]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/networkd-link.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #11698 from yuwata/fix-network-route-table
[thirdparty/systemd.git] / src / network / networkd-link.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <netinet/ether.h>
4 #include <linux/if.h>
5 #include <linux/can/netlink.h>
6 #include <unistd.h>
7 #include <stdio_ext.h>
8
9 #include "alloc-util.h"
10 #include "bus-util.h"
11 #include "dhcp-identifier.h"
12 #include "dhcp-lease-internal.h"
13 #include "env-file.h"
14 #include "fd-util.h"
15 #include "fileio.h"
16 #include "missing_network.h"
17 #include "netdev/vrf.h"
18 #include "netlink-util.h"
19 #include "network-internal.h"
20 #include "networkd-ipv6-proxy-ndp.h"
21 #include "networkd-lldp-tx.h"
22 #include "networkd-manager.h"
23 #include "networkd-ndisc.h"
24 #include "networkd-neighbor.h"
25 #include "networkd-radv.h"
26 #include "networkd-routing-policy-rule.h"
27 #include "set.h"
28 #include "socket-util.h"
29 #include "stdio-util.h"
30 #include "string-table.h"
31 #include "strv.h"
32 #include "tmpfile-util.h"
33 #include "util.h"
34 #include "virt.h"
35
36 uint32_t link_get_vrf_table(Link *link) {
37 return link->network->vrf ? VRF(link->network->vrf)->table : RT_TABLE_MAIN;
38 }
39
40 uint32_t link_get_dhcp_route_table(Link *link) {
41 /* When the interface is part of an VRF use the VRFs routing table, unless
42 * another table is explicitly specified. */
43 if (link->network->dhcp_route_table_set)
44 return link->network->dhcp_route_table;
45 return link_get_vrf_table(link);
46 }
47
48 uint32_t link_get_ipv6_accept_ra_route_table(Link *link) {
49 if (link->network->ipv6_accept_ra_route_table_set)
50 return link->network->ipv6_accept_ra_route_table;
51 return link_get_vrf_table(link);
52 }
53
54 DUID* link_get_duid(Link *link) {
55 if (link->network->duid.type != _DUID_TYPE_INVALID)
56 return &link->network->duid;
57 else
58 return &link->manager->duid;
59 }
60
61 static bool link_dhcp6_enabled(Link *link) {
62 assert(link);
63
64 if (!socket_ipv6_is_supported())
65 return false;
66
67 if (link->flags & IFF_LOOPBACK)
68 return false;
69
70 if (!link->network)
71 return false;
72
73 return link->network->dhcp & ADDRESS_FAMILY_IPV6;
74 }
75
76 static bool link_dhcp4_enabled(Link *link) {
77 assert(link);
78
79 if (link->flags & IFF_LOOPBACK)
80 return false;
81
82 if (!link->network)
83 return false;
84
85 return link->network->dhcp & ADDRESS_FAMILY_IPV4;
86 }
87
88 static bool link_dhcp4_server_enabled(Link *link) {
89 assert(link);
90
91 if (link->flags & IFF_LOOPBACK)
92 return false;
93
94 if (!link->network)
95 return false;
96
97 return link->network->dhcp_server;
98 }
99
100 static bool link_ipv4ll_enabled(Link *link) {
101 assert(link);
102
103 if (link->flags & IFF_LOOPBACK)
104 return false;
105
106 if (!link->network)
107 return false;
108
109 if (STRPTR_IN_SET(link->kind, "vrf", "wireguard"))
110 return false;
111
112 return link->network->link_local & ADDRESS_FAMILY_IPV4;
113 }
114
115 static bool link_ipv6ll_enabled(Link *link) {
116 assert(link);
117
118 if (!socket_ipv6_is_supported())
119 return false;
120
121 if (link->flags & IFF_LOOPBACK)
122 return false;
123
124 if (!link->network)
125 return false;
126
127 if (STRPTR_IN_SET(link->kind, "vrf", "wireguard"))
128 return false;
129
130 return link->network->link_local & ADDRESS_FAMILY_IPV6;
131 }
132
133 static bool link_ipv6_enabled(Link *link) {
134 assert(link);
135
136 if (!socket_ipv6_is_supported())
137 return false;
138
139 if (link->network->bridge)
140 return false;
141
142 /* DHCPv6 client will not be started if no IPv6 link-local address is configured. */
143 return link_ipv6ll_enabled(link) || network_has_static_ipv6_addresses(link->network);
144 }
145
146 static bool link_radv_enabled(Link *link) {
147 assert(link);
148
149 if (!link_ipv6ll_enabled(link))
150 return false;
151
152 return link->network->router_prefix_delegation != RADV_PREFIX_DELEGATION_NONE;
153 }
154
155 static bool link_lldp_rx_enabled(Link *link) {
156 assert(link);
157
158 if (link->flags & IFF_LOOPBACK)
159 return false;
160
161 if (link->iftype != ARPHRD_ETHER)
162 return false;
163
164 if (!link->network)
165 return false;
166
167 /* LLDP should be handled on bridge slaves as those have a direct
168 * connection to their peers not on the bridge master. Linux doesn't
169 * even (by default) forward lldp packets to the bridge master.*/
170 if (streq_ptr("bridge", link->kind))
171 return false;
172
173 return link->network->lldp_mode != LLDP_MODE_NO;
174 }
175
176 static bool link_lldp_emit_enabled(Link *link) {
177 assert(link);
178
179 if (link->flags & IFF_LOOPBACK)
180 return false;
181
182 if (link->iftype != ARPHRD_ETHER)
183 return false;
184
185 if (!link->network)
186 return false;
187
188 return link->network->lldp_emit != LLDP_EMIT_NO;
189 }
190
191 static bool link_ipv4_forward_enabled(Link *link) {
192 assert(link);
193
194 if (link->flags & IFF_LOOPBACK)
195 return false;
196
197 if (!link->network)
198 return false;
199
200 if (link->network->ip_forward == _ADDRESS_FAMILY_BOOLEAN_INVALID)
201 return false;
202
203 return link->network->ip_forward & ADDRESS_FAMILY_IPV4;
204 }
205
206 static bool link_ipv6_forward_enabled(Link *link) {
207 assert(link);
208
209 if (!socket_ipv6_is_supported())
210 return false;
211
212 if (link->flags & IFF_LOOPBACK)
213 return false;
214
215 if (!link->network)
216 return false;
217
218 if (link->network->ip_forward == _ADDRESS_FAMILY_BOOLEAN_INVALID)
219 return false;
220
221 return link->network->ip_forward & ADDRESS_FAMILY_IPV6;
222 }
223
224 static bool link_proxy_arp_enabled(Link *link) {
225 assert(link);
226
227 if (link->flags & IFF_LOOPBACK)
228 return false;
229
230 if (!link->network)
231 return false;
232
233 if (link->network->proxy_arp < 0)
234 return false;
235
236 return true;
237 }
238
239 static bool link_ipv6_accept_ra_enabled(Link *link) {
240 assert(link);
241
242 if (!socket_ipv6_is_supported())
243 return false;
244
245 if (link->flags & IFF_LOOPBACK)
246 return false;
247
248 if (!link->network)
249 return false;
250
251 if (!link_ipv6ll_enabled(link))
252 return false;
253
254 /* If unset use system default (enabled if local forwarding is disabled.
255 * disabled if local forwarding is enabled).
256 * If set, ignore or enforce RA independent of local forwarding state.
257 */
258 if (link->network->ipv6_accept_ra < 0)
259 /* default to accept RA if ip_forward is disabled and ignore RA if ip_forward is enabled */
260 return !link_ipv6_forward_enabled(link);
261 else if (link->network->ipv6_accept_ra > 0)
262 /* accept RA even if ip_forward is enabled */
263 return true;
264 else
265 /* ignore RA */
266 return false;
267 }
268
269 static IPv6PrivacyExtensions link_ipv6_privacy_extensions(Link *link) {
270 assert(link);
271
272 if (!socket_ipv6_is_supported())
273 return _IPV6_PRIVACY_EXTENSIONS_INVALID;
274
275 if (link->flags & IFF_LOOPBACK)
276 return _IPV6_PRIVACY_EXTENSIONS_INVALID;
277
278 if (!link->network)
279 return _IPV6_PRIVACY_EXTENSIONS_INVALID;
280
281 return link->network->ipv6_privacy_extensions;
282 }
283
284 static int link_enable_ipv6(Link *link) {
285 const char *p = NULL;
286 bool disabled;
287 int r;
288
289 if (link->flags & IFF_LOOPBACK)
290 return 0;
291
292 disabled = !link_ipv6_enabled(link);
293
294 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/disable_ipv6");
295
296 r = write_string_file(p, one_zero(disabled), WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
297 if (r < 0)
298 log_link_warning_errno(link, r, "Cannot %s IPv6 for interface %s: %m",
299 enable_disable(!disabled), link->ifname);
300 else
301 log_link_info(link, "IPv6 successfully %sd", enable_disable(!disabled));
302
303 return 0;
304 }
305
306 void link_update_operstate(Link *link) {
307 LinkOperationalState operstate;
308 assert(link);
309
310 if (link->kernel_operstate == IF_OPER_DORMANT)
311 operstate = LINK_OPERSTATE_DORMANT;
312 else if (link_has_carrier(link)) {
313 Address *address;
314 uint8_t scope = RT_SCOPE_NOWHERE;
315 Iterator i;
316
317 /* if we have carrier, check what addresses we have */
318 SET_FOREACH(address, link->addresses, i) {
319 if (!address_is_ready(address))
320 continue;
321
322 if (address->scope < scope)
323 scope = address->scope;
324 }
325
326 /* for operstate we also take foreign addresses into account */
327 SET_FOREACH(address, link->addresses_foreign, i) {
328 if (!address_is_ready(address))
329 continue;
330
331 if (address->scope < scope)
332 scope = address->scope;
333 }
334
335 if (scope < RT_SCOPE_SITE)
336 /* universally accessible addresses found */
337 operstate = LINK_OPERSTATE_ROUTABLE;
338 else if (scope < RT_SCOPE_HOST)
339 /* only link or site local addresses found */
340 operstate = LINK_OPERSTATE_DEGRADED;
341 else
342 /* no useful addresses found */
343 operstate = LINK_OPERSTATE_CARRIER;
344 } else if (link->flags & IFF_UP)
345 operstate = LINK_OPERSTATE_NO_CARRIER;
346 else
347 operstate = LINK_OPERSTATE_OFF;
348
349 if (link->operstate != operstate) {
350 link->operstate = operstate;
351 link_send_changed(link, "OperationalState", NULL);
352 link_dirty(link);
353 }
354 }
355
356 #define FLAG_STRING(string, flag, old, new) \
357 (((old ^ new) & flag) \
358 ? ((old & flag) ? (" -" string) : (" +" string)) \
359 : "")
360
361 static int link_update_flags(Link *link, sd_netlink_message *m) {
362 unsigned flags, unknown_flags_added, unknown_flags_removed, unknown_flags;
363 uint8_t operstate;
364 int r;
365
366 assert(link);
367
368 r = sd_rtnl_message_link_get_flags(m, &flags);
369 if (r < 0)
370 return log_link_warning_errno(link, r, "Could not get link flags: %m");
371
372 r = sd_netlink_message_read_u8(m, IFLA_OPERSTATE, &operstate);
373 if (r < 0)
374 /* if we got a message without operstate, take it to mean
375 the state was unchanged */
376 operstate = link->kernel_operstate;
377
378 if ((link->flags == flags) && (link->kernel_operstate == operstate))
379 return 0;
380
381 if (link->flags != flags) {
382 log_link_debug(link, "Flags change:%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
383 FLAG_STRING("LOOPBACK", IFF_LOOPBACK, link->flags, flags),
384 FLAG_STRING("MASTER", IFF_MASTER, link->flags, flags),
385 FLAG_STRING("SLAVE", IFF_SLAVE, link->flags, flags),
386 FLAG_STRING("UP", IFF_UP, link->flags, flags),
387 FLAG_STRING("DORMANT", IFF_DORMANT, link->flags, flags),
388 FLAG_STRING("LOWER_UP", IFF_LOWER_UP, link->flags, flags),
389 FLAG_STRING("RUNNING", IFF_RUNNING, link->flags, flags),
390 FLAG_STRING("MULTICAST", IFF_MULTICAST, link->flags, flags),
391 FLAG_STRING("BROADCAST", IFF_BROADCAST, link->flags, flags),
392 FLAG_STRING("POINTOPOINT", IFF_POINTOPOINT, link->flags, flags),
393 FLAG_STRING("PROMISC", IFF_PROMISC, link->flags, flags),
394 FLAG_STRING("ALLMULTI", IFF_ALLMULTI, link->flags, flags),
395 FLAG_STRING("PORTSEL", IFF_PORTSEL, link->flags, flags),
396 FLAG_STRING("AUTOMEDIA", IFF_AUTOMEDIA, link->flags, flags),
397 FLAG_STRING("DYNAMIC", IFF_DYNAMIC, link->flags, flags),
398 FLAG_STRING("NOARP", IFF_NOARP, link->flags, flags),
399 FLAG_STRING("NOTRAILERS", IFF_NOTRAILERS, link->flags, flags),
400 FLAG_STRING("DEBUG", IFF_DEBUG, link->flags, flags),
401 FLAG_STRING("ECHO", IFF_ECHO, link->flags, flags));
402
403 unknown_flags = ~(IFF_LOOPBACK | IFF_MASTER | IFF_SLAVE | IFF_UP |
404 IFF_DORMANT | IFF_LOWER_UP | IFF_RUNNING |
405 IFF_MULTICAST | IFF_BROADCAST | IFF_POINTOPOINT |
406 IFF_PROMISC | IFF_ALLMULTI | IFF_PORTSEL |
407 IFF_AUTOMEDIA | IFF_DYNAMIC | IFF_NOARP |
408 IFF_NOTRAILERS | IFF_DEBUG | IFF_ECHO);
409 unknown_flags_added = ((link->flags ^ flags) & flags & unknown_flags);
410 unknown_flags_removed = ((link->flags ^ flags) & link->flags & unknown_flags);
411
412 /* link flags are currently at most 18 bits, let's align to
413 * printing 20 */
414 if (unknown_flags_added)
415 log_link_debug(link,
416 "Unknown link flags gained: %#.5x (ignoring)",
417 unknown_flags_added);
418
419 if (unknown_flags_removed)
420 log_link_debug(link,
421 "Unknown link flags lost: %#.5x (ignoring)",
422 unknown_flags_removed);
423 }
424
425 link->flags = flags;
426 link->kernel_operstate = operstate;
427
428 link_update_operstate(link);
429
430 return 0;
431 }
432
433 DEFINE_TRIVIAL_CLEANUP_FUNC(Link*, link_unref);
434
435 static int link_new(Manager *manager, sd_netlink_message *message, Link **ret) {
436 _cleanup_(link_unrefp) Link *link = NULL;
437 uint16_t type;
438 const char *ifname, *kind = NULL;
439 int r, ifindex;
440 unsigned short iftype;
441
442 assert(manager);
443 assert(message);
444 assert(ret);
445
446 /* check for link kind */
447 r = sd_netlink_message_enter_container(message, IFLA_LINKINFO);
448 if (r == 0) {
449 (void) sd_netlink_message_read_string(message, IFLA_INFO_KIND, &kind);
450 r = sd_netlink_message_exit_container(message);
451 if (r < 0)
452 return r;
453 }
454
455 r = sd_netlink_message_get_type(message, &type);
456 if (r < 0)
457 return r;
458 else if (type != RTM_NEWLINK)
459 return -EINVAL;
460
461 r = sd_rtnl_message_link_get_ifindex(message, &ifindex);
462 if (r < 0)
463 return r;
464 else if (ifindex <= 0)
465 return -EINVAL;
466
467 r = sd_rtnl_message_link_get_type(message, &iftype);
468 if (r < 0)
469 return r;
470
471 r = sd_netlink_message_read_string(message, IFLA_IFNAME, &ifname);
472 if (r < 0)
473 return r;
474
475 link = new(Link, 1);
476 if (!link)
477 return -ENOMEM;
478
479 *link = (Link) {
480 .n_ref = 1,
481 .manager = manager,
482 .state = LINK_STATE_PENDING,
483 .rtnl_extended_attrs = true,
484 .ifindex = ifindex,
485 .iftype = iftype,
486 };
487
488 link->ifname = strdup(ifname);
489 if (!link->ifname)
490 return -ENOMEM;
491
492 if (kind) {
493 link->kind = strdup(kind);
494 if (!link->kind)
495 return -ENOMEM;
496 }
497
