]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/networkd-link.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #11681 from yuwata/network-link-enslaved-operstate
[thirdparty/systemd.git] / src / network / networkd-link.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <netinet/ether.h>
4 #include <linux/if.h>
5 #include <linux/can/netlink.h>
6 #include <unistd.h>
7 #include <stdio_ext.h>
8
9 #include "alloc-util.h"
10 #include "bus-util.h"
11 #include "dhcp-identifier.h"
12 #include "dhcp-lease-internal.h"
13 #include "env-file.h"
14 #include "fd-util.h"
15 #include "fileio.h"
16 #include "missing_network.h"
17 #include "netdev/vrf.h"
18 #include "netlink-util.h"
19 #include "network-internal.h"
20 #include "networkd-ipv6-proxy-ndp.h"
21 #include "networkd-lldp-tx.h"
22 #include "networkd-manager.h"
23 #include "networkd-ndisc.h"
24 #include "networkd-neighbor.h"
25 #include "networkd-radv.h"
26 #include "networkd-routing-policy-rule.h"
27 #include "set.h"
28 #include "socket-util.h"
29 #include "stdio-util.h"
30 #include "string-table.h"
31 #include "strv.h"
32 #include "tmpfile-util.h"
33 #include "util.h"
34 #include "virt.h"
35
36 uint32_t link_get_vrf_table(Link *link) {
37 return link->network->vrf ? VRF(link->network->vrf)->table : RT_TABLE_MAIN;
38 }
39
40 uint32_t link_get_dhcp_route_table(Link *link) {
41 /* When the interface is part of an VRF use the VRFs routing table, unless
42 * another table is explicitly specified. */
43 if (link->network->dhcp_route_table_set)
44 return link->network->dhcp_route_table;
45 return link_get_vrf_table(link);
46 }
47
48 uint32_t link_get_ipv6_accept_ra_route_table(Link *link) {
49 if (link->network->ipv6_accept_ra_route_table_set)
50 return link->network->ipv6_accept_ra_route_table;
51 return link_get_vrf_table(link);
52 }
53
54 DUID* link_get_duid(Link *link) {
55 if (link->network->duid.type != _DUID_TYPE_INVALID)
56 return &link->network->duid;
57 else
58 return &link->manager->duid;
59 }
60
61 static bool link_dhcp6_enabled(Link *link) {
62 assert(link);
63
64 if (!socket_ipv6_is_supported())
65 return false;
66
67 if (link->flags & IFF_LOOPBACK)
68 return false;
69
70 if (!link->network)
71 return false;
72
73 if (link->network->bond)
74 return false;
75
76 return link->network->dhcp & ADDRESS_FAMILY_IPV6;
77 }
78
79 static bool link_dhcp4_enabled(Link *link) {
80 assert(link);
81
82 if (link->flags & IFF_LOOPBACK)
83 return false;
84
85 if (!link->network)
86 return false;
87
88 if (link->network->bond)
89 return false;
90
91 return link->network->dhcp & ADDRESS_FAMILY_IPV4;
92 }
93
94 static bool link_dhcp4_server_enabled(Link *link) {
95 assert(link);
96
97 if (link->flags & IFF_LOOPBACK)
98 return false;
99
100 if (!link->network)
101 return false;
102
103 if (link->network->bond)
104 return false;
105
106 return link->network->dhcp_server;
107 }
108
109 static bool link_ipv4ll_enabled(Link *link) {
110 assert(link);
111
112 if (link->flags & IFF_LOOPBACK)
113 return false;
114
115 if (!link->network)
116 return false;
117
118 if (STRPTR_IN_SET(link->kind, "vrf", "wireguard"))
119 return false;
120
121 if (link->network->bond)
122 return false;
123
124 return link->network->link_local & ADDRESS_FAMILY_IPV4;
125 }
126
127 static bool link_ipv6ll_enabled(Link *link) {
128 assert(link);
129
130 if (!socket_ipv6_is_supported())
131 return false;
132
133 if (link->flags & IFF_LOOPBACK)
134 return false;
135
136 if (!link->network)
137 return false;
138
139 if (STRPTR_IN_SET(link->kind, "vrf", "wireguard"))
140 return false;
141
142 if (link->network->bond)
143 return false;
144
145 return link->network->link_local & ADDRESS_FAMILY_IPV6;
146 }
147
148 static bool link_ipv6_enabled(Link *link) {
149 assert(link);
150
151 if (!socket_ipv6_is_supported())
152 return false;
153
154 if (link->network->bridge || link->network->bond)
155 return false;
156
157 /* DHCPv6 client will not be started if no IPv6 link-local address is configured. */
158 return link_ipv6ll_enabled(link) || network_has_static_ipv6_addresses(link->network);
159 }
160
161 static bool link_radv_enabled(Link *link) {
162 assert(link);
163
164 if (!link_ipv6ll_enabled(link))
165 return false;
166
167 return link->network->router_prefix_delegation != RADV_PREFIX_DELEGATION_NONE;
168 }
169
170 static bool link_lldp_rx_enabled(Link *link) {
171 assert(link);
172
173 if (link->flags & IFF_LOOPBACK)
174 return false;
175
176 if (link->iftype != ARPHRD_ETHER)
177 return false;
178
179 if (!link->network)
180 return false;
181
182 /* LLDP should be handled on bridge slaves as those have a direct
183 * connection to their peers not on the bridge master. Linux doesn't
184 * even (by default) forward lldp packets to the bridge master.*/
185 if (streq_ptr("bridge", link->kind))
186 return false;
187
188 return link->network->lldp_mode != LLDP_MODE_NO;
189 }
190
191 static bool link_lldp_emit_enabled(Link *link) {
192 assert(link);
193
194 if (link->flags & IFF_LOOPBACK)
195 return false;
196
197 if (link->iftype != ARPHRD_ETHER)
198 return false;
199
200 if (!link->network)
201 return false;
202
203 return link->network->lldp_emit != LLDP_EMIT_NO;
204 }
205
206 static bool link_ipv4_forward_enabled(Link *link) {
207 assert(link);
208
209 if (link->flags & IFF_LOOPBACK)
210 return false;
211
212 if (!link->network)
213 return false;
214
215 if (link->network->ip_forward == _ADDRESS_FAMILY_BOOLEAN_INVALID)
216 return false;
217
218 return link->network->ip_forward & ADDRESS_FAMILY_IPV4;
219 }
220
221 static bool link_ipv6_forward_enabled(Link *link) {
222 assert(link);
223
224 if (!socket_ipv6_is_supported())
225 return false;
226
227 if (link->flags & IFF_LOOPBACK)
228 return false;
229
230 if (!link->network)
231 return false;
232
233 if (link->network->ip_forward == _ADDRESS_FAMILY_BOOLEAN_INVALID)
234 return false;
235
236 return link->network->ip_forward & ADDRESS_FAMILY_IPV6;
237 }
238
239 static bool link_proxy_arp_enabled(Link *link) {
240 assert(link);
241
242 if (link->flags & IFF_LOOPBACK)
243 return false;
244
245 if (!link->network)
246 return false;
247
248 if (link->network->proxy_arp < 0)
249 return false;
250
251 return true;
252 }
253
254 static bool link_ipv6_accept_ra_enabled(Link *link) {
255 assert(link);
256
257 if (!socket_ipv6_is_supported())
258 return false;
259
260 if (link->flags & IFF_LOOPBACK)
261 return false;
262
263 if (!link->network)
264 return false;
265
266 if (!link_ipv6ll_enabled(link))
267 return false;
268
269 /* If unset use system default (enabled if local forwarding is disabled.
270 * disabled if local forwarding is enabled).
271 * If set, ignore or enforce RA independent of local forwarding state.
272 */
273 if (link->network->ipv6_accept_ra < 0)
274 /* default to accept RA if ip_forward is disabled and ignore RA if ip_forward is enabled */
275 return !link_ipv6_forward_enabled(link);
276 else if (link->network->ipv6_accept_ra > 0)
277 /* accept RA even if ip_forward is enabled */
278 return true;
279 else
280 /* ignore RA */
281 return false;
282 }
283
284 static IPv6PrivacyExtensions link_ipv6_privacy_extensions(Link *link) {
285 assert(link);
286
287 if (!socket_ipv6_is_supported())
288 return _IPV6_PRIVACY_EXTENSIONS_INVALID;
289
290 if (link->flags & IFF_LOOPBACK)
291 return _IPV6_PRIVACY_EXTENSIONS_INVALID;
292
293 if (!link->network)
294 return _IPV6_PRIVACY_EXTENSIONS_INVALID;
295
296 return link->network->ipv6_privacy_extensions;
297 }
298
299 static int link_enable_ipv6(Link *link) {
300 const char *p = NULL;
301 bool disabled;
302 int r;
303
304 if (link->flags & IFF_LOOPBACK)
305 return 0;
306
307 disabled = !link_ipv6_enabled(link);
308
309 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/disable_ipv6");
310
311 r = write_string_file(p, one_zero(disabled), WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
312 if (r < 0)
313 log_link_warning_errno(link, r, "Cannot %s IPv6 for interface %s: %m",
314 enable_disable(!disabled), link->ifname);
315 else
316 log_link_info(link, "IPv6 successfully %sd", enable_disable(!disabled));
317
318 return 0;
319 }
320
321 void link_update_operstate(Link *link, bool also_update_bond_master) {
322 LinkOperationalState operstate;
323
324 assert(link);
325
326 if (link->kernel_operstate == IF_OPER_DORMANT)
327 operstate = LINK_OPERSTATE_DORMANT;
328 else if (link_has_carrier(link)) {
329 Address *address;
330 uint8_t scope = RT_SCOPE_NOWHERE;
331 Iterator i;
332
333 /* if we have carrier, check what addresses we have */
334 SET_FOREACH(address, link->addresses, i) {
335 if (!address_is_ready(address))
336 continue;
337
338 if (address->scope < scope)
339 scope = address->scope;
340 }
341
342 /* for operstate we also take foreign addresses into account */
343 SET_FOREACH(address, link->addresses_foreign, i) {
344 if (!address_is_ready(address))
345 continue;
346
347 if (address->scope < scope)
348 scope = address->scope;
349 }
350
351 if (scope < RT_SCOPE_SITE)
352 /* universally accessible addresses found */
353 operstate = LINK_OPERSTATE_ROUTABLE;
354 else if (scope < RT_SCOPE_HOST)
355 /* only link or site local addresses found */
356 operstate = LINK_OPERSTATE_DEGRADED;
357 else
358 /* no useful addresses found */
359 operstate = LINK_OPERSTATE_CARRIER;
360 } else if (link->flags & IFF_UP)
361 operstate = LINK_OPERSTATE_NO_CARRIER;
362 else
363 operstate = LINK_OPERSTATE_OFF;
364
365 if (IN_SET(operstate, LINK_OPERSTATE_DEGRADED, LINK_OPERSTATE_CARRIER) &&
366 link->flags & IFF_SLAVE)
367 operstate = LINK_OPERSTATE_ENSLAVED;
368
369 if (IN_SET(operstate, LINK_OPERSTATE_CARRIER, LINK_OPERSTATE_ENSLAVED, LINK_OPERSTATE_ROUTABLE) &&
370 !hashmap_isempty(link->bond_slaves)) {
371 Iterator i;
372 Link *slave;
373
374 HASHMAP_FOREACH(slave, link->bond_slaves, i) {
375 link_update_operstate(slave, false);
376
377 if (IN_SET(slave->operstate,
378 LINK_OPERSTATE_OFF, LINK_OPERSTATE_NO_CARRIER, LINK_OPERSTATE_DORMANT))
379 operstate = LINK_OPERSTATE_DEGRADED;
380 }
381 }
382
383 if (link->operstate != operstate) {
384 link->operstate = operstate;
385 link_send_changed(link, "OperationalState", NULL);
386 link_dirty(link);
387 }
388
389 if (also_update_bond_master && link->network && link->network->bond) {
390 Link *master;
391
392 if (link_get(link->manager, link->network->bond->ifindex, &master) < 0)
393 return;
394
395 link_update_operstate(master, true);
396 }
397 }
398
399 #define FLAG_STRING(string, flag, old, new) \
400 (((old ^ new) & flag) \
401 ? ((old & flag) ? (" -" string) : (" +" string)) \
402 : "")
403
404 static int link_update_flags(Link *link, sd_netlink_message *m) {
405 unsigned flags, unknown_flags_added, unknown_flags_removed, unknown_flags;
406 uint8_t operstate;
407 int r;
408
409 assert(link);
410
411 r = sd_rtnl_message_link_get_flags(m, &flags);
412 if (r < 0)
413 return log_link_warning_errno(link, r, "Could not get link flags: %m");
414
415 r = sd_netlink_message_read_u8(m, IFLA_OPERSTATE, &operstate);
416 if (r < 0)
417 /* if we got a message without operstate, take it to mean
418 the state was unchanged */
419 operstate = link->kernel_operstate;
420
421 if ((link->flags == flags) && (link->kernel_operstate == operstate))
422 return 0;
423
424 if (link->flags != flags) {
425 log_link_debug(link, "Flags change:%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
426 FLAG_STRING("LOOPBACK", IFF_LOOPBACK, link->flags, flags),
427 FLAG_STRING("MASTER", IFF_MASTER, link->flags, flags),
428 FLAG_STRING("SLAVE", IFF_SLAVE, link->flags, flags),
429 FLAG_STRING("UP", IFF_UP, link->flags, flags),
430 FLAG_STRING("DORMANT", IFF_DORMANT, link->flags, flags),
431 FLAG_STRING("LOWER_UP", IFF_LOWER_UP, link->flags, flags),
432 FLAG_STRING("RUNNING", IFF_RUNNING, link->flags, flags),
433 FLAG_STRING("MULTICAST", IFF_MULTICAST, link->flags, flags),
434 FLAG_STRING("BROADCAST", IFF_BROADCAST, link->flags, flags),
435 FLAG_STRING("POINTOPOINT", IFF_POINTOPOINT, link->flags, flags),
436 FLAG_STRING("PROMISC", IFF_PROMISC, link->flags, flags),
437 FLAG_STRING("ALLMULTI", IFF_ALLMULTI, link->flags, flags),
438 FLAG_STRING("PORTSEL", IFF_PORTSEL, link->flags, flags),
439 FLAG_STRING("AUTOMEDIA", IFF_AUTOMEDIA, link->flags, flags),
440 FLAG_STRING("DYNAMIC", IFF_DYNAMIC, link->flags, flags),
441 FLAG_STRING("NOARP", IFF_NOARP, link->flags, flags),
442 FLAG_STRING("NOTRAILERS", IFF_NOTRAILERS, link->flags, flags),
443 FLAG_STRING("DEBUG", IFF_DEBUG, link->flags, flags),
444 FLAG_STRING("ECHO", IFF_ECHO, link->flags, flags));
445
446 unknown_flags = ~(IFF_LOOPBACK | IFF_MASTER | IFF_SLAVE | IFF_UP |
447 IFF_DORMANT | IFF_LOWER_UP | IFF_RUNNING |
448 IFF_MULTICAST | IFF_BROADCAST | IFF_POINTOPOINT |
449 IFF_PROMISC | IFF_ALLMULTI | IFF_PORTSEL |
450 IFF_AUTOMEDIA | IFF_DYNAMIC | IFF_NOARP |
451 IFF_NOTRAILERS | IFF_DEBUG | IFF_ECHO);
452 unknown_flags_added = ((link->flags ^ flags) & flags & unknown_flags);
453 unknown_flags_removed = ((link->flags ^ flags) & link->flags & unknown_flags);
454
455 /* link flags are currently at most 18 bits, let's align to
456 * printing 20 */
457 if (unknown_flags_added)
458 log_link_debug(link,
459 "Unknown link flags gained: %#.5x (ignoring)",
460 unknown_flags_added);
461
462 if (unknown_flags_removed)
463 log_link_debug(link,
464 "Unknown link flags lost: %#.5x (ignoring)",
465 unknown_flags_removed);
466 }
467
468 link->flags = flags;
469 link->kernel_operstate = operstate;
470
471 link_update_operstate(link, true);
472
473 return 0;
474 }
475
476 DEFINE_TRIVIAL_CLEANUP_FUNC(Link*, link_unref);
477
478 static int link_new(Manager *manager, sd_netlink_message *message, Link **ret) {
479 _cleanup_(link_unrefp) Link *link = NULL;
480 uint16_t type;
481 const char *ifname, *kind = NULL;
482 int r, ifindex;
483 unsigned short iftype;
484
485 assert(manager);
486 assert(message);
487 assert(ret);
488
489 /* check for link kind */
490 r = sd_netlink_message_enter_container(message, IFLA_LINKINFO);
491 if (r == 0) {
492 (void) sd_netlink_message_read_string(message, IFLA_INFO_KIND, &kind);
493 r = sd_netlink_message_exit_container(message);
494 if (r < 0)
495 return r;
496 }
497
498 r = sd_netlink_message_get_type(message, &type);
499 if (r < 0)
500 return r;
501 else if (type != RTM_NEWLINK)
502 return -EINVAL;
503
504 r = sd_rtnl_message_link_get_ifindex(message, &ifindex);
505 if (r < 0)
506 return r;
507 else if (ifindex <= 0)
508 return -EINVAL;
509
510 r = sd_rtnl_message_link_get_type(message, &iftype);
511 if (r < 0)
512 return r;
513
514 r = sd_netlink_message_read_string(message, IFLA_IFNAME, &ifname);
