src/network/networkd-ipv6-proxy-ndp.c

   1 /* SPDX-License-Identifier: LGPL-2.1+ */
   2
   3 #include <netinet/ether.h>
   4 #include <linux/if.h>
   5 #include <unistd.h>
   6
   7 #include "fileio.h"
   8 #include "netlink-util.h"
   9 #include "networkd-ipv6-proxy-ndp.h"
  10 #include "networkd-link.h"
  11 #include "networkd-manager.h"
  12 #include "networkd-network.h"
  13 #include "string-util.h"
  14 #include "socket-util.h"
  15
  16 static bool ipv6_proxy_ndp_is_needed(Link *link) {
  17         assert(link);
  18
  19         if (link->flags & IFF_LOOPBACK)
  20                 return false;
  21
  22         if (!link->network)
  23                 return false;
  24
  25         if (link->network->ipv6_proxy_ndp >= 0)
  26                 return link->network->ipv6_proxy_ndp;
  27
  28         if (link->network->n_ipv6_proxy_ndp_addresses == 0)
  29                 return false;
  30
  31         return true;
  32 }
  33
  34 static int ipv6_proxy_ndp_set(Link *link) {
  35         const char *p = NULL;
  36         int r, v;
  37
  38         assert(link);
  39
  40         if (!socket_ipv6_is_supported())
  41                 return 0;
  42
  43         v = ipv6_proxy_ndp_is_needed(link);
  44         p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/proxy_ndp");
  45
  46         r = write_string_file(p, one_zero(v), WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
  47         if (r < 0)
  48                 log_link_warning_errno(link, r, "Cannot configure proxy NDP for interface: %m");
  49
  50         return 0;
  51 }
  52
  53 int ipv6_proxy_ndp_address_new_static(Network *network, IPv6ProxyNDPAddress **ret) {
  54         _cleanup_(ipv6_proxy_ndp_address_freep) IPv6ProxyNDPAddress *ipv6_proxy_ndp_address = NULL;
  55
  56         assert(network);
  57         assert(ret);
  58
  59         /* allocate space for IPv6ProxyNDPAddress entry */
  60         ipv6_proxy_ndp_address = new(IPv6ProxyNDPAddress, 1);
  61         if (!ipv6_proxy_ndp_address)
  62                 return -ENOMEM;
  63
  64         *ipv6_proxy_ndp_address = (IPv6ProxyNDPAddress) {
  65                 .network = network,
  66         };
  67
  68         LIST_PREPEND(ipv6_proxy_ndp_addresses, network->ipv6_proxy_ndp_addresses, ipv6_proxy_ndp_address);
  69         network->n_ipv6_proxy_ndp_addresses++;
  70
  71         *ret = TAKE_PTR(ipv6_proxy_ndp_address);
  72
  73         return 0;
  74 }
  75
  76 void ipv6_proxy_ndp_address_free(IPv6ProxyNDPAddress *ipv6_proxy_ndp_address) {
  77         if (!ipv6_proxy_ndp_address)
  78                 return;
  79
  80         if (ipv6_proxy_ndp_address->network) {
  81                 LIST_REMOVE(ipv6_proxy_ndp_addresses, ipv6_proxy_ndp_address->network->ipv6_proxy_ndp_addresses,
  82                             ipv6_proxy_ndp_address);
  83
  84                 assert(ipv6_proxy_ndp_address->network->n_ipv6_proxy_ndp_addresses > 0);
  85                 ipv6_proxy_ndp_address->network->n_ipv6_proxy_ndp_addresses--;
  86         }
  87
  88         free(ipv6_proxy_ndp_address);
  89 }
  90
  91 int config_parse_ipv6_proxy_ndp_address(
  92                 const char *unit,
  93                 const char *filename,
  94                 unsigned line,
  95                 const char *section,
  96                 unsigned section_line,
  97                 const char *lvalue,
  98                 int ltype,
  99                 const char *rvalue,
 100                 void *data,
 101                 void *userdata) {
 102
 103         Network *network = userdata;
 104         _cleanup_(ipv6_proxy_ndp_address_freep) IPv6ProxyNDPAddress *ipv6_proxy_ndp_address = NULL;
 105         int r;