498 r = sd_netlink_message_read_u32(message, IFLA_MASTER, (uint32_t *)&link->master_ifindex);
499 if (r < 0)
500 log_link_debug_errno(link, r, "New device has no master, continuing without");
501
502 r = sd_netlink_message_read_ether_addr(message, IFLA_ADDRESS, &link->mac);
503 if (r < 0)
504 log_link_debug_errno(link, r, "MAC address not found for new device, continuing without");
505
506 if (asprintf(&link->state_file, "/run/systemd/netif/links/%d", link->ifindex) < 0)
507 return -ENOMEM;
508
509 if (asprintf(&link->lease_file, "/run/systemd/netif/leases/%d", link->ifindex) < 0)
510 return -ENOMEM;
511
512 if (asprintf(&link->lldp_file, "/run/systemd/netif/lldp/%d", link->ifindex) < 0)
513 return -ENOMEM;
514
515 r = hashmap_ensure_allocated(&manager->links, NULL);
516 if (r < 0)
517 return r;
518
519 r = hashmap_put(manager->links, INT_TO_PTR(link->ifindex), link);
520 if (r < 0)
521 return r;
522
523 r = link_update_flags(link, message);
524 if (r < 0)
525 return r;
526
527 *ret = TAKE_PTR(link);
528
529 return 0;
530 }
531
532 static void link_detach_from_manager(Link *link) {
533 if (!link || !link->manager)
534 return;
535
536 hashmap_remove(link->manager->links, INT_TO_PTR(link->ifindex));
537 set_remove(link->manager->links_requesting_uuid, link);
538 link_clean(link);
539 }
540
541 static Link *link_free(Link *link) {
542 Address *address;
543 Link *carrier;
544 Route *route;
545 Iterator i;
546
547 assert(link);
548
549 while ((route = set_first(link->routes)))
550 route_free(route);
551
552 while ((route = set_first(link->routes_foreign)))
553 route_free(route);
554
555 link->routes = set_free(link->routes);
556 link->routes_foreign = set_free(link->routes_foreign);
557
558 while ((address = set_first(link->addresses)))
559 address_free(address);
560
561 while ((address = set_first(link->addresses_foreign)))
562 address_free(address);
563
564 link->addresses = set_free(link->addresses);
565 link->addresses_foreign = set_free(link->addresses_foreign);
566
567 while ((address = link->pool_addresses)) {
568 LIST_REMOVE(addresses, link->pool_addresses, address);
569 address_free(address);
570 }
571
572 sd_dhcp_server_unref(link->dhcp_server);
573 sd_dhcp_client_unref(link->dhcp_client);
574 sd_dhcp_lease_unref(link->dhcp_lease);
575
576 link_lldp_emit_stop(link);
577
578 free(link->lease_file);
579
580 sd_lldp_unref(link->lldp);
581 free(link->lldp_file);
582
583 ndisc_flush(link);
584
585 sd_ipv4ll_unref(link->ipv4ll);
586 sd_dhcp6_client_unref(link->dhcp6_client);
587 sd_ndisc_unref(link->ndisc);
588 sd_radv_unref(link->radv);
589
590 link_detach_from_manager(link);
591
592 free(link->ifname);
593
594 free(link->kind);
595
596 (void) unlink(link->state_file);
597 free(link->state_file);
598
599 sd_device_unref(link->sd_device);
600
601 HASHMAP_FOREACH (carrier, link->bound_to_links, i)
602 hashmap_remove(link->bound_to_links, INT_TO_PTR(carrier->ifindex));
603 hashmap_free(link->bound_to_links);
604
605 HASHMAP_FOREACH (carrier, link->bound_by_links, i)
606 hashmap_remove(link->bound_by_links, INT_TO_PTR(carrier->ifindex));
607 hashmap_free(link->bound_by_links);
608
609 return mfree(link);
610 }
611
612 DEFINE_TRIVIAL_REF_UNREF_FUNC(Link, link, link_free);
613
614 int link_get(Manager *m, int ifindex, Link **ret) {
615 Link *link;
616
617 assert(m);
618 assert(ifindex);
619 assert(ret);
620
621 link = hashmap_get(m->links, INT_TO_PTR(ifindex));
622 if (!link)
623 return -ENODEV;
624
625 *ret = link;
626
627 return 0;
628 }
629
630 static void link_set_state(Link *link, LinkState state) {
631 assert(link);
632
633 if (link->state == state)
634 return;
635
636 link->state = state;
637
638 link_send_changed(link, "AdministrativeState", NULL);
639 }
640
641 static void link_enter_unmanaged(Link *link) {
642 assert(link);
643
644 log_link_debug(link, "Unmanaged");
645
646 link_set_state(link, LINK_STATE_UNMANAGED);
647
648 link_dirty(link);
649 }
650
651 static int link_stop_clients(Link *link) {
652 int r = 0, k;
653
654 assert(link);
655 assert(link->manager);
656 assert(link->manager->event);
657
658 if (link->dhcp_client) {
659 k = sd_dhcp_client_stop(link->dhcp_client);
660 if (k < 0)
661 r = log_link_warning_errno(link, k, "Could not stop DHCPv4 client: %m");
662 }
663
664 if (link->ipv4ll) {
665 k = sd_ipv4ll_stop(link->ipv4ll);
666 if (k < 0)
667 r = log_link_warning_errno(link, k, "Could not stop IPv4 link-local: %m");
668 }
669
670 if (link->dhcp6_client) {
671 k = sd_dhcp6_client_stop(link->dhcp6_client);
672 if (k < 0)
673 r = log_link_warning_errno(link, k, "Could not stop DHCPv6 client: %m");
674 }
675
676 if (link->ndisc) {
677 k = sd_ndisc_stop(link->ndisc);
678 if (k < 0)
679 r = log_link_warning_errno(link, k, "Could not stop IPv6 Router Discovery: %m");
680 }
681
682 if (link->radv) {
683 k = sd_radv_stop(link->radv);
684 if (k < 0)
685 r = log_link_warning_errno(link, k, "Could not stop IPv6 Router Advertisement: %m");
686 }
687
688 link_lldp_emit_stop(link);
689 return r;
690 }
691
692 void link_enter_failed(Link *link) {
693 assert(link);
694
695 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
696 return;
697
698 log_link_warning(link, "Failed");
699
700 link_set_state(link, LINK_STATE_FAILED);
701
702 link_stop_clients(link);
703
704 link_dirty(link);
705 }
706
707 static Address* link_find_dhcp_server_address(Link *link) {
708 Address *address;
709
710 assert(link);
711 assert(link->network);
712
713 /* The first statically configured address if there is any */
714 LIST_FOREACH(addresses, address, link->network->static_addresses) {
715
716 if (address->family != AF_INET)
717 continue;
718
719 if (in_addr_is_null(address->family, &address->in_addr))
720 continue;
721
722 return address;
723 }
724
725 /* If that didn't work, find a suitable address we got from the pool */
726 LIST_FOREACH(addresses, address, link->pool_addresses) {
727 if (address->family != AF_INET)
728 continue;
729
730 return address;
731 }
732
733 return NULL;
734 }
735
736 static void link_enter_configured(Link *link) {
737 assert(link);
738 assert(link->network);
739
740 if (link->state != LINK_STATE_CONFIGURING)
741 return;
742
743 log_link_info(link, "Configured");
744
745 link_set_state(link, LINK_STATE_CONFIGURED);
746
747 link_dirty(link);
748 }
749
750 static int link_request_set_routing_policy_rule(Link *link) {
751 RoutingPolicyRule *rule, *rrule = NULL;
752 int r;
753
754 assert(link);
755 assert(link->network);
756
757 link_set_state(link, LINK_STATE_CONFIGURING);
758 link->routing_policy_rules_configured = false;
759
760 LIST_FOREACH(rules, rule, link->network->rules) {
761 r = routing_policy_rule_get(link->manager, rule->family, &rule->from, rule->from_prefixlen, &rule->to,
762 rule->to_prefixlen, rule->tos, rule->fwmark, rule->table, rule->iif, rule->oif,
763 rule->protocol, &rule->sport, &rule->dport, &rrule);
764 if (r == 0) {
765 (void) routing_policy_rule_make_local(link->manager, rrule);
766 continue;
767 }
768
769 r = routing_policy_rule_configure(rule, link, NULL, false);
770 if (r < 0) {
771 log_link_warning_errno(link, r, "Could not set routing policy rules: %m");
772 link_enter_failed(link);
773 return r;
774 }
775
776 link->routing_policy_rule_messages++;
777 }
778
779 routing_policy_rule_purge(link->manager, link);
780 if (link->routing_policy_rule_messages == 0) {
781 link->routing_policy_rules_configured = true;
782 link_check_ready(link);
783 } else
784 log_link_debug(link, "Setting routing policy rules");
785
786 return 0;
787 }
788
789 static int route_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
790 int r;
791
792 assert(link);
793 assert(link->route_messages > 0);
794 assert(IN_SET(link->state, LINK_STATE_CONFIGURING,
795 LINK_STATE_FAILED, LINK_STATE_LINGER));
796
797 link->route_messages--;
798
799 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
800 return 1;
801
802 r = sd_netlink_message_get_errno(m);
803 if (r < 0 && r != -EEXIST)
804 log_link_warning_errno(link, r, "Could not set route: %m");
805
806 if (link->route_messages == 0) {
807 log_link_debug(link, "Routes set");
808 link->static_routes_configured = true;
809 link_check_ready(link);
810 }
811
812 return 1;
813 }
814
815 static int link_request_set_routes(Link *link) {
816 enum {
817 PHASE_NON_GATEWAY, /* First phase: Routes without a gateway */
818 PHASE_GATEWAY, /* Second phase: Routes with a gateway */
819 _PHASE_MAX
820 } phase;
821 Route *rt;
822 int r;
823
824 assert(link);
825 assert(link->network);
826 assert(link->addresses_configured);
827 assert(link->address_messages == 0);
828 assert(link->state != _LINK_STATE_INVALID);
829
830 link_set_state(link, LINK_STATE_CONFIGURING);
831 link->static_routes_configured = false;
832
833 r = link_request_set_routing_policy_rule(link);
834 if (r < 0)
835 return r;
836
837 /* First add the routes that enable us to talk to gateways, then add in the others that need a gateway. */
838 for (phase = 0; phase < _PHASE_MAX; phase++)
839 LIST_FOREACH(routes, rt, link->network->static_routes) {
840
841 if (in_addr_is_null(rt->family, &rt->gw) != (phase == PHASE_NON_GATEWAY))
842 continue;
843
844 r = route_configure(rt, link, route_handler);
845 if (r < 0) {
846 log_link_warning_errno(link, r, "Could not set routes: %m");
847 link_enter_failed(link);
848 return r;
849 }
850
851 link->route_messages++;
852 }
853
854 if (link->route_messages == 0) {
855 link->static_routes_configured = true;
856 link_check_ready(link);
857 } else
858 log_link_debug(link, "Setting routes");
859
860 return 0;
861 }
862
863 void link_check_ready(Link *link) {
864 Address *a;
865 Iterator i;
866
867 assert(link);
868
869 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
870 return;
871
872 if (!link->network)
873 return;
874
875 if (!link->addresses_configured)
876 return;
877
878 if (!link->neighbors_configured)
879 return;
880
881 SET_FOREACH(a, link->addresses, i)
882 if (!address_is_ready(a))
883 return;
884
885 if (!link->addresses_ready) {
886 link->addresses_ready = true;
887 link_request_set_routes(link);
888 }
889
890 if (!link->static_routes_configured)
891 return;
892
893 if (!link->routing_policy_rules_configured)
894 return;
895
896 if (link_ipv4ll_enabled(link))
897 if (!link->ipv4ll_address ||
898 !link->ipv4ll_route)
899 return;
900
901 if (!link->network->bridge) {
902
903 if (link_ipv6ll_enabled(link) &&
904 in_addr_is_null(AF_INET6, (const union in_addr_union*) &link->ipv6ll_address))
905 return;
906
907 if ((link_dhcp4_enabled(link) && !link_dhcp6_enabled(link) &&
908 !link->dhcp4_configured) ||
909 (link_dhcp6_enabled(link) && !link_dhcp4_enabled(link) &&
910 !link->dhcp6_configured) ||
911 (link_dhcp4_enabled(link) && link_dhcp6_enabled(link) &&
912 !link->dhcp4_configured && !link->dhcp6_configured))
913 return;
914
915 if (link_ipv6_accept_ra_enabled(link) && !link->ndisc_configured)
916 return;
917 }
918
919 if (link->state != LINK_STATE_CONFIGURED)
920 link_enter_configured(link);
921
922 return;
923 }
924
925 static int link_request_set_neighbors(Link *link) {
926 Neighbor *neighbor;
927 int r;
928
929 assert(link);
930 assert(link->network);
931 assert(link->state != _LINK_STATE_INVALID);
932
933 link_set_state(link, LINK_STATE_CONFIGURING);
934 link->neighbors_configured = false;
935
936 LIST_FOREACH(neighbors, neighbor, link->network->neighbors) {
937 r = neighbor_configure(neighbor, link, NULL);
938 if (r < 0) {
939 log_link_warning_errno(link, r, "Could not set neighbor: %m");
940 link_enter_failed(link);
941 return r;
942 }
943 }
944
945 if (link->neighbor_messages == 0) {
946 link->neighbors_configured = true;
947 link_check_ready(link);
948 } else
949 log_link_debug(link, "Setting neighbors");
950
951 return 0;
952 }
953
954 static int address_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
955 int r;
956
957 assert(rtnl);
958 assert(m);
959 assert(link);
960 assert(link->ifname);
961 assert(link->address_messages > 0);
962 assert(IN_SET(link->state, LINK_STATE_CONFIGURING,
963 LINK_STATE_FAILED, LINK_STATE_LINGER));
964
965 link->address_messages--;
966
967 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
968 return 1;
969
970 r = sd_netlink_message_get_errno(m);
971 if (r < 0 && r != -EEXIST)
972 log_link_warning_errno(link, r, "could not set address: %m");
973 else if (r >= 0)
974 manager_rtnl_process_address(rtnl, m, link->manager);
975
976 if (link->address_messages == 0) {
977 log_link_debug(link, "Addresses set");
978 link->addresses_configured = true;
979 link_check_ready(link);
980 }
981
982 return 1;
983 }
984
985 static int link_push_uplink_dns_to_dhcp_server(Link *link, sd_dhcp_server *s) {
986 _cleanup_free_ struct in_addr *addresses = NULL;
987 size_t n_addresses = 0, n_allocated = 0;
988 unsigned i;
989
990 log_debug("Copying DNS server information from %s", link->ifname);
991
992 if (!link->network)
993 return 0;
994
995 for (i = 0; i < link->network->n_dns; i++) {
996 struct in_addr ia;
997
998 /* Only look for IPv4 addresses */
999 if (link->network->dns[i].family != AF_INET)
1000 continue;
1001
1002 ia = link->network->dns[i].address.in;
1003
1004 /* Never propagate obviously borked data */
1005 if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia))
1006 continue;
1007
1008 if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + 1))
1009 return log_oom();
1010
1011 addresses[n_addresses++] = ia;
1012 }
1013
1014 if (link->network->dhcp_use_dns && link->dhcp_lease) {
1015 const struct in_addr *da = NULL;
1016 int n;
1017
1018 n = sd_dhcp_lease_get_dns(link->dhcp_lease, &da);
1019 if (n > 0) {
1020
1021 if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + n))
1022 return log_oom();
1023
1024 memcpy(addresses + n_addresses, da, n * sizeof(struct in_addr));
1025 n_addresses += n;
1026 }
1027 }
1028
1029 if (n_addresses <= 0)
1030 return 0;
1031
1032 return sd_dhcp_server_set_dns(s, addresses, n_addresses);
1033 }
1034