515 if (r < 0)
516 return r;
517
518 link = new(Link, 1);
519 if (!link)
520 return -ENOMEM;
521
522 *link = (Link) {
523 .n_ref = 1,
524 .manager = manager,
525 .state = LINK_STATE_PENDING,
526 .rtnl_extended_attrs = true,
527 .ifindex = ifindex,
528 .iftype = iftype,
529 };
530
531 link->ifname = strdup(ifname);
532 if (!link->ifname)
533 return -ENOMEM;
534
535 if (kind) {
536 link->kind = strdup(kind);
537 if (!link->kind)
538 return -ENOMEM;
539 }
540
541 r = sd_netlink_message_read_u32(message, IFLA_MASTER, (uint32_t *)&link->master_ifindex);
542 if (r < 0)
543 log_link_debug_errno(link, r, "New device has no master, continuing without");
544
545 r = sd_netlink_message_read_ether_addr(message, IFLA_ADDRESS, &link->mac);
546 if (r < 0)
547 log_link_debug_errno(link, r, "MAC address not found for new device, continuing without");
548
549 if (asprintf(&link->state_file, "/run/systemd/netif/links/%d", link->ifindex) < 0)
550 return -ENOMEM;
551
552 if (asprintf(&link->lease_file, "/run/systemd/netif/leases/%d", link->ifindex) < 0)
553 return -ENOMEM;
554
555 if (asprintf(&link->lldp_file, "/run/systemd/netif/lldp/%d", link->ifindex) < 0)
556 return -ENOMEM;
557
558 r = hashmap_ensure_allocated(&manager->links, NULL);
559 if (r < 0)
560 return r;
561
562 r = hashmap_put(manager->links, INT_TO_PTR(link->ifindex), link);
563 if (r < 0)
564 return r;
565
566 r = link_update_flags(link, message);
567 if (r < 0)
568 return r;
569
570 *ret = TAKE_PTR(link);
571
572 return 0;
573 }
574
575 static void link_detach_from_manager(Link *link) {
576 if (!link || !link->manager)
577 return;
578
579 hashmap_remove(link->manager->links, INT_TO_PTR(link->ifindex));
580 set_remove(link->manager->links_requesting_uuid, link);
581 link_clean(link);
582 }
583
584 static Link *link_free(Link *link) {
585 Address *address;
586 Link *carrier;
587 Route *route;
588 Iterator i;
589
590 assert(link);
591
592 while ((route = set_first(link->routes)))
593 route_free(route);
594
595 while ((route = set_first(link->routes_foreign)))
596 route_free(route);
597
598 link->routes = set_free(link->routes);
599 link->routes_foreign = set_free(link->routes_foreign);
600
601 while ((address = set_first(link->addresses)))
602 address_free(address);
603
604 while ((address = set_first(link->addresses_foreign)))
605 address_free(address);
606
607 link->addresses = set_free(link->addresses);
608 link->addresses_foreign = set_free(link->addresses_foreign);
609
610 while ((address = link->pool_addresses)) {
611 LIST_REMOVE(addresses, link->pool_addresses, address);
612 address_free(address);
613 }
614
615 sd_dhcp_server_unref(link->dhcp_server);
616 sd_dhcp_client_unref(link->dhcp_client);
617 sd_dhcp_lease_unref(link->dhcp_lease);
618
619 link_lldp_emit_stop(link);
620
621 free(link->lease_file);
622
623 sd_lldp_unref(link->lldp);
624 free(link->lldp_file);
625
626 ndisc_flush(link);
627
628 sd_ipv4ll_unref(link->ipv4ll);
629 sd_dhcp6_client_unref(link->dhcp6_client);
630 sd_ndisc_unref(link->ndisc);
631 sd_radv_unref(link->radv);
632
633 link_detach_from_manager(link);
634
635 free(link->ifname);
636
637 free(link->kind);
638
639 (void) unlink(link->state_file);
640 free(link->state_file);
641
642 sd_device_unref(link->sd_device);
643
644 HASHMAP_FOREACH (carrier, link->bound_to_links, i)
645 hashmap_remove(link->bound_to_links, INT_TO_PTR(carrier->ifindex));
646 hashmap_free(link->bound_to_links);
647
648 HASHMAP_FOREACH (carrier, link->bound_by_links, i)
649 hashmap_remove(link->bound_by_links, INT_TO_PTR(carrier->ifindex));
650 hashmap_free(link->bound_by_links);
651
652 hashmap_free(link->bond_slaves);
653
654 return mfree(link);
655 }
656
657 DEFINE_TRIVIAL_REF_UNREF_FUNC(Link, link, link_free);
658
659 int link_get(Manager *m, int ifindex, Link **ret) {
660 Link *link;
661
662 assert(m);
663 assert(ifindex);
664 assert(ret);
665
666 link = hashmap_get(m->links, INT_TO_PTR(ifindex));
667 if (!link)
668 return -ENODEV;
669
670 *ret = link;
671
672 return 0;
673 }
674
675 static void link_set_state(Link *link, LinkState state) {
676 assert(link);
677
678 if (link->state == state)
679 return;
680
681 link->state = state;
682
683 link_send_changed(link, "AdministrativeState", NULL);
684 }
685
686 static void link_enter_unmanaged(Link *link) {
687 assert(link);
688
689 log_link_debug(link, "Unmanaged");
690
691 link_set_state(link, LINK_STATE_UNMANAGED);
692
693 link_dirty(link);
694 }
695
696 static int link_stop_clients(Link *link) {
697 int r = 0, k;
698
699 assert(link);
700 assert(link->manager);
701 assert(link->manager->event);
702
703 if (link->dhcp_client) {
704 k = sd_dhcp_client_stop(link->dhcp_client);
705 if (k < 0)
706 r = log_link_warning_errno(link, k, "Could not stop DHCPv4 client: %m");
707 }
708
709 if (link->ipv4ll) {
710 k = sd_ipv4ll_stop(link->ipv4ll);
711 if (k < 0)
712 r = log_link_warning_errno(link, k, "Could not stop IPv4 link-local: %m");
713 }
714
715 if (link->dhcp6_client) {
716 k = sd_dhcp6_client_stop(link->dhcp6_client);
717 if (k < 0)
718 r = log_link_warning_errno(link, k, "Could not stop DHCPv6 client: %m");
719 }
720
721 if (link->ndisc) {
722 k = sd_ndisc_stop(link->ndisc);
723 if (k < 0)
724 r = log_link_warning_errno(link, k, "Could not stop IPv6 Router Discovery: %m");
725 }
726
727 if (link->radv) {
728 k = sd_radv_stop(link->radv);
729 if (k < 0)
730 r = log_link_warning_errno(link, k, "Could not stop IPv6 Router Advertisement: %m");
731 }
732
733 link_lldp_emit_stop(link);
734 return r;
735 }
736
737 void link_enter_failed(Link *link) {
738 assert(link);
739
740 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
741 return;
742
743 log_link_warning(link, "Failed");
744
745 link_set_state(link, LINK_STATE_FAILED);
746
747 link_stop_clients(link);
748
749 link_dirty(link);
750 }
751
752 static Address* link_find_dhcp_server_address(Link *link) {
753 Address *address;
754
755 assert(link);
756 assert(link->network);
757
758 /* The first statically configured address if there is any */
759 LIST_FOREACH(addresses, address, link->network->static_addresses) {
760
761 if (address->family != AF_INET)
762 continue;
763
764 if (in_addr_is_null(address->family, &address->in_addr))
765 continue;
766
767 return address;
768 }
769
770 /* If that didn't work, find a suitable address we got from the pool */
771 LIST_FOREACH(addresses, address, link->pool_addresses) {
772 if (address->family != AF_INET)
773 continue;
774
775 return address;
776 }
777
778 return NULL;
779 }
780
781 static void link_enter_configured(Link *link) {
782 assert(link);
783 assert(link->network);
784
785 if (link->state != LINK_STATE_CONFIGURING)
786 return;
787
788 log_link_info(link, "Configured");
789
790 link_set_state(link, LINK_STATE_CONFIGURED);
791
792 link_dirty(link);
793 }
794
795 static int link_request_set_routing_policy_rule(Link *link) {
796 RoutingPolicyRule *rule, *rrule = NULL;
797 int r;
798
799 assert(link);
800 assert(link->network);
801
802 link_set_state(link, LINK_STATE_CONFIGURING);
803 link->routing_policy_rules_configured = false;
804
805 LIST_FOREACH(rules, rule, link->network->rules) {
806 r = routing_policy_rule_get(link->manager, rule->family, &rule->from, rule->from_prefixlen, &rule->to,
807 rule->to_prefixlen, rule->tos, rule->fwmark, rule->table, rule->iif, rule->oif,
808 rule->protocol, &rule->sport, &rule->dport, &rrule);
809 if (r == 0) {
810 (void) routing_policy_rule_make_local(link->manager, rrule);
811 continue;
812 }
813
814 r = routing_policy_rule_configure(rule, link, NULL, false);
815 if (r < 0) {
816 log_link_warning_errno(link, r, "Could not set routing policy rules: %m");
817 link_enter_failed(link);
818 return r;
819 }
820
821 link->routing_policy_rule_messages++;
822 }
823
824 routing_policy_rule_purge(link->manager, link);
825 if (link->routing_policy_rule_messages == 0) {
826 link->routing_policy_rules_configured = true;
827 link_check_ready(link);
828 } else
829 log_link_debug(link, "Setting routing policy rules");
830
831 return 0;
832 }
833
834 static int route_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
835 int r;
836
837 assert(link);
838 assert(link->route_messages > 0);
839 assert(IN_SET(link->state, LINK_STATE_CONFIGURING,
840 LINK_STATE_FAILED, LINK_STATE_LINGER));
841
842 link->route_messages--;
843
844 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
845 return 1;
846
847 r = sd_netlink_message_get_errno(m);
848 if (r < 0 && r != -EEXIST)
849 log_link_warning_errno(link, r, "Could not set route: %m");
850
851 if (link->route_messages == 0) {
852 log_link_debug(link, "Routes set");
853 link->static_routes_configured = true;
854 link_check_ready(link);
855 }
856
857 return 1;
858 }
859
860 static int link_request_set_routes(Link *link) {
861 enum {
862 PHASE_NON_GATEWAY, /* First phase: Routes without a gateway */
863 PHASE_GATEWAY, /* Second phase: Routes with a gateway */
864 _PHASE_MAX
865 } phase;
866 Route *rt;
867 int r;
868
869 assert(link);
870 assert(link->network);
871 assert(link->addresses_configured);
872 assert(link->address_messages == 0);
873 assert(link->state != _LINK_STATE_INVALID);
874
875 link_set_state(link, LINK_STATE_CONFIGURING);
876 link->static_routes_configured = false;
877
878 r = link_request_set_routing_policy_rule(link);
879 if (r < 0)
880 return r;
881
882 /* First add the routes that enable us to talk to gateways, then add in the others that need a gateway. */
883 for (phase = 0; phase < _PHASE_MAX; phase++)
884 LIST_FOREACH(routes, rt, link->network->static_routes) {
885
886 if (in_addr_is_null(rt->family, &rt->gw) != (phase == PHASE_NON_GATEWAY))
887 continue;
888
889 r = route_configure(rt, link, route_handler);
890 if (r < 0) {
891 log_link_warning_errno(link, r, "Could not set routes: %m");
892 link_enter_failed(link);
893 return r;
894 }
895
896 link->route_messages++;
897 }
898
899 if (link->route_messages == 0) {
900 link->static_routes_configured = true;
901 link_check_ready(link);
902 } else
903 log_link_debug(link, "Setting routes");
904
905 return 0;
906 }
907
908 void link_check_ready(Link *link) {
909 Address *a;
910 Iterator i;
911
912 assert(link);
913
914 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
915 return;
916
917 if (!link->network)
918 return;
919
920 if (!link->addresses_configured)
921 return;
922
923 if (!link->neighbors_configured)
924 return;
925
926 SET_FOREACH(a, link->addresses, i)
927 if (!address_is_ready(a))
928 return;
929
930 if (!link->addresses_ready) {
931 link->addresses_ready = true;
932 link_request_set_routes(link);
933 }
934
935 if (!link->static_routes_configured)
936 return;
937
938 if (!link->routing_policy_rules_configured)
939 return;
940
941 if (link_ipv4ll_enabled(link))
942 if (!link->ipv4ll_address ||
943 !link->ipv4ll_route)
944 return;
945
946 if (!link->network->bridge) {
947
948 if (link_ipv6ll_enabled(link) &&
949 in_addr_is_null(AF_INET6, (const union in_addr_union*) &link->ipv6ll_address))
950 return;
951
952 if ((link_dhcp4_enabled(link) && !link_dhcp6_enabled(link) &&
953 !link->dhcp4_configured) ||
954 (link_dhcp6_enabled(link) && !link_dhcp4_enabled(link) &&
955 !link->dhcp6_configured) ||
956 (link_dhcp4_enabled(link) && link_dhcp6_enabled(link) &&
957 !link->dhcp4_configured && !link->dhcp6_configured))
958 return;
959
960 if (link_ipv6_accept_ra_enabled(link) && !link->ndisc_configured)
961 return;
962 }
963
964 if (link->state != LINK_STATE_CONFIGURED)
965 link_enter_configured(link);
966
967 return;
968 }
969
970 static int link_request_set_neighbors(Link *link) {
971 Neighbor *neighbor;
972 int r;
973
974 assert(link);
975 assert(link->network);
976 assert(link->state != _LINK_STATE_INVALID);
977
978 link_set_state(link, LINK_STATE_CONFIGURING);
979 link->neighbors_configured = false;
980
981 LIST_FOREACH(neighbors, neighbor, link->network->neighbors) {
982 r = neighbor_configure(neighbor, link, NULL);
983 if (r < 0) {
984 log_link_warning_errno(link, r, "Could not set neighbor: %m");
985 link_enter_failed(link);
986 return r;
987 }
988 }
989
990 if (link->neighbor_messages == 0) {
991 link->neighbors_configured = true;
992 link_check_ready(link);
993 } else
994 log_link_debug(link, "Setting neighbors");
995
996 return 0;
997 }
998
999 static int address_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1000 int r;
1001
1002 assert(rtnl);
1003 assert(m);
1004 assert(link);
1005 assert(link->ifname);
1006 assert(link->address_messages > 0);
1007 assert(IN_SET(link->state, LINK_STATE_CONFIGURING,
1008 LINK_STATE_FAILED, LINK_STATE_LINGER));
1009
1010 link->address_messages--;
1011
1012 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1013 return 1;
1014
1015 r = sd_netlink_message_get_errno(m);
1016 if (r < 0 && r != -EEXIST)
1017 log_link_warning_errno(link, r, "could not set address: %m");
1018 else if (r >= 0)
1019 manager_rtnl_process_address(rtnl, m, link->manager);
1020
1021 if (link->address_messages == 0) {
1022 log_link_debug(link, "Addresses set");
1023 link->addresses_configured = true;
1024 link_check_ready(link);
1025 }
1026
1027 return 1;
1028 }
1029
1030 static int link_push_uplink_dns_to_dhcp_server(Link *link, sd_dhcp_server *s) {
1031 _cleanup_free_ struct in_addr *addresses = NULL;
1032 size_t n_addresses = 0, n_allocated = 0;
1033 unsigned i;
1034
1035 log_debug("Copying DNS server information from %s", link->ifname);
1036
1037 if (!link->network)
1038 return 0;
1039
1040 for (i = 0; i < link->network->n_dns; i++) {
1041 struct in_addr ia;
1042
1043 /* Only look for IPv4 addresses */
1044 if (link->network->dns[i].family != AF_INET)
1045 continue;
1046
1047 ia = link->network->dns[i].address.in;
1048
1049 /* Never propagate obviously borked data */
1050 if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia))
1051 continue;
1052
1053 if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + 1))
1054 return log_oom();
1055
1056 addresses[n_addresses++] = ia;
1057 }
1058
1059 if (link->network->dhcp_use_dns && link->dhcp_lease) {
1060 const struct in_addr *da = NULL;
1061 int n;
1062
1063 n = sd_dhcp_lease_get_dns(link->dhcp_lease, &da);
1064 if (n > 0) {
1065
1066 if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + n))
1067 return log_oom();
1068
1069 memcpy(addresses + n_addresses, da, n * sizeof(struct in_addr));
1070 n_addresses += n;
1071 }
1072 }
1073
1074 if (n_addresses <= 0)
1075 return 0;
1076
1077 return sd_dhcp_server_set_dns(s, addresses, n_addresses);
1078 }
1079
