Tom Gundersen [Mon, 31 Mar 2014 21:28:58 +0000 (23:28 +0200)]
sd-dhcp-client: --omg-optimized
Passing the protocol to socket() is redundant as it will be specified again in
bind(). Dropping the redundancy reduces the cost of bind() from ~30ms to ~0ms.
For details see [0].
networkd in a container (i.e., with next to no network latency) can now
negotiate a DHCP lease in 0.7 - 5 ms.
Thanks to Kay for help with debugging and to Daniel Borkmann for the pointer
to fix the problem.
Tom Gundersen [Sun, 30 Mar 2014 18:36:44 +0000 (20:36 +0200)]
sd-dhcp: avoid checksum calculation if possible
When receiving lots of packets that are not meant for us, we waste a relatively large amount
of cpu time computing their checksums before discarding them. Move the checksum calculation last
so we never compute it for packets which would otherwise be discarded.
The object is not currently used, so just drop the refenence. If/when we end up
using the object in the future, we must make sure to deal with possible mutual
references between rtnl busses and their queued messages; as is done in sd-bus.
Kay Sievers [Wed, 26 Mar 2014 18:22:17 +0000 (19:22 +0100)]
build-sys: update "linkcheck"
<kay> ssuominen: and drop --no-as-needed from the linkcheck?
<kay> ssuominen: i expect it all triggers without the gc-sections thing alone
<ssuominen> if the intention is to make it strict as possible,
to catch undefined references caused by missing -lfoo in linker line, then
LDFLAGS="-Wl,-fuse-ld=gold -Wl,--as-needed -Wl,--no-gc-sections"
Susant Sahani [Tue, 25 Mar 2014 08:43:30 +0000 (14:13 +0530)]
sd-rtnl: add support for tunnel attributes
Added support for tunneling netlink attrributes (ipip, gre, sit).
These works with kernel module ipip, gre and sit . The test cases are
moved to a separate file and manual test as well because they require
respective kernel modules as well.
Tom Gundersen [Mon, 24 Mar 2014 20:50:16 +0000 (21:50 +0100)]
networkd: netdev - fix error handling in set_ifindex()
Firstly, remove stray assert(). Also be a bit stricter when verifying the
received info. If we get an applicable newlink message that we can't make
sense of, we will now enter NETDEV_FAILED, as we cannot reasonably continue
without knowing the ifindex of our device.
tcpwrap is legacy code, that is barely maintained upstream. It's APIs
are awful, and the feature set it exposes (such as DNS and IDENT
access control) questionnable. We should not support this natively in
systemd.
Hence, let's remove the code. If people want to continue making use of
this, they can do so by plugging in "tcpd" for the processes they start.
With that scheme things are as well or badly supported as they were from
traditional inetd, hence no functionality is really lost.
service: don't take chkconfig priority into account
Given that native services do not carry a sysv priority anyway it is
pointless reading them from chkconfig headers, and pretend they'd work.
So let's drop this.
Tom Gundersen [Sun, 23 Mar 2014 20:45:46 +0000 (21:45 +0100)]
sd-rtnl: add sd_rtnl_message_enter_container()
Extend rta_offset_tb into a stack of offset tables, one for each parent of the
current container, and make sd_rtnl_message_{enter,exit}_container() pop/push
to this stack.
Also make sd_rtnl_message_rewind() parse the top-level container, and use this
when reading a message from the socket.
This changes the API by dropping the now redundant sd_rtnl_message_read()
method.
Gerd Hoffmann [Mon, 24 Mar 2014 11:07:41 +0000 (12:07 +0100)]
rules: update qemu hid rules
Update comment to be a bit more specific.
Change match to blacklist the serial number of the broken devices
instead of whitelisting the serial number of the fixed devices.
This allows to do something useful with the serial number in the
future.
util: replace close_pipe() with new safe_close_pair()
safe_close_pair() is more like safe_close(), except that it handles
pairs of fds, and doesn't make and misleading allusion, as it works
similarly well for socketpairs() as for pipe()s...
David Herrmann [Sat, 22 Mar 2014 17:06:38 +0000 (18:06 +0100)]
sd-bus: add note about sd_bus_unref() recursion
In sd_bus_unref() we check for self-reference loops and destruct our
queues in case we're the only reference holders. However, we do _not_
modify our own ref-count, thus effectively causing the
message-destructions to enter with the same reference count as we did.