1035 static int link_push_uplink_ntp_to_dhcp_server(Link *link, sd_dhcp_server *s) {
1036 _cleanup_free_ struct in_addr *addresses = NULL;
1037 size_t n_addresses = 0, n_allocated = 0;
1038 char **a;
1039
1040 if (!link->network)
1041 return 0;
1042
1043 log_debug("Copying NTP server information from %s", link->ifname);
1044
1045 STRV_FOREACH(a, link->network->ntp) {
1046 struct in_addr ia;
1047
1048 /* Only look for IPv4 addresses */
1049 if (inet_pton(AF_INET, *a, &ia) <= 0)
1050 continue;
1051
1052 /* Never propagate obviously borked data */
1053 if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia))
1054 continue;
1055
1056 if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + 1))
1057 return log_oom();
1058
1059 addresses[n_addresses++] = ia;
1060 }
1061
1062 if (link->network->dhcp_use_ntp && link->dhcp_lease) {
1063 const struct in_addr *da = NULL;
1064 int n;
1065
1066 n = sd_dhcp_lease_get_ntp(link->dhcp_lease, &da);
1067 if (n > 0) {
1068
1069 if (!GREEDY_REALLOC(addresses, n_allocated, n_addresses + n))
1070 return log_oom();
1071
1072 memcpy(addresses + n_addresses, da, n * sizeof(struct in_addr));
1073 n_addresses += n;
1074 }
1075 }
1076
1077 if (n_addresses <= 0)
1078 return 0;
1079
1080 return sd_dhcp_server_set_ntp(s, addresses, n_addresses);
1081 }
1082
1083 static int link_set_bridge_fdb(Link *link) {
1084 FdbEntry *fdb_entry;
1085 int r;
1086
1087 LIST_FOREACH(static_fdb_entries, fdb_entry, link->network->static_fdb_entries) {
1088 r = fdb_entry_configure(link, fdb_entry);
1089 if (r < 0)
1090 return log_link_error_errno(link, r, "Failed to add MAC entry to static MAC table: %m");
1091 }
1092
1093 return 0;
1094 }
1095
1096 static int link_request_set_addresses(Link *link) {
1097 AddressLabel *label;
1098 Address *ad;
1099 int r;
1100
1101 assert(link);
1102 assert(link->network);
1103 assert(link->state != _LINK_STATE_INVALID);
1104
1105 link_set_state(link, LINK_STATE_CONFIGURING);
1106
1107 /* Reset all *_configured flags we are configuring. */
1108 link->addresses_configured = false;
1109 link->addresses_ready = false;
1110 link->neighbors_configured = false;
1111 link->static_routes_configured = false;
1112 link->routing_policy_rules_configured = false;
1113
1114 r = link_set_bridge_fdb(link);
1115 if (r < 0)
1116 return r;
1117
1118 r = link_request_set_neighbors(link);
1119 if (r < 0)
1120 return r;
1121
1122 LIST_FOREACH(addresses, ad, link->network->static_addresses) {
1123 bool update;
1124
1125 update = address_get(link, ad->family, &ad->in_addr, ad->prefixlen, NULL) > 0;
1126
1127 r = address_configure(ad, link, address_handler, update);
1128 if (r < 0) {
1129 log_link_warning_errno(link, r, "Could not set addresses: %m");
1130 link_enter_failed(link);
1131 return r;
1132 }
1133
1134 link->address_messages++;
1135 }
1136
1137 LIST_FOREACH(labels, label, link->network->address_labels) {
1138 r = address_label_configure(label, link, NULL, false);
1139 if (r < 0) {
1140 log_link_warning_errno(link, r, "Could not set address label: %m");
1141 link_enter_failed(link);
1142 return r;
1143 }
1144
1145 link->address_label_messages++;
1146 }
1147
1148 /* now that we can figure out a default address for the dhcp server,
1149 start it */
1150 if (link_dhcp4_server_enabled(link) && (link->flags & IFF_UP)) {
1151 Address *address;
1152 Link *uplink = NULL;
1153 bool acquired_uplink = false;
1154
1155 address = link_find_dhcp_server_address(link);
1156 if (!address) {
1157 log_link_warning(link, "Failed to find suitable address for DHCPv4 server instance.");
1158 link_enter_failed(link);
1159 return 0;
1160 }
1161
1162 /* use the server address' subnet as the pool */
1163 r = sd_dhcp_server_configure_pool(link->dhcp_server, &address->in_addr.in, address->prefixlen,
1164 link->network->dhcp_server_pool_offset, link->network->dhcp_server_pool_size);
1165 if (r < 0)
1166 return r;
1167
1168 /* TODO:
1169 r = sd_dhcp_server_set_router(link->dhcp_server,
1170 &main_address->in_addr.in);
1171 if (r < 0)
1172 return r;
1173 */
1174
1175 if (link->network->dhcp_server_max_lease_time_usec > 0) {
1176 r = sd_dhcp_server_set_max_lease_time(
1177 link->dhcp_server,
1178 DIV_ROUND_UP(link->network->dhcp_server_max_lease_time_usec, USEC_PER_SEC));
1179 if (r < 0)
1180 return r;
1181 }
1182
1183 if (link->network->dhcp_server_default_lease_time_usec > 0) {
1184 r = sd_dhcp_server_set_default_lease_time(
1185 link->dhcp_server,
1186 DIV_ROUND_UP(link->network->dhcp_server_default_lease_time_usec, USEC_PER_SEC));
1187 if (r < 0)
1188 return r;
1189 }
1190
1191 if (link->network->dhcp_server_emit_dns) {
1192
1193 if (link->network->n_dhcp_server_dns > 0)
1194 r = sd_dhcp_server_set_dns(link->dhcp_server, link->network->dhcp_server_dns, link->network->n_dhcp_server_dns);
1195 else {
1196 uplink = manager_find_uplink(link->manager, link);
1197 acquired_uplink = true;
1198
1199 if (!uplink) {
1200 log_link_debug(link, "Not emitting DNS server information on link, couldn't find suitable uplink.");
1201 r = 0;
1202 } else
1203 r = link_push_uplink_dns_to_dhcp_server(uplink, link->dhcp_server);
1204 }
1205 if (r < 0)
1206 log_link_warning_errno(link, r, "Failed to set DNS server for DHCP server, ignoring: %m");
1207 }
1208
1209 if (link->network->dhcp_server_emit_ntp) {
1210
1211 if (link->network->n_dhcp_server_ntp > 0)
1212 r = sd_dhcp_server_set_ntp(link->dhcp_server, link->network->dhcp_server_ntp, link->network->n_dhcp_server_ntp);
1213 else {
1214 if (!acquired_uplink)
1215 uplink = manager_find_uplink(link->manager, link);
1216
1217 if (!uplink) {
1218 log_link_debug(link, "Not emitting NTP server information on link, couldn't find suitable uplink.");
1219 r = 0;
1220 } else
1221 r = link_push_uplink_ntp_to_dhcp_server(uplink, link->dhcp_server);
1222
1223 }
1224 if (r < 0)
1225 log_link_warning_errno(link, r, "Failed to set NTP server for DHCP server, ignoring: %m");
1226 }
1227
1228 r = sd_dhcp_server_set_emit_router(link->dhcp_server, link->network->dhcp_server_emit_router);
1229 if (r < 0)
1230 return log_link_warning_errno(link, r, "Failed to set router emission for DHCP server: %m");
1231
1232 if (link->network->dhcp_server_emit_timezone) {
1233 _cleanup_free_ char *buffer = NULL;
1234 const char *tz = NULL;
1235
1236 if (link->network->dhcp_server_timezone)
1237 tz = link->network->dhcp_server_timezone;
1238 else {
1239 r = get_timezone(&buffer);
1240 if (r < 0)
1241 log_warning_errno(r, "Failed to determine timezone: %m");
1242 else
1243 tz = buffer;
1244 }
1245
1246 if (tz) {
1247 r = sd_dhcp_server_set_timezone(link->dhcp_server, tz);
1248 if (r < 0)
1249 return r;
1250 }
1251 }
1252 if (!sd_dhcp_server_is_running(link->dhcp_server)) {
1253 r = sd_dhcp_server_start(link->dhcp_server);
1254 if (r < 0) {
1255 log_link_warning_errno(link, r, "Could not start DHCPv4 server instance: %m");
1256
1257 link_enter_failed(link);
1258
1259 return 0;
1260 }
1261 }
1262
1263 log_link_debug(link, "Offering DHCPv4 leases");
1264 }
1265
1266 if (link->address_messages == 0) {
1267 link->addresses_configured = true;
1268 link_check_ready(link);
1269 } else
1270 log_link_debug(link, "Setting addresses");
1271
1272 return 0;
1273 }
1274
1275 static int link_set_bridge_vlan(Link *link) {
1276 int r = 0;
1277
1278 r = br_vlan_configure(link, link->network->pvid, link->network->br_vid_bitmap, link->network->br_untagged_bitmap);
1279 if (r < 0)
1280 log_link_error_errno(link, r, "Failed to assign VLANs to bridge port: %m");
1281
1282 return r;
1283 }
1284
1285 static int link_set_proxy_arp(Link *link) {
1286 const char *p = NULL;
1287 int r;
1288
1289 if (!link_proxy_arp_enabled(link))
1290 return 0;
1291
1292 p = strjoina("/proc/sys/net/ipv4/conf/", link->ifname, "/proxy_arp");
1293
1294 r = write_string_file(p, one_zero(link->network->proxy_arp), WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
1295 if (r < 0)
1296 log_link_warning_errno(link, r, "Cannot configure proxy ARP for interface: %m");
1297
1298 return 0;
1299 }
1300
1301 static int link_set_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1302 int r;
1303
1304 assert(link);
1305
1306 log_link_debug(link, "Set link");
1307
1308 r = sd_netlink_message_get_errno(m);
1309 if (r < 0 && r != -EEXIST) {
1310 log_link_error_errno(link, r, "Could not join netdev: %m");
1311 link_enter_failed(link);
1312 }
1313
1314 return 1;
1315 }
1316
1317 static int link_configure_after_setting_mtu(Link *link);
1318
1319 static int set_mtu_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1320 int r;
1321
1322 assert(m);
1323 assert(link);
1324 assert(link->ifname);
1325
1326 link->setting_mtu = false;
1327
1328 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1329 return 1;
1330
1331 r = sd_netlink_message_get_errno(m);
1332 if (r < 0) {
1333 log_link_warning_errno(link, r, "Could not set MTU: %m");
1334 return 1;
1335 }
1336
1337 log_link_debug(link, "Setting MTU done.");
1338
1339 if (link->state == LINK_STATE_PENDING)
1340 (void) link_configure_after_setting_mtu(link);
1341
1342 return 1;
1343 }
1344
1345 int link_set_mtu(Link *link, uint32_t mtu) {
1346 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1347 int r;
1348
1349 assert(link);
1350 assert(link->manager);
1351 assert(link->manager->rtnl);
1352
1353 if (link->mtu == mtu || link->setting_mtu)
1354 return 0;
1355
1356 log_link_debug(link, "Setting MTU: %" PRIu32, mtu);
1357
1358 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1359 if (r < 0)
1360 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1361
1362 /* If IPv6 not configured (no static IPv6 address and IPv6LL autoconfiguration is disabled)
1363 * for this interface, or if it is a bridge slave, then disable IPv6 else enable it. */
1364 (void) link_enable_ipv6(link);
1365
1366 /* IPv6 protocol requires a minimum MTU of IPV6_MTU_MIN(1280) bytes
1367 * on the interface. Bump up MTU bytes to IPV6_MTU_MIN. */
1368 if (link_ipv6_enabled(link) && mtu < IPV6_MIN_MTU) {
1369
1370 log_link_warning(link, "Bumping MTU to " STRINGIFY(IPV6_MIN_MTU) ", as "
1371 "IPv6 is requested and requires a minimum MTU of " STRINGIFY(IPV6_MIN_MTU) " bytes: %m");
1372
1373 mtu = IPV6_MIN_MTU;
1374 }
1375
1376 r = sd_netlink_message_append_u32(req, IFLA_MTU, mtu);
1377 if (r < 0)
1378 return log_link_error_errno(link, r, "Could not append MTU: %m");
1379
1380 r = netlink_call_async(link->manager->rtnl, NULL, req, set_mtu_handler,
1381 link_netlink_destroy_callback, link);
1382 if (r < 0)
1383 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1384
1385 link_ref(link);
1386 link->setting_mtu = true;
1387
1388 return 0;
1389 }
1390
1391 static int set_flags_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1392 int r;
1393
1394 assert(m);
1395 assert(link);
1396 assert(link->ifname);
1397
1398 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1399 return 1;
1400
1401 r = sd_netlink_message_get_errno(m);
1402 if (r < 0)
1403 log_link_warning_errno(link, r, "Could not set link flags: %m");
1404
1405 return 1;
1406 }
1407
1408 static int link_set_flags(Link *link) {
1409 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1410 unsigned ifi_change = 0;
1411 unsigned ifi_flags = 0;
1412 int r;
1413
1414 assert(link);
1415 assert(link->manager);
1416 assert(link->manager->rtnl);
1417
1418 if (link->flags & IFF_LOOPBACK)
1419 return 0;
1420
1421 if (!link->network)
1422 return 0;
1423
1424 if (link->network->arp < 0 && link->network->multicast < 0 && link->network->allmulticast < 0)
1425 return 0;
1426
1427 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1428 if (r < 0)
1429 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1430
1431 if (link->network->arp >= 0) {
1432 ifi_change |= IFF_NOARP;
1433 SET_FLAG(ifi_flags, IFF_NOARP, link->network->arp == 0);
1434 }
1435
1436 if (link->network->multicast >= 0) {
1437 ifi_change |= IFF_MULTICAST;
1438 SET_FLAG(ifi_flags, IFF_MULTICAST, link->network->multicast);
1439 }
1440
1441 if (link->network->allmulticast >= 0) {
1442 ifi_change |= IFF_ALLMULTI;
1443 SET_FLAG(ifi_flags, IFF_ALLMULTI, link->network->allmulticast);
1444 }
1445
1446 r = sd_rtnl_message_link_set_flags(req, ifi_flags, ifi_change);
1447 if (r < 0)
1448 return log_link_error_errno(link, r, "Could not set link flags: %m");
1449
1450 r = netlink_call_async(link->manager->rtnl, NULL, req, set_flags_handler,
1451 link_netlink_destroy_callback, link);
1452 if (r < 0)
1453 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1454
1455 link_ref(link);
1456
1457 return 0;
1458 }
1459
1460 static int link_set_bridge(Link *link) {
1461 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1462 int r;
1463
1464 assert(link);
1465 assert(link->network);
1466
1467 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1468 if (r < 0)
1469 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1470
1471 r = sd_rtnl_message_link_set_family(req, PF_BRIDGE);
1472 if (r < 0)
1473 return log_link_error_errno(link, r, "Could not set message family: %m");
1474
1475 r = sd_netlink_message_open_container(req, IFLA_PROTINFO);
1476 if (r < 0)
1477 return log_link_error_errno(link, r, "Could not append IFLA_PROTINFO attribute: %m");
1478
1479 if (link->network->use_bpdu >= 0) {
1480 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_GUARD, link->network->use_bpdu);
1481 if (r < 0)
1482 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_GUARD attribute: %m");
1483 }
1484
1485 if (link->network->hairpin >= 0) {
1486 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MODE, link->network->hairpin);
1487 if (r < 0)
1488 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_MODE attribute: %m");
1489 }
1490
1491 if (link->network->fast_leave >= 0) {
1492 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_FAST_LEAVE, link->network->fast_leave);
1493 if (r < 0)
1494 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_FAST_LEAVE attribute: %m");
1495 }
1496
1497 if (link->network->allow_port_to_be_root >= 0) {