1080 static int link_push_uplink_ntp_to_dhcp_server(Link *link, sd_dhcp_server *s) {
1081 _cleanup_free_ struct in_addr *addresses = NULL;
1082 size_t n_addresses = 0, n_allocated = 0;
1083 char **a;
1084
1085 if (!link->network)
1086 return 0;
1087
1088 log_debug("Copying NTP server information from %s", link->ifname);
1089
1090 STRV_FOREACH(a, link->network->ntp) {
1091 struct in_addr ia;
1092
1093 /* Only look for IPv4 addresses */
1094 if (inet_pton(AF_INET, *a, &ia) <= 0)
1095 continue;
1096
1097 /* Never propagate obviously borked data */
1098 if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia))
1099 continue;
1100
1101 if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + 1))
1102 return log_oom();
1103
1104 addresses[n_addresses++] = ia;
1105 }
1106
1107 if (link->network->dhcp_use_ntp && link->dhcp_lease) {
1108 const struct in_addr *da = NULL;
1109 int n;
1110
1111 n = sd_dhcp_lease_get_ntp(link->dhcp_lease, &da);
1112 if (n > 0) {
1113
1114 if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + n))
1115 return log_oom();
1116
1117 memcpy(addresses + n_addresses, da, n * sizeof(struct in_addr));
1118 n_addresses += n;
1119 }
1120 }
1121
1122 if (n_addresses <= 0)
1123 return 0;
1124
1125 return sd_dhcp_server_set_ntp(s, addresses, n_addresses);
1126 }
1127
1128 static int link_set_bridge_fdb(Link *link) {
1129 FdbEntry *fdb_entry;
1130 int r;
1131
1132 LIST_FOREACH(static_fdb_entries, fdb_entry, link->network->static_fdb_entries) {
1133 r = fdb_entry_configure(link, fdb_entry);
1134 if (r < 0)
1135 return log_link_error_errno(link, r, "Failed to add MAC entry to static MAC table: %m");
1136 }
1137
1138 return 0;
1139 }
1140
1141 static int link_request_set_addresses(Link *link) {
1142 AddressLabel *label;
1143 Address *ad;
1144 int r;
1145
1146 assert(link);
1147 assert(link->network);
1148 assert(link->state != _LINK_STATE_INVALID);
1149
1150 link_set_state(link, LINK_STATE_CONFIGURING);
1151
1152 /* Reset all *_configured flags we are configuring. */
1153 link->addresses_configured = false;
1154 link->addresses_ready = false;
1155 link->neighbors_configured = false;
1156 link->static_routes_configured = false;
1157 link->routing_policy_rules_configured = false;
1158
1159 r = link_set_bridge_fdb(link);
1160 if (r < 0)
1161 return r;
1162
1163 r = link_request_set_neighbors(link);
1164 if (r < 0)
1165 return r;
1166
1167 LIST_FOREACH(addresses, ad, link->network->static_addresses) {
1168 bool update;
1169
1170 update = address_get(link, ad->family, &ad->in_addr, ad->prefixlen, NULL) > 0;
1171
1172 r = address_configure(ad, link, address_handler, update);
1173 if (r < 0) {
1174 log_link_warning_errno(link, r, "Could not set addresses: %m");
1175 link_enter_failed(link);
1176 return r;
1177 }
1178
1179 link->address_messages++;
1180 }
1181
1182 LIST_FOREACH(labels, label, link->network->address_labels) {
1183 r = address_label_configure(label, link, NULL, false);
1184 if (r < 0) {
1185 log_link_warning_errno(link, r, "Could not set address label: %m");
1186 link_enter_failed(link);
1187 return r;
1188 }
1189
1190 link->address_label_messages++;
1191 }
1192
1193 /* now that we can figure out a default address for the dhcp server,
1194 start it */
1195 if (link_dhcp4_server_enabled(link) && (link->flags & IFF_UP)) {
1196 Address *address;
1197 Link *uplink = NULL;
1198 bool acquired_uplink = false;
1199
1200 address = link_find_dhcp_server_address(link);
1201 if (!address) {
1202 log_link_warning(link, "Failed to find suitable address for DHCPv4 server instance.");
1203 link_enter_failed(link);
1204 return 0;
1205 }
1206
1207 /* use the server address' subnet as the pool */
1208 r = sd_dhcp_server_configure_pool(link->dhcp_server, &address->in_addr.in, address->prefixlen,
1209 link->network->dhcp_server_pool_offset, link->network->dhcp_server_pool_size);
1210 if (r < 0)
1211 return r;
1212
1213 /* TODO:
1214 r = sd_dhcp_server_set_router(link->dhcp_server,
1215 &main_address->in_addr.in);
1216 if (r < 0)
1217 return r;
1218 */
1219
1220 if (link->network->dhcp_server_max_lease_time_usec > 0) {
1221 r = sd_dhcp_server_set_max_lease_time(
1222 link->dhcp_server,
1223 DIV_ROUND_UP(link->network->dhcp_server_max_lease_time_usec, USEC_PER_SEC));
1224 if (r < 0)
1225 return r;
1226 }
1227
1228 if (link->network->dhcp_server_default_lease_time_usec > 0) {
1229 r = sd_dhcp_server_set_default_lease_time(
1230 link->dhcp_server,
1231 DIV_ROUND_UP(link->network->dhcp_server_default_lease_time_usec, USEC_PER_SEC));
1232 if (r < 0)
1233 return r;
1234 }
1235
1236 if (link->network->dhcp_server_emit_dns) {
1237
1238 if (link->network->n_dhcp_server_dns > 0)
1239 r = sd_dhcp_server_set_dns(link->dhcp_server, link->network->dhcp_server_dns, link->network->n_dhcp_server_dns);
1240 else {
1241 uplink = manager_find_uplink(link->manager, link);
1242 acquired_uplink = true;
1243
1244 if (!uplink) {
1245 log_link_debug(link, "Not emitting DNS server information on link, couldn't find suitable uplink.");
1246 r = 0;
1247 } else
1248 r = link_push_uplink_dns_to_dhcp_server(uplink, link->dhcp_server);
1249 }
1250 if (r < 0)
1251 log_link_warning_errno(link, r, "Failed to set DNS server for DHCP server, ignoring: %m");
1252 }
1253
1254 if (link->network->dhcp_server_emit_ntp) {
1255
1256 if (link->network->n_dhcp_server_ntp > 0)
1257 r = sd_dhcp_server_set_ntp(link->dhcp_server, link->network->dhcp_server_ntp, link->network->n_dhcp_server_ntp);
1258 else {
1259 if (!acquired_uplink)
1260 uplink = manager_find_uplink(link->manager, link);
1261
1262 if (!uplink) {
1263 log_link_debug(link, "Not emitting NTP server information on link, couldn't find suitable uplink.");
1264 r = 0;
1265 } else
1266 r = link_push_uplink_ntp_to_dhcp_server(uplink, link->dhcp_server);
1267
1268 }
1269 if (r < 0)
1270 log_link_warning_errno(link, r, "Failed to set NTP server for DHCP server, ignoring: %m");
1271 }
1272
1273 r = sd_dhcp_server_set_emit_router(link->dhcp_server, link->network->dhcp_server_emit_router);
1274 if (r < 0)
1275 return log_link_warning_errno(link, r, "Failed to set router emission for DHCP server: %m");
1276
1277 if (link->network->dhcp_server_emit_timezone) {
1278 _cleanup_free_ char *buffer = NULL;
1279 const char *tz = NULL;
1280
1281 if (link->network->dhcp_server_timezone)
1282 tz = link->network->dhcp_server_timezone;
1283 else {
1284 r = get_timezone(&buffer);
1285 if (r < 0)
1286 log_warning_errno(r, "Failed to determine timezone: %m");
1287 else
1288 tz = buffer;
1289 }
1290
1291 if (tz) {
1292 r = sd_dhcp_server_set_timezone(link->dhcp_server, tz);
1293 if (r < 0)
1294 return r;
1295 }
1296 }
1297 if (!sd_dhcp_server_is_running(link->dhcp_server)) {
1298 r = sd_dhcp_server_start(link->dhcp_server);
1299 if (r < 0) {
1300 log_link_warning_errno(link, r, "Could not start DHCPv4 server instance: %m");
1301
1302 link_enter_failed(link);
1303
1304 return 0;
1305 }
1306 }
1307
1308 log_link_debug(link, "Offering DHCPv4 leases");
1309 }
1310
1311 if (link->address_messages == 0) {
1312 link->addresses_configured = true;
1313 link_check_ready(link);
1314 } else
1315 log_link_debug(link, "Setting addresses");
1316
1317 return 0;
1318 }
1319
1320 static int link_set_bridge_vlan(Link *link) {
1321 int r = 0;
1322
1323 r = br_vlan_configure(link, link->network->pvid, link->network->br_vid_bitmap, link->network->br_untagged_bitmap);
1324 if (r < 0)
1325 log_link_error_errno(link, r, "Failed to assign VLANs to bridge port: %m");
1326
1327 return r;
1328 }
1329
1330 static int link_set_proxy_arp(Link *link) {
1331 const char *p = NULL;
1332 int r;
1333
1334 if (!link_proxy_arp_enabled(link))
1335 return 0;
1336
1337 p = strjoina("/proc/sys/net/ipv4/conf/", link->ifname, "/proxy_arp");
1338
1339 r = write_string_file(p, one_zero(link->network->proxy_arp), WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
1340 if (r < 0)
1341 log_link_warning_errno(link, r, "Cannot configure proxy ARP for interface: %m");
1342
1343 return 0;
1344 }
1345
1346 static int link_set_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1347 int r;
1348
1349 assert(link);
1350
1351 log_link_debug(link, "Set link");
1352
1353 r = sd_netlink_message_get_errno(m);
1354 if (r < 0 && r != -EEXIST) {
1355 log_link_error_errno(link, r, "Could not join netdev: %m");
1356 link_enter_failed(link);
1357 }
1358
1359 return 1;
1360 }
1361
1362 static int link_configure_after_setting_mtu(Link *link);
1363
1364 static int set_mtu_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1365 int r;
1366
1367 assert(m);
1368 assert(link);
1369 assert(link->ifname);
1370
1371 link->setting_mtu = false;
1372
1373 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1374 return 1;
1375
1376 r = sd_netlink_message_get_errno(m);
1377 if (r < 0) {
1378 log_link_warning_errno(link, r, "Could not set MTU: %m");
1379 return 1;
1380 }
1381
1382 log_link_debug(link, "Setting MTU done.");
1383
1384 if (link->state == LINK_STATE_PENDING)
1385 (void) link_configure_after_setting_mtu(link);
1386
1387 return 1;
1388 }
1389
1390 int link_set_mtu(Link *link, uint32_t mtu) {
1391 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1392 int r;
1393
1394 assert(link);
1395 assert(link->manager);
1396 assert(link->manager->rtnl);
1397
1398 if (link->mtu == mtu || link->setting_mtu)
1399 return 0;
1400
1401 log_link_debug(link, "Setting MTU: %" PRIu32, mtu);
1402
1403 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1404 if (r < 0)
1405 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1406
1407 /* If IPv6 not configured (no static IPv6 address and IPv6LL autoconfiguration is disabled)
1408 * for this interface, or if it is a bridge slave, then disable IPv6 else enable it. */
1409 (void) link_enable_ipv6(link);
1410
1411 /* IPv6 protocol requires a minimum MTU of IPV6_MTU_MIN(1280) bytes
1412 * on the interface. Bump up MTU bytes to IPV6_MTU_MIN. */
1413 if (link_ipv6_enabled(link) && mtu < IPV6_MIN_MTU) {
1414
1415 log_link_warning(link, "Bumping MTU to " STRINGIFY(IPV6_MIN_MTU) ", as "
1416 "IPv6 is requested and requires a minimum MTU of " STRINGIFY(IPV6_MIN_MTU) " bytes: %m");
1417
1418 mtu = IPV6_MIN_MTU;
1419 }
1420
1421 r = sd_netlink_message_append_u32(req, IFLA_MTU, mtu);
1422 if (r < 0)
1423 return log_link_error_errno(link, r, "Could not append MTU: %m");
1424
1425 r = netlink_call_async(link->manager->rtnl, NULL, req, set_mtu_handler,
1426 link_netlink_destroy_callback, link);
1427 if (r < 0)
1428 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1429
1430 link_ref(link);
1431 link->setting_mtu = true;
1432
1433 return 0;
1434 }
1435
1436 static int set_flags_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1437 int r;
1438
1439 assert(m);
1440 assert(link);
1441 assert(link->ifname);
1442
1443 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1444 return 1;
1445
1446 r = sd_netlink_message_get_errno(m);
1447 if (r < 0)
1448 log_link_warning_errno(link, r, "Could not set link flags: %m");
1449
1450 return 1;
1451 }
1452
1453 static int link_set_flags(Link *link) {
1454 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1455 unsigned ifi_change = 0;
1456 unsigned ifi_flags = 0;
1457 int r;
1458
1459 assert(link);
1460 assert(link->manager);
1461 assert(link->manager->rtnl);
1462
1463 if (link->flags & IFF_LOOPBACK)
1464 return 0;
1465
1466 if (!link->network)
1467 return 0;
1468
1469 if (link->network->arp < 0 && link->network->multicast < 0 && link->network->allmulticast < 0)
1470 return 0;
1471
1472 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1473 if (r < 0)
1474 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1475
1476 if (link->network->arp >= 0) {
1477 ifi_change |= IFF_NOARP;
1478 SET_FLAG(ifi_flags, IFF_NOARP, link->network->arp == 0);
1479 }
1480
1481 if (link->network->multicast >= 0) {
1482 ifi_change |= IFF_MULTICAST;
1483 SET_FLAG(ifi_flags, IFF_MULTICAST, link->network->multicast);
1484 }
1485
1486 if (link->network->allmulticast >= 0) {
1487 ifi_change |= IFF_ALLMULTI;
1488 SET_FLAG(ifi_flags, IFF_ALLMULTI, link->network->allmulticast);
1489 }
1490
1491 r = sd_rtnl_message_link_set_flags(req, ifi_flags, ifi_change);
1492 if (r < 0)
1493 return log_link_error_errno(link, r, "Could not set link flags: %m");
1494
1495 r = netlink_call_async(link->manager->rtnl, NULL, req, set_flags_handler,
1496 link_netlink_destroy_callback, link);
1497 if (r < 0)
1498 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1499
1500 link_ref(link);
1501
1502 return 0;
1503 }
1504
1505 static int link_set_bridge(Link *link) {
1506 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1507 int r;
1508
1509 assert(link);
1510 assert(link->network);
1511
1512 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1513 if (r < 0)
1514 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1515
1516 r = sd_rtnl_message_link_set_family(req, PF_BRIDGE);
1517 if (r < 0)
1518 return log_link_error_errno(link, r, "Could not set message family: %m");
1519
1520 r = sd_netlink_message_open_container(req, IFLA_PROTINFO);
1521 if (r < 0)
1522 return log_link_error_errno(link, r, "Could not append IFLA_PROTINFO attribute: %m");
1523
1524 if (link->network->use_bpdu >= 0) {
1525 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_GUARD, link->network->use_bpdu);
1526 if (r < 0)
1527 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_GUARD attribute: %m");
1528 }
1529
1530 if (link->network->hairpin >= 0) {
1531 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MODE, link->network->hairpin);
1532 if (r < 0)
1533 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_MODE attribute: %m");
1534 }
1535
1536 if (link->network->fast_leave >= 0) {
1537 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_FAST_LEAVE, link->network->fast_leave);
1538 if (r < 0)
1539 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_FAST_LEAVE attribute: %m");
1540 }
1541
1542 if (link->network->allow_port_to_be_root >= 0) {
1543 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_PROTECT, link->network->allow_port_to_be_root);
1544 if (r < 0)
1545 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_PROTECT attribute: %m");
1546
1547 }
1548
1549 if (link->network->unicast_flood >= 0) {
1550 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_UNICAST_FLOOD, link->network->unicast_flood);
1551 if (r < 0)
1552 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_UNICAST_FLOOD attribute: %m");
1553 }
1554
1555 if (link->network->multicast_to_unicast >= 0) {
1556 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MCAST_TO_UCAST, link->network->multicast_to_unicast);