 106         union in_addr_union buffer;
 107
 108         assert(filename);
 109         assert(section);
 110         assert(lvalue);
 111         assert(rvalue);
 112         assert(data);
 113
 114         r = ipv6_proxy_ndp_address_new_static(network, &ipv6_proxy_ndp_address);
 115         if (r < 0)
 116                 return r;
 117
 118         r = in_addr_from_string(AF_INET6, rvalue, &buffer);
 119         if (r < 0) {
 120                 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IPv6 proxy NDP address, ignoring: %s",
 121                            rvalue);
 122                 return 0;
 123         }
 124
 125         r = in_addr_is_null(AF_INET6, &buffer);
 126         if (r != 0) {
 127                 log_syntax(unit, LOG_ERR, filename, line, r,
 128                            "IPv6 proxy NDP address cannot be the ANY address, ignoring: %s", rvalue);
 129                 return 0;
 130         }
 131
 132         ipv6_proxy_ndp_address->in_addr = buffer.in6;
 133         ipv6_proxy_ndp_address = NULL;
 134
 135         return 0;
 136 }
 137
 138 static int set_ipv6_proxy_ndp_address_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) {
 139         Link *link = userdata;
 140         int r;
 141
 142         assert(link);
 143
 144         r = sd_netlink_message_get_errno(m);
 145         if (r < 0 && r != -EEXIST)
 146                 log_link_error_errno(link, r, "Could not add IPv6 proxy ndp address entry: %m");
 147
 148         return 1;
 149 }
 150
 151 /* send a request to the kernel to add a IPv6 Proxy entry to the neighbour table */
 152 int ipv6_proxy_ndp_address_configure(Link *link, IPv6ProxyNDPAddress *ipv6_proxy_ndp_address) {
 153         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
 154         sd_netlink *rtnl;
 155         int r;
 156
 157         assert(link);
 158         assert(link->network);
 159         assert(link->manager);
 160         assert(ipv6_proxy_ndp_address);
 161
 162         rtnl = link->manager->rtnl;
 163
 164         /* create new netlink message */
 165         r = sd_rtnl_message_new_neigh(rtnl, &req, RTM_NEWNEIGH, link->ifindex, AF_INET6);
 166         if (r < 0)
 167                 return rtnl_log_create_error(r);
 168
 169         r = sd_rtnl_message_neigh_set_flags(req, NLM_F_REQUEST | NTF_PROXY);
 170         if (r < 0)
 171                 return rtnl_log_create_error(r);
 172
 173         r = sd_netlink_message_append_in6_addr(req, NDA_DST, &ipv6_proxy_ndp_address->in_addr);
 174         if (r < 0)
 175                 return rtnl_log_create_error(r);
 176
 177         r = sd_netlink_call_async(rtnl, NULL, req, set_ipv6_proxy_ndp_address_handler,
 178                                   link_netlink_destroy_callback, link, 0, __func__);
 179         if (r < 0)
 180                 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
 181
 182         link_ref(link);
 183
 184         return 0;
 185 }
 186
 187 /* configure all ipv6 proxy ndp addresses */
 188 int ipv6_proxy_ndp_addresses_configure(Link *link) {
 189         IPv6ProxyNDPAddress *ipv6_proxy_ndp_address;
 190         int r;
 191
 192         assert(link);
 193
 194         /* enable or disable proxy_ndp itself depending on whether ipv6_proxy_ndp_addresses are set or not */
 195         r = ipv6_proxy_ndp_set(link);
 196         if (r != 0)
 197                 return r;
 198
 199         LIST_FOREACH(ipv6_proxy_ndp_addresses, ipv6_proxy_ndp_address, link->network->ipv6_proxy_ndp_addresses) {
 200                 r = ipv6_proxy_ndp_address_configure(link, ipv6_proxy_ndp_address);
 201                 if (r != 0)
 202                         return r;
 203         }
 204         return 0;
 205 }