1498 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_PROTECT, link->network->allow_port_to_be_root);
1499 if (r < 0)
1500 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_PROTECT attribute: %m");
1501
1502 }
1503
1504 if (link->network->unicast_flood >= 0) {
1505 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_UNICAST_FLOOD, link->network->unicast_flood);
1506 if (r < 0)
1507 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_UNICAST_FLOOD attribute: %m");
1508 }
1509
1510 if (link->network->multicast_to_unicast >= 0) {
1511 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MCAST_TO_UCAST, link->network->multicast_to_unicast);
1512 if (r < 0)
1513 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_MCAST_TO_UCAST attribute: %m");
1514 }
1515
1516 if (link->network->cost != 0) {
1517 r = sd_netlink_message_append_u32(req, IFLA_BRPORT_COST, link->network->cost);
1518 if (r < 0)
1519 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_COST attribute: %m");
1520 }
1521
1522 if (link->network->priority != LINK_BRIDGE_PORT_PRIORITY_INVALID) {
1523 r = sd_netlink_message_append_u16(req, IFLA_BRPORT_PRIORITY, link->network->priority);
1524 if (r < 0)
1525 return log_link_error_errno(link, r, "Could not append IFLA_BRPORT_PRIORITY attribute: %m");
1526 }
1527
1528 r = sd_netlink_message_close_container(req);
1529 if (r < 0)
1530 return log_link_error_errno(link, r, "Could not append IFLA_LINKINFO attribute: %m");
1531
1532 r = netlink_call_async(link->manager->rtnl, NULL, req, link_set_handler,
1533 link_netlink_destroy_callback, link);
1534 if (r < 0)
1535 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1536
1537 link_ref(link);
1538
1539 return r;
1540 }
1541
1542 static int link_bond_set(Link *link) {
1543 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1544 int r;
1545
1546 assert(link);
1547 assert(link->network);
1548
1549 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_NEWLINK, link->network->bond->ifindex);
1550 if (r < 0)
1551 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1552
1553 r = sd_netlink_message_set_flags(req, NLM_F_REQUEST | NLM_F_ACK);
1554 if (r < 0)
1555 return log_link_error_errno(link, r, "Could not set netlink flags: %m");
1556
1557 r = sd_netlink_message_open_container(req, IFLA_LINKINFO);
1558 if (r < 0)
1559 return log_link_error_errno(link, r, "Could not append IFLA_PROTINFO attribute: %m");
1560
1561 r = sd_netlink_message_open_container_union(req, IFLA_INFO_DATA, "bond");
1562 if (r < 0)
1563 return log_link_error_errno(link, r, "Could not append IFLA_INFO_DATA attribute: %m");
1564
1565 if (link->network->active_slave) {
1566 r = sd_netlink_message_append_u32(req, IFLA_BOND_ACTIVE_SLAVE, link->ifindex);
1567 if (r < 0)
1568 return log_link_error_errno(link, r, "Could not append IFLA_BOND_ACTIVE_SLAVE attribute: %m");
1569 }
1570
1571 if (link->network->primary_slave) {
1572 r = sd_netlink_message_append_u32(req, IFLA_BOND_PRIMARY, link->ifindex);
1573 if (r < 0)
1574 return log_link_error_errno(link, r, "Could not append IFLA_BOND_PRIMARY attribute: %m");
1575 }
1576
1577 r = sd_netlink_message_close_container(req);
1578 if (r < 0)
1579 return log_link_error_errno(link, r, "Could not append IFLA_LINKINFO attribute: %m");
1580
1581 r = sd_netlink_message_close_container(req);
1582 if (r < 0)
1583 return log_link_error_errno(link, r, "Could not append IFLA_INFO_DATA attribute: %m");
1584
1585 r = netlink_call_async(link->manager->rtnl, NULL, req, set_flags_handler,
1586 link_netlink_destroy_callback, link);
1587 if (r < 0)
1588 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1589
1590 link_ref(link);
1591
1592 return r;
1593 }
1594
1595 static int link_lldp_save(Link *link) {
1596 _cleanup_free_ char *temp_path = NULL;
1597 _cleanup_fclose_ FILE *f = NULL;
1598 sd_lldp_neighbor **l = NULL;
1599 int n = 0, r, i;
1600
1601 assert(link);
1602 assert(link->lldp_file);
1603
1604 if (!link->lldp) {
1605 (void) unlink(link->lldp_file);
1606 return 0;
1607 }
1608
1609 r = sd_lldp_get_neighbors(link->lldp, &l);
1610 if (r < 0)
1611 goto finish;
1612 if (r == 0) {
1613 (void) unlink(link->lldp_file);
1614 goto finish;
1615 }
1616
1617 n = r;
1618
1619 r = fopen_temporary(link->lldp_file, &f, &temp_path);
1620 if (r < 0)
1621 goto finish;
1622
1623 fchmod(fileno(f), 0644);
1624
1625 for (i = 0; i < n; i++) {
1626 const void *p;
1627 le64_t u;
1628 size_t sz;
1629
1630 r = sd_lldp_neighbor_get_raw(l[i], &p, &sz);
1631 if (r < 0)
1632 goto finish;
1633
1634 u = htole64(sz);
1635 (void) fwrite(&u, 1, sizeof(u), f);
1636 (void) fwrite(p, 1, sz, f);
1637 }
1638
1639 r = fflush_and_check(f);
1640 if (r < 0)
1641 goto finish;
1642
1643 if (rename(temp_path, link->lldp_file) < 0) {
1644 r = -errno;
1645 goto finish;
1646 }
1647
1648 finish:
1649 if (r < 0) {
1650 (void) unlink(link->lldp_file);
1651 if (temp_path)
1652 (void) unlink(temp_path);
1653
1654 log_link_error_errno(link, r, "Failed to save LLDP data to %s: %m", link->lldp_file);
1655 }
1656
1657 if (l) {
1658 for (i = 0; i < n; i++)
1659 sd_lldp_neighbor_unref(l[i]);
1660 free(l);
1661 }
1662
1663 return r;
1664 }
1665
1666 static void lldp_handler(sd_lldp *lldp, sd_lldp_event event, sd_lldp_neighbor *n, void *userdata) {
1667 Link *link = userdata;
1668 int r;
1669
1670 assert(link);
1671
1672 (void) link_lldp_save(link);
1673
1674 if (link_lldp_emit_enabled(link) && event == SD_LLDP_EVENT_ADDED) {
1675 /* If we received information about a new neighbor, restart the LLDP "fast" logic */
1676
1677 log_link_debug(link, "Received LLDP datagram from previously unknown neighbor, restarting 'fast' LLDP transmission.");
1678
1679 r = link_lldp_emit_start(link);
1680 if (r < 0)
1681 log_link_warning_errno(link, r, "Failed to restart LLDP transmission: %m");
1682 }
1683 }
1684
1685 static int link_acquire_ipv6_conf(Link *link) {
1686 int r;
1687
1688 assert(link);
1689
1690 if (link_ipv6_accept_ra_enabled(link)) {
1691 assert(link->ndisc);
1692
1693 log_link_debug(link, "Discovering IPv6 routers");
1694
1695 r = sd_ndisc_start(link->ndisc);
1696 if (r < 0 && r != -EBUSY)
1697 return log_link_warning_errno(link, r, "Could not start IPv6 Router Discovery: %m");
1698 }
1699
1700 if (link_radv_enabled(link)) {
1701 assert(link->radv);
1702 assert(in_addr_is_link_local(AF_INET6, (const union in_addr_union*)&link->ipv6ll_address) > 0);
1703
1704 log_link_debug(link, "Starting IPv6 Router Advertisements");
1705
1706 r = sd_radv_start(link->radv);
1707 if (r < 0 && r != -EBUSY)
1708 return log_link_warning_errno(link, r, "Could not start IPv6 Router Advertisement: %m");
1709 }
1710
1711 (void) dhcp6_request_prefix_delegation(link);
1712
1713 return 0;
1714 }
1715
1716 static int link_acquire_ipv4_conf(Link *link) {
1717 int r;
1718
1719 assert(link);
1720 assert(link->network);
1721 assert(link->manager);
1722 assert(link->manager->event);
1723
1724 if (link_ipv4ll_enabled(link)) {
1725 assert(link->ipv4ll);
1726
1727 log_link_debug(link, "Acquiring IPv4 link-local address");
1728
1729 r = sd_ipv4ll_start(link->ipv4ll);
1730 if (r < 0)
1731 return log_link_warning_errno(link, r, "Could not acquire IPv4 link-local address: %m");
1732 }
1733
1734 if (link_dhcp4_enabled(link)) {
1735 assert(link->dhcp_client);
1736
1737 log_link_debug(link, "Acquiring DHCPv4 lease");
1738
1739 r = sd_dhcp_client_start(link->dhcp_client);
1740 if (r < 0)
1741 return log_link_warning_errno(link, r, "Could not acquire DHCPv4 lease: %m");
1742 }
1743
1744 return 0;
1745 }
1746
1747 static int link_acquire_conf(Link *link) {
1748 int r;
1749
1750 assert(link);
1751
1752 r = link_acquire_ipv4_conf(link);
1753 if (r < 0)
1754 return r;
1755
1756 if (!in_addr_is_null(AF_INET6, (const union in_addr_union*) &link->ipv6ll_address)) {
1757 r = link_acquire_ipv6_conf(link);
1758 if (r < 0)
1759 return r;
1760 }
1761
1762 if (link_lldp_emit_enabled(link)) {
1763 r = link_lldp_emit_start(link);
1764 if (r < 0)
1765 return log_link_warning_errno(link, r, "Failed to start LLDP transmission: %m");
1766 }
1767
1768 return 0;
1769 }
1770
1771 bool link_has_carrier(Link *link) {
1772 /* see Documentation/networking/operstates.txt in the kernel sources */
1773
1774 if (link->kernel_operstate == IF_OPER_UP)
1775 return true;
1776
1777 if (link->kernel_operstate == IF_OPER_UNKNOWN)
1778 /* operstate may not be implemented, so fall back to flags */
1779 if ((link->flags & IFF_LOWER_UP) && !(link->flags & IFF_DORMANT))
1780 return true;
1781
1782 return false;
1783 }
1784
1785 static int link_address_genmode_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1786 int r;
1787
1788 assert(link);
1789
1790 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1791 return 1;
1792
1793 r = sd_netlink_message_get_errno(m);
1794 if (r < 0)
1795 log_link_warning_errno(link, r, "Could not set address genmode for interface: %m");
1796
1797 return 1;
1798 }
1799
1800 static int link_configure_addrgen_mode(Link *link) {
1801 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1802 uint8_t ipv6ll_mode;
1803 int r;
1804
1805 assert(link);
1806 assert(link->network);
1807 assert(link->manager);
1808 assert(link->manager->rtnl);
1809
1810 log_link_debug(link, "Setting address genmode for link");
1811
1812 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1813 if (r < 0)
1814 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1815
1816 r = sd_netlink_message_open_container(req, IFLA_AF_SPEC);
1817 if (r < 0)
1818 return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m");
1819
1820 r = sd_netlink_message_open_container(req, AF_INET6);
1821 if (r < 0)
1822 return log_link_error_errno(link, r, "Could not open AF_INET6 container: %m");
1823
1824 if (!link_ipv6ll_enabled(link))
1825 ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE;
1826 else {
1827 const char *p = NULL;
1828 _cleanup_free_ char *stable_secret = NULL;
1829
1830 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/stable_secret");
1831
1832 /* The file may not exist. And event if it exists, when stable_secret is unset,
1833 * then reading the file fails and EIO is returned. */
1834 r = read_one_line_file(p, &stable_secret);
1835 if (r < 0)
1836 ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64;
1837 else
1838 ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
1839 }
1840
1841 r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode);
1842 if (r < 0)
1843 return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m");
1844
1845 r = sd_netlink_message_close_container(req);
1846 if (r < 0)
1847 return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m");
1848
1849 r = sd_netlink_message_close_container(req);
1850 if (r < 0)
1851 return log_link_error_errno(link, r, "Could not close IFLA_AF_SPEC container: %m");
1852
1853 r = netlink_call_async(link->manager->rtnl, NULL, req, link_address_genmode_handler,
1854 link_netlink_destroy_callback, link);
1855 if (r < 0)
1856 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1857
1858 link_ref(link);
1859
1860 return 0;
1861 }
1862
1863 static int link_up_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1864 int r;
1865
1866 assert(link);
1867
1868 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1869 return 1;
1870
1871 r = sd_netlink_message_get_errno(m);
1872 if (r < 0)
1873 /* we warn but don't fail the link, as it may be brought up later */
1874 log_link_warning_errno(link, r, "Could not bring up interface: %m");
1875
1876 return 1;
1877 }
1878
1879 static int link_up(Link *link) {
1880 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1881 int r;
1882
1883 assert(link);
1884 assert(link->network);
1885 assert(link->manager);
1886 assert(link->manager->rtnl);
1887
1888 log_link_debug(link, "Bringing link up");
1889
1890 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1891 if (r < 0)
1892 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1893
1894 /* set it free if not enslaved with networkd */
1895 if (!link->network->bridge && !link->network->bond && !link->network->vrf) {
1896 r = sd_netlink_message_append_u32(req, IFLA_MASTER, 0);
1897 if (r < 0)
1898 return log_link_error_errno(link, r, "Could not append IFLA_MASTER attribute: %m");
1899 }
1900
1901 r = sd_rtnl_message_link_set_flags(req, IFF_UP, IFF_UP);
1902 if (r < 0)
1903 return log_link_error_errno(link, r, "Could not set link flags: %m");
1904
1905 if (link->network->mac) {
1906 r = sd_netlink_message_append_ether_addr(req, IFLA_ADDRESS, link->network->mac);
1907 if (r < 0)
1908 return log_link_error_errno(link, r, "Could not set MAC address: %m");
1909 }
1910
1911 if (link_ipv6_enabled(link)) {
1912 r = sd_netlink_message_open_container(req, IFLA_AF_SPEC);
1913 if (r < 0)
1914 return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m");
1915
1916 /* if the kernel lacks ipv6 support setting IFF_UP fails if any ipv6 options are passed */
1917 r = sd_netlink_message_open_container(req, AF_INET6);
1918 if (r < 0)
1919 return log_link_error_errno(link, r, "Could not open AF_INET6 container: %m");
1920
1921 if (!in_addr_is_null(AF_INET6, &link->network->ipv6_token)) {
1922 r = sd_netlink_message_append_in6_addr(req, IFLA_INET6_TOKEN, &link->network->ipv6_token.in6);
1923 if (r < 0)
1924 return log_link_error_errno(link, r, "Could not append IFLA_INET6_TOKEN: %m");
1925 }
1926
1927 r = sd_netlink_message_close_container(req);
1928 if (r < 0)
1929 return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m");
1930
1931 r = sd_netlink_message_close_container(req);
1932 if (r < 0)
1933 return log_link_error_errno(link, r, "Could not close IFLA_AF_SPEC container: %m");
1934 }
1935
1936 r = netlink_call_async(link->manager->rtnl, NULL, req, link_up_handler,
1937 link_netlink_destroy_callback, link);
1938 if (r < 0)
1939 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1940
1941 link_ref(link);
1942
1943 return 0;
1944 }
1945
