt_hdr opthdr
;
125 struct ether_addr slladdr
;
126 } _packed_ opt_mac
= {
128 .nd_opt_type
= ND_OPT_SOURCE_LINKADDR
,
129 .nd_opt_len
= (sizeof(struct nd_opt_hdr
) +
130 sizeof(struct ether_addr
) - 1) /8 + 1,
133 struct nd_opt_mtu opt_mtu
= {
134 .nd_opt_mtu_type
= ND_OPT_MTU
,
137 /* Reserve iov space for RA header, linkaddr, MTU, N prefixes, RDNSS
139 struct iovec iov
[5 + ra
->n_prefixes
];
140 struct msghdr msg
= {
141 .msg_name
= &dst_addr
,
142 .msg_namelen
= sizeof(dst_addr
),
148 r
= sd_event_now(ra
->event
, clock_boottime_or_monotonic(), &time_now
);
152 if (dst
&& !in_addr_is_null(AF_INET6
, (union in_addr_union
*) dst
))
153 dst_addr
.sin6_addr
= *dst
;
155 adv
.nd_ra_type
= ND_ROUTER_ADVERT
;
156 adv
.nd_ra_curhoplimit
= ra
->hop_limit
;
157 adv
.nd_ra_flags_reserved
= ra
->flags
;
158 adv
.nd_ra_router_lifetime
= htobe16(router_lifetime
);
159 iov
[msg
.msg_iovlen
].iov_base
= &adv
;
160 iov
[msg
.msg_iovlen
].iov_len
= sizeof(adv
);
163 /* MAC address is optional, either because the link does not use L2
164 addresses or load sharing is desired. See RFC 4861, Section 4.2 */
165 if (!ether_addr_is_null(&ra
->mac_addr
)) {
166 opt_mac
.slladdr
= ra
->mac_addr
;
167 iov
[msg
.msg_iovlen
].iov_base
= &opt_mac
;
168 iov
[msg
.msg_iovlen
].iov_len
= sizeof(opt_mac
);
173 opt_mtu
.nd_opt_mtu_mtu
= htobe32(ra
->mtu
);
174 iov
[msg
.msg_iovlen
].iov_base
= &opt_mtu
;
175 iov
[msg
.msg_iovlen
].iov_len
= sizeof(opt_mtu
);
179 LIST_FOREACH(prefix
, p
, ra
->prefixes
) {
180 if (p
->valid_until
) {
182 if (time_now
> p
->valid_until
)
183 p
->opt
.valid_lifetime
= 0;
185 p
->opt
.valid_lifetime
= htobe32((p
->valid_until
- time_now
) / USEC_PER_SEC
);
187 if (time_now
> p
->preferred_until
)
188 p
->opt
.preferred_lifetime
= 0;
190 p
->opt
.preferred_lifetime
= htobe32((p
->preferred_until
- time_now
) / USEC_PER_SEC
);
192 iov
[msg
.msg_iovlen
].iov_base
= &p
->opt
;
193 iov
[msg
.msg_iovlen
].iov_len
= sizeof(p
->opt
);
198 iov
[msg
.msg_iovlen
].iov_base
= ra
->rdnss
;
199 iov
[msg
.msg_iovlen
].iov_len
= ra
->rdnss
->length
* 8;
204 iov
[msg
.msg_iovlen
].iov_base
= ra
->dnssl
;
205 iov
[msg
.msg_iovlen
].iov_len
= ra
->dnssl
->length
* 8;
209 if (sendmsg(ra
->fd
, &msg
, 0) < 0)
215 static int radv_recv(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
216 sd_radv
*ra
= userdata
;
217 _cleanup_free_
char *addr
= NULL
;
219 triple_timestamp timestamp
;
222 _cleanup_free_
char *buf
= NULL
;
228 buflen
= next_datagram_size_fd(fd
);
230 if ((unsigned) buflen
< sizeof(struct nd_router_solicit
))
231 return log_radv("Too short packet received");
233 buf
= new0(char, buflen
);
237 r
= icmp6_receive(fd
, buf
, buflen
, &src
, ×tamp
);
241 (void) in_addr_to_string(AF_INET6
, (union in_addr_union
*) &src
, &addr
);