The only reason this doesn't cause an endless recursion (or trigger
assert(m->n_ref > 0) in sd_bus_message_unref()) is the fact that we
decrease queue-counters _before_ calling _unref(). That's not obvious at
all, so add a big fat note in bus_reset_queues() to everyone touching that
code.
David Herrmann [Sat, 22 Mar 2014 16:43:30 +0000 (17:43 +0100)]
sd-rtnl: fix self-reference leaks
Like sd-bus, sd-rtnl can have self-references through queued messages. In
particular, each queued message has the following self-ref loop:
rtnl->wqueue[i]->rtnl == rtnl
Same is true for "rqueue".
When sd_rtnl_unref() gets called, we must therefore make sure we correctly
consider each self-reference when deciding to destroy the object. For each
queued message, there _might_ be one ref. However, rtnl-messages can be
created _without_ a bus-reference, therefore we need to verify the
actually required ref-count.
Once we know exactly how many self-refs exist, and we verified none of the
queued messages has external references, we can destruct the object.
We must immediately drop our own reference, then flush all queues and
destroy the bus object. Otherwise, each sd_rtnl_message_unref() call would
recurse into the same destruction logic as they enter with the same
rtnl-refcnt.
Note: We really should verify _all_ queued messages have m->rtnl set to
the bus they're queued on. If that's given, we can change:
if (REFCNT_GET(rtnl->n_ref) <= refs)
to
if (REFCNT_GET(rtnl->n_ref) == refs)
and thus avoid recalculating the required refs for each message we
remove from the queue during destruction.
Tom Gundersen [Sat, 22 Mar 2014 09:52:49 +0000 (10:52 +0100)]
sd-dhcp-client: test - don't close socket twice
One end of the socketpair is closed by the library, so only close our end. Also switch to
the safe_close() so we get notified about problems with closing.
Increase the chance of using the same link local address between reboots. The
pseudo random sequence of addresses we attempt is now seeded with data that is
very likely to stay the same between reboots, but at the same time be unique
to the specific machine/nic.
First we try to use the ID_NET_NAME_* data from the udev db combined with the
machin-id, which is guaranteed to be unique and persistent, if available. If
that is not possible (e.g., in containers where we don't have access to the
udev db) we fallback to using the MAC address of the interface, which is
guaranteed to be unique, and likely to be persistent.
[tomegun: three minor changes:
- don't expose HASH_KEY in the siphash24 header
- get rid of some compile-warnings (and some casts at the same time),
by using uint8_t[8] rather than uint64_t in the api
- added commit message]
Tom Gundersen [Fri, 21 Mar 2014 17:36:32 +0000 (18:36 +0100)]
sd-dhcp-client/sd-ipv4ll: allow mac address to be updated at any time
If necessary, restart the clients to deal with a changing mac address
at runtime. This will solve the problem of starting clients on bridges
before they have received their final MAC address.
Brandon Philips [Thu, 20 Mar 2014 18:28:12 +0000 (11:28 -0700)]
network: dhcp: create explicit host route to gateway
Some DHCP servers gives you a netmask of 255.255.255.255 so the gateway is not
routable. Other DHCP client implementations look through the existing routes to
figure out if they should add an explicit host route. See below for a link.
However, it makes sense to just create the route explicitly whether it is
needed or not since it is explicit, makes the dhcp route entries independent of
other entries and saves us from knowing the state of the kernel tables.
After patch route table on a machine with a network (common case):
default via 10.0.2.2 dev ens3
10.0.2.0/24 dev ens3 proto kernel scope link src 10.0.2.15
10.0.2.2 dev ens3 scope link
After patch route table on a machine without a network (this case):
default via 10.240.0.1 dev ens4v1
10.240.0.1 dev ens4v1 scope link
The code from dhcpcd that works around this issue is on line 637.
https://android.googlesource.com/platform/external/dhcpcd/+/master/configure.c
Tom Gundersen [Wed, 19 Mar 2014 15:05:44 +0000 (16:05 +0100)]
sd-dhcp-client: add fallback subnet masks
The DHCP RFC does not require the DHCP server to send a subnet mask, so if it
is missing, let's try to use the default subnet masks based on address class.
In case the class the address belongs to does not have a default subnet mask,
we fail as before.
Also improve logging when handling invalid dhcp messages, and simply ignore them
rather than stop the whole dhcp client.