1946 static int link_up_can(Link *link) {
1947 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1948 int r;
1949
1950 assert(link);
1951
1952 log_link_debug(link, "Bringing CAN link up");
1953
1954 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1955 if (r < 0)
1956 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1957
1958 r = sd_rtnl_message_link_set_flags(req, IFF_UP, IFF_UP);
1959 if (r < 0)
1960 return log_link_error_errno(link, r, "Could not set link flags: %m");
1961
1962 r = netlink_call_async(link->manager->rtnl, NULL, req, link_up_handler,
1963 link_netlink_destroy_callback, link);
1964 if (r < 0)
1965 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
1966
1967 link_ref(link);
1968
1969 return 0;
1970 }
1971
1972 static int link_set_can(Link *link) {
1973 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
1974 int r;
1975
1976 assert(link);
1977 assert(link->network);
1978 assert(link->manager);
1979 assert(link->manager->rtnl);
1980
1981 log_link_debug(link, "link_set_can");
1982
1983 r = sd_rtnl_message_new_link(link->manager->rtnl, &m, RTM_NEWLINK, link->ifindex);
1984 if (r < 0)
1985 return log_link_error_errno(link, r, "Failed to allocate netlink message: %m");
1986
1987 r = sd_netlink_message_set_flags(m, NLM_F_REQUEST | NLM_F_ACK);
1988 if (r < 0)
1989 return log_link_error_errno(link, r, "Could not set netlink flags: %m");
1990
1991 r = sd_netlink_message_open_container(m, IFLA_LINKINFO);
1992 if (r < 0)
1993 return log_link_error_errno(link, r, "Failed to open netlink container: %m");
1994
1995 r = sd_netlink_message_open_container_union(m, IFLA_INFO_DATA, link->kind);
1996 if (r < 0)
1997 return log_link_error_errno(link, r, "Could not append IFLA_INFO_DATA attribute: %m");
1998
1999 if (link->network->can_bitrate > 0 || link->network->can_sample_point > 0) {
2000 struct can_bittiming bt = {
2001 .bitrate = link->network->can_bitrate,
2002 .sample_point = link->network->can_sample_point,
2003 };
2004
2005 if (link->network->can_bitrate > UINT32_MAX) {
2006 log_link_error(link, "bitrate (%zu) too big.", link->network->can_bitrate);
2007 return -ERANGE;
2008 }
2009
2010 log_link_debug(link, "Setting bitrate = %d bit/s", bt.bitrate);
2011 if (link->network->can_sample_point > 0)
2012 log_link_debug(link, "Setting sample point = %d.%d%%", bt.sample_point / 10, bt.sample_point % 10);
2013 else
2014 log_link_debug(link, "Using default sample point");
2015
2016 r = sd_netlink_message_append_data(m, IFLA_CAN_BITTIMING, &bt, sizeof(bt));
2017 if (r < 0)
2018 return log_link_error_errno(link, r, "Could not append IFLA_CAN_BITTIMING attribute: %m");
2019 }
2020
2021 if (link->network->can_restart_us > 0) {
2022 char time_string[FORMAT_TIMESPAN_MAX];
2023 uint64_t restart_ms;
2024
2025 if (link->network->can_restart_us == USEC_INFINITY)
2026 restart_ms = 0;
2027 else
2028 restart_ms = DIV_ROUND_UP(link->network->can_restart_us, USEC_PER_MSEC);
2029
2030 format_timespan(time_string, FORMAT_TIMESPAN_MAX, restart_ms * 1000, MSEC_PER_SEC);
2031
2032 if (restart_ms > UINT32_MAX) {
2033 log_link_error(link, "restart timeout (%s) too big.", time_string);
2034 return -ERANGE;
2035 }
2036
2037 log_link_debug(link, "Setting restart = %s", time_string);
2038
2039 r = sd_netlink_message_append_u32(m, IFLA_CAN_RESTART_MS, restart_ms);
2040 if (r < 0)
2041 return log_link_error_errno(link, r, "Could not append IFLA_CAN_RESTART_MS attribute: %m");
2042 }
2043
2044 r = sd_netlink_message_close_container(m);
2045 if (r < 0)
2046 return log_link_error_errno(link, r, "Failed to close netlink container: %m");
2047
2048 r = sd_netlink_message_close_container(m);
2049 if (r < 0)
2050 return log_link_error_errno(link, r, "Failed to close netlink container: %m");
2051
2052 r = netlink_call_async(link->manager->rtnl, NULL, m, link_set_handler,
2053 link_netlink_destroy_callback, link);
2054 if (r < 0)
2055 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
2056
2057 link_ref(link);
2058
2059 if (!(link->flags & IFF_UP)) {
2060 r = link_up_can(link);
2061 if (r < 0) {
2062 link_enter_failed(link);
2063 return r;
2064 }
2065 }
2066
2067 log_link_debug(link, "link_set_can done");
2068
2069 return r;
2070 }
2071
2072 static int link_down_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
2073 int r;
2074
2075 assert(link);
2076
2077 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
2078 return 1;
2079
2080 r = sd_netlink_message_get_errno(m);
2081 if (r < 0)
2082 log_link_warning_errno(link, r, "Could not bring down interface: %m");
2083
2084 if (streq_ptr(link->kind, "can"))
2085 link_set_can(link);
2086
2087 return 1;
2088 }
2089
2090 int link_down(Link *link) {
2091 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
2092 int r;
2093
2094 assert(link);
2095 assert(link->manager);
2096 assert(link->manager->rtnl);
2097
2098 log_link_debug(link, "Bringing link down");
2099
2100 r = sd_rtnl_message_new_link(link->manager->rtnl, &req,
2101 RTM_SETLINK, link->ifindex);
2102 if (r < 0)
2103 return log_link_error_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
2104
2105 r = sd_rtnl_message_link_set_flags(req, 0, IFF_UP);
2106 if (r < 0)
2107 return log_link_error_errno(link, r, "Could not set link flags: %m");
2108
2109 r = netlink_call_async(link->manager->rtnl, NULL, req, link_down_handler,
2110 link_netlink_destroy_callback, link);
2111 if (r < 0)
2112 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
2113
2114 link_ref(link);
2115
2116 return 0;
2117 }
2118
2119 static int link_handle_bound_to_list(Link *link) {
2120 Link *l;
2121 Iterator i;
2122 int r;
2123 bool required_up = false;
2124 bool link_is_up = false;
2125
2126 assert(link);
2127
2128 if (hashmap_isempty(link->bound_to_links))
2129 return 0;
2130
2131 if (link->flags & IFF_UP)
2132 link_is_up = true;
2133
2134 HASHMAP_FOREACH (l, link->bound_to_links, i)
2135 if (link_has_carrier(l)) {
2136 required_up = true;
2137 break;
2138 }
2139
2140 if (!required_up && link_is_up) {
2141 r = link_down(link);
2142 if (r < 0)
2143 return r;
2144 } else if (required_up && !link_is_up) {
2145 r = link_up(link);
2146 if (r < 0)
2147 return r;
2148 }
2149
2150 return 0;
2151 }
2152
2153 static int link_handle_bound_by_list(Link *link) {
2154 Iterator i;
2155 Link *l;
2156 int r;
2157
2158 assert(link);
2159
2160 if (hashmap_isempty(link->bound_by_links))
2161 return 0;
2162
2163 HASHMAP_FOREACH (l, link->bound_by_links, i) {
2164 r = link_handle_bound_to_list(l);
2165 if (r < 0)
2166 return r;
2167 }
2168
2169 return 0;
2170 }
2171
2172 static int link_put_carrier(Link *link, Link *carrier, Hashmap **h) {
2173 int r;
2174
2175 assert(link);
2176 assert(carrier);
2177
2178 if (link == carrier)
2179 return 0;
2180
2181 if (hashmap_get(*h, INT_TO_PTR(carrier->ifindex)))
2182 return 0;
2183
2184 r = hashmap_ensure_allocated(h, NULL);
2185 if (r < 0)
2186 return r;
2187
2188 r = hashmap_put(*h, INT_TO_PTR(carrier->ifindex), carrier);
2189 if (r < 0)
2190 return r;
2191
2192 return 0;
2193 }
2194
2195 static int link_new_bound_by_list(Link *link) {
2196 Manager *m;
2197 Link *carrier;
2198 Iterator i;
2199 int r;
2200 bool list_updated = false;
2201
2202 assert(link);
2203 assert(link->manager);
2204
2205 m = link->manager;
2206
2207 HASHMAP_FOREACH(carrier, m->links, i) {
2208 if (!carrier->network)
2209 continue;
2210
2211 if (strv_isempty(carrier->network->bind_carrier))
2212 continue;
2213
2214 if (strv_fnmatch(carrier->network->bind_carrier, link->ifname, 0)) {
2215 r = link_put_carrier(link, carrier, &link->bound_by_links);
2216 if (r < 0)
2217 return r;
2218
2219 list_updated = true;
2220 }
2221 }
2222
2223 if (list_updated)
2224 link_dirty(link);
2225
2226 HASHMAP_FOREACH(carrier, link->bound_by_links, i) {
2227 r = link_put_carrier(carrier, link, &carrier->bound_to_links);
2228 if (r < 0)
2229 return r;
2230
2231 link_dirty(carrier);
2232 }
2233
2234 return 0;
2235 }
2236
2237 static int link_new_bound_to_list(Link *link) {
2238 Manager *m;
2239 Link *carrier;
2240 Iterator i;
2241 int r;
2242 bool list_updated = false;
2243
2244 assert(link);
2245 assert(link->manager);
2246
2247 if (!link->network)
2248 return 0;
2249
2250 if (strv_isempty(link->network->bind_carrier))
2251 return 0;
2252
2253 m = link->manager;
2254
2255 HASHMAP_FOREACH (carrier, m->links, i) {
2256 if (strv_fnmatch(link->network->bind_carrier, carrier->ifname, 0)) {
2257 r = link_put_carrier(link, carrier, &link->bound_to_links);
2258 if (r < 0)
2259 return r;
2260
2261 list_updated = true;
2262 }
2263 }
2264
2265 if (list_updated)
2266 link_dirty(link);
2267
2268 HASHMAP_FOREACH (carrier, link->bound_to_links, i) {
2269 r = link_put_carrier(carrier, link, &carrier->bound_by_links);
2270 if (r < 0)
2271 return r;
2272
2273 link_dirty(carrier);
2274 }
2275
2276 return 0;
2277 }
2278
2279 static int link_new_carrier_maps(Link *link) {
2280 int r;
2281
2282 r = link_new_bound_by_list(link);
2283 if (r < 0)
2284 return r;
2285
2286 r = link_handle_bound_by_list(link);
2287 if (r < 0)
2288 return r;
2289
2290 r = link_new_bound_to_list(link);
2291 if (r < 0)
2292 return r;
2293
2294 r = link_handle_bound_to_list(link);
2295 if (r < 0)
2296 return r;
2297
2298 return 0;
2299 }
2300
2301 static void link_free_bound_to_list(Link *link) {
2302 Link *bound_to;
2303 Iterator i;
2304
2305 HASHMAP_FOREACH (bound_to, link->bound_to_links, i) {
2306 hashmap_remove(link->bound_to_links, INT_TO_PTR(bound_to->ifindex));
2307
2308 if (hashmap_remove(bound_to->bound_by_links, INT_TO_PTR(link->ifindex)))
2309 link_dirty(bound_to);
2310 }
2311
2312 return;
2313 }
2314
2315 static void link_free_bound_by_list(Link *link) {
2316 Link *bound_by;
2317 Iterator i;
2318
2319 HASHMAP_FOREACH (bound_by, link->bound_by_links, i) {
2320 hashmap_remove(link->bound_by_links, INT_TO_PTR(bound_by->ifindex));
2321
2322 if (hashmap_remove(bound_by->bound_to_links, INT_TO_PTR(link->ifindex))) {
2323 link_dirty(bound_by);
2324 link_handle_bound_to_list(bound_by);
2325 }
2326 }
2327
2328 return;
2329 }
2330
2331 static void link_free_carrier_maps(Link *link) {
2332 bool list_updated = false;
2333
2334 assert(link);
2335
2336 if (!hashmap_isempty(link->bound_to_links)) {
2337 link_free_bound_to_list(link);
2338 list_updated = true;
2339 }
2340
2341 if (!hashmap_isempty(link->bound_by_links)) {
2342 link_free_bound_by_list(link);
2343 list_updated = true;
2344 }
2345
2346 if (list_updated)
2347 link_dirty(link);
2348
2349 return;
2350 }
2351
2352 void link_drop(Link *link) {
2353 if (!link || link->state == LINK_STATE_LINGER)
2354 return;
2355
2356 link_set_state(link, LINK_STATE_LINGER);
2357
2358 link_free_carrier_maps(link);
2359
2360 log_link_debug(link, "Link removed");
2361
2362 (void) unlink(link->state_file);
2363
2364 link_detach_from_manager(link);
2365
2366 link_unref(link);
2367
2368 return;
2369 }
2370
2371 static int link_joined(Link *link) {
2372 int r;
2373
2374 assert(link);
2375 assert(link->network);
2376
2377 if (!hashmap_isempty(link->bound_to_links)) {
2378 r = link_handle_bound_to_list(link);
2379 if (r < 0)
2380 return r;
2381 } else if (!(link->flags & IFF_UP)) {
2382 r = link_up(link);
2383 if (r < 0) {
2384 link_enter_failed(link);
2385 return r;
2386 }
2387 }
2388
2389 if (link->network->bridge) {
2390 r = link_set_bridge(link);
2391 if (r < 0)
2392 log_link_error_errno(link, r, "Could not set bridge message: %m");
2393 }
2394
2395 if (link->network->bond) {
2396 r = link_bond_set(link);
2397 if (r < 0)
2398 log_link_error_errno(link, r, "Could not set bond message: %m");
2399 }
2400
2401 if (link->network->use_br_vlan &&
2402 (link->network->bridge || streq_ptr("bridge", link->kind))) {
2403 r = link_set_bridge_vlan(link);
2404 if (r < 0)
2405 log_link_error_errno(link, r, "Could not set bridge vlan: %m");
2406 }
2407
2408 /* Skip setting up addresses until it gets carrier,
2409 or it would try to set addresses twice,
2410 which is bad for non-idempotent steps. */
2411 if (!link_has_carrier(link) && !link->network->configure_without_carrier)
2412 return 0;
2413
2414 return link_request_set_addresses(link);
2415 }
2416
2417 static int netdev_join_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
2418 int r;
2419
2420 assert(link);
2421 assert(link->network);
2422
2423 link->enslaving--;
2424
2425 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
2426 return 1;
2427
2428 r = sd_netlink_message_get_errno(m);
2429 if (r < 0 && r != -EEXIST) {
2430 log_link_error_errno(link, r, "Could not join netdev: %m");
2431 link_enter_failed(link);
2432 return 1;
2433 } else
2434 log_link_debug(link, "Joined netdev");
2435
2436 if (link->enslaving <= 0)
2437 link_joined(link);
2438
2439 return 1;
2440 }
2441
2442 static int link_enter_join_netdev(Link *link) {
2443 NetDev *netdev;
2444 Iterator i;
2445 int r;
2446
2447 assert(link);
2448 assert(link->network);
2449 assert(link->state == LINK_STATE_PENDING);
2450
2451 link_set_state(link, LINK_STATE_CONFIGURING);
2452
2453 link_dirty(link);
2454
2455 if (!link->network->bridge &&
2456 !link->network->bond &&
2457 !link->network->vrf &&
2458 hashmap_isempty(link->network->stacked_netdevs))
2459 return link_joined(link);
2460
2461 if (link->network->bond) {
2462 if (link->network->bond->state == NETDEV_STATE_READY &&
2463 link->network->bond->ifindex == link->master_ifindex)
2464 return link_joined(link);
2465
2466 log_struct(LOG_DEBUG,
2467 LOG_LINK_INTERFACE(link),
2468 LOG_NETDEV_INTERFACE(link->network->bond),
2469 LOG_LINK_MESSAGE(link, "Enslaving by '%s'", link->network->bond->ifname));
2470
2471 r = netdev_join(link->network->bond, link, netdev_join_handler);
2472 if (r < 0) {
2473 log_struct_errno(LOG_WARNING, r,
2474 LOG_LINK_INTERFACE(link),
2475 LOG_NETDEV_INTERFACE(link->network->bond),
2476 LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", link->network->bond->ifname));
2477 link_enter_failed(link);
2478 return r;
2479 }