242 log_radv("Received RS from non-link-local address %s. Ignoring", addr
);
246 log_radv("Received RS with invalid hop limit. Ignoring.");
250 log_radv("Received invalid source address from ICMPv6 socket. Ignoring.");
253 case -EAGAIN
: /* ignore spurious wakeups */
257 log_radv_errno(r
, "Unexpected error receiving from ICMPv6 socket: %m");
264 (void) in_addr_to_string(AF_INET6
, (union in_addr_union
*) &src
, &addr
);
266 r
= radv_send(ra
, &src
, ra
->lifetime
);
268 log_radv_errno(r
, "Unable to send solicited Router Advertisement to %s: %m", addr
);
270 log_radv("Sent solicited Router Advertisement to %s", addr
);
275 static usec_t
radv_compute_timeout(usec_t min
, usec_t max
) {
276 assert_return(min
<= max
, SD_RADV_DEFAULT_MIN_TIMEOUT_USEC
);
278 return min
+ (random_u32() % (max
- min
));
281 static int radv_timeout(sd_event_source
*s
, uint64_t usec
, void *userdata
) {
283 sd_radv
*ra
= userdata
;
284 usec_t min_timeout
= SD_RADV_DEFAULT_MIN_TIMEOUT_USEC
;
285 usec_t max_timeout
= SD_RADV_DEFAULT_MAX_TIMEOUT_USEC
;
286 usec_t time_now
, timeout
;
287 char time_string
[FORMAT_TIMESPAN_MAX
];
293 r
= sd_event_now(ra
->event
, clock_boottime_or_monotonic(), &time_now
);
297 r
= radv_send(ra
, NULL
, ra
->lifetime
);
299 log_radv_errno(r
, "Unable to send Router Advertisement: %m");
301 /* RFC 4861, Section 6.2.4, sending initial Router Advertisements */
302 if (ra
->ra_sent
< SD_RADV_MAX_INITIAL_RTR_ADVERTISEMENTS
) {
303 max_timeout
= SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC
;
304 min_timeout
= SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC
/ 3;
307 timeout
= radv_compute_timeout(min_timeout
, max_timeout
);
309 log_radv("Next Router Advertisement in %s",
310 format_timespan(time_string
, FORMAT_TIMESPAN_MAX
,
311 timeout
, USEC_PER_SEC
));
313 r
= event_reset_time(ra
->event
, &ra
->timeout_event_source
,
314 clock_boottime_or_monotonic(),
315 time_now
+ timeout
, MSEC_PER_SEC
,
317 ra
->event_priority
, "radv-timeout", true);
331 _public_
int sd_radv_stop(sd_radv
*ra
) {
334 assert_return(ra
, -EINVAL
);
336 if (ra
->state
== SD_RADV_STATE_IDLE
)
339 log_radv("Stopping IPv6 Router Advertisement daemon");
341 /* RFC 4861, Section 6.2.5, send at least one Router Advertisement
342 with zero lifetime */
343 r
= radv_send(ra
, NULL
, 0);
345 log_radv_errno(r
, "Unable to send last Router Advertisement with router lifetime set to zero: %m");
348 ra
->fd
= safe_close(ra
->fd
);
349 ra
->state
= SD_RADV_STATE_IDLE
;
354 _public_
int sd_radv_start(sd_radv
*ra
) {
357 assert_return(ra
, -EINVAL
);
358 assert_return(ra
->event
, -EINVAL
);
359 assert_return(ra
->ifindex
> 0, -EINVAL
);
361 if (ra
->state
!= SD_RADV_STATE_IDLE
)
364 r
= event_reset_time(ra
->event
, &ra
->timeout_event_source
,