1557 if (r < 0)
1558 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_MCAST_TO_UCAST attribute: %m");
1559 }
1560
1561 if (link->network->cost != 0) {
1562 r = sd_netlink_message_append_u32(req, IFLA_BRPORT_COST, link->network->cost);
1563 if (r < 0)
1564 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_COST attribute: %m");
1565 }
1566
1567 if (link->network->priority != LINK_BRIDGE_PORT_PRIORITY_INVALID) {
1568 r = sd_netlink_message_append_u16(req, IFLA_BRPORT_PRIORITY, link->network->priority);
1569 if (r < 0)
1570 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_PRIORITY attribute: %m");
1571 }
1572
1573 r = sd_netlink_message_close_container(req);
1574 if (r < 0)
1575 return log_link_error_errno(link, r, "Could not append IFLA_LINKINFO attribute: %m");
1576
1577 r = netlink_call_async(link->manager->rtnl, NULL, req, link_set_handler,
1578 link_netlink_destroy_callback, link);
1579 if (r < 0)
1580 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1581
1582 link_ref(link);
1583
1584 return r;
1585 }
1586
1587 static int link_set_bond_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1588 int r;
1589
1590 assert(m);
1591 assert(link);
1592 assert(link->ifname);
1593
1594 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1595 return 1;
1596
1597 r = sd_netlink_message_get_errno(m);
1598 if (r < 0) {
1599 log_link_warning_errno(link, r, "Could not set bonding interface: %m");
1600 return 1;
1601 }
1602
1603 return 1;
1604 }
1605
1606 static int link_set_bond(Link *link) {
1607 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1608 int r;
1609
1610 assert(link);
1611 assert(link->network);
1612
1613 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_NEWLINK, link->network->bond->ifindex);
1614 if (r < 0)
1615 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1616
1617 r = sd_netlink_message_set_flags(req, NLM_F_REQUEST | NLM_F_ACK);
1618 if (r < 0)
1619 return log_link_error_errno(link, r, "Could not set netlink flags: %m");
1620
1621 r = sd_netlink_message_open_container(req, IFLA_LINKINFO);
1622 if (r < 0)
1623 return log_link_error_errno(link, r, "Could not append IFLA_PROTINFO attribute: %m");
1624
1625 r = sd_netlink_message_open_container_union(req, IFLA_INFO_DATA, "bond");
1626 if (r < 0)
1627 return log_link_error_errno(link, r, "Could not append IFLA_INFO_DATA attribute: %m");
1628
1629 if (link->network->active_slave) {
1630 r = sd_netlink_message_append_u32(req, IFLA_BOND_ACTIVE_SLAVE, link->ifindex);
1631 if (r < 0)
1632 return log_link_error_errno(link, r, "Could not append IFLA_BOND_ACTIVE_SLAVE attribute: %m");
1633 }
1634
1635 if (link->network->primary_slave) {
1636 r = sd_netlink_message_append_u32(req, IFLA_BOND_PRIMARY, link->ifindex);
1637 if (r < 0)
1638 return log_link_error_errno(link, r, "Could not append IFLA_BOND_PRIMARY attribute: %m");
1639 }
1640
1641 r = sd_netlink_message_close_container(req);
1642 if (r < 0)
1643 return log_link_error_errno(link, r, "Could not append IFLA_LINKINFO attribute: %m");
1644
1645 r = sd_netlink_message_close_container(req);
1646 if (r < 0)
1647 return log_link_error_errno(link, r, "Could not append IFLA_INFO_DATA attribute: %m");
1648
1649 r = netlink_call_async(link->manager->rtnl, NULL, req, link_set_bond_handler,
1650 link_netlink_destroy_callback, link);
1651 if (r < 0)
1652 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1653
1654 link_ref(link);
1655
1656 return r;
1657 }
1658
1659 static int link_append_bond_slave(Link *link) {
1660 Link *master;
1661 int r;
1662
1663 assert(link);
1664 assert(link->network);
1665 assert(link->network->bond);
1666
1667 r = link_get(link->manager, link->network->bond->ifindex, &master);
1668 if (r < 0)
1669 return r;
1670
1671 r = hashmap_ensure_allocated(&master->bond_slaves, NULL);
1672 if (r < 0)
1673 return r;
1674
1675 r = hashmap_put(master->bond_slaves, INT_TO_PTR(link->ifindex), link);
1676 if (r < 0)
1677 return r;
1678
1679 return 0;
1680 }
1681
1682 static int link_lldp_save(Link *link) {
1683 _cleanup_free_ char *temp_path = NULL;
1684 _cleanup_fclose_ FILE *f = NULL;
1685 sd_lldp_neighbor **l = NULL;
1686 int n = 0, r, i;
1687
1688 assert(link);
1689 assert(link->lldp_file);
1690
1691 if (!link->lldp) {
1692 (void) unlink(link->lldp_file);
1693 return 0;
1694 }
1695
1696 r = sd_lldp_get_neighbors(link->lldp, &l);
1697 if (r < 0)
1698 goto finish;
1699 if (r == 0) {
1700 (void) unlink(link->lldp_file);
1701 goto finish;
1702 }
1703
1704 n = r;
1705
1706 r = fopen_temporary(link->lldp_file, &f, &temp_path);
1707 if (r < 0)
1708 goto finish;
1709
1710 fchmod(fileno(f), 0644);
1711
1712 for (i = 0; i < n; i++) {
1713 const void *p;
1714 le64_t u;
1715 size_t sz;
1716
1717 r = sd_lldp_neighbor_get_raw(l[i], &p, &sz);
1718 if (r < 0)
1719 goto finish;
1720
1721 u = htole64(sz);
1722 (void) fwrite(&u, 1, sizeof(u), f);
1723 (void) fwrite(p, 1, sz, f);
1724 }
1725
1726 r = fflush_and_check(f);
1727 if (r < 0)
1728 goto finish;
1729
1730 if (rename(temp_path, link->lldp_file) < 0) {
1731 r = -errno;
1732 goto finish;
1733 }
1734
1735 finish:
1736 if (r < 0) {
1737 (void) unlink(link->lldp_file);
1738 if (temp_path)
1739 (void) unlink(temp_path);
1740
1741 log_link_error_errno(link, r, "Failed to save LLDP data to %s: %m", link->lldp_file);
1742 }
1743
1744 if (l) {
1745 for (i = 0; i < n; i++)
1746 sd_lldp_neighbor_unref(l[i]);
1747 free(l);
1748 }
1749
1750 return r;
1751 }
1752
1753 static void lldp_handler(sd_lldp *lldp, sd_lldp_event event, sd_lldp_neighbor *n, void *userdata) {
1754 Link *link = userdata;
1755 int r;
1756
1757 assert(link);
1758
1759 (void) link_lldp_save(link);
1760
1761 if (link_lldp_emit_enabled(link) && event == SD_LLDP_EVENT_ADDED) {
1762 /* If we received information about a new neighbor, restart the LLDP "fast" logic */
1763
1764 log_link_debug(link, "Received LLDP datagram from previously unknown neighbor, restarting 'fast' LLDP transmission.");
1765
1766 r = link_lldp_emit_start(link);
1767 if (r < 0)
1768 log_link_warning_errno(link, r, "Failed to restart LLDP transmission: %m");
1769 }
1770 }
1771
1772 static int link_acquire_ipv6_conf(Link *link) {
1773 int r;
1774
1775 assert(link);
1776
1777 if (link_ipv6_accept_ra_enabled(link)) {
1778 assert(link->ndisc);
1779
1780 log_link_debug(link, "Discovering IPv6 routers");
1781
1782 r = sd_ndisc_start(link->ndisc);
1783 if (r < 0 && r != -EBUSY)
1784 return log_link_warning_errno(link, r, "Could not start IPv6 Router Discovery: %m");
1785 }
1786
1787 if (link_radv_enabled(link)) {
1788 assert(link->radv);
1789 assert(in_addr_is_link_local(AF_INET6, (const union in_addr_union*)&link->ipv6ll_address) > 0);
1790
1791 log_link_debug(link, "Starting IPv6 Router Advertisements");
1792
1793 r = sd_radv_start(link->radv);
1794 if (r < 0 && r != -EBUSY)
1795 return log_link_warning_errno(link, r, "Could not start IPv6 Router Advertisement: %m");
1796 }
1797
1798 (void) dhcp6_request_prefix_delegation(link);
1799
1800 return 0;
1801 }
1802
1803 static int link_acquire_ipv4_conf(Link *link) {
1804 int r;
1805
1806 assert(link);
1807 assert(link->network);
1808 assert(link->manager);
1809 assert(link->manager->event);
1810
1811 if (link_ipv4ll_enabled(link)) {
1812 assert(link->ipv4ll);
1813
1814 log_link_debug(link, "Acquiring IPv4 link-local address");
1815
1816 r = sd_ipv4ll_start(link->ipv4ll);
1817 if (r < 0)
1818 return log_link_warning_errno(link, r, "Could not acquire IPv4 link-local address: %m");
1819 }
1820
1821 if (link_dhcp4_enabled(link)) {
1822 assert(link->dhcp_client);
1823
1824 log_link_debug(link, "Acquiring DHCPv4 lease");
1825
1826 r = sd_dhcp_client_start(link->dhcp_client);
1827 if (r < 0)
1828 return log_link_warning_errno(link, r, "Could not acquire DHCPv4 lease: %m");
1829 }
1830
1831 return 0;
1832 }
1833
1834 static int link_acquire_conf(Link *link) {
1835 int r;
1836
1837 assert(link);
1838
1839 r = link_acquire_ipv4_conf(link);
1840 if (r < 0)
1841 return r;
1842
1843 if (!in_addr_is_null(AF_INET6, (const union in_addr_union*) &link->ipv6ll_address)) {
1844 r = link_acquire_ipv6_conf(link);
1845 if (r < 0)
1846 return r;
1847 }
1848
1849 if (link_lldp_emit_enabled(link)) {
1850 r = link_lldp_emit_start(link);
1851 if (r < 0)
1852 return log_link_warning_errno(link, r, "Failed to start LLDP transmission: %m");
1853 }
1854
1855 return 0;
1856 }
1857
1858 bool link_has_carrier(Link *link) {
1859 /* see Documentation/networking/operstates.txt in the kernel sources */
1860
1861 if (link->kernel_operstate == IF_OPER_UP)
1862 return true;
1863
1864 if (link->kernel_operstate == IF_OPER_UNKNOWN)
1865 /* operstate may not be implemented, so fall back to flags */
1866 if ((link->flags & IFF_LOWER_UP) && !(link->flags & IFF_DORMANT))
1867 return true;
1868
1869 return false;
1870 }
1871
1872 static int link_address_genmode_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1873 int r;
1874
1875 assert(link);
1876
1877 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1878 return 1;
1879
1880 r = sd_netlink_message_get_errno(m);
1881 if (r < 0)
1882 log_link_warning_errno(link, r, "Could not set address genmode for interface: %m");
1883
1884 return 1;
1885 }
1886
1887 static int link_configure_addrgen_mode(Link *link) {
1888 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1889 uint8_t ipv6ll_mode;
1890 int r;
1891
1892 assert(link);
1893 assert(link->network);
1894 assert(link->manager);
1895 assert(link->manager->rtnl);
1896
1897 log_link_debug(link, "Setting address genmode for link");
1898
1899 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1900 if (r < 0)
1901 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1902
1903 r = sd_netlink_message_open_container(req, IFLA_AF_SPEC);
1904 if (r < 0)
1905 return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m");
1906
1907 r = sd_netlink_message_open_container(req, AF_INET6);
1908 if (r < 0)
1909 return log_link_error_errno(link, r, "Could not open AF_INET6 container: %m");
1910
1911 if (!link_ipv6ll_enabled(link))
1912 ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE;
1913 else {
1914 const char *p = NULL;
1915 _cleanup_free_ char *stable_secret = NULL;
1916
1917 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/stable_secret");
1918
1919 /* The file may not exist. And event if it exists, when stable_secret is unset,
1920 * then reading the file fails and EIO is returned. */
1921 r = read_one_line_file(p, &stable_secret);
1922 if (r < 0)
1923 ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64;
1924 else
1925 ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
1926 }
1927
1928 r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode);
1929 if (r < 0)
1930 return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m");
1931
1932 r = sd_netlink_message_close_container(req);
1933 if (r < 0)
1934 return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m");
1935
1936 r = sd_netlink_message_close_container(req);
1937 if (r < 0)
1938 return log_link_error_errno(link, r, "Could not close IFLA_AF_SPEC container: %m");
1939
1940 r = netlink_call_async(link->manager->rtnl, NULL, req, link_address_genmode_handler,
1941 link_netlink_destroy_callback, link);
1942 if (r < 0)
1943 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1944
1945 link_ref(link);
1946
1947 return 0;
1948 }
1949
1950 static int link_up_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1951 int r;
1952
1953 assert(link);
1954
1955 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1956 return 1;
1957
1958 r = sd_netlink_message_get_errno(m);
1959 if (r < 0)
1960 /* we warn but don't fail the link, as it may be brought up later */
1961 log_link_warning_errno(link, r, "Could not bring up interface: %m");
1962
1963 return 1;
1964 }
1965
1966 static int link_up(Link *link) {
1967 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1968 int r;
1969
1970 assert(link);
1971 assert(link->network);
1972 assert(link->manager);
1973 assert(link->manager->rtnl);
1974
1975 log_link_debug(link, "Bringing link up");
1976
1977 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1978 if (r < 0)
1979 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1980
1981 /* set it free if not enslaved with networkd */
1982 if (!link->network->bridge && !link->network->bond && !link->network->vrf) {
1983 r = sd_netlink_message_append_u32(req, IFLA_MASTER, 0);
1984 if (r < 0)
1985 return log_link_error_errno(link, r, "Could not append IFLA_MASTER attribute: %m");
1986 }
1987
1988 r = sd_rtnl_message_link_set_flags(req, IFF_UP, IFF_UP);
1989 if (r < 0)
1990 return log_link_error_errno(link, r, "Could not set link flags: %m");
1991
1992 if (link->network->mac) {
1993 r = sd_netlink_message_append_ether_addr(req, IFLA_ADDRESS, link->network->mac);
1994 if (r < 0)
1995 return log_link_error_errno(link, r, "Could not set MAC address: %m");
1996 }
1997
1998 if (link_ipv6_enabled(link)) {
1999 r = sd_netlink_message_open_container(req, IFLA_AF_SPEC);
2000 if (r < 0)
2001 return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m");
2002
2003 /* if the kernel lacks ipv6 support setting IFF_UP fails if any ipv6 options are passed */
2004 r = sd_netlink_message_open_container(req, AF_INET6);
2005 if (r < 0)
2006 return log_link_error_errno(link, r, "Could not open AF_INET6 container: %m");
2007
2008 if (!in_addr_is_null(AF_INET6, &link->network->ipv6_token)) {
2009 r = sd_netlink_message_append_in6_addr(req, IFLA_INET6_TOKEN, &link->network->ipv6_token.in6);
2010 if (r < 0)
2011 return log_link_error_errno(link, r, "Could not append IFLA_INET6_TOKEN: %m");
2012 }
2013
2014 r = sd_netlink_message_close_container(req);
2015 if (r < 0)
2016 return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m");
2017
2018 r = sd_netlink_message_close_container(req);
2019 if (r < 0)
2020 return log_link_error_errno(link, r, "Could not close IFLA_AF_SPEC container: %m");
2021 }
2022
2023 r = netlink_call_async(link->manager->rtnl, NULL, req, link_up_handler,
2024 link_netlink_destroy_callback, link);
2025 if (r < 0)
2026 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
2027
2028 link_ref(link);
2029
2030 return 0;
2031 }
2032
2033 static int link_up_can(Link *link) {
2034 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
2035 int r;
2036
2037 assert(link);
2038
2039 log_link_debug(link, "Bringing CAN link up");
2040
2041 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
2042 if (r < 0)
2043 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