2480
2481 link->enslaving++;
2482 }
2483
2484 if (link->network->bridge) {
2485 log_struct(LOG_DEBUG,
2486 LOG_LINK_INTERFACE(link),
2487 LOG_NETDEV_INTERFACE(link->network->bridge),
2488 LOG_LINK_MESSAGE(link, "Enslaving by '%s'", link->network->bridge->ifname));
2489
2490 r = netdev_join(link->network->bridge, link, netdev_join_handler);
2491 if (r < 0) {
2492 log_struct_errno(LOG_WARNING, r,
2493 LOG_LINK_INTERFACE(link),
2494 LOG_NETDEV_INTERFACE(link->network->bridge),
2495 LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", link->network->bridge->ifname));
2496 link_enter_failed(link);
2497 return r;
2498 }
2499
2500 link->enslaving++;
2501 }
2502
2503 if (link->network->vrf) {
2504 log_struct(LOG_DEBUG,
2505 LOG_LINK_INTERFACE(link),
2506 LOG_NETDEV_INTERFACE(link->network->vrf),
2507 LOG_LINK_MESSAGE(link, "Enslaving by '%s'", link->network->vrf->ifname));
2508
2509 r = netdev_join(link->network->vrf, link, netdev_join_handler);
2510 if (r < 0) {
2511 log_struct_errno(LOG_WARNING, r,
2512 LOG_LINK_INTERFACE(link),
2513 LOG_NETDEV_INTERFACE(link->network->vrf),
2514 LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", link->network->vrf->ifname));
2515 link_enter_failed(link);
2516 return r;
2517 }
2518
2519 link->enslaving++;
2520 }
2521
2522 HASHMAP_FOREACH(netdev, link->network->stacked_netdevs, i) {
2523
2524 if (netdev->ifindex > 0) {
2525 link_joined(link);
2526 continue;
2527 }
2528
2529 log_struct(LOG_DEBUG,
2530 LOG_LINK_INTERFACE(link),
2531 LOG_NETDEV_INTERFACE(netdev),
2532 LOG_LINK_MESSAGE(link, "Enslaving by '%s'", netdev->ifname));
2533
2534 r = netdev_join(netdev, link, netdev_join_handler);
2535 if (r < 0) {
2536 log_struct_errno(LOG_WARNING, r,
2537 LOG_LINK_INTERFACE(link),
2538 LOG_NETDEV_INTERFACE(netdev),
2539 LOG_LINK_MESSAGE(link, "Could not join netdev '%s': %m", netdev->ifname));
2540 link_enter_failed(link);
2541 return r;
2542 }
2543
2544 link->enslaving++;
2545 }
2546
2547 return 0;
2548 }
2549
2550 static int link_set_ipv4_forward(Link *link) {
2551 int r;
2552
2553 if (!link_ipv4_forward_enabled(link))
2554 return 0;
2555
2556 /* We propagate the forwarding flag from one interface to the
2557 * global setting one way. This means: as long as at least one
2558 * interface was configured at any time that had IP forwarding
2559 * enabled the setting will stay on for good. We do this
2560 * primarily to keep IPv4 and IPv6 packet forwarding behaviour
2561 * somewhat in sync (see below). */
2562
2563 r = write_string_file("/proc/sys/net/ipv4/ip_forward", "1", WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2564 if (r < 0)
2565 log_link_warning_errno(link, r, "Cannot turn on IPv4 packet forwarding, ignoring: %m");
2566
2567 return 0;
2568 }
2569
2570 static int link_set_ipv6_forward(Link *link) {
2571 int r;
2572
2573 if (!link_ipv6_forward_enabled(link))
2574 return 0;
2575
2576 /* On Linux, the IPv6 stack does not know a per-interface
2577 * packet forwarding setting: either packet forwarding is on
2578 * for all, or off for all. We hence don't bother with a
2579 * per-interface setting, but simply propagate the interface
2580 * flag, if it is set, to the global flag, one-way. Note that
2581 * while IPv4 would allow a per-interface flag, we expose the
2582 * same behaviour there and also propagate the setting from
2583 * one to all, to keep things simple (see above). */
2584
2585 r = write_string_file("/proc/sys/net/ipv6/conf/all/forwarding", "1", WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2586 if (r < 0)
2587 log_link_warning_errno(link, r, "Cannot configure IPv6 packet forwarding, ignoring: %m");
2588
2589 return 0;
2590 }
2591
2592 static int link_set_ipv6_privacy_extensions(Link *link) {
2593 char buf[DECIMAL_STR_MAX(unsigned) + 1];
2594 IPv6PrivacyExtensions s;
2595 const char *p = NULL;
2596 int r;
2597
2598 s = link_ipv6_privacy_extensions(link);
2599 if (s < 0)
2600 return 0;
2601
2602 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/use_tempaddr");
2603 xsprintf(buf, "%u", (unsigned) link->network->ipv6_privacy_extensions);
2604
2605 r = write_string_file(p, buf, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2606 if (r < 0)
2607 log_link_warning_errno(link, r, "Cannot configure IPv6 privacy extension for interface: %m");
2608
2609 return 0;
2610 }
2611
2612 static int link_set_ipv6_accept_ra(Link *link) {
2613 const char *p = NULL;
2614 int r;
2615
2616 /* Make this a NOP if IPv6 is not available */
2617 if (!socket_ipv6_is_supported())
2618 return 0;
2619
2620 if (link->flags & IFF_LOOPBACK)
2621 return 0;
2622
2623 if (!link->network)
2624 return 0;
2625
2626 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/accept_ra");
2627
2628 /* We handle router advertisements ourselves, tell the kernel to GTFO */
2629 r = write_string_file(p, "0", WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2630 if (r < 0)
2631 log_link_warning_errno(link, r, "Cannot disable kernel IPv6 accept_ra for interface: %m");
2632
2633 return 0;
2634 }
2635
2636 static int link_set_ipv6_dad_transmits(Link *link) {
2637 char buf[DECIMAL_STR_MAX(int) + 1];
2638 const char *p = NULL;
2639 int r;
2640
2641 /* Make this a NOP if IPv6 is not available */
2642 if (!socket_ipv6_is_supported())
2643 return 0;
2644
2645 if (link->flags & IFF_LOOPBACK)
2646 return 0;
2647
2648 if (!link->network)
2649 return 0;
2650
2651 if (link->network->ipv6_dad_transmits < 0)
2652 return 0;
2653
2654 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/dad_transmits");
2655 xsprintf(buf, "%i", link->network->ipv6_dad_transmits);
2656
2657 r = write_string_file(p, buf, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2658 if (r < 0)
2659 log_link_warning_errno(link, r, "Cannot set IPv6 dad transmits for interface: %m");
2660
2661 return 0;
2662 }
2663
2664 static int link_set_ipv6_hop_limit(Link *link) {
2665 char buf[DECIMAL_STR_MAX(int) + 1];
2666 const char *p = NULL;
2667 int r;
2668
2669 /* Make this a NOP if IPv6 is not available */
2670 if (!socket_ipv6_is_supported())
2671 return 0;
2672
2673 if (link->flags & IFF_LOOPBACK)
2674 return 0;
2675
2676 if (!link->network)
2677 return 0;
2678
2679 if (link->network->ipv6_hop_limit < 0)
2680 return 0;
2681
2682 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/hop_limit");
2683 xsprintf(buf, "%i", link->network->ipv6_hop_limit);
2684
2685 r = write_string_file(p, buf, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER);
2686 if (r < 0)
2687 log_link_warning_errno(link, r, "Cannot set IPv6 hop limit for interface: %m");
2688
2689 return 0;
2690 }
2691
2692 static int link_set_ipv6_mtu(Link *link) {
2693 char buf[DECIMAL_STR_MAX(unsigned) + 1];
2694 const char *p = NULL;
2695 int r;
2696
2697 /* Make this a NOP if IPv6 is not available */
2698 if (!socket_ipv6_is_supported())
2699 return 0;
2700
2701 if (link->flags & IFF_LOOPBACK)
2702 return 0;
2703
2704 if (link->network->ipv6_mtu == 0)
2705 return 0;
2706
2707 p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/mtu");
2708
2709 xsprintf(buf, "%" PRIu32, link->network->ipv6_mtu);
2710
2711 r = write_string_file(p, buf, WRITE_STRING_FILE_DISABLE_BUFFER);
2712 if (r < 0)
2713 log_link_warning_errno(link, r, "Cannot set IPv6 MTU for interface: %m");
2714
2715 return 0;
2716 }
2717
2718 static bool link_is_static_address_configured(Link *link, Address *address) {
2719 Address *net_address;
2720
2721 assert(link);
2722 assert(address);
2723
2724 if (!link->network)
2725 return false;
2726
2727 LIST_FOREACH(addresses, net_address, link->network->static_addresses)
2728 if (address_equal(net_address, address))
2729 return true;
2730
2731 return false;
2732 }
2733
2734 static bool link_is_static_route_configured(Link *link, Route *route) {
2735 Route *net_route;
2736
2737 assert(link);
2738 assert(route);
2739
2740 if (!link->network)
2741 return false;
2742
2743 LIST_FOREACH(routes, net_route, link->network->static_routes)
2744 if (route_equal(net_route, route))
2745 return true;
2746
2747 return false;
2748 }
2749
2750 static int link_drop_foreign_config(Link *link) {
2751 Address *address;
2752 Route *route;
2753 Iterator i;
2754 int r;
2755
2756 SET_FOREACH(address, link->addresses_foreign, i) {
2757 /* we consider IPv6LL addresses to be managed by the kernel */
2758 if (address->family == AF_INET6 && in_addr_is_link_local(AF_INET6, &address->in_addr) == 1)
2759 continue;
2760
2761 if (link_is_static_address_configured(link, address)) {
2762 r = address_add(link, address->family, &address->in_addr, address->prefixlen, NULL);
2763 if (r < 0)
2764 return log_link_error_errno(link, r, "Failed to add address: %m");
2765 } else {
2766 r = address_remove(address, link, NULL);
2767 if (r < 0)
2768 return r;
2769 }
2770 }
2771
2772 SET_FOREACH(route, link->routes_foreign, i) {
2773 /* do not touch routes managed by the kernel */
2774 if (route->protocol == RTPROT_KERNEL)
2775 continue;
2776
2777 if (link_is_static_route_configured(link, route)) {
2778 r = route_add(link, route->family, &route->dst, route->dst_prefixlen, route->tos, route->priority, route->table, NULL);
2779 if (r < 0)
2780 return r;
2781 } else {
2782 r = route_remove(route, link, NULL);
2783 if (r < 0)
2784 return r;
2785 }
2786 }
2787
2788 return 0;
2789 }
2790
2791 static int link_drop_config(Link *link) {
2792 Address *address, *pool_address;
2793 Route *route;
2794 Iterator i;
2795 int r;
2796
2797 SET_FOREACH(address, link->addresses, i) {
2798 /* we consider IPv6LL addresses to be managed by the kernel */
2799 if (address->family == AF_INET6 && in_addr_is_link_local(AF_INET6, &address->in_addr) == 1)
2800 continue;
2801
2802 r = address_remove(address, link, NULL);
2803 if (r < 0)
2804 return r;
2805
2806 /* If this address came from an address pool, clean up the pool */
2807 LIST_FOREACH(addresses, pool_address, link->pool_addresses) {
2808 if (address_equal(address, pool_address)) {
2809 LIST_REMOVE(addresses, link->pool_addresses, pool_address);
2810 address_free(pool_address);
2811 break;
2812 }
2813 }
2814 }
2815
2816 SET_FOREACH(route, link->routes, i) {
2817 /* do not touch routes managed by the kernel */
2818 if (route->protocol == RTPROT_KERNEL)
2819 continue;
2820
2821 r = route_remove(route, link, NULL);
2822 if (r < 0)
2823 return r;
2824 }
2825
2826 ndisc_flush(link);
2827
2828 return 0;
2829 }
2830
2831 static int link_update_lldp(Link *link) {
2832 int r;
2833
2834 assert(link);
2835
2836 if (!link->lldp)
2837 return 0;
2838
2839 if (link->flags & IFF_UP) {
2840 r = sd_lldp_start(link->lldp);
2841 if (r > 0)
2842 log_link_debug(link, "Started LLDP.");
2843 } else {
2844 r = sd_lldp_stop(link->lldp);
2845 if (r > 0)
2846 log_link_debug(link, "Stopped LLDP.");
2847 }
2848
2849 return r;
2850 }
2851
2852 static int link_configure_can(Link *link) {
2853 int r;
2854
2855 if (streq_ptr(link->kind, "can")) {
2856 /* The CAN interface must be down to configure bitrate, etc... */
2857 if ((link->flags & IFF_UP)) {
2858 r = link_down(link);
2859 if (r < 0) {
2860 link_enter_failed(link);
2861 return r;
2862 }
2863
2864 return 0;
2865 }
2866
2867 return link_set_can(link);
2868 }
2869
2870 if (!(link->flags & IFF_UP)) {
2871 r = link_up_can(link);
2872 if (r < 0) {
2873 link_enter_failed(link);
2874 return r;
2875 }
2876 }
2877
2878 return 0;
2879 }
2880
2881 static int link_configure(Link *link) {
2882 int r;
2883
2884 assert(link);
2885 assert(link->network);
2886 assert(link->state == LINK_STATE_PENDING);
2887
2888 if (STRPTR_IN_SET(link->kind, "can", "vcan"))
2889 return link_configure_can(link);
2890
2891 /* Drop foreign config, but ignore loopback or critical devices.
2892 * We do not want to remove loopback address or addresses used for root NFS. */
2893 if (!(link->flags & IFF_LOOPBACK) && !(link->network->dhcp_critical)) {
2894 r = link_drop_foreign_config(link);
2895 if (r < 0)
2896 return r;
2897 }
2898
2899 r = link_set_proxy_arp(link);
2900 if (r < 0)
2901 return r;
2902
2903 r = ipv6_proxy_ndp_addresses_configure(link);
2904 if (r < 0)
2905 return r;
2906
2907 r = link_set_ipv4_forward(link);
2908 if (r < 0)
2909 return r;
2910
2911 r = link_set_ipv6_forward(link);
2912 if (r < 0)
2913 return r;
2914
2915 r = link_set_ipv6_privacy_extensions(link);
2916 if (r < 0)
2917 return r;
2918
2919 r = link_set_ipv6_accept_ra(link);
2920 if (r < 0)
2921 return r;
2922
2923 r = link_set_ipv6_dad_transmits(link);
2924 if (r < 0)
2925 return r;
2926
2927 r = link_set_ipv6_hop_limit(link);
2928 if (r < 0)
2929 return r;
2930
2931 r = link_set_flags(link);
2932 if (r < 0)
2933 return r;
2934
2935 r = link_set_ipv6_mtu(link);
2936 if (r < 0)
2937 return r;
2938
2939 if (link_ipv4ll_enabled(link)) {
2940 r = ipv4ll_configure(link);
2941 if (r < 0)
2942 return r;
2943 }
2944
2945 if (link_dhcp4_enabled(link)) {
2946 r = dhcp4_set_promote_secondaries(link);
2947 if (r < 0)
2948 return r;
2949
2950 r = dhcp4_configure(link);
2951 if (r < 0)
2952 return r;
2953 }
2954
2955 if (link_dhcp4_server_enabled(link)) {
2956 r = sd_dhcp_server_new(&link->dhcp_server, link->ifindex);
2957 if (r < 0)
2958 return r;
2959
2960 r = sd_dhcp_server_attach_event(link->dhcp_server, NULL, 0);
2961 if (r < 0)
2962 return r;
2963 }
2964
2965 if (link_dhcp6_enabled(link) ||
2966 link_ipv6_accept_ra_enabled(link)) {
2967 r = dhcp6_configure(link);
2968 if (r < 0)
2969 return r;
2970 }
2971
2972 if (link_ipv6_accept_ra_enabled(link)) {
2973 r = ndisc_configure(link);
2974 if (r < 0)
2975 return r;
2976 }
2977
2978 if (link_radv_enabled(link)) {
2979 r = radv_configure(link);
2980 if (r < 0)
2981 return r;
2982 }
2983
2984 if (link_lldp_rx_enabled(link)) {
2985 r = sd_lldp_new(&link->lldp);
2986 if (r < 0)
2987 return r;
2988
2989 r = sd_lldp_set_ifindex(link->lldp, link->ifindex);
2990 if (r < 0)
2991 return r;
2992
2993 r = sd_lldp_match_capabilities(link->lldp,
2994 link->network->lldp_mode == LLDP_MODE_ROUTERS_ONLY ?