365 clock_boottime_or_monotonic(),
368 ra
->event_priority
, "radv-timeout", true);
372 r
= icmp6_bind_router_advertisement(ra
->ifindex
);
378 r
= sd_event_add_io(ra
->event
, &ra
->recv_event_source
, ra
->fd
, EPOLLIN
, radv_recv
, ra
);
382 r
= sd_event_source_set_priority(ra
->recv_event_source
, ra
->event_priority
);
386 (void) sd_event_source_set_description(ra
->recv_event_source
, "radv-receive-message");
388 ra
->state
= SD_RADV_STATE_ADVERTISING
;
390 log_radv("Started IPv6 Router Advertisement daemon");
400 _public_
int sd_radv_set_ifindex(sd_radv
*ra
, int ifindex
) {
401 assert_return(ra
, -EINVAL
);
402 assert_return(ifindex
>= -1, -EINVAL
);
404 if (ra
->state
!= SD_RADV_STATE_IDLE
)
407 ra
->ifindex
= ifindex
;
412 _public_
int sd_radv_set_mac(sd_radv
*ra
, const struct ether_addr
*mac_addr
) {
413 assert_return(ra
, -EINVAL
);
415 if (ra
->state
!= SD_RADV_STATE_IDLE
)
419 ra
->mac_addr
= *mac_addr
;
426 _public_
int sd_radv_set_mtu(sd_radv
*ra
, uint32_t mtu
) {
427 assert_return(ra
, -EINVAL
);
428 assert_return(mtu
>= 1280, -EINVAL
);
435 _public_
int sd_radv_set_hop_limit(sd_radv
*ra
, uint8_t hop_limit
) {
436 assert_return(ra
, -EINVAL
);
438 if (ra
->state
!= SD_RADV_STATE_IDLE
)
441 ra
->hop_limit
= hop_limit
;
446 _public_
int sd_radv_set_router_lifetime(sd_radv
*ra
, uint32_t router_lifetime
) {
447 assert_return(ra
, -EINVAL
);
449 if (ra
->state
!= SD_RADV_STATE_IDLE
)
452 /* RFC 4191, Section 2.2, "...If the Router Lifetime is zero, the
453 preference value MUST be set to (00) by the sender..." */
454 if (router_lifetime
== 0 &&
455 (ra
->flags
& (0x3 << 3)) != (SD_NDISC_PREFERENCE_MEDIUM
<< 3))
458 ra
->lifetime
= router_lifetime
;
463 _public_
int sd_radv_set_managed_information(sd_radv
*ra
, int managed
) {
464 assert_return(ra
, -EINVAL
);
466 if (ra
->state
!= SD_RADV_STATE_IDLE
)
469 SET_FLAG(ra
->flags
, ND_RA_FLAG_MANAGED
, managed
);
474 _public_
int sd_radv_set_other_information(sd_radv
*ra
, int other
) {
475 assert_return(ra
, -EINVAL
);
477 if (ra
->state
!= SD_RADV_STATE_IDLE
)
480 SET_FLAG(ra
->flags
, ND_RA_FLAG_OTHER
, other
);
485 _public_
int sd_radv_set_preference(sd_radv
*ra
, unsigned preference
) {
488 assert_return(ra
, -EINVAL
);
489 assert_return(IN_SET(preference
,
490 SD_NDISC_PREFERENCE_LOW
,
491 SD_NDISC_PREFERENCE_MEDIUM
,
492 SD_NDISC_PREFERENCE_HIGH
), -EINVAL
);
494 ra
->flags
= (ra
->flags
& ~(0x3 << 3)) | (preference
<< 3);
499 _public_
int sd_radv_add_prefix(sd_radv
*ra
, sd_radv_prefix
*p
, bool dynamic
) {
502 _cleanup_free_
char *addr_p
= NULL
;
503 char time_string_preferred
[FORMAT_TIMESPAN_MAX
];
504 char time_string_valid
[FORMAT_TIMESPAN_MAX
];
505 usec_t time_now
, valid
, preferred
, valid_until
, preferred_until
;
507 assert_return(ra
, -EINVAL