2044
2045 r = sd_rtnl_message_link_set_flags(req, IFF_UP, IFF_UP);
2046 if (r < 0)
2047 return log_link_error_errno(link, r, "Could not set link flags: %m");
2048
2049 r = netlink_call_async(link->manager->rtnl, NULL, req, link_up_handler,
2050 link_netlink_destroy_callback, link);
2051 if (r < 0)
2052 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
2053
2054 link_ref(link);
2055
2056 return 0;
2057 }
2058
2059 static int link_set_can(Link *link) {
2060 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
2061 int r;
2062
2063 assert(link);
2064 assert(link->network);
2065 assert(link->manager);
2066 assert(link->manager->rtnl);
2067
2068 log_link_debug(link, "link_set_can");
2069
2070 r = sd_rtnl_message_new_link(link->manager->rtnl, &m, RTM_NEWLINK, link->ifindex);
2071 if (r < 0)
2072 return log_link_error_errno(link, r, "Failed to allocate netlink message: %m");
2073
2074 r = sd_netlink_message_set_flags(m, NLM_F_REQUEST | NLM_F_ACK);
2075 if (r < 0)
2076 return log_link_error_errno(link, r, "Could not set netlink flags: %m");
2077
2078 r = sd_netlink_message_open_container(m, IFLA_LINKINFO);
2079 if (r < 0)
2080 return log_link_error_errno(link, r, "Failed to open netlink container: %m");
2081
2082 r = sd_netlink_message_open_container_union(m, IFLA_INFO_DATA, link->kind);
2083 if (r < 0)
2084 return log_link_error_errno(link, r, "Could not append IFLA_INFO_DATA attribute: %m");
2085
2086 if (link->network->can_bitrate > 0 || link->network->can_sample_point > 0) {
2087 struct can_bittiming bt = {
2088 .bitrate = link->network->can_bitrate,
2089 .sample_point = link->network->can_sample_point,
2090 };
2091
2092 if (link->network->can_bitrate > UINT32_MAX) {
2093 log_link_error(link, "bitrate (%zu) too big.", link->network->can_bitrate);
2094 return -ERANGE;
2095 }
2096
2097 log_link_debug(link, "Setting bitrate = %d bit/s", bt.bitrate);
2098 if (link->network->can_sample_point > 0)
2099 log_link_debug(link, "Setting sample point = %d.%d%%", bt.sample_point / 10, bt.sample_point % 10);
2100 else
2101 log_link_debug(link, "Using default sample point");
2102
2103 r = sd_netlink_message_append_data(m, IFLA_CAN_BITTIMING, &bt, sizeof(bt));
2104 if (r < 0)
2105 return log_link_error_errno(link, r, "Could not append IFLA_CAN_BITTIMING attribute: %m");
2106 }
2107
2108 if (link->network->can_restart_us > 0) {
2109 char time_string[FORMAT_TIMESPAN_MAX];
2110 uint64_t restart_ms;
2111
2112 if (link->network->can_restart_us == USEC_INFINITY)
2113 restart_ms = 0;
2114 else
2115 restart_ms = DIV_ROUND_UP(link->network->can_restart_us, USEC_PER_MSEC);
2116
2117 format_timespan(time_string, FORMAT_TIMESPAN_MAX, restart_ms * 1000, MSEC_PER_SEC);
2118
2119 if (restart_ms > UINT32_MAX) {
2120 log_link_error(link, "restart timeout (%s) too big.", time_string);
2121 return -ERANGE;
2122 }
2123
2124 log_link_debug(link, "Setting restart = %s", time_string);
2125
2126 r = sd_netlink_message_append_u32(m, IFLA_CAN_RESTART_MS, restart_ms);
2127 if (r < 0)
2128 return log_link_error_errno(link, r, "Could not append IFLA_CAN_RESTART_MS attribute: %m");
2129 }
2130
2131 r = sd_netlink_message_close_container(m);
2132 if (r < 0)
2133 return log_link_error_errno(link, r, "Failed to close netlink container: %m");
2134
2135 r = sd_netlink_message_close_container(m);
2136 if (r < 0)
2137 return log_link_error_errno(link, r, "Failed to close netlink container: %m");
2138
2139 r = netlink_call_async(link->manager->rtnl, NULL, m, link_set_handler,
2140 link_netlink_destroy_callback, link);
2141 if (r < 0)
2142 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
2143
2144 link_ref(link);
2145
2146 if (!(link->flags & IFF_UP)) {
2147 r = link_up_can(link);
2148 if (r < 0) {
2149 link_enter_failed(link);
2150 return r;
2151 }
2152 }
2153
2154 log_link_debug(link, "link_set_can done");
2155
2156 return r;
2157 }
2158
2159 static int link_down_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
2160 int r;
2161
2162 assert(link);
2163
2164 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
2165 return 1;
2166
2167 r = sd_netlink_message_get_errno(m);
2168 if (r < 0)
2169 log_link_warning_errno(link, r, "Could not bring down interface: %m");
2170
2171 if (streq_ptr(link->kind, "can"))
2172 link_set_can(link);
2173
2174 return 1;
2175 }
2176
2177 int link_down(Link *link) {
2178 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
2179 int r;
2180
2181 assert(link);
2182 assert(link->manager);
2183 assert(link->manager->rtnl);
2184
2185 log_link_debug(link, "Bringing link down");
2186
2187 r = sd_rtnl_message_new_link(link->manager->rtnl, &req,
2188 RTM_SETLINK, link->ifindex);
2189 if (r < 0)
2190 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
2191
2192 r = sd_rtnl_message_link_set_flags(req, 0, IFF_UP);
2193 if (r < 0)
2194 return log_link_error_errno(link, r, "Could not set link flags: %m");
2195
2196 r = netlink_call_async(link->manager->rtnl, NULL, req, link_down_handler,
2197 link_netlink_destroy_callback, link);
2198 if (r < 0)
2199 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
2200
2201 link_ref(link);
2202
2203 return 0;
2204 }
2205
2206 static int link_handle_bound_to_list(Link *link) {
2207 Link *l;
2208 Iterator i;
2209 int r;
2210 bool required_up = false;
2211 bool link_is_up = false;
2212
2213 assert(link);
2214
2215 if (hashmap_isempty(link->bound_to_links))
2216 return 0;
2217
2218 if (link->flags & IFF_UP)
2219 link_is_up = true;
2220
2221 HASHMAP_FOREACH (l, link->bound_to_links, i)
2222 if (link_has_carrier(l)) {
2223 required_up = true;
2224 break;
2225 }
2226
2227 if (!required_up && link_is_up) {
2228 r = link_down(link);
2229 if (r < 0)
2230 return r;
2231 } else if (required_up && !link_is_up) {
2232 r = link_up(link);
2233 if (r < 0)
2234 return r;
2235 }
2236
2237 return 0;
2238 }
2239
2240 static int link_handle_bound_by_list(Link *link) {
2241 Iterator i;
2242 Link *l;
2243 int r;
2244
2245 assert(link);
2246
2247 if (hashmap_isempty(link->bound_by_links))
2248 return 0;
2249
2250 HASHMAP_FOREACH (l, link->bound_by_links, i) {
2251 r = link_handle_bound_to_list(l);
2252 if (r < 0)
2253 return r;
2254 }
2255
2256 return 0;
2257 }
2258
2259 static int link_put_carrier(Link *link, Link *carrier, Hashmap **h) {
2260 int r;
2261
2262 assert(link);
2263 assert(carrier);
2264
2265 if (link == carrier)
2266 return 0;
2267
2268 if (hashmap_get(*h, INT_TO_PTR(carrier->ifindex)))
2269 return 0;
2270
2271 r = hashmap_ensure_allocated(h, NULL);
2272 if (r < 0)
2273 return r;
2274
2275 r = hashmap_put(*h, INT_TO_PTR(carrier->ifindex), carrier);
2276 if (r < 0)
2277 return r;
2278
2279 return 0;
2280 }
2281
2282 static int link_new_bound_by_list(Link *link) {
2283 Manager *m;
2284 Link *carrier;
2285 Iterator i;
2286 int r;
2287 bool list_updated = false;
2288
2289 assert(link);
2290 assert(link->manager);
2291
2292 m = link->manager;
2293
2294 HASHMAP_FOREACH(carrier, m->links, i) {
2295 if (!carrier->network)
2296 continue;
2297
2298 if (strv_isempty(carrier->network->bind_carrier))
2299 continue;
2300
2301 if (strv_fnmatch(carrier->network->bind_carrier, link->ifname, 0)) {
2302 r = link_put_carrier(link, carrier, &link->bound_by_links);
2303 if (r < 0)
2304 return r;
2305
2306 list_updated = true;
2307 }
2308 }
2309
2310 if (list_updated)
2311 link_dirty(link);
2312
2313 HASHMAP_FOREACH(carrier, link->bound_by_links, i) {
2314 r = link_put_carrier(carrier, link, &carrier->bound_to_links);
2315 if (r < 0)
2316 return r;
2317
2318 link_dirty(carrier);
2319 }
2320
2321 return 0;
2322 }
2323
2324 static int link_new_bound_to_list(Link *link) {
2325 Manager *m;
2326 Link *carrier;
2327 Iterator i;
2328 int r;
2329 bool list_updated = false;
2330
2331 assert(link);
2332 assert(link->manager);
2333
2334 if (!link->network)
2335 return 0;
2336
2337 if (strv_isempty(link->network->bind_carrier))
2338 return 0;
2339
2340 m = link->manager;
2341
2342 HASHMAP_FOREACH (carrier, m->links, i) {
2343 if (strv_fnmatch(link->network->bind_carrier, carrier->ifname, 0)) {
2344 r = link_put_carrier(link, carrier, &link->bound_to_links);
2345 if (r < 0)
2346 return r;
2347
2348 list_updated = true;
2349 }
2350 }
2351
2352 if (list_updated)
2353 link_dirty(link);
2354
2355 HASHMAP_FOREACH (carrier, link->bound_to_links, i) {
2356 r = link_put_carrier(carrier, link, &carrier->bound_by_links);
2357 if (r < 0)
2358 return r;
2359
2360 link_dirty(carrier);
2361 }
2362
2363 return 0;
2364 }
2365
2366 static int link_new_carrier_maps(Link *link) {
2367 int r;
2368
2369 r = link_new_bound_by_list(link);
2370 if (r < 0)
2371 return r;
2372
2373 r = link_handle_bound_by_list(link);
2374 if (r < 0)
2375 return r;
2376
2377 r = link_new_bound_to_list(link);
2378 if (r < 0)
2379 return r;
2380
2381 r = link_handle_bound_to_list(link);
2382 if (r < 0)
2383 return r;
2384
2385 return 0;
2386 }
2387
2388 static void link_free_bound_to_list(Link *link) {
2389 Link *bound_to;
2390 Iterator i;
2391
2392 HASHMAP_FOREACH (bound_to, link->bound_to_links, i) {
2393 hashmap_remove(link->bound_to_links, INT_TO_PTR(bound_to->ifindex));
2394
2395 if (hashmap_remove(bound_to->bound_by_links, INT_TO_PTR(link->ifindex)))
2396 link_dirty(bound_to);
2397 }
2398
2399 return;
2400 }
2401
2402 static void link_free_bound_by_list(Link *link) {
2403 Link *bound_by;
2404 Iterator i;
2405
2406 HASHMAP_FOREACH (bound_by, link->bound_by_links, i) {
2407 hashmap_remove(link->bound_by_links, INT_TO_PTR(bound_by->ifindex));
2408
2409 if (hashmap_remove(bound_by->bound_to_links, INT_TO_PTR(link->ifindex))) {
2410 link_dirty(bound_by);
2411 link_handle_bound_to_list(bound_by);
2412 }
2413 }
2414
2415 return;
2416 }
2417
2418 static void link_free_carrier_maps(Link *link) {
2419 bool list_updated = false;
2420
2421 assert(link);
2422
2423 if (!hashmap_isempty(link->bound_to_links)) {
2424 link_free_bound_to_list(link);
2425 list_updated = true;
2426 }
2427
2428 if (!hashmap_isempty(link->bound_by_links)) {
2429 link_free_bound_by_list(link);
2430 list_updated = true;
2431 }
2432
2433 if (list_updated)
2434 link_dirty(link);
2435
2436 return;
2437 }
2438
2439 void link_drop(Link *link) {
2440 if (!link || link->state == LINK_STATE_LINGER)
2441 return;
2442
2443 link_set_state(link, LINK_STATE_LINGER);
2444
2445 link_free_carrier_maps(link);
2446
2447 log_link_debug(link, "Link removed");
2448
2449 (void) unlink(link->state_file);
2450
2451 link_detach_from_manager(link);
2452
2453 link_unref(link);
2454
2455 return;
2456 }
2457
2458 static int link_joined(Link *link) {
2459 int r;
2460
2461 assert(link);
2462 assert(link->network);
2463
2464 if (!hashmap_isempty(link->bound_to_links)) {
2465 r = link_handle_bound_to_list(link);
2466 if (r < 0)
2467 return r;
2468 } else if (!(link->flags & IFF_UP)) {
2469 r = link_up(link);
2470 if (r < 0) {
2471 link_enter_failed(link);
2472 return r;
2473 }
2474 }
2475
2476 if (link->network->bridge) {
2477 r = link_set_bridge(link);
2478 if (r < 0)
2479 log_link_error_errno(link, r, "Could not set bridge message: %m");
2480 }
2481
2482 if (link->network->bond) {
2483 r = link_set_bond(link);
2484 if (r < 0)
2485 log_link_error_errno(link, r, "Could not set bond message: %m");
2486
2487 r = link_append_bond_slave(link);
2488 if (r < 0)
2489 log_link_error_errno(link, r, "Failed to add to bond master's slave list: %m");
2490 }
2491
2492 if (link->network->use_br_vlan &&
2493 (link->network->bridge || streq_ptr("bridge", link->kind))) {
2494 r = link_set_bridge_vlan(link);
2495 if (r < 0)
2496 log_link_error_errno(link, r, "Could not set bridge vlan: %m");
2497 }
2498
2499 /* Skip setting up addresses until it gets carrier,
2500 or it would try to set addresses twice,
2501 which is bad for non-idempotent steps. */
2502 if (!link_has_carrier(link) && !link->network->configure_without_carrier)
2503 return 0;
2504
2505 return link_request_set_addresses(link);
2506 }
2507
2508 static int netdev_join_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
2509 int r;
2510
2511 assert(link);
2512 assert(link->network);
2513
2514 link->enslaving--;
2515
2516 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
2517 return 1;
2518
2519 r = sd_netlink_message_get_errno(m);
2520 if (r < 0 && r != -EEXIST) {
2521 log_link_error_errno(link, r, "Could not join netdev: %m");
2522 link_enter_failed(link);
2523 return 1;
2524 } else
2525 log_link_debug(link, "Joined netdev");
2526
2527 if (link->enslaving <= 0)
2528 link_joined(link);
2529
2530 return 1;
2531 }
2532
2533 static int link_enter_join_netdev(Link *link) {
2534 NetDev *netdev;
2535 Iterator i;
2536 int r;
2537
2538 assert(link);
2539 assert(link->network);
2540 assert(link->state == LINK_STATE_PENDING);
2541
2542 link_set_state(link, LINK_STATE_CONFIGURING);
2543
2544 link_dirty(link);
2545
2546 if (!link->network->bridge &&
2547 !link->network->bond &&
2548 !link->network->vrf &&
2549 hashmap_isempty(link->network->stacked_netdevs))
2550 return link_joined(link);
2551
2552 if (link->network->bond) {
2553 if (link->network->bond->state == NETDEV_STATE_READY &&
2554 link->network->bond->ifindex == link->master_ifindex)
2555 return link_joined(link);
2556
2557 log_struct(LOG_DEBUG,
2558 LOG_LINK_INTERFACE(link),
2559 LOG_NETDEV_INTERFACE(link->network->bond),
2560 LOG_LINK_MESSAGE(link, "Enslaving by '%s'", link->network->bond->ifname));
2561
2562 r = netdev_join(link->network->bond, link, netdev_join_handler);
2563 if (r < 0) {
2564 log_struct_errno(LOG_WARNING, r,
2565 LOG_LINK_INTERFACE(link),
2566 LOG_NETDEV_INTERFACE(link->network->bond),
2567 LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", link->network->bond->ifname));
2568 link_enter_failed(link);
2569 return r;
2570 }
2571
2572 link->enslaving++;
2573 }
2574
2575 if (link->network->bridge) {
2576 log_struct(LOG_DEBUG,
2577 LOG_LINK_INTERFACE(link),
2578 LOG_NETDEV_INTERFACE(link->network->bridge),
2579 LOG_LINK_MESSAGE(link, "Enslaving by '%s'", link->network->bridge->ifname));
2580
2581 r = netdev_join(link->network->bridge, link, netdev_join_handler);
2582 if (r < 0) {
2583 log_struct_errno(LOG_WARNING, r,
2584 LOG_LINK_INTERFACE(link),
2585 LOG_NETDEV_INTERFACE(link->network->bridge),
2586 LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", link->network->bridge->ifname));
2587 link_enter_failed(link);
2588 return r;
2589 }
2590
2591 link->enslaving++;
2592 }
2593
2594 if (link->network->vrf) {
2595 log_struct(LOG_DEBUG,
2596 LOG_LINK_INTERFACE(link),
2597 LOG_NETDEV_INTERFACE(link->network->vrf),
