network: ignore requested ipv6 fdb entry when ipv6 is disabled by sysctl
[thirdparty/systemd.git] / src / network / networkd-fdb.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3   Copyright © 2014 Intel Corporation. All rights reserved.
4 ***/
5
6 #include <net/ethernet.h>
7 #include <net/if.h>
8
9 #include "alloc-util.h"
10 #include "conf-parser.h"
11 #include "netdev/bridge.h"
12 #include "netdev/vxlan.h"
13 #include "netlink-util.h"
14 #include "networkd-fdb.h"
15 #include "networkd-manager.h"
16 #include "parse-util.h"
17 #include "string-util.h"
18 #include "string-table.h"
19 #include "util.h"
20 #include "vlan-util.h"
21
22 #define STATIC_FDB_ENTRIES_PER_NETWORK_MAX 1024U
23
24 static const char* const fdb_ntf_flags_table[_NEIGHBOR_CACHE_ENTRY_FLAGS_MAX] = {
25         [NEIGHBOR_CACHE_ENTRY_FLAGS_USE] = "use",
26         [NEIGHBOR_CACHE_ENTRY_FLAGS_SELF] = "self",
27         [NEIGHBOR_CACHE_ENTRY_FLAGS_MASTER] = "master",
28         [NEIGHBOR_CACHE_ENTRY_FLAGS_ROUTER] = "router",
29 };
30
31 DEFINE_STRING_TABLE_LOOKUP(fdb_ntf_flags, NeighborCacheEntryFlags);
32
33 /* create a new FDB entry or get an existing one. */
34 static int fdb_entry_new_static(
35                 Network *network,
36                 const char *filename,
37                 unsigned section_line,
38                 FdbEntry **ret) {
39
40         _cleanup_(network_config_section_freep) NetworkConfigSection *n = NULL;
41         _cleanup_(fdb_entry_freep) FdbEntry *fdb_entry = NULL;
42         _cleanup_free_ struct ether_addr *mac_addr = NULL;
43         int r;
44
45         assert(network);
46         assert(ret);
47         assert(!!filename == (section_line > 0));
48
49         /* search entry in hashmap first. */
50         if (filename) {
51                 r = network_config_section_new(filename, section_line, &n);
52                 if (r < 0)
53                         return r;
54
55                 fdb_entry = hashmap_get(network->fdb_entries_by_section, n);
56                 if (fdb_entry) {
57                         *ret = TAKE_PTR(fdb_entry);
58
59                         return 0;
60                 }
61         }
62
63         if (network->n_static_fdb_entries >= STATIC_FDB_ENTRIES_PER_NETWORK_MAX)
64                 return -E2BIG;
65
66         /* allocate space for MAC address. */
67         mac_addr = new0(struct ether_addr, 1);
68         if (!mac_addr)
69                 return -ENOMEM;
70
71         /* allocate space for and FDB entry. */
72         fdb_entry = new(FdbEntry, 1);
73         if (!fdb_entry)
74                 return -ENOMEM;
75
76         /* init FDB structure. */
77         *fdb_entry = (FdbEntry) {
78                 .network = network,
79                 .mac_addr = TAKE_PTR(mac_addr),
80                 .vni = VXLAN_VID_MAX + 1,
81                 .fdb_ntf_flags = NEIGHBOR_CACHE_ENTRY_FLAGS_SELF,
82         };
83
84         LIST_PREPEND(static_fdb_entries, network->static_fdb_entries, fdb_entry);
85         network->n_static_fdb_entries++;
86
87         if (filename) {
88                 fdb_entry->section = TAKE_PTR(n);
89
90                 r = hashmap_ensure_allocated(&network->fdb_entries_by_section, &network_config_hash_ops);
91                 if (r < 0)
92                         return r;
93
94                 r = hashmap_put(network->fdb_entries_by_section, fdb_entry->section, fdb_entry);
95                 if (r < 0)
96                         return r;
97         }
98
99         /* return allocated FDB structure. */
100         *ret = TAKE_PTR(fdb_entry);
101
102         return 0;
103 }
104
105 static int set_fdb_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
106         int r;
107
108         assert(link);
109
110         r = sd_netlink_message_get_errno(m);
111         if (r < 0 && r != -EEXIST)
112                 log_link_error_errno(link, r, "Could not add FDB entry: %m");
113
114         return 1;
115 }
116
117 /* send a request to the kernel to add a FDB entry in its static MAC table. */
118 int fdb_entry_configure(Link *link, FdbEntry *fdb_entry) {
119         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
120         int r;
121
122         assert(link);
123         assert(link->network);
124         assert(link->manager);
125         assert(fdb_entry);
126
127         if (fdb_entry->family == AF_INET6 && manager_sysctl_ipv6_enabled(link->manager) == 0) {
128                 log_link_warning(link, "An IPv6 fdb entry is requested, but IPv6 is disabled by sysctl, ignoring.");
129                 return 0;
130         }
131
132         /* create new RTM message */
133         r = sd_rtnl_message_new_neigh(link->manager->rtnl, &req, RTM_NEWNEIGH, link->ifindex, PF_BRIDGE);
134         if (r < 0)
135                 return rtnl_log_create_error(r);
136
137         r = sd_rtnl_message_neigh_set_flags(req, fdb_entry->fdb_ntf_flags);