2995 SD_LLDP_SYSTEM_CAPABILITIES_ALL_ROUTERS :
2996 SD_LLDP_SYSTEM_CAPABILITIES_ALL);
2997 if (r < 0)
2998 return r;
2999
3000 r = sd_lldp_set_filter_address(link->lldp, &link->mac);
3001 if (r < 0)
3002 return r;
3003
3004 r = sd_lldp_attach_event(link->lldp, NULL, 0);
3005 if (r < 0)
3006 return r;
3007
3008 r = sd_lldp_set_callback(link->lldp, lldp_handler, link);
3009 if (r < 0)
3010 return r;
3011
3012 r = link_update_lldp(link);
3013 if (r < 0)
3014 return r;
3015 }
3016
3017 if (link->network->mtu > 0) {
3018 r = link_set_mtu(link, link->network->mtu);
3019 if (r < 0)
3020 return r;
3021 }
3022
3023 if (socket_ipv6_is_supported()) {
3024 r = link_configure_addrgen_mode(link);
3025 if (r < 0)
3026 return r;
3027 }
3028
3029 return link_configure_after_setting_mtu(link);
3030 }
3031
3032 static int link_configure_after_setting_mtu(Link *link) {
3033 int r;
3034
3035 assert(link);
3036 assert(link->network);
3037 assert(link->state == LINK_STATE_PENDING);
3038
3039 if (link->setting_mtu)
3040 return 0;
3041
3042 if (link_has_carrier(link) || link->network->configure_without_carrier) {
3043 r = link_acquire_conf(link);
3044 if (r < 0)
3045 return r;
3046 }
3047
3048 return link_enter_join_netdev(link);
3049 }
3050
3051 static int duid_set_uuid(DUID *duid, sd_id128_t uuid) {
3052 assert(duid);
3053
3054 if (duid->raw_data_len > 0)
3055 return 0;
3056
3057 if (duid->type != DUID_TYPE_UUID)
3058 return -EINVAL;
3059
3060 memcpy(&duid->raw_data, &uuid, sizeof(sd_id128_t));
3061 duid->raw_data_len = sizeof(sd_id128_t);
3062
3063 return 1;
3064 }
3065
3066 int get_product_uuid_handler(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
3067 Manager *manager = userdata;
3068 const sd_bus_error *e;
3069 const void *a;
3070 size_t sz;
3071 DUID *duid;
3072 Link *link;
3073 int r;
3074
3075 assert(m);
3076 assert(manager);
3077
3078 e = sd_bus_message_get_error(m);
3079 if (e) {
3080 log_error_errno(sd_bus_error_get_errno(e),
3081 "Could not get product UUID. Falling back to use machine-app-specific ID as DUID-UUID: %s",
3082 e->message);
3083 goto configure;
3084 }
3085
3086 r = sd_bus_message_read_array(m, 'y', &a, &sz);
3087 if (r < 0)
3088 goto configure;
3089
3090 if (sz != sizeof(sd_id128_t)) {
3091 log_error("Invalid product UUID. Falling back to use machine-app-specific ID as DUID-UUID.");
3092 goto configure;
3093 }
3094
3095 memcpy(&manager->product_uuid, a, sz);
3096 while ((duid = set_steal_first(manager->duids_requesting_uuid)))
3097 (void) duid_set_uuid(duid, manager->product_uuid);
3098
3099 manager->duids_requesting_uuid = set_free(manager->duids_requesting_uuid);
3100
3101 configure:
3102 while ((link = set_steal_first(manager->links_requesting_uuid))) {
3103 r = link_configure(link);
3104 if (r < 0)
3105 log_link_error_errno(link, r, "Failed to configure link: %m");
3106 }
3107
3108 manager->links_requesting_uuid = set_free(manager->links_requesting_uuid);
3109
3110 /* To avoid calling GetProductUUID() bus method so frequently, set the flag below
3111 * even if the method fails. */
3112 manager->has_product_uuid = true;
3113
3114 return 1;
3115 }
3116
3117 static bool link_requires_uuid(Link *link) {
3118 const DUID *duid;
3119
3120 assert(link);
3121 assert(link->manager);
3122 assert(link->network);
3123
3124 duid = link_get_duid(link);
3125 if (duid->type != DUID_TYPE_UUID || duid->raw_data_len != 0)
3126 return false;
3127
3128 if (link_dhcp4_enabled(link) && IN_SET(link->network->dhcp_client_identifier, DHCP_CLIENT_ID_DUID, DHCP_CLIENT_ID_DUID_ONLY))
3129 return true;
3130
3131 if (link_dhcp6_enabled(link) || link_ipv6_accept_ra_enabled(link))
3132 return true;
3133
3134 return false;
3135 }
3136
3137 static int link_configure_duid(Link *link) {
3138 Manager *m;
3139 DUID *duid;
3140 int r;
3141
3142 assert(link);
3143 assert(link->manager);
3144 assert(link->network);
3145
3146 m = link->manager;
3147 duid = link_get_duid(link);
3148
3149 if (!link_requires_uuid(link))
3150 return 1;
3151
3152 if (m->has_product_uuid) {
3153 (void) duid_set_uuid(duid, m->product_uuid);
3154 return 1;
3155 }
3156
3157 if (!m->links_requesting_uuid) {
3158 r = manager_request_product_uuid(m, link);
3159 if (r < 0) {
3160 if (r == -ENOMEM)
3161 return r;
3162
3163 log_link_warning_errno(link, r,
3164 "Failed to get product UUID. Falling back to use machine-app-specific ID as DUID-UUID: %m");
3165 return 1;
3166 }
3167 } else {
3168 r = set_put(m->links_requesting_uuid, link);
3169 if (r < 0)
3170 return log_oom();
3171
3172 r = set_put(m->duids_requesting_uuid, duid);
3173 if (r < 0)
3174 return log_oom();
3175 }
3176
3177 return 0;
3178 }
3179
3180 static int link_initialized_and_synced(Link *link) {
3181 Network *network;
3182 int r;
3183
3184 assert(link);
3185 assert(link->ifname);
3186 assert(link->manager);
3187
3188 if (link->state != LINK_STATE_PENDING)
3189 return 1;
3190
3191 log_link_debug(link, "Link state is up-to-date");
3192
3193 r = link_new_bound_by_list(link);
3194 if (r < 0)
3195 return r;
3196
3197 r = link_handle_bound_by_list(link);
3198 if (r < 0)
3199 return r;
3200
3201 if (!link->network) {
3202 r = network_get(link->manager, link->sd_device, link->ifname,
3203 &link->mac, &network);
3204 if (r == -ENOENT) {
3205 link_enter_unmanaged(link);
3206 return 1;
3207 } else if (r == 0 && network->unmanaged) {
3208 link_enter_unmanaged(link);
3209 return 0;
3210 } else if (r < 0)
3211 return r;
3212
3213 if (link->flags & IFF_LOOPBACK) {
3214 if (network->link_local != ADDRESS_FAMILY_NO)
3215 log_link_debug(link, "Ignoring link-local autoconfiguration for loopback link");
3216
3217 if (network->dhcp != ADDRESS_FAMILY_NO)
3218 log_link_debug(link, "Ignoring DHCP clients for loopback link");
3219
3220 if (network->dhcp_server)
3221 log_link_debug(link, "Ignoring DHCP server for loopback link");
3222 }
3223
3224 r = network_apply(network, link);
3225 if (r < 0)
3226 return r;
3227 }
3228
3229 r = link_new_bound_to_list(link);
3230 if (r < 0)
3231 return r;
3232
3233 /* link_configure_duid() returns 0 if it requests product UUID. In that case,
3234 * link_configure() is called later asynchronously. */
3235 r = link_configure_duid(link);
3236 if (r <= 0)
3237 return r;
3238
3239 r = link_configure(link);
3240 if (r < 0)
3241 return r;
3242
3243 return 1;
3244 }
3245
3246 static int link_initialized_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
3247 (void) link_initialized_and_synced(link);
3248 return 1;
3249 }
3250
3251 int link_initialized(Link *link, sd_device *device) {
3252 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
3253 int r;
3254
3255 assert(link);
3256 assert(link->manager);
3257 assert(link->manager->rtnl);
3258 assert(device);
3259
3260 if (link->state != LINK_STATE_PENDING)
3261 return 0;
3262
3263 if (link->sd_device)
3264 return 0;
3265
3266 log_link_debug(link, "udev initialized link");
3267
3268 link->sd_device = sd_device_ref(device);
3269
3270 /* udev has initialized the link, but we don't know if we have yet
3271 * processed the NEWLINK messages with the latest state. Do a GETLINK,
3272 * when it returns we know that the pending NEWLINKs have already been
3273 * processed and that we are up-to-date */
3274
3275 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_GETLINK,
3276 link->ifindex);
3277 if (r < 0)
3278 return r;
3279
3280 r = netlink_call_async(link->manager->rtnl, NULL, req, link_initialized_handler,
3281 link_netlink_destroy_callback, link);
3282 if (r < 0)
3283 return r;
3284
3285 link_ref(link);
3286
3287 return 0;
3288 }
3289
3290 static int link_load(Link *link) {
3291 _cleanup_free_ char *network_file = NULL,
3292 *addresses = NULL,
3293 *routes = NULL,
3294 *dhcp4_address = NULL,
3295 *ipv4ll_address = NULL;
3296 union in_addr_union address;
3297 union in_addr_union route_dst;
3298 const char *p;
3299 int r;
3300
3301 assert(link);
3302
3303 r = parse_env_file(NULL, link->state_file,
3304 "NETWORK_FILE", &network_file,
3305 "ADDRESSES", &addresses,
3306 "ROUTES", &routes,
3307 "DHCP4_ADDRESS", &dhcp4_address,
3308 "IPV4LL_ADDRESS", &ipv4ll_address);
3309 if (r < 0 && r != -ENOENT)
3310 return log_link_error_errno(link, r, "Failed to read %s: %m", link->state_file);
3311
3312 if (network_file) {
3313 Network *network;
3314 char *suffix;
3315
3316 /* drop suffix */
3317 suffix = strrchr(network_file, '.');
3318 if (!suffix) {
3319 log_link_debug(link, "Failed to get network name from %s", network_file);
3320 goto network_file_fail;
3321 }
3322 *suffix = '\0';
3323
3324 r = network_get_by_name(link->manager, basename(network_file), &network);
3325 if (r < 0) {
3326 log_link_debug_errno(link, r, "Failed to get network %s: %m", basename(network_file));
3327 goto network_file_fail;
3328 }
3329
3330 r = network_apply(network, link);
3331 if (r < 0)
3332 return log_link_error_errno(link, r, "Failed to apply network %s: %m", basename(network_file));
3333 }
3334
3335 network_file_fail:
3336
3337 if (addresses) {
3338 p = addresses;
3339
3340 for (;;) {
3341 _cleanup_free_ char *address_str = NULL;
3342 char *prefixlen_str;
3343 int family;
3344 unsigned char prefixlen;
3345
3346 r = extract_first_word(&p, &address_str, NULL, 0);
3347 if (r < 0) {
3348 log_link_debug_errno(link, r, "Failed to extract next address string: %m");
3349 continue;
3350 }
3351 if (r == 0)
3352 break;
3353
3354 prefixlen_str = strchr(address_str, '/');
3355 if (!prefixlen_str) {
3356 log_link_debug(link, "Failed to parse address and prefix length %s", address_str);
3357 continue;
3358 }
3359
3360 *prefixlen_str++ = '\0';
3361
3362 r = sscanf(prefixlen_str, "%hhu", &prefixlen);
3363 if (r != 1) {
3364 log_link_error(link, "Failed to parse prefixlen %s", prefixlen_str);
3365 continue;
3366 }
3367
3368 r = in_addr_from_string_auto(address_str, &family, &address);
3369 if (r < 0) {
3370 log_link_debug_errno(link, r, "Failed to parse address %s: %m", address_str);
3371 continue;
3372 }
3373
3374 r = address_add(link, family, &address, prefixlen, NULL);
3375 if (r < 0)
3376 return log_link_error_errno(link, r, "Failed to add address: %m");
3377 }
3378 }
3379
3380 if (routes) {
3381 p = routes;
3382
3383 for (;;) {
3384 Route *route;
3385 _cleanup_free_ char *route_str = NULL;
3386 _cleanup_(sd_event_source_unrefp) sd_event_source *expire = NULL;
3387 usec_t lifetime;
3388 char *prefixlen_str;
3389 int family;
3390 unsigned char prefixlen, tos, table;
3391 uint32_t priority;
3392
3393 r = extract_first_word(&p, &route_str, NULL, 0);
3394 if (r < 0) {
3395 log_link_debug_errno(link, r, "Failed to extract next route string: %m");
3396 continue;
3397 }
3398 if (r == 0)
3399 break;
3400
3401 prefixlen_str = strchr(route_str, '/');
3402 if (!prefixlen_str) {
3403 log_link_debug(link, "Failed to parse route %s", route_str);
3404 continue;
3405 }
3406
3407 *prefixlen_str++ = '\0';
3408
3409 r = sscanf(prefixlen_str, "%hhu/%hhu/%"SCNu32"/%hhu/"USEC_FMT, &prefixlen, &tos, &priority, &table, &lifetime);
3410 if (r != 5) {
3411 log_link_debug(link,
3412 "Failed to parse destination prefix length, tos, priority, table or expiration %s",
3413 prefixlen_str);
3414 continue;
3415 }
3416
3417 r = in_addr_from_string_auto(route_str, &family, &route_dst);
3418 if (r < 0) {
3419 log_link_debug_errno(link, r, "Failed to parse route destination %s: %m", route_str);
3420 continue;
3421 }
3422
3423 r = route_add(link, family, &route_dst, prefixlen, tos, priority, table, &route);
3424 if (r < 0)
3425 return log_link_error_errno(link, r, "Failed to add route: %m");
3426
3427 if (lifetime != USEC_INFINITY && !kernel_route_expiration_supported()) {
3428 r = sd_event_add_time(link->manager->event, &expire, clock_boottime_or_monotonic(), lifetime,
3429 0, route_expire_handler, route);
3430 if (r < 0)
3431 log_link_warning_errno(link, r, "Could not arm route expiration handler: %m");
3432 }
3433
3434 route->lifetime = lifetime;
3435 sd_event_source_unref(route->expire);
3436 route->expire = TAKE_PTR(expire);
3437 }
3438 }
3439
3440 if (dhcp4_address) {
3441 r = in_addr_from_string(AF_INET, dhcp4_address, &address);
3442 if (r < 0) {
3443 log_link_debug_errno(link, r, "Failed to parse DHCPv4 address %s: %m", dhcp4_address);
3444 goto dhcp4_address_fail;
3445 }
3446
3447 r = sd_dhcp_client_new(&link->dhcp_client, link->network ? link->network->dhcp_anonymize : 0);
3448 if (r < 0)
3449 return log_link_error_errno(link, r, "Failed to create DHCPv4 client: %m");
3450
3451 r = sd_dhcp_client_set_request_address(link->dhcp_client, &address.in);
3452 if (r < 0)
3453 return log_link_error_errno(link, r, "Failed to set initial DHCPv4 address %s: %m", dhcp4_address);
3454 }
3455
3456 dhcp4_address_fail:
3457
3458 if (ipv4ll_address) {
3459 r = in_addr_from_string(AF_INET, ipv4ll_address, &address);
3460 if (r < 0) {
3461 log_link_debug_errno(link, r, "Failed to parse IPv4LL address %s: %m", ipv4ll_address);
3462 goto ipv4ll_address_fail;
3463 }
3464
3465 r = sd_ipv4ll_new(&link->ipv4ll);
3466 if (r < 0)
3467 return log_link_error_errno(link, r, "Failed to create IPv4LL client: %m");
3468
3469 r = sd_ipv4ll_set_address(link->ipv4ll, &address.in);
3470 if (r < 0)
3471 return log_link_error_errno(link, r, "Failed to set initial IPv4LL address %s: %m", ipv4ll_address);
3472 }
3473
3474 ipv4ll_address_fail:
3475
3476 return 0;
3477 }
3478
3479 int link_add(Manager *m, sd_netlink_message *message, Link **ret) {
3480 _cleanup_(sd_device_unrefp) sd_device *device = NULL;
3481 char ifindex_str[2 + DECIMAL_STR_MAX(int)];
3482 Link *link;
3483 int r;
3484
3485 assert(m);
3486 assert(m->rtnl);
3487 assert(message);
3488 assert(ret);
3489
3490 r = link_new(m, message, ret);
3491 if (r < 0)
3492 return r;
3493
3494 link = *ret;
3495
3496 log_link_debug(link, "Link %d added", link->ifindex);
3497
3498 r = link_load(link);
3499 if (r < 0)
3500 return r;
3501
3502 if (detect_container() <= 0) {
3503 /* not in a container, udev will be around */
3504 sprintf(ifindex_str, "n%d", link->ifindex);
3505 r = sd_device_new_from_device_id(&device, ifindex_str);
3506 if (r < 0) {
3507 log_link_warning_errno(link, r, "Could not find device: %m");
3508 goto failed;
3509 }
3510
3511 r = sd_device_get_is_initialized(device);
3512 if (r < 0) {
3513 log_link_warning_errno(link, r, "Could not determine whether the device is initialized or not: %m");
3514 goto failed;
3515 }
3516 if (r == 0) {
3517 /* not yet ready */
3518 log_link_debug(link, "link pending udev initialization...");
3519 return 0;
3520 }
3521
3522 r = link_initialized(link, device);
3523 if (r < 0)
3524 goto failed;
3525 } else {
3526 r = link_initialized_and_synced(link);
3527 if (r < 0)
3528 goto failed;
3529 }
3530
3531 return 0;
3532 failed:
3533 link_enter_failed(link);
3534 return r;
3535 }
3536
3537 int link_ipv6ll_gained(Link *link, const struct in6_addr *address) {
3538 int r;
3539
3540 assert(link);
3541
3542 log_link_info(link, "Gained IPv6LL");
3543
3544 link->ipv6ll_address = *address;
3545 link_check_ready(link);
3546
3547 if (!IN_SET(link->state, LINK_STATE_PENDING, LINK_STATE_UNMANAGED, LINK_STATE_FAILED)) {
3548 r = link_acquire_ipv6_conf(link);
3549 if (r < 0) {
3550 link_enter_failed(link);
3551 return r;
3552 }
3553 }
3554
3555 return 0;
3556 }
3557
3558 static int link_carrier_gained(Link *link) {
3559 int r;
3560
3561 assert(link);
3562
3563 if (!IN_SET(link->state, LINK_STATE_PENDING, LINK_STATE_UNMANAGED, LINK_STATE_FAILED)) {
3564 r = link_acquire_conf(link);
3565 if (r < 0) {
3566 link_enter_failed(link);
3567 return r;
3568 }
3569
3570 r = link_request_set_addresses(link);
3571 if (r < 0)
3572 return r;
3573 }
3574
3575 r = link_handle_bound_by_list(link);
3576 if (r < 0)
3577 return r;
3578
3579 return 0;
3580 }
3581
3582 static int link_carrier_lost(Link *link) {
3583 int r;
3584
3585 assert(link);
3586
3587 if (link->network && link->network->ignore_carrier_loss)
3588 return 0;
3589
3590 /* Some devices reset itself while setting the MTU. This causes the DHCP client fall into a loop.