2598 LOG_LINK_MESSAGE(link, "Enslaving by '%s'", link->network->vrf->ifname));
2599
2600 r = netdev_join(link->network->vrf, link, netdev_join_handler);
2601 if (r < 0) {
2602 log_struct_errno(LOG_WARNING, r,
2603 LOG_LINK_INTERFACE(link),
2604 LOG_NETDEV_INTERFACE(link->network->vrf),
2605 LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", link->network->vrf->ifname));
2606 link_enter_failed(link);
2607 return r;
2608 }
2609
2610 link->enslaving++;
2611 }
2612
2613 HASHMAP_FOREACH(netdev, link->network->stacked_netdevs, i) {
2614
2615 if (netdev->ifindex > 0) {
2616 link_joined(link);
2617 continue;
2618 }
2619
2620 log_struct(LOG_DEBUG,
2621 LOG_LINK_INTERFACE(link),
2622 LOG_NETDEV_INTERFACE(netdev),
2623 LOG_LINK_MESSAGE(link, "Enslaving by '%s'", netdev->ifname));
2624
2625 r = netdev_join(netdev, link, netdev_join_handler);
2626 if (r < 0) {
2627 log_struct_errno(LOG_WARNING, r,
2628 LOG_LINK_INTERFACE(link),
2629 LOG_NETDEV_INTERFACE(netdev),
2630 LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", netdev->ifname));
2631 link_enter_failed(link);
2632 return r;
2633 }
2634
2635 link->enslaving++;
2636 }
2637
2638 return 0;
2639 }
2640
2641 static int link_set_ipv4_forward(Link *link) {
2642 int r;
2643
2644 if (!link_ipv4_forward_enabled(link))
2645 return 0;
2646
2647 /* We propagate the forwarding flag from one interface to the
2648 * global setting one way. This means: as long as at least one
2649 * interface was configured at any time that had IP forwarding
2650 * enabled the setting will stay on for good. We do this
2651 * primarily to keep IPv4 and IPv6 packet forwarding behaviour
2652 * somewhat in sync (see below). */
2653
2654 r = write_string_file("/proc/sys/net/ipv4/ip_forward", "1", WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2655 if (r < 0)
2656 log_link_warning_errno(link, r, "Cannot turn on IPv4 packet forwarding, ignoring: %m");
2657
2658 return 0;
2659 }
2660
2661 static int link_set_ipv6_forward(Link *link) {
2662 int r;
2663
2664 if (!link_ipv6_forward_enabled(link))
2665 return 0;
2666
2667 /* On Linux, the IPv6 stack does not know a per-interface
2668 * packet forwarding setting: either packet forwarding is on
2669 * for all, or off for all. We hence don't bother with a
2670 * per-interface setting, but simply propagate the interface
2671 * flag, if it is set, to the global flag, one-way. Note that
2672 * while IPv4 would allow a per-interface flag, we expose the
2673 * same behaviour there and also propagate the setting from
2674 * one to all, to keep things simple (see above). */
2675
2676 r = write_string_file("/proc/sys/net/ipv6/conf/all/forwarding", "1", WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2677 if (r < 0)
2678 log_link_warning_errno(link, r, "Cannot configure IPv6 packet forwarding, ignoring: %m");
2679
2680 return 0;
2681 }
2682
2683 static int link_set_ipv6_privacy_extensions(Link *link) {
2684 char buf[DECIMAL_STR_MAX(unsigned) + 1];
2685 IPv6PrivacyExtensions s;
2686 const char *p = NULL;
2687 int r;
2688
2689 s = link_ipv6_privacy_extensions(link);
2690 if (s < 0)
2691 return 0;
2692
2693 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/use_tempaddr");
2694 xsprintf(buf, "%u", (unsigned) link->network->ipv6_privacy_extensions);
2695
2696 r = write_string_file(p, buf, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2697 if (r < 0)
2698 log_link_warning_errno(link, r, "Cannot configure IPv6 privacy extension for interface: %m");
2699
2700 return 0;
2701 }
2702
2703 static int link_set_ipv6_accept_ra(Link *link) {
2704 const char *p = NULL;
2705 int r;
2706
2707 /* Make this a NOP if IPv6 is not available */
2708 if (!socket_ipv6_is_supported())
2709 return 0;
2710
2711 if (link->flags & IFF_LOOPBACK)
2712 return 0;
2713
2714 if (!link->network)
2715 return 0;
2716
2717 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/accept_ra");
2718
2719 /* We handle router advertisements ourselves, tell the kernel to GTFO */
2720 r = write_string_file(p, "0", WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2721 if (r < 0)
2722 log_link_warning_errno(link, r, "Cannot disable kernel IPv6 accept_ra for interface: %m");
2723
2724 return 0;
2725 }
2726
2727 static int link_set_ipv6_dad_transmits(Link *link) {
2728 char buf[DECIMAL_STR_MAX(int) + 1];
2729 const char *p = NULL;
2730 int r;
2731
2732 /* Make this a NOP if IPv6 is not available */
2733 if (!socket_ipv6_is_supported())
2734 return 0;
2735
2736 if (link->flags & IFF_LOOPBACK)
2737 return 0;
2738
2739 if (!link->network)
2740 return 0;
2741
2742 if (link->network->ipv6_dad_transmits < 0)
2743 return 0;
2744
2745 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/dad_transmits");
2746 xsprintf(buf, "%i", link->network->ipv6_dad_transmits);
2747
2748 r = write_string_file(p, buf, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2749 if (r < 0)
2750 log_link_warning_errno(link, r, "Cannot set IPv6 dad transmits for interface: %m");
2751
2752 return 0;
2753 }
2754
2755 static int link_set_ipv6_hop_limit(Link *link) {
2756 char buf[DECIMAL_STR_MAX(int) + 1];
2757 const char *p = NULL;
2758 int r;
2759
2760 /* Make this a NOP if IPv6 is not available */
2761 if (!socket_ipv6_is_supported())
2762 return 0;
2763
2764 if (link->flags & IFF_LOOPBACK)
2765 return 0;
2766
2767 if (!link->network)
2768 return 0;
2769
2770 if (link->network->ipv6_hop_limit < 0)
2771 return 0;
2772
2773 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/hop_limit");
2774 xsprintf(buf, "%i", link->network->ipv6_hop_limit);
2775
2776 r = write_string_file(p, buf, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2777 if (r < 0)
2778 log_link_warning_errno(link, r, "Cannot set IPv6 hop limit for interface: %m");
2779
2780 return 0;
2781 }
2782
2783 static int link_set_ipv6_mtu(Link *link) {
2784 char buf[DECIMAL_STR_MAX(unsigned) + 1];
2785 const char *p = NULL;
2786 int r;
2787
2788 /* Make this a NOP if IPv6 is not available */
2789 if (!socket_ipv6_is_supported())
2790 return 0;
2791
2792 if (link->flags & IFF_LOOPBACK)
2793 return 0;
2794
2795 if (link->network->ipv6_mtu == 0)
2796 return 0;
2797
2798 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/mtu");
2799
2800 xsprintf(buf, "%" PRIu32, link->network->ipv6_mtu);
2801
2802 r = write_string_file(p, buf, WRITE_STRING_FILE_DISABLE_BUFFER);
2803 if (r < 0)
2804 log_link_warning_errno(link, r, "Cannot set IPv6 MTU for interface: %m");
2805
2806 return 0;
2807 }
2808
2809 static bool link_is_static_address_configured(Link *link, Address *address) {
2810 Address *net_address;
2811
2812 assert(link);
2813 assert(address);
2814
2815 if (!link->network)
2816 return false;
2817
2818 LIST_FOREACH(addresses, net_address, link->network->static_addresses)
2819 if (address_equal(net_address, address))
2820 return true;
2821
2822 return false;
2823 }
2824
2825 static bool link_is_static_route_configured(Link *link, Route *route) {
2826 Route *net_route;
2827
2828 assert(link);
2829 assert(route);
2830
2831 if (!link->network)
2832 return false;
2833
2834 LIST_FOREACH(routes, net_route, link->network->static_routes)
2835 if (route_equal(net_route, route))
2836 return true;
2837
2838 return false;
2839 }
2840
2841 static int link_drop_foreign_config(Link *link) {
2842 Address *address;
2843 Route *route;
2844 Iterator i;
2845 int r;
2846
2847 SET_FOREACH(address, link->addresses_foreign, i) {
2848 /* we consider IPv6LL addresses to be managed by the kernel */
2849 if (address->family == AF_INET6 && in_addr_is_link_local(AF_INET6, &address->in_addr) == 1)
2850 continue;
2851
2852 if (link_is_static_address_configured(link, address)) {
2853 r = address_add(link, address->family, &address->in_addr, address->prefixlen, NULL);
2854 if (r < 0)
2855 return log_link_error_errno(link, r, "Failed to add address: %m");
2856 } else {
2857 r = address_remove(address, link, NULL);
2858 if (r < 0)
2859 return r;
2860 }
2861 }
2862
2863 SET_FOREACH(route, link->routes_foreign, i) {
2864 /* do not touch routes managed by the kernel */
2865 if (route->protocol == RTPROT_KERNEL)
2866 continue;
2867
2868 if (link_is_static_route_configured(link, route)) {
2869 r = route_add(link, route->family, &route->dst, route->dst_prefixlen, route->tos, route->priority, route->table, NULL);
2870 if (r < 0)
2871 return r;
2872 } else {
2873 r = route_remove(route, link, NULL);
2874 if (r < 0)
2875 return r;
2876 }
2877 }
2878
2879 return 0;
2880 }
2881
2882 static int link_drop_config(Link *link) {
2883 Address *address, *pool_address;
2884 Route *route;
2885 Iterator i;
2886 int r;
2887
2888 SET_FOREACH(address, link->addresses, i) {
2889 /* we consider IPv6LL addresses to be managed by the kernel */
2890 if (address->family == AF_INET6 && in_addr_is_link_local(AF_INET6, &address->in_addr) == 1)
2891 continue;
2892
2893 r = address_remove(address, link, NULL);
2894 if (r < 0)
2895 return r;
2896
2897 /* If this address came from an address pool, clean up the pool */
2898 LIST_FOREACH(addresses, pool_address, link->pool_addresses) {
2899 if (address_equal(address, pool_address)) {
2900 LIST_REMOVE(addresses, link->pool_addresses, pool_address);
2901 address_free(pool_address);
2902 break;
2903 }
2904 }
2905 }
2906
2907 SET_FOREACH(route, link->routes, i) {
2908 /* do not touch routes managed by the kernel */
2909 if (route->protocol == RTPROT_KERNEL)
2910 continue;
2911
2912 r = route_remove(route, link, NULL);
2913 if (r < 0)
2914 return r;
2915 }
2916
2917 ndisc_flush(link);
2918
2919 return 0;
2920 }
2921
2922 static int link_update_lldp(Link *link) {
2923 int r;
2924
2925 assert(link);
2926
2927 if (!link->lldp)
2928 return 0;
2929
2930 if (link->flags & IFF_UP) {
2931 r = sd_lldp_start(link->lldp);
2932 if (r > 0)
2933 log_link_debug(link, "Started LLDP.");
2934 } else {
2935 r = sd_lldp_stop(link->lldp);
2936 if (r > 0)
2937 log_link_debug(link, "Stopped LLDP.");
2938 }
2939
2940 return r;
2941 }
2942
2943 static int link_configure_can(Link *link) {
2944 int r;
2945
2946 if (streq_ptr(link->kind, "can")) {
2947 /* The CAN interface must be down to configure bitrate, etc... */
2948 if ((link->flags & IFF_UP)) {
2949 r = link_down(link);
2950 if (r < 0) {
2951 link_enter_failed(link);
2952 return r;
2953 }
2954
2955 return 0;
2956 }
2957
2958 return link_set_can(link);
2959 }
2960
2961 if (!(link->flags & IFF_UP)) {
2962 r = link_up_can(link);
2963 if (r < 0) {
2964 link_enter_failed(link);
2965 return r;
2966 }
2967 }
2968
2969 return 0;
2970 }
2971
2972 static int link_configure(Link *link) {
2973 int r;
2974
2975 assert(link);
2976 assert(link->network);
2977 assert(link->state == LINK_STATE_PENDING);
2978
2979 if (STRPTR_IN_SET(link->kind, "can", "vcan"))
2980 return link_configure_can(link);
2981
2982 /* Drop foreign config, but ignore loopback or critical devices.
2983 * We do not want to remove loopback address or addresses used for root NFS. */
2984 if (!(link->flags & IFF_LOOPBACK) && !(link->network->dhcp_critical)) {
2985 r = link_drop_foreign_config(link);
2986 if (r < 0)
2987 return r;
2988 }
2989
2990 r = link_set_proxy_arp(link);
2991 if (r < 0)
2992 return r;
2993
2994 r = ipv6_proxy_ndp_addresses_configure(link);
2995 if (r < 0)
2996 return r;
2997
2998 r = link_set_ipv4_forward(link);
2999 if (r < 0)
3000 return r;
3001
3002 r = link_set_ipv6_forward(link);
3003 if (r < 0)
3004 return r;
3005
3006 r = link_set_ipv6_privacy_extensions(link);
3007 if (r < 0)
3008 return r;
3009
3010 r = link_set_ipv6_accept_ra(link);
3011 if (r < 0)
3012 return r;
3013
3014 r = link_set_ipv6_dad_transmits(link);
3015 if (r < 0)
3016 return r;
3017
3018 r = link_set_ipv6_hop_limit(link);
3019 if (r < 0)
3020 return r;
3021
3022 r = link_set_flags(link);
3023 if (r < 0)
3024 return r;
3025
3026 r = link_set_ipv6_mtu(link);
3027 if (r < 0)
3028 return r;
3029
3030 if (link_ipv4ll_enabled(link)) {
3031 r = ipv4ll_configure(link);
3032 if (r < 0)
3033 return r;
3034 }
3035
3036 if (link_dhcp4_enabled(link)) {
3037 r = dhcp4_set_promote_secondaries(link);
3038 if (r < 0)
3039 return r;
3040
3041 r = dhcp4_configure(link);
3042 if (r < 0)
3043 return r;
3044 }
3045
3046 if (link_dhcp4_server_enabled(link)) {
3047 r = sd_dhcp_server_new(&link->dhcp_server, link->ifindex);
3048 if (r < 0)
3049 return r;
3050
3051 r = sd_dhcp_server_attach_event(link->dhcp_server, NULL, 0);
3052 if (r < 0)
3053 return r;
3054 }
3055
3056 if (link_dhcp6_enabled(link) ||
3057 link_ipv6_accept_ra_enabled(link)) {
3058 r = dhcp6_configure(link);
3059 if (r < 0)
3060 return r;
3061 }
3062
3063 if (link_ipv6_accept_ra_enabled(link)) {
3064 r = ndisc_configure(link);
3065 if (r < 0)
3066 return r;
3067 }
3068
3069 if (link_radv_enabled(link)) {
3070 r = radv_configure(link);
3071 if (r < 0)
3072 return r;
3073 }
3074
3075 if (link_lldp_rx_enabled(link)) {
3076 r = sd_lldp_new(&link->lldp);
3077 if (r < 0)
3078 return r;
3079
3080 r = sd_lldp_set_ifindex(link->lldp, link->ifindex);
3081 if (r < 0)
3082 return r;
3083
3084 r = sd_lldp_match_capabilities(link->lldp,
3085 link->network->lldp_mode == LLDP_MODE_ROUTERS_ONLY ?
3086 SD_LLDP_SYSTEM_CAPABILITIES_ALL_ROUTERS :
3087 SD_LLDP_SYSTEM_CAPABILITIES_ALL);
3088 if (r < 0)
3089 return r;
3090
3091 r = sd_lldp_set_filter_address(link->lldp, &link->mac);
3092 if (r < 0)
3093 return r;
3094
3095 r = sd_lldp_attach_event(link->lldp, NULL, 0);
3096 if (r < 0)
3097 return r;
3098
3099 r = sd_lldp_set_callback(link->lldp, lldp_handler, link);
3100 if (r < 0)
3101 return r;
3102
3103 r = link_update_lldp(link);
3104 if (r < 0)
3105 return r;
3106 }
3107
3108 if (link->network->mtu > 0) {
3109 r = link_set_mtu(link, link->network->mtu);
3110 if (r < 0)
3111 return r;
3112 }
3113
3114 if (socket_ipv6_is_supported()) {
3115 r = link_configure_addrgen_mode(link);
3116 if (r < 0)
3117 return r;
3118 }
3119
3120 return link_configure_after_setting_mtu(link);
3121 }
3122
3123 static int link_configure_after_setting_mtu(Link *link) {
3124 int r;
3125
3126 assert(link);
3127 assert(link->network);
3128 assert(link->state == LINK_STATE_PENDING);
3129
3130 if (link->setting_mtu)
3131 return 0;
3132
3133 if (link_has_carrier(link) || link->network->configure_without_carrier) {
3134 r = link_acquire_conf(link);
3135 if (r < 0)
3136 return r;
3137 }
3138
3139 return link_enter_join_netdev(link);
3140 }
3141
3142 static int duid_set_uuid(DUID *duid, sd_id128_t uuid) {
3143 assert(duid);
3144
3145 if (duid->raw_data_len > 0)
3146 return 0;
3147
3148 if (duid->type != DUID_TYPE_UUID)
3149 return -EINVAL;
3150