);
512 LIST_FOREACH(prefix
, cur
, ra
->prefixes
) {
514 r
= in_addr_prefix_intersect(AF_INET6
,
515 (union in_addr_union
*) &cur
->opt
.in6_addr
,
517 (union in_addr_union
*) &p
->opt
.in6_addr
,
520 _cleanup_free_
char *addr_cur
= NULL
;
522 (void) in_addr_to_string(AF_INET6
,
523 (union in_addr_union
*) &p
->opt
.in6_addr
,
526 if (dynamic
&& cur
->opt
.prefixlen
== p
->opt
.prefixlen
)
529 (void) in_addr_to_string(AF_INET6
,
530 (union in_addr_union
*) &cur
->opt
.in6_addr
,
532 log_radv("IPv6 prefix %s/%u already configured, ignoring %s/%u",
533 addr_cur
, cur
->opt
.prefixlen
,
534 addr_p
, p
->opt
.prefixlen
);
540 p
= sd_radv_prefix_ref(p
);
542 LIST_APPEND(prefix
, ra
->prefixes
, p
);
546 (void) in_addr_to_string(AF_INET6
, (union in_addr_union
*) &p
->opt
.in6_addr
, &addr_p
);
549 log_radv("Added prefix %s/%d", addr_p
, p
->opt
.prefixlen
);
556 r
= sd_event_now(ra
->event
, clock_boottime_or_monotonic(), &time_now
);
560 valid
= be32toh(p
->opt
.valid_lifetime
) * USEC_PER_SEC
;
561 valid_until
= usec_add(valid
, time_now
);
562 if (valid_until
== USEC_INFINITY
)
565 preferred
= be32toh(p
->opt
.preferred_lifetime
) * USEC_PER_SEC
;
566 preferred_until
= usec_add(preferred
, time_now
);
567 if (preferred_until
== USEC_INFINITY
)
570 cur
->valid_until
= valid_until
;
571 cur
->preferred_until
= preferred_until
;
573 log_radv("%s prefix %s/%u preferred %s valid %s",
574 cur
? "Updated": "Added",
575 addr_p
, p
->opt
.prefixlen
,
576 format_timespan(time_string_preferred
, FORMAT_TIMESPAN_MAX
,
577 preferred
, USEC_PER_SEC
),
578 format_timespan(time_string_valid
, FORMAT_TIMESPAN_MAX
,
579 valid
, USEC_PER_SEC
));
584 _public_ sd_radv_prefix
*sd_radv_remove_prefix(sd_radv
*ra
,
585 const struct in6_addr
*prefix
,
586 unsigned char prefixlen
) {
587 sd_radv_prefix
*cur
, *next
;
589 assert_return(ra
, NULL
);
590 assert_return(prefix
, NULL
);
592 LIST_FOREACH_SAFE(prefix
, cur
, next
, ra
->prefixes
) {
593 if (prefixlen
!= cur
->opt
.prefixlen
)
596 if (!in_addr_equal(AF_INET6
,
597 (union in_addr_union
*)prefix
,
598 (union in_addr_union
*)&cur
->opt
.in6_addr
))
601 LIST_REMOVE(prefix
, ra
->prefixes
, cur
);
610 _public_
int sd_radv_set_rdnss(sd_radv
*ra
, uint32_t lifetime
,
611 const struct in6_addr
*dns
, size_t n_dns
) {
612 _cleanup_free_
struct sd_radv_opt_dns
*opt_rdnss
= NULL
;
615 assert_return(ra
, -EINVAL
);
616 assert_return(n_dns
< 128, -EINVAL
);
618 if (!dns
|| n_dns
== 0) {
619 ra
->rdnss
= mfree(ra
->rdnss
);
625 len
= sizeof(struct sd_radv_opt_dns
) + sizeof(struct in6_addr
) * n_dns
;
627 opt_rdnss
= malloc0(len
);
631 opt_rdnss
->type
= SD_RADV_OPT_RDNSS
;
632 opt_rdnss
->length
= len
/ 8;
633 opt_rdnss
->lifetime
= htobe32(lifetime
);
635 memcpy(opt_rdnss
+ 1, dns
, n_dns