138         if (r < 0)
139                 return rtnl_log_create_error(r);
140
141         /* only NUD_PERMANENT state supported. */
142         r = sd_rtnl_message_neigh_set_state(req, NUD_NOARP | NUD_PERMANENT);
143         if (r < 0)
144                 return rtnl_log_create_error(r);
145
146         r = sd_netlink_message_append_ether_addr(req, NDA_LLADDR, fdb_entry->mac_addr);
147         if (r < 0)
148                 return rtnl_log_create_error(r);
149
150         /* VLAN Id is optional. We'll add VLAN Id only if it's specified. */
151         if (fdb_entry->vlan_id > 0) {
152                 r = sd_netlink_message_append_u16(req, NDA_VLAN, fdb_entry->vlan_id);
153                 if (r < 0)
154                         return rtnl_log_create_error(r);
155         }
156
157         if (!in_addr_is_null(fdb_entry->family, &fdb_entry->destination_addr)) {
158                 r = netlink_message_append_in_addr_union(req, NDA_DST, fdb_entry->family, &fdb_entry->destination_addr);
159                 if (r < 0)
160                         return log_link_error_errno(link, r, "Could not append NDA_DST attribute: %m");
161         }
162
163         if (fdb_entry->vni <= VXLAN_VID_MAX) {
164                 r = sd_netlink_message_append_u32(req, NDA_VNI, fdb_entry->vni);
165                 if (r < 0)
166                         return log_link_error_errno(link, r, "Could not append NDA_VNI attribute: %m");
167         }
168
169         /* send message to the kernel to update its internal static MAC table. */
170         r = netlink_call_async(link->manager->rtnl, NULL, req, set_fdb_handler,
171                                link_netlink_destroy_callback, link);
172         if (r < 0)
173                 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
174
175         link_ref(link);
176
177         return 1;
178 }
179
180 /* remove and FDB entry. */
181 void fdb_entry_free(FdbEntry *fdb_entry) {
182         if (!fdb_entry)
183                 return;
184
185         if (fdb_entry->network) {
186                 LIST_REMOVE(static_fdb_entries, fdb_entry->network->static_fdb_entries, fdb_entry);
187                 assert(fdb_entry->network->n_static_fdb_entries > 0);
188                 fdb_entry->network->n_static_fdb_entries--;
189
190                 if (fdb_entry->section)
191                         hashmap_remove(fdb_entry->network->fdb_entries_by_section, fdb_entry->section);
192         }
193
194         network_config_section_free(fdb_entry->section);
195         free(fdb_entry->mac_addr);
196         free(fdb_entry);
197 }
198
199 /* parse the HW address from config files. */
200 int config_parse_fdb_hwaddr(
201                 const char *unit,
202                 const char *filename,
203                 unsigned line,
204                 const char *section,
205                 unsigned section_line,
206                 const char *lvalue,
207                 int ltype,
208                 const char *rvalue,
209                 void *data,
210                 void *userdata) {
211
212         Network *network = userdata;
213         _cleanup_(fdb_entry_free_or_set_invalidp) FdbEntry *fdb_entry = NULL;
214         int r;
215
216         assert(filename);
217         assert(section);
218         assert(lvalue);
219         assert(rvalue);
220         assert(data);
221
222         r = fdb_entry_new_static(network, filename, section_line, &fdb_entry);
223         if (r < 0)
224                 return log_oom();
225
226         /* read in the MAC address for the FDB table. */
227         r = sscanf(rvalue, "%02hhx:%02hhx:%02hhx:%02hhx:%02hhx:%02hhx",
228                    &fdb_entry->mac_addr->ether_addr_octet[0],
229                    &fdb_entry->mac_addr->ether_addr_octet[1],
230                    &fdb_entry->mac_addr->ether_addr_octet[2],
231                    &fdb_entry->mac_addr->ether_addr_octet[3],
232                    &fdb_entry->mac_addr->ether_addr_octet[4],
233                    &fdb_entry->mac_addr->ether_addr_octet[5]);
234
235         if (r != ETHER_ADDR_LEN) {
236                 log_syntax(unit, LOG_ERR, filename, line, 0, "Not a valid MAC address, ignoring assignment: %s", rvalue);
237                 return 0;
238         }
239
240         fdb_entry = NULL;
241
242         return 0;
243 }
244
245 /* parse the VLAN Id from config files. */
246 int config_parse_fdb_vlan_id(
247                 const char *unit,
248                 const char *filename,
249                 unsigned line,
250                 const char *section,
251                 unsigned section_line,
252                 const char *lvalue,
253                 int ltype,
254                 const char *rvalue,
255                 void *data,
256                 void *userdata) {
257
258         Network *network = userdata;
259         _cleanup_(fdb_entry_free_or_set_invalidp) FdbEntry *fdb_entry = NULL;