3151 memcpy(&duid->raw_data, &uuid, sizeof(sd_id128_t));
3152 duid->raw_data_len = sizeof(sd_id128_t);
3153
3154 return 1;
3155 }
3156
3157 int get_product_uuid_handler(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
3158 Manager *manager = userdata;
3159 const sd_bus_error *e;
3160 const void *a;
3161 size_t sz;
3162 DUID *duid;
3163 Link *link;
3164 int r;
3165
3166 assert(m);
3167 assert(manager);
3168
3169 e = sd_bus_message_get_error(m);
3170 if (e) {
3171 log_error_errno(sd_bus_error_get_errno(e),
3172 "Could not get product UUID. Falling back to use machine-app-specific ID as DUID-UUID: %s",
3173 e->message);
3174 goto configure;
3175 }
3176
3177 r = sd_bus_message_read_array(m, 'y', &a, &sz);
3178 if (r < 0)
3179 goto configure;
3180
3181 if (sz != sizeof(sd_id128_t)) {
3182 log_error("Invalid product UUID. Falling back to use machine-app-specific ID as DUID-UUID.");
3183 goto configure;
3184 }
3185
3186 memcpy(&manager->product_uuid, a, sz);
3187 while ((duid = set_steal_first(manager->duids_requesting_uuid)))
3188 (void) duid_set_uuid(duid, manager->product_uuid);
3189
3190 manager->duids_requesting_uuid = set_free(manager->duids_requesting_uuid);
3191
3192 configure:
3193 while ((link = set_steal_first(manager->links_requesting_uuid))) {
3194 r = link_configure(link);
3195 if (r < 0)
3196 log_link_error_errno(link, r, "Failed to configure link: %m");
3197 }
3198
3199 manager->links_requesting_uuid = set_free(manager->links_requesting_uuid);
3200
3201 /* To avoid calling GetProductUUID() bus method so frequently, set the flag below
3202 * even if the method fails. */
3203 manager->has_product_uuid = true;
3204
3205 return 1;
3206 }
3207
3208 static bool link_requires_uuid(Link *link) {
3209 const DUID *duid;
3210
3211 assert(link);
3212 assert(link->manager);
3213 assert(link->network);
3214
3215 duid = link_get_duid(link);
3216 if (duid->type != DUID_TYPE_UUID || duid->raw_data_len != 0)
3217 return false;
3218
3219 if (link_dhcp4_enabled(link) && IN_SET(link->network->dhcp_client_identifier, DHCP_CLIENT_ID_DUID, DHCP_CLIENT_ID_DUID_ONLY))
3220 return true;
3221
3222 if (link_dhcp6_enabled(link) || link_ipv6_accept_ra_enabled(link))
3223 return true;
3224
3225 return false;
3226 }
3227
3228 static int link_configure_duid(Link *link) {
3229 Manager *m;
3230 DUID *duid;
3231 int r;
3232
3233 assert(link);
3234 assert(link->manager);
3235 assert(link->network);
3236
3237 m = link->manager;
3238 duid = link_get_duid(link);
3239
3240 if (!link_requires_uuid(link))
3241 return 1;
3242
3243 if (m->has_product_uuid) {
3244 (void) duid_set_uuid(duid, m->product_uuid);
3245 return 1;
3246 }
3247
3248 if (!m->links_requesting_uuid) {
3249 r = manager_request_product_uuid(m, link);
3250 if (r < 0) {
3251 if (r == -ENOMEM)
3252 return r;
3253
3254 log_link_warning_errno(link, r,
3255 "Failed to get product UUID. Falling back to use machine-app-specific ID as DUID-UUID: %m");
3256 return 1;
3257 }
3258 } else {
3259 r = set_put(m->links_requesting_uuid, link);
3260 if (r < 0)
3261 return log_oom();
3262
3263 r = set_put(m->duids_requesting_uuid, duid);
3264 if (r < 0)
3265 return log_oom();
3266 }
3267
3268 return 0;
3269 }
3270
3271 static int link_initialized_and_synced(Link *link) {
3272 Network *network;
3273 int r;
3274
3275 assert(link);
3276 assert(link->ifname);
3277 assert(link->manager);
3278
3279 if (link->state != LINK_STATE_PENDING)
3280 return 1;
3281
3282 log_link_debug(link, "Link state is up-to-date");
3283
3284 r = link_new_bound_by_list(link);
3285 if (r < 0)
3286 return r;
3287
3288 r = link_handle_bound_by_list(link);
3289 if (r < 0)
3290 return r;
3291
3292 if (!link->network) {
3293 r = network_get(link->manager, link->sd_device, link->ifname,
3294 &link->mac, &network);
3295 if (r == -ENOENT) {
3296 link_enter_unmanaged(link);
3297 return 1;
3298 } else if (r == 0 && network->unmanaged) {
3299 link_enter_unmanaged(link);
3300 return 0;
3301 } else if (r < 0)
3302 return r;
3303
3304 if (link->flags & IFF_LOOPBACK) {
3305 if (network->link_local != ADDRESS_FAMILY_NO)
3306 log_link_debug(link, "Ignoring link-local autoconfiguration for loopback link");
3307
3308 if (network->dhcp != ADDRESS_FAMILY_NO)
3309 log_link_debug(link, "Ignoring DHCP clients for loopback link");
3310
3311 if (network->dhcp_server)
3312 log_link_debug(link, "Ignoring DHCP server for loopback link");
3313 }
3314
3315 r = network_apply(network, link);
3316 if (r < 0)
3317 return r;
3318 }
3319
3320 r = link_new_bound_to_list(link);
3321 if (r < 0)
3322 return r;
3323
3324 /* link_configure_duid() returns 0 if it requests product UUID. In that case,
3325 * link_configure() is called later asynchronously. */
3326 r = link_configure_duid(link);
3327 if (r <= 0)
3328 return r;
3329
3330 r = link_configure(link);
3331 if (r < 0)
3332 return r;
3333
3334 return 1;
3335 }
3336
3337 static int link_initialized_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
3338 (void) link_initialized_and_synced(link);
3339 return 1;
3340 }
3341
3342 int link_initialized(Link *link, sd_device *device) {
3343 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
3344 int r;
3345
3346 assert(link);
3347 assert(link->manager);
3348 assert(link->manager->rtnl);
3349 assert(device);
3350
3351 if (link->state != LINK_STATE_PENDING)
3352 return 0;
3353
3354 if (link->sd_device)
3355 return 0;
3356
3357 log_link_debug(link, "udev initialized link");
3358
3359 link->sd_device = sd_device_ref(device);
3360
3361 /* udev has initialized the link, but we don't know if we have yet
3362 * processed the NEWLINK messages with the latest state. Do a GETLINK,
3363 * when it returns we know that the pending NEWLINKs have already been
3364 * processed and that we are up-to-date */
3365
3366 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_GETLINK,
3367 link->ifindex);
3368 if (r < 0)
3369 return r;
3370
3371 r = netlink_call_async(link->manager->rtnl, NULL, req, link_initialized_handler,
3372 link_netlink_destroy_callback, link);
3373 if (r < 0)
3374 return r;
3375
3376 link_ref(link);
3377
3378 return 0;
3379 }
3380
3381 static int link_load(Link *link) {
3382 _cleanup_free_ char *network_file = NULL,
3383 *addresses = NULL,
3384 *routes = NULL,
3385 *dhcp4_address = NULL,
3386 *ipv4ll_address = NULL;
3387 union in_addr_union address;
3388 union in_addr_union route_dst;
3389 const char *p;
3390 int r;
3391
3392 assert(link);
3393
3394 r = parse_env_file(NULL, link->state_file,
3395 "NETWORK_FILE", &network_file,
3396 "ADDRESSES", &addresses,
3397 "ROUTES", &routes,
3398 "DHCP4_ADDRESS", &dhcp4_address,
3399 "IPV4LL_ADDRESS", &ipv4ll_address);
3400 if (r < 0 && r != -ENOENT)
3401 return log_link_error_errno(link, r, "Failed to read %s: %m", link->state_file);
3402
3403 if (network_file) {
3404 Network *network;
3405 char *suffix;
3406
3407 /* drop suffix */
3408 suffix = strrchr(network_file, '.');
3409 if (!suffix) {
3410 log_link_debug(link, "Failed to get network name from %s", network_file);
3411 goto network_file_fail;
3412 }
3413 *suffix = '\0';
3414
3415 r = network_get_by_name(link->manager, basename(network_file), &network);
3416 if (r < 0) {
3417 log_link_debug_errno(link, r, "Failed to get network %s: %m", basename(network_file));
3418 goto network_file_fail;
3419 }
3420
3421 r = network_apply(network, link);
3422 if (r < 0)
3423 return log_link_error_errno(link, r, "Failed to apply network %s: %m", basename(network_file));
3424 }
3425
3426 network_file_fail:
3427
3428 if (addresses) {
3429 p = addresses;
3430
3431 for (;;) {
3432 _cleanup_free_ char *address_str = NULL;
3433 char *prefixlen_str;
3434 int family;
3435 unsigned char prefixlen;
3436
3437 r = extract_first_word(&p, &address_str, NULL, 0);
3438 if (r < 0) {
3439 log_link_debug_errno(link, r, "Failed to extract next address string: %m");
3440 continue;
3441 }
3442 if (r == 0)
3443 break;
3444
3445 prefixlen_str = strchr(address_str, '/');
3446 if (!prefixlen_str) {
3447 log_link_debug(link, "Failed to parse address and prefix length %s", address_str);
3448 continue;
3449 }
3450
3451 *prefixlen_str++ = '\0';
3452
3453 r = sscanf(prefixlen_str, "%hhu", &prefixlen);
3454 if (r != 1) {
3455 log_link_error(link, "Failed to parse prefixlen %s", prefixlen_str);
3456 continue;
3457 }
3458
3459 r = in_addr_from_string_auto(address_str, &family, &address);
3460 if (r < 0) {
3461 log_link_debug_errno(link, r, "Failed to parse address %s: %m", address_str);
3462 continue;
3463 }
3464
3465 r = address_add(link, family, &address, prefixlen, NULL);
3466 if (r < 0)
3467 return log_link_error_errno(link, r, "Failed to add address: %m");
3468 }
3469 }
3470
3471 if (routes) {
3472 p = routes;
3473
3474 for (;;) {
3475 Route *route;
3476 _cleanup_free_ char *route_str = NULL;
3477 _cleanup_(sd_event_source_unrefp) sd_event_source *expire = NULL;
3478 usec_t lifetime;
3479 char *prefixlen_str;
3480 int family;
3481 unsigned char prefixlen, tos, table;
3482 uint32_t priority;
3483
3484 r = extract_first_word(&p, &route_str, NULL, 0);
3485 if (r < 0) {
3486 log_link_debug_errno(link, r, "Failed to extract next route string: %m");
3487 continue;
3488 }
3489 if (r == 0)
3490 break;
3491
3492 prefixlen_str = strchr(route_str, '/');
3493 if (!prefixlen_str) {
3494 log_link_debug(link, "Failed to parse route %s", route_str);
3495 continue;
3496 }
3497
3498 *prefixlen_str++ = '\0';
3499
3500 r = sscanf(prefixlen_str, "%hhu/%hhu/%"SCNu32"/%hhu/"USEC_FMT, &prefixlen, &tos, &priority, &table, &lifetime);
3501 if (r != 5) {
3502 log_link_debug(link,
3503 "Failed to parse destination prefix length, tos, priority, table or expiration %s",
3504 prefixlen_str);
3505 continue;
3506 }
3507
3508 r = in_addr_from_string_auto(route_str, &family, &route_dst);
3509 if (r < 0) {
3510 log_link_debug_errno(link, r, "Failed to parse route destination %s: %m", route_str);
3511 continue;
3512 }
3513
3514 r = route_add(link, family, &route_dst, prefixlen, tos, priority, table, &route);
3515 if (r < 0)
3516 return log_link_error_errno(link, r, "Failed to add route: %m");
3517
3518 if (lifetime != USEC_INFINITY && !kernel_route_expiration_supported()) {
3519 r = sd_event_add_time(link->manager->event, &expire, clock_boottime_or_monotonic(), lifetime,
3520 0, route_expire_handler, route);
3521 if (r < 0)
3522 log_link_warning_errno(link, r, "Could not arm route expiration handler: %m");
3523 }
3524
3525 route->lifetime = lifetime;
3526 sd_event_source_unref(route->expire);
3527 route->expire = TAKE_PTR(expire);
3528 }
3529 }
3530
3531 if (dhcp4_address) {
3532 r = in_addr_from_string(AF_INET, dhcp4_address, &address);
3533 if (r < 0) {
3534 log_link_debug_errno(link, r, "Failed to parse DHCPv4 address %s: %m", dhcp4_address);
3535 goto dhcp4_address_fail;
3536 }
3537
3538 r = sd_dhcp_client_new(&link->dhcp_client, link->network ? link->network->dhcp_anonymize : 0);
3539 if (r < 0)
3540 return log_link_error_errno(link, r, "Failed to create DHCPv4 client: %m");
3541
3542 r = sd_dhcp_client_set_request_address(link->dhcp_client, &address.in);
3543 if (r < 0)
3544 return log_link_error_errno(link, r, "Failed to set initial DHCPv4 address %s: %m", dhcp4_address);
3545 }
3546
3547 dhcp4_address_fail:
3548
3549 if (ipv4ll_address) {
3550 r = in_addr_from_string(AF_INET, ipv4ll_address, &address);
3551 if (r < 0) {
3552 log_link_debug_errno(link, r, "Failed to parse IPv4LL address %s: %m", ipv4ll_address);
3553 goto ipv4ll_address_fail;
3554 }
3555
3556 r = sd_ipv4ll_new(&link->ipv4ll);
3557 if (r < 0)
3558 return log_link_error_errno(link, r, "Failed to create IPv4LL client: %m");
3559
3560 r = sd_ipv4ll_set_address(link->ipv4ll, &address.in);
3561 if (r < 0)
3562 return log_link_error_errno(link, r, "Failed to set initial IPv4LL address %s: %m", ipv4ll_address);
3563 }
3564
3565 ipv4ll_address_fail:
3566
3567 return 0;
3568 }
3569
3570 int link_add(Manager *m, sd_netlink_message *message, Link **ret) {
3571 _cleanup_(sd_device_unrefp) sd_device *device = NULL;
3572 char ifindex_str[2 + DECIMAL_STR_MAX(int)];
3573 Link *link;
3574 int r;
3575
3576 assert(m);
3577 assert(m->rtnl);
3578 assert(message);
3579 assert(ret);
3580
3581 r = link_new(m, message, ret);
3582 if (r < 0)
3583 return r;
3584
3585 link = *ret;
3586
3587 log_link_debug(link, "Link %d added", link->ifindex);
3588
3589 r = link_load(link);
3590 if (r < 0)
3591 return r;
3592
3593 if (detect_container() <= 0) {
3594 /* not in a container, udev will be around */
3595 sprintf(ifindex_str, "n%d", link->ifindex);
3596 r = sd_device_new_from_device_id(&device, ifindex_str);
3597 if (r < 0) {
3598 log_link_warning_errno(link, r, "Could not find device: %m");
3599 goto failed;
3600 }
3601
3602 r = sd_device_get_is_initialized(device);
3603 if (r < 0) {
3604 log_link_warning_errno(link, r, "Could not determine whether the device is initialized or not: %m");
3605 goto failed;
3606 }
3607 if (r == 0) {
3608 /* not yet ready */
3609 log_link_debug(link, "link pending udev initialization...");
3610 return 0;
3611 }
3612
3613 r = link_initialized(link, device);
3614 if (r < 0)
3615 goto failed;
3616 } else {
3617 r = link_initialized_and_synced(link);
3618 if (r < 0)
3619 goto failed;
3620 }
3621
3622 return 0;
3623 failed:
3624 link_enter_failed(link);
3625 return r;
3626 }
3627
3628 int link_ipv6ll_gained(Link *link, const struct in6_addr *address) {
3629 int r;
3630
3631 assert(link);
3632
3633 log_link_info(link, "Gained IPv6LL");
3634
3635 link->ipv6ll_address = *address;
3636 link_check_ready(link);
3637
3638 if (!IN_SET(link->state, LINK_STATE_PENDING, LINK_STATE_UNMANAGED, LINK_STATE_FAILED)) {
3639 r = link_acquire_ipv6_conf(link);
3640 if (r < 0) {
3641 link_enter_failed(link);
3642 return r;
3643 }
3644 }
3645
3646 return 0;
3647 }
3648
3649 static int link_carrier_gained(Link *link) {
3650 int r;
3651
3652 assert(link);
3653
3654 if (!IN_SET(link->state, LINK_STATE_PENDING, LINK_STATE_UNMANAGED, LINK_STATE_FAILED)) {
3655 r = link_acquire_conf(link);
3656 if (r < 0) {
3657 link_enter_failed(link);
3658 return r;
3659 }
3660
3661 r = link_request_set_addresses(link);
3662 if (r < 0)
3663 return r;
3664 }
3665
3666 r = link_handle_bound_by_list(link);
3667 if (r < 0)
3668 return r;
3669
3670 return 0;
3671 }
3672
3673 static int link_carrier_lost(Link *link) {
3674 int r;
3675
3676 assert(link);
3677
3678 if (link->network && link->network->ignore_carrier_loss)
3679 return 0;
3680
3681 /* Some devices reset itself while setting the MTU. This causes the DHCP client fall into a loop.