* sizeof(struct in6_addr
));
637 free_and_replace(ra
->rdnss
, opt_rdnss
);
644 _public_
int sd_radv_set_dnssl(sd_radv
*ra
, uint32_t lifetime
,
645 char **search_list
) {
646 _cleanup_free_
struct sd_radv_opt_dns
*opt_dnssl
= NULL
;
651 assert_return(ra
, -EINVAL
);
653 if (strv_isempty(search_list
)) {
654 ra
->dnssl
= mfree(ra
->dnssl
);
658 STRV_FOREACH(s
, search_list
)
659 len
+= strlen(*s
) + 2;
661 len
= (sizeof(struct sd_radv_opt_dns
) + len
+ 7) & ~0x7;
663 opt_dnssl
= malloc0(len
);
667 opt_dnssl
->type
= SD_RADV_OPT_DNSSL
;
668 opt_dnssl
->length
= len
/ 8;
669 opt_dnssl
->lifetime
= htobe32(lifetime
);
671 p
= (uint8_t *)(opt_dnssl
+ 1);
672 len
-= sizeof(struct sd_radv_opt_dns
);
674 STRV_FOREACH(s
, search_list
) {
677 r
= dns_name_to_wire_format(*s
, p
, len
, false);
688 free_and_replace(ra
->dnssl
, opt_dnssl
);
693 _public_
int sd_radv_prefix_new(sd_radv_prefix
**ret
) {
694 _cleanup_(sd_radv_prefix_unrefp
) sd_radv_prefix
*p
= NULL
;
696 assert_return(ret
, -EINVAL
);
698 p
= new0(sd_radv_prefix
, 1);
704 p
->opt
.type
= ND_OPT_PREFIX_INFORMATION
;
705 p
->opt
.length
= (sizeof(p
->opt
) - 1) /8 + 1;
707 p
->opt
.prefixlen
= 64;
709 /* RFC 4861, Section 6.2.1 */
710 SET_FLAG(p
->opt
.flags
, ND_OPT_PI_FLAG_ONLINK
, true);
711 SET_FLAG(p
->opt
.flags
, ND_OPT_PI_FLAG_AUTO
, true);
712 p
->opt
.preferred_lifetime
= htobe32(604800);
713 p
->opt
.valid_lifetime
= htobe32(2592000);
715 LIST_INIT(prefix
, p
);
722 DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_prefix
, sd_radv_prefix
, mfree
);
724 _public_
int sd_radv_prefix_set_prefix(sd_radv_prefix
*p
, const struct in6_addr
*in6_addr
,
725 unsigned char prefixlen
) {
726 assert_return(p
, -EINVAL
);
727 assert_return(in6_addr
, -EINVAL
);
729 if (prefixlen
< 3 || prefixlen
> 128)
733 /* unusual but allowed, log it */
734 log_radv("Unusual prefix length %d greater than 64", prefixlen
);
736 p
->opt
.in6_addr
= *in6_addr
;
737 p
->opt
.prefixlen
= prefixlen
;
742 _public_
int sd_radv_prefix_set_onlink(sd_radv_prefix
*p
, int onlink
) {
743 assert_return(p
, -EINVAL
);
745 SET_FLAG(p
->opt
.flags
, ND_OPT_PI_FLAG_ONLINK
, onlink
);
750 _public_
int sd_radv_prefix_set_address_autoconfiguration(sd_radv_prefix
*p
,
751 int address_autoconfiguration
) {
752 assert_return(p
, -EINVAL
);
754 SET_FLAG(p
->opt
.flags
, ND_OPT_PI_FLAG_AUTO
, address_autoconfiguration
);
759 _public_
int sd_radv_prefix_set_valid_lifetime(sd_radv_prefix
*p
,
760 uint32_t valid_lifetime
) {
761 assert_return(p
, -EINVAL
);
763 p
->opt
.valid_lifetime
= htobe32(valid_lifetime
);
768 _public_
int sd_radv_prefix_set_preferred_lifetime(sd_radv_prefix
*p
,
769 uint32_t preferred_lifetime
) {
770 assert_return(p
, -EINVAL
);
772 p
->opt
.preferred_lifetime
= htobe32(preferred_lifetime
);