260         int r;
261
262         assert(filename);
263         assert(section);
264         assert(lvalue);
265         assert(rvalue);
266         assert(data);
267
268         r = fdb_entry_new_static(network, filename, section_line, &fdb_entry);
269         if (r < 0)
270                 return log_oom();
271
272         r = config_parse_vlanid(unit, filename, line, section,
273                                 section_line, lvalue, ltype,
274                                 rvalue, &fdb_entry->vlan_id, userdata);
275         if (r < 0)
276                 return r;
277
278         fdb_entry = NULL;
279
280         return 0;
281 }
282
283 int config_parse_fdb_destination(
284                 const char *unit,
285                 const char *filename,
286                 unsigned line,
287                 const char *section,
288                 unsigned section_line,
289                 const char *lvalue,
290                 int ltype,
291                 const char *rvalue,
292                 void *data,
293                 void *userdata) {
294
295         _cleanup_(fdb_entry_free_or_set_invalidp) FdbEntry *fdb_entry = NULL;
296         Network *network = userdata;
297         int r;
298
299         assert(filename);
300         assert(section);
301         assert(lvalue);
302         assert(rvalue);
303         assert(data);
304
305         r = fdb_entry_new_static(network, filename, section_line, &fdb_entry);
306         if (r < 0)
307                 return log_oom();
308
309         r = in_addr_from_string_auto(rvalue, &fdb_entry->family, &fdb_entry->destination_addr);
310         if (r < 0)
311                 return log_syntax(unit, LOG_ERR, filename, line, r,
312                                   "FDB destination IP address is invalid, ignoring assignment: %s",
313                                   rvalue);
314
315         fdb_entry = NULL;
316
317         return 0;
318 }
319
320 int config_parse_fdb_vxlan_vni(
321                 const char *unit,
322                 const char *filename,
323                 unsigned line,
324                 const char *section,
325                 unsigned section_line,
326                 const char *lvalue,
327                 int ltype,
328                 const char *rvalue,
329                 void *data,
330                 void *userdata) {
331
332         _cleanup_(fdb_entry_free_or_set_invalidp) FdbEntry *fdb_entry = NULL;
333         Network *network = userdata;
334         uint32_t vni;
335         int r;
336
337         assert(filename);
338         assert(section);
339         assert(lvalue);
340         assert(rvalue);
341         assert(data);
342
343         r = fdb_entry_new_static(network, filename, section_line, &fdb_entry);
344         if (r < 0)
345                 return log_oom();
346
347         r = safe_atou32(rvalue, &vni);
348         if (r < 0) {
349                 log_syntax(unit, LOG_ERR, filename, line, r,
350                            "Failed to parse VXLAN Network Identifier (VNI), ignoring assignment: %s",
351                            rvalue);
352                 return 0;
353         }
354
355         if (vni > VXLAN_VID_MAX) {
356                 log_syntax(unit, LOG_ERR, filename, line, 0,
357                            "FDB invalid VXLAN Network Identifier (VNI), ignoring assignment: %s",
358                            rvalue);
359                 return 0;
360         }
361
362         fdb_entry->vni = vni;
363         fdb_entry = NULL;
364
365         return 0;
366 }
367
368
369 int config_parse_fdb_ntf_flags(
370                 const char *unit,
371                 const char *filename,
372                 unsigned line,
373                 const char *section,
374                 unsigned section_line,
375                 const char *lvalue,
376                 int ltype,
377                 const char *rvalue,
378                 void *data,
379                 void *userdata) {
380
381         _cleanup_(fdb_entry_free_or_set_invalidp) FdbEntry *fdb_entry = NULL;
382         Network *network = userdata;
383         NeighborCacheEntryFlags f;
384         int r;
385
386         assert(filename);
387         assert(section);
388         assert(lvalue);
389         assert(rvalue);
390         assert(data);
391
392         r = fdb_entry_new_static(network, filename, section_line, &fdb_entry);
393         if (r < 0)
394                 return log_oom();
395
396         f = fdb_ntf_flags_from_string(rvalue);
397         if (f < 0) {
398                 log_syntax(unit, LOG_ERR, filename, line, 0,
399                            "FDB failed to parse AssociatedWith=, ignoring assignment: %s",
400                            rvalue);
401                 return 0;
402         }
403
404         fdb_entry->fdb_ntf_flags = f;
405         fdb_entry = NULL;
406
407         return 0;
408 }