3682 * setting_mtu keep track whether the device got reset because of setting MTU and does not drop the
3683 * configuration and stop the clients as well. */
3684 if (link->setting_mtu)
3685 return 0;
3686
3687 r = link_stop_clients(link);
3688 if (r < 0) {
3689 link_enter_failed(link);
3690 return r;
3691 }
3692
3693 if (link_dhcp4_server_enabled(link))
3694 (void) sd_dhcp_server_stop(link->dhcp_server);
3695
3696 r = link_drop_config(link);
3697 if (r < 0)
3698 return r;
3699
3700 if (!IN_SET(link->state, LINK_STATE_UNMANAGED, LINK_STATE_PENDING)) {
3701 log_link_debug(link, "State is %s, dropping config", link_state_to_string(link->state));
3702 r = link_drop_foreign_config(link);
3703 if (r < 0)
3704 return r;
3705 }
3706
3707 r = link_handle_bound_by_list(link);
3708 if (r < 0)
3709 return r;
3710
3711 return 0;
3712 }
3713
3714 int link_carrier_reset(Link *link) {
3715 int r;
3716
3717 assert(link);
3718
3719 if (link_has_carrier(link)) {
3720 r = link_carrier_lost(link);
3721 if (r < 0)
3722 return r;
3723
3724 r = link_carrier_gained(link);
3725 if (r < 0)
3726 return r;
3727
3728 log_link_info(link, "Reset carrier");
3729 }
3730
3731 return 0;
3732 }
3733
3734 int link_update(Link *link, sd_netlink_message *m) {
3735 struct ether_addr mac;
3736 const char *ifname;
3737 uint32_t mtu;
3738 bool had_carrier, carrier_gained, carrier_lost;
3739 int r;
3740
3741 assert(link);
3742 assert(link->ifname);
3743 assert(m);
3744
3745 if (link->state == LINK_STATE_LINGER) {
3746 log_link_info(link, "Link readded");
3747 link_set_state(link, LINK_STATE_CONFIGURING);
3748
3749 r = link_new_carrier_maps(link);
3750 if (r < 0)
3751 return r;
3752 }
3753
3754 r = sd_netlink_message_read_string(m, IFLA_IFNAME, &ifname);
3755 if (r >= 0 && !streq(ifname, link->ifname)) {
3756 log_link_info(link, "Interface name change detected, %s has been renamed to %s.", link->ifname, ifname);
3757
3758 if (link->state == LINK_STATE_PENDING) {
3759 r = free_and_strdup(&link->ifname, ifname);
3760 if (r < 0)
3761 return r;
3762 } else {
3763 Manager *manager = link->manager;
3764
3765 link_drop(link);
3766 r = link_add(manager, m, &link);
3767 if (r < 0)
3768 return r;
3769 }
3770 }
3771
3772 r = sd_netlink_message_read_u32(m, IFLA_MTU, &mtu);
3773 if (r >= 0 && mtu > 0) {
3774 link->mtu = mtu;
3775 if (link->original_mtu == 0) {
3776 link->original_mtu = mtu;
3777 log_link_debug(link, "Saved original MTU: %" PRIu32, link->original_mtu);
3778 }
3779
3780 if (link->dhcp_client) {
3781 r = sd_dhcp_client_set_mtu(link->dhcp_client,
3782 link->mtu);
3783 if (r < 0)
3784 return log_link_warning_errno(link, r, "Could not update MTU in DHCP client: %m");
3785 }
3786
3787 if (link->radv) {
3788 r = sd_radv_set_mtu(link->radv, link->mtu);
3789 if (r < 0)
3790 return log_link_warning_errno(link, r, "Could not set MTU for Router Advertisement: %m");
3791 }
3792 }
3793
3794 /* The kernel may broadcast NEWLINK messages without the MAC address
3795 set, simply ignore them. */
3796 r = sd_netlink_message_read_ether_addr(m, IFLA_ADDRESS, &mac);
3797 if (r >= 0) {
3798 if (memcmp(link->mac.ether_addr_octet, mac.ether_addr_octet,
3799 ETH_ALEN)) {
3800
3801 memcpy(link->mac.ether_addr_octet, mac.ether_addr_octet,
3802 ETH_ALEN);
3803
3804 log_link_debug(link, "MAC address: "
3805 "%02hhx:%02hhx:%02hhx:%02hhx:%02hhx:%02hhx",
3806 mac.ether_addr_octet[0],
3807 mac.ether_addr_octet[1],
3808 mac.ether_addr_octet[2],
3809 mac.ether_addr_octet[3],
3810 mac.ether_addr_octet[4],
3811 mac.ether_addr_octet[5]);
3812
3813 if (link->ipv4ll) {
3814 r = sd_ipv4ll_set_mac(link->ipv4ll, &link->mac);
3815 if (r < 0)
3816 return log_link_warning_errno(link, r, "Could not update MAC address in IPv4LL client: %m");
3817 }
3818
3819 if (link->dhcp_client) {
3820 r = sd_dhcp_client_set_mac(link->dhcp_client,
3821 (const uint8_t *) &link->mac,
3822 sizeof (link->mac),
3823 ARPHRD_ETHER);
3824 if (r < 0)
3825 return log_link_warning_errno(link, r, "Could not update MAC address in DHCP client: %m");
3826
3827 r = dhcp4_set_client_identifier(link);
3828 if (r < 0)
3829 return r;
3830 }
3831
3832 if (link->dhcp6_client) {
3833 const DUID* duid = link_get_duid(link);
3834
3835 r = sd_dhcp6_client_set_mac(link->dhcp6_client,
3836 (const uint8_t *) &link->mac,
3837 sizeof (link->mac),
3838 ARPHRD_ETHER);
3839 if (r < 0)
3840 return log_link_warning_errno(link, r, "Could not update MAC address in DHCPv6 client: %m");
3841
3842 if (link->network->iaid_set) {
3843 r = sd_dhcp6_client_set_iaid(link->dhcp6_client,
3844 link->network->iaid);
3845 if (r < 0)
3846 return log_link_warning_errno(link, r, "Could not update DHCPv6 IAID: %m");
3847 }
3848
3849 r = sd_dhcp6_client_set_duid(link->dhcp6_client,
3850 duid->type,
3851 duid->raw_data_len > 0 ? duid->raw_data : NULL,
3852 duid->raw_data_len);
3853 if (r < 0)
3854 return log_link_warning_errno(link, r, "Could not update DHCPv6 DUID: %m");
3855 }
3856
3857 if (link->radv) {
3858 r = sd_radv_set_mac(link->radv, &link->mac);
3859 if (r < 0)
3860 return log_link_warning_errno(link, r, "Could not update MAC for Router Advertisement: %m");
3861 }
3862
3863 if (link->ndisc) {
3864 r = sd_ndisc_set_mac(link->ndisc, &link->mac);
3865 if (r < 0)
3866 return log_link_warning_errno(link, r, "Could not update MAC for ndisc: %m");
3867 }
3868 }
3869 }
3870
3871 had_carrier = link_has_carrier(link);
3872
3873 r = link_update_flags(link, m);
3874 if (r < 0)
3875 return r;
3876
3877 r = link_update_lldp(link);
3878 if (r < 0)
3879 return r;
3880
3881 carrier_gained = !had_carrier && link_has_carrier(link);
3882 carrier_lost = had_carrier && !link_has_carrier(link);
3883
3884 if (carrier_gained) {
3885 log_link_info(link, "Gained carrier");
3886
3887 r = link_carrier_gained(link);
3888 if (r < 0)
3889 return r;
3890 } else if (carrier_lost) {
3891 log_link_info(link, "Lost carrier");
3892
3893 r = link_carrier_lost(link);
3894 if (r < 0)
3895 return r;
3896 }
3897
3898 return 0;
3899 }
3900
3901 static void print_link_hashmap(FILE *f, const char *prefix, Hashmap* h) {
3902 bool space = false;
3903 Iterator i;
3904 Link *link;
3905
3906 assert(f);
3907 assert(prefix);
3908
3909 if (hashmap_isempty(h))
3910 return;
3911
3912 fputs(prefix, f);
3913 HASHMAP_FOREACH(link, h, i) {
3914 if (space)
3915 fputc(' ', f);
3916
3917 fprintf(f, "%i", link->ifindex);
3918 space = true;
3919 }
3920
3921 fputc('\n', f);
3922 }
3923
3924 int link_save(Link *link) {
3925 _cleanup_free_ char *temp_path = NULL;
3926 _cleanup_fclose_ FILE *f = NULL;
3927 const char *admin_state, *oper_state;
3928 Address *a;
3929 Route *route;
3930 Iterator i;
3931 int r;
3932
3933 assert(link);
3934 assert(link->state_file);
3935 assert(link->lease_file);
3936 assert(link->manager);
3937
3938 if (link->state == LINK_STATE_LINGER) {
3939 unlink(link->state_file);
3940 return 0;
3941 }
3942
3943 link_lldp_save(link);
3944
3945 admin_state = link_state_to_string(link->state);
3946 assert(admin_state);
3947
3948 oper_state = link_operstate_to_string(link->operstate);
3949 assert(oper_state);
3950
3951 r = fopen_temporary(link->state_file, &f, &temp_path);
3952 if (r < 0)
3953 goto fail;
3954
3955 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
3956 (void) fchmod(fileno(f), 0644);
3957
3958 fprintf(f,
3959 "# This is private data. Do not parse.\n"
3960 "ADMIN_STATE=%s\n"
3961 "OPER_STATE=%s\n",
3962 admin_state, oper_state);
3963
3964 if (link->network) {
3965 bool space;
3966 sd_dhcp6_lease *dhcp6_lease = NULL;
3967 const char *dhcp_domainname = NULL;
3968 char **dhcp6_domains = NULL;
3969 char **dhcp_domains = NULL;
3970 unsigned j;
3971
3972 fprintf(f, "REQUIRED_FOR_ONLINE=%s\n",
3973 yes_no(link->network->required_for_online));
3974
3975 if (link->dhcp6_client) {
3976 r = sd_dhcp6_client_get_lease(link->dhcp6_client, &dhcp6_lease);
3977 if (r < 0 && r != -ENOMSG)
3978 log_link_debug(link, "No DHCPv6 lease");
3979 }
3980
3981 fprintf(f, "NETWORK_FILE=%s\n", link->network->filename);
3982
3983 fputs("DNS=", f);
3984 space = false;
3985
3986 for (j = 0; j < link->network->n_dns; j++) {
3987 _cleanup_free_ char *b = NULL;
3988
3989 r = in_addr_to_string(link->network->dns[j].family,
3990 &link->network->dns[j].address, &b);
3991 if (r < 0) {
3992 log_debug_errno(r, "Failed to format address, ignoring: %m");
3993 continue;
3994 }
3995
3996 if (space)
3997 fputc(' ', f);
3998 fputs(b, f);
3999 space = true;
4000 }
4001
4002 if (link->network->dhcp_use_dns &&
4003 link->dhcp_lease) {
4004 const struct in_addr *addresses;
4005
4006 r = sd_dhcp_lease_get_dns(link->dhcp_lease, &addresses);
4007 if (r > 0) {
4008 if (space)
4009 fputc(' ', f);
4010 serialize_in_addrs(f, addresses, r);
4011 space = true;
4012 }
4013 }
4014
4015 if (link->network->dhcp_use_dns && dhcp6_lease) {
4016 struct in6_addr *in6_addrs;
4017
4018 r = sd_dhcp6_lease_get_dns(dhcp6_lease, &in6_addrs);
4019 if (r > 0) {
4020 if (space)
4021 fputc(' ', f);
4022 serialize_in6_addrs(f, in6_addrs, r);
4023 space = true;
4024 }
4025 }
4026
4027 /* Make sure to flush out old entries before we use the NDISC data */
4028 ndisc_vacuum(link);
4029
4030 if (link->network->ipv6_accept_ra_use_dns && link->ndisc_rdnss) {
4031 NDiscRDNSS *dd;
4032
4033 SET_FOREACH(dd, link->ndisc_rdnss, i) {
4034 if (space)
4035 fputc(' ', f);
4036
4037 serialize_in6_addrs(f, &dd->address, 1);
4038 space = true;
4039 }
4040 }
4041
4042 fputc('\n', f);
4043
4044 fputs("NTP=", f);
4045 space = false;
4046 fputstrv(f, link->network->ntp, NULL, &space);
4047
4048 if (link->network->dhcp_use_ntp &&
4049 link->dhcp_lease) {
4050 const struct in_addr *addresses;
4051
4052 r = sd_dhcp_lease_get_ntp(link->dhcp_lease, &addresses);
4053 if (r > 0) {
4054 if (space)
4055 fputc(' ', f);
4056 serialize_in_addrs(f, addresses, r);
4057 space = true;
4058 }
4059 }
4060
4061 if (link->network->dhcp_use_ntp && dhcp6_lease) {
4062 struct in6_addr *in6_addrs;
4063 char **hosts;
4064
4065 r = sd_dhcp6_lease_get_ntp_addrs(dhcp6_lease,
4066 &in6_addrs);
4067 if (r > 0) {
4068 if (space)
4069 fputc(' ', f);
4070 serialize_in6_addrs(f, in6_addrs, r);
4071 space = true;
4072 }
4073
4074 r = sd_dhcp6_lease_get_ntp_fqdn(dhcp6_lease, &hosts);
4075 if (r > 0)
4076 fputstrv(f, hosts, NULL, &space);
4077 }
4078
4079 fputc('\n', f);
4080
4081 if (link->network->dhcp_use_domains != DHCP_USE_DOMAINS_NO) {
4082 if (link->dhcp_lease) {
4083 (void) sd_dhcp_lease_get_domainname(link->dhcp_lease, &dhcp_domainname);
4084 (void) sd_dhcp_lease_get_search_domains(link->dhcp_lease, &dhcp_domains);
4085 }
4086 if (dhcp6_lease)
4087 (void) sd_dhcp6_lease_get_domains(dhcp6_lease, &dhcp6_domains);
4088 }
4089
4090 fputs("DOMAINS=", f);
4091 space = false;
4092 fputstrv(f, link->network->search_domains, NULL, &space);
4093
4094 if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_YES) {
4095 NDiscDNSSL *dd;
4096
4097 if (dhcp_domainname)
4098 fputs_with_space(f, dhcp_domainname, NULL, &space);
4099 if (dhcp_domains)
4100 fputstrv(f, dhcp_domains, NULL, &space);
4101 if (dhcp6_domains)
4102 fputstrv(f, dhcp6_domains, NULL, &space);
4103
4104 SET_FOREACH(dd, link->ndisc_dnssl, i)
4105 fputs_with_space(f, NDISC_DNSSL_DOMAIN(dd), NULL, &space);
4106 }
4107
4108 fputc('\n', f);
4109
4110 fputs("ROUTE_DOMAINS=", f);
4111 space = false;
4112 fputstrv(f, link->network->route_domains, NULL, &space);
4113
4114 if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_ROUTE) {
4115 NDiscDNSSL *dd;
4116
4117 if (dhcp_domainname)
4118 fputs_with_space(f, dhcp_domainname, NULL, &space);
4119 if (dhcp_domains)
4120 fputstrv(f, dhcp_domains, NULL, &space);
4121 if (dhcp6_domains)
4122 fputstrv(f, dhcp6_domains, NULL, &space);
4123
4124 SET_FOREACH(dd, link->ndisc_dnssl, i)
4125 fputs_with_space(f, NDISC_DNSSL_DOMAIN(dd), NULL, &space);
4126 }
4127
4128 fputc('\n', f);
4129
4130 fprintf(f, "LLMNR=%s\n",
4131 resolve_support_to_string(link->network->llmnr));
4132 fprintf(f, "MDNS=%s\n",
4133 resolve_support_to_string(link->network->mdns));
4134 if (link->network->dns_default_route >= 0)
4135 fprintf(f, "DNS_DEFAULT_ROUTE=%s\n", yes_no(link->network->dns_default_route));
4136
4137 if (link->network->dns_over_tls_mode != _DNS_OVER_TLS_MODE_INVALID)
4138 fprintf(f, "DNS_OVER_TLS=%s\n",
4139 dns_over_tls_mode_to_string(link->network->dns_over_tls_mode));
4140
4141 if (link->network->dnssec_mode != _DNSSEC_MODE_INVALID)
4142 fprintf(f, "DNSSEC=%s\n",
4143 dnssec_mode_to_string(link->network->dnssec_mode));
4144
4145 if (!set_isempty(link->network->dnssec_negative_trust_anchors)) {
4146 const char *n;
4147
4148 fputs("DNSSEC_NTA=", f);
4149 space = false;
4150 SET_FOREACH(n, link->network->dnssec_negative_trust_anchors, i)
4151 fputs_with_space(f, n, NULL, &space);
4152 fputc('\n', f);
4153 }
4154
4155 fputs("ADDRESSES=", f);
4156 space = false;
4157 SET_FOREACH(a, link->addresses, i) {
4158 _cleanup_free_ char *address_str = NULL;
4159
4160 r = in_addr_to_string(a->family, &a->in_addr, &address_str);
4161 if (r < 0)
4162 goto fail;
4163
4164 fprintf(f, "%s%s/%u", space ? " " : "", address_str, a->prefixlen);
4165 space = true;
4166 }
4167 fputc('\n', f);
4168
4169 fputs("ROUTES=", f);
4170 space = false;
4171 SET_FOREACH(route, link->routes, i) {
4172 _cleanup_free_ char *route_str = NULL;
4173
4174 r = in_addr_to_string(route->family, &route->dst, &route_str);
4175 if (r < 0)
4176 goto fail;
4177
4178 fprintf(f, "%s%s/%hhu/%hhu/%"PRIu32"/%"PRIu32"/"USEC_FMT,
4179 space ? " " : "", route_str,
4180 route->dst_prefixlen, route->tos, route->priority, route->table, route->lifetime);
4181 space = true;
4182 }
4183
4184 fputc('\n', f);
4185 }
4186
4187 print_link_hashmap(f, "CARRIER_BOUND_TO=", link->bound_to_links);
4188 print_link_hashmap(f, "CARRIER_BOUND_BY=", link->bound_by_links);
4189
4190 if (link->dhcp_lease) {
4191 struct in_addr address;
4192 const char *tz = NULL;
4193
4194 assert(link->network);
4195
4196 r = sd_dhcp_lease_get_timezone(link->dhcp_lease, &tz);
4197 if (r >= 0)
4198 fprintf(f, "TIMEZONE=%s\n", tz);
4199
4200 r = sd_dhcp_lease_get_address(link->dhcp_lease, &address);
4201 if (r >= 0) {
4202 fputs("DHCP4_ADDRESS=", f);
4203 serialize_in_addrs(f, &address, 1);
4204 fputc('\n', f);
4205 }
4206
4207 r = dhcp_lease_save(link->dhcp_lease, link->lease_file);
4208 if (r < 0)
4209 goto fail;
4210
4211 fprintf(f,
4212 "DHCP_LEASE=%s\n",
4213 link->lease_file);
4214 } else
4215 unlink(link->lease_file);
4216
4217 if (link->ipv4ll) {
4218 struct in_addr address;
4219
4220 r = sd_ipv4ll_get_address(link->ipv4ll, &address);
4221 if (r >= 0) {
4222 fputs("IPV4LL_ADDRESS=", f);
4223 serialize_in_addrs(f, &address, 1);
4224 fputc('\n', f);
4225 }
4226 }
4227
4228 r = fflush_and_check(f);
4229 if (r < 0)
4230 goto fail;
4231
4232 if (rename(temp_path, link->state_file) < 0) {
4233 r = -errno;
4234 goto fail;
4235 }
4236
4237 return 0;
4238
4239 fail:
4240 (void) unlink(link->state_file);
4241 if (temp_path)
4242 (void) unlink(temp_path);
4243
4244 return log_link_error_errno(link, r, "Failed to save link data to %s: %m", link->state_file);
4245 }
4246
4247 /* The serialized state in /run is no longer up-to-date. */
4248 void link_dirty(Link *link) {
4249 int r;
4250
4251 assert(link);
4252
4253 /* mark manager dirty as link is dirty */
4254 manager_dirty(link->manager);
4255
4256 r = set_ensure_allocated(&link->manager->dirty_links, NULL);
4257 if (r < 0)
4258 /* allocation errors are ignored */
4259 return;
4260
4261 r = set_put(link->manager->dirty_links, link);
4262 if (r <= 0)
4263 /* don't take another ref if the link was already dirty */
4264 return;
4265
4266 link_ref(link);
4267 }
4268
4269 /* The serialized state in /run is up-to-date */
4270 void link_clean(Link *link) {
4271 assert(link);
4272 assert(link->manager);
4273
4274 link_unref(set_remove(link->manager->dirty_links, link));
4275 }
4276
4277 static const char* const link_state_table[_LINK_STATE_MAX] = {
4278 [LINK_STATE_PENDING] = "pending",
4279 [LINK_STATE_CONFIGURING] = "configuring",
4280 [LINK_STATE_CONFIGURED] = "configured",
4281 [LINK_STATE_UNMANAGED] = "unmanaged",
4282 [LINK_STATE_FAILED] = "failed",
4283 [LINK_STATE_LINGER] = "linger",
4284 };
4285
4286 DEFINE_STRING_TABLE_LOOKUP(link_state, LinkState);
4287
4288 static const char* const link_operstate_table[_LINK_OPERSTATE_MAX] = {
4289 [LINK_OPERSTATE_OFF] = "off",
4290 [LINK_OPERSTATE_NO_CARRIER] = "no-carrier",
4291 [LINK_OPERSTATE_DORMANT] = "dormant",
4292 [LINK_OPERSTATE_CARRIER] = "carrier",
4293 [LINK_OPERSTATE_DEGRADED] = "degraded",
4294 [LINK_OPERSTATE_ENSLAVED] = "enslaved",
4295 [LINK_OPERSTATE_ROUTABLE] = "routable",
4296 };
4297
4298 DEFINE_STRING_TABLE_LOOKUP(link_operstate, LinkOperationalState);
Unnamed repository; edit this file 'description' to name the repository.