3591 * setting_mtu keep track whether the device got reset because of setting MTU and does not drop the
3592 * configuration and stop the clients as well. */
3593 if (link->setting_mtu)
3594 return 0;
3595
3596 r = link_stop_clients(link);
3597 if (r < 0) {
3598 link_enter_failed(link);
3599 return r;
3600 }
3601
3602 if (link_dhcp4_server_enabled(link))
3603 (void) sd_dhcp_server_stop(link->dhcp_server);
3604
3605 r = link_drop_config(link);
3606 if (r < 0)
3607 return r;
3608
3609 if (!IN_SET(link->state, LINK_STATE_UNMANAGED, LINK_STATE_PENDING)) {
3610 log_link_debug(link, "State is %s, dropping config", link_state_to_string(link->state));
3611 r = link_drop_foreign_config(link);
3612 if (r < 0)
3613 return r;
3614 }
3615
3616 r = link_handle_bound_by_list(link);
3617 if (r < 0)
3618 return r;
3619
3620 return 0;
3621 }
3622
3623 int link_carrier_reset(Link *link) {
3624 int r;
3625
3626 assert(link);
3627
3628 if (link_has_carrier(link)) {
3629 r = link_carrier_lost(link);
3630 if (r < 0)
3631 return r;
3632
3633 r = link_carrier_gained(link);
3634 if (r < 0)
3635 return r;
3636
3637 log_link_info(link, "Reset carrier");
3638 }
3639
3640 return 0;
3641 }
3642
3643 int link_update(Link *link, sd_netlink_message *m) {
3644 struct ether_addr mac;
3645 const char *ifname;
3646 uint32_t mtu;
3647 bool had_carrier, carrier_gained, carrier_lost;
3648 int r;
3649
3650 assert(link);
3651 assert(link->ifname);
3652 assert(m);
3653
3654 if (link->state == LINK_STATE_LINGER) {
3655 log_link_info(link, "Link readded");
3656 link_set_state(link, LINK_STATE_CONFIGURING);
3657
3658 r = link_new_carrier_maps(link);
3659 if (r < 0)
3660 return r;
3661 }
3662
3663 r = sd_netlink_message_read_string(m, IFLA_IFNAME, &ifname);
3664 if (r >= 0 && !streq(ifname, link->ifname)) {
3665 log_link_info(link, "Interface name change detected, %s has been renamed to %s.", link->ifname, ifname);
3666
3667 if (link->state == LINK_STATE_PENDING) {
3668 r = free_and_strdup(&link->ifname, ifname);
3669 if (r < 0)
3670 return r;
3671 } else {
3672 Manager *manager = link->manager;
3673
3674 link_drop(link);
3675 r = link_add(manager, m, &link);
3676 if (r < 0)
3677 return r;
3678 }
3679 }
3680
3681 r = sd_netlink_message_read_u32(m, IFLA_MTU, &mtu);
3682 if (r >= 0 && mtu > 0) {
3683 link->mtu = mtu;
3684 if (link->original_mtu == 0) {
3685 link->original_mtu = mtu;
3686 log_link_debug(link, "Saved original MTU: %" PRIu32, link->original_mtu);
3687 }
3688
3689 if (link->dhcp_client) {
3690 r = sd_dhcp_client_set_mtu(link->dhcp_client,
3691 link->mtu);
3692 if (r < 0)
3693 return log_link_warning_errno(link, r, "Could not update MTU in DHCP client: %m");
3694 }
3695
3696 if (link->radv) {
3697 r = sd_radv_set_mtu(link->radv, link->mtu);
3698 if (r < 0)
3699 return log_link_warning_errno(link, r, "Could not set MTU for Router Advertisement: %m");
3700 }
3701 }
3702
3703 /* The kernel may broadcast NEWLINK messages without the MAC address
3704 set, simply ignore them. */
3705 r = sd_netlink_message_read_ether_addr(m, IFLA_ADDRESS, &mac);
3706 if (r >= 0) {
3707 if (memcmp(link->mac.ether_addr_octet, mac.ether_addr_octet,
3708 ETH_ALEN)) {
3709
3710 memcpy(link->mac.ether_addr_octet, mac.ether_addr_octet,
3711 ETH_ALEN);
3712
3713 log_link_debug(link, "MAC address: "
3714 "%02hhx:%02hhx:%02hhx:%02hhx:%02hhx:%02hhx",
3715 mac.ether_addr_octet[0],
3716 mac.ether_addr_octet[1],
3717 mac.ether_addr_octet[2],
3718 mac.ether_addr_octet[3],
3719 mac.ether_addr_octet[4],
3720 mac.ether_addr_octet[5]);
3721
3722 if (link->ipv4ll) {
3723 r = sd_ipv4ll_set_mac(link->ipv4ll, &link->mac);
3724 if (r < 0)
3725 return log_link_warning_errno(link, r, "Could not update MAC address in IPv4LL client: %m");
3726 }
3727
3728 if (link->dhcp_client) {
3729 r = sd_dhcp_client_set_mac(link->dhcp_client,
3730 (const uint8_t *) &link->mac,
3731 sizeof (link->mac),
3732 ARPHRD_ETHER);
3733 if (r < 0)
3734 return log_link_warning_errno(link, r, "Could not update MAC address in DHCP client: %m");
3735
3736 r = dhcp4_set_client_identifier(link);
3737 if (r < 0)
3738 return r;
3739 }
3740
3741 if (link->dhcp6_client) {
3742 const DUID* duid = link_get_duid(link);
3743
3744 r = sd_dhcp6_client_set_mac(link->dhcp6_client,
3745 (const uint8_t *) &link->mac,
3746 sizeof (link->mac),
3747 ARPHRD_ETHER);
3748 if (r < 0)
3749 return log_link_warning_errno(link, r, "Could not update MAC address in DHCPv6 client: %m");
3750
3751 if (link->network->iaid_set) {
3752 r = sd_dhcp6_client_set_iaid(link->dhcp6_client,
3753 link->network->iaid);
3754 if (r < 0)
3755 return log_link_warning_errno(link, r, "Could not update DHCPv6 IAID: %m");
3756 }
3757
3758 r = sd_dhcp6_client_set_duid(link->dhcp6_client,
3759 duid->type,
3760 duid->raw_data_len > 0 ? duid->raw_data : NULL,
3761 duid->raw_data_len);
3762 if (r < 0)
3763 return log_link_warning_errno(link, r, "Could not update DHCPv6 DUID: %m");
3764 }
3765
3766 if (link->radv) {
3767 r = sd_radv_set_mac(link->radv, &link->mac);
3768 if (r < 0)
3769 return log_link_warning_errno(link, r, "Could not update MAC for Router Advertisement: %m");
3770 }
3771
3772 if (link->ndisc) {
3773 r = sd_ndisc_set_mac(link->ndisc, &link->mac);
3774 if (r < 0)
3775 return log_link_warning_errno(link, r, "Could not update MAC for ndisc: %m");
3776 }
3777 }
3778 }
3779
3780 had_carrier = link_has_carrier(link);
3781
3782 r = link_update_flags(link, m);
3783 if (r < 0)
3784 return r;
3785
3786 r = link_update_lldp(link);
3787 if (r < 0)
3788 return r;
3789
3790 carrier_gained = !had_carrier && link_has_carrier(link);
3791 carrier_lost = had_carrier && !link_has_carrier(link);
3792
3793 if (carrier_gained) {
3794 log_link_info(link, "Gained carrier");
3795
3796 r = link_carrier_gained(link);
3797 if (r < 0)
3798 return r;
3799 } else if (carrier_lost) {
3800 log_link_info(link, "Lost carrier");
3801
3802 r = link_carrier_lost(link);
3803 if (r < 0)
3804 return r;
3805 }
3806
3807 return 0;
3808 }
3809
3810 static void print_link_hashmap(FILE *f, const char *prefix, Hashmap* h) {
3811 bool space = false;
3812 Iterator i;
3813 Link *link;
3814
3815 assert(f);
3816 assert(prefix);
3817
3818 if (hashmap_isempty(h))
3819 return;
3820
3821 fputs(prefix, f);
3822 HASHMAP_FOREACH(link, h, i) {
3823 if (space)
3824 fputc(' ', f);
3825
3826 fprintf(f, "%i", link->ifindex);
3827 space = true;
3828 }
3829
3830 fputc('\n', f);
3831 }
3832
3833 int link_save(Link *link) {
3834 _cleanup_free_ char *temp_path = NULL;
3835 _cleanup_fclose_ FILE *f = NULL;
3836 const char *admin_state, *oper_state;
3837 Address *a;
3838 Route *route;
3839 Iterator i;
3840 int r;
3841
3842 assert(link);
3843 assert(link->state_file);
3844 assert(link->lease_file);
3845 assert(link->manager);
3846
3847 if (link->state == LINK_STATE_LINGER) {
3848 unlink(link->state_file);
3849 return 0;
3850 }
3851
3852 link_lldp_save(link);
3853
3854 admin_state = link_state_to_string(link->state);
3855 assert(admin_state);
3856
3857 oper_state = link_operstate_to_string(link->operstate);
3858 assert(oper_state);
3859
3860 r = fopen_temporary(link->state_file, &f, &temp_path);
3861 if (r < 0)
3862 goto fail;
3863
3864 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
3865 (void) fchmod(fileno(f), 0644);
3866
3867 fprintf(f,
3868 "# This is private data. Do not parse.\n"
3869 "ADMIN_STATE=%s\n"
3870 "OPER_STATE=%s\n",
3871 admin_state, oper_state);
3872
3873 if (link->network) {
3874 bool space;
3875 sd_dhcp6_lease *dhcp6_lease = NULL;
3876 const char *dhcp_domainname = NULL;
3877 char **dhcp6_domains = NULL;
3878 char **dhcp_domains = NULL;
3879 unsigned j;
3880
3881 fprintf(f, "REQUIRED_FOR_ONLINE=%s\n",
3882 yes_no(link->network->required_for_online));
3883
3884 if (link->dhcp6_client) {
3885 r = sd_dhcp6_client_get_lease(link->dhcp6_client, &dhcp6_lease);
3886 if (r < 0 && r != -ENOMSG)
3887 log_link_debug(link, "No DHCPv6 lease");
3888 }
3889
3890 fprintf(f, "NETWORK_FILE=%s\n", link->network->filename);
3891
3892 fputs("DNS=", f);
3893 space = false;
3894
3895 for (j = 0; j < link->network->n_dns; j++) {
3896 _cleanup_free_ char *b = NULL;
3897
3898 r = in_addr_to_string(link->network->dns[j].family,
3899 &link->network->dns[j].address, &b);
3900 if (r < 0) {
3901 log_debug_errno(r, "Failed to format address, ignoring: %m");
3902 continue;
3903 }
3904
3905 if (space)
3906 fputc(' ', f);
3907 fputs(b, f);
3908 space = true;
3909 }
3910
3911 if (link->network->dhcp_use_dns &&
3912 link->dhcp_lease) {
3913 const struct in_addr *addresses;
3914
3915 r = sd_dhcp_lease_get_dns(link->dhcp_lease, &addresses);
3916 if (r > 0) {
3917 if (space)
3918 fputc(' ', f);
3919 serialize_in_addrs(f, addresses, r);
3920 space = true;
3921 }
3922 }
3923
3924 if (link->network->dhcp_use_dns && dhcp6_lease) {
3925 struct in6_addr *in6_addrs;
3926
3927 r = sd_dhcp6_lease_get_dns(dhcp6_lease, &in6_addrs);
3928 if (r > 0) {
3929 if (space)
3930 fputc(' ', f);
3931 serialize_in6_addrs(f, in6_addrs, r);
3932 space = true;
3933 }
3934 }
3935
3936 /* Make sure to flush out old entries before we use the NDISC data */
3937 ndisc_vacuum(link);
3938
3939 if (link->network->ipv6_accept_ra_use_dns && link->ndisc_rdnss) {
3940 NDiscRDNSS *dd;
3941
3942 SET_FOREACH(dd, link->ndisc_rdnss, i) {
3943 if (space)
3944 fputc(' ', f);
3945
3946 serialize_in6_addrs(f, &dd->address, 1);
3947 space = true;
3948 }
3949 }
3950
3951 fputc('\n', f);
3952
3953 fputs("NTP=", f);
3954 space = false;
3955 fputstrv(f, link->network->ntp, NULL, &space);
3956
3957 if (link->network->dhcp_use_ntp &&
3958 link->dhcp_lease) {
3959 const struct in_addr *addresses;
3960
3961 r = sd_dhcp_lease_get_ntp(link->dhcp_lease, &addresses);
3962 if (r > 0) {
3963 if (space)
3964 fputc(' ', f);
3965 serialize_in_addrs(f, addresses, r);
3966 space = true;
3967 }
3968 }
3969
3970 if (link->network->dhcp_use_ntp && dhcp6_lease) {
3971 struct in6_addr *in6_addrs;
3972 char **hosts;
3973
3974 r = sd_dhcp6_lease_get_ntp_addrs(dhcp6_lease,
3975 &in6_addrs);
3976 if (r > 0) {
3977 if (space)
3978 fputc(' ', f);
3979 serialize_in6_addrs(f, in6_addrs, r);
3980 space = true;
3981 }
3982
3983 r = sd_dhcp6_lease_get_ntp_fqdn(dhcp6_lease, &hosts);
3984 if (r > 0)
3985 fputstrv(f, hosts, NULL, &space);
3986 }
3987
3988 fputc('\n', f);
3989
3990 if (link->network->dhcp_use_domains != DHCP_USE_DOMAINS_NO) {
3991 if (link->dhcp_lease) {
3992 (void) sd_dhcp_lease_get_domainname(link->dhcp_lease, &dhcp_domainname);
3993 (void) sd_dhcp_lease_get_search_domains(link->dhcp_lease, &dhcp_domains);
3994 }
3995 if (dhcp6_lease)
3996 (void) sd_dhcp6_lease_get_domains(dhcp6_lease, &dhcp6_domains);
3997 }
3998
3999 fputs("DOMAINS=", f);
4000 space = false;
4001 fputstrv(f, link->network->search_domains, NULL, &space);
4002
4003 if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_YES) {
4004 NDiscDNSSL *dd;
4005
4006 if (dhcp_domainname)
4007 fputs_with_space(f, dhcp_domainname, NULL, &space);
4008 if (dhcp_domains)
4009 fputstrv(f, dhcp_domains, NULL, &space);
4010 if (dhcp6_domains)
4011 fputstrv(f, dhcp6_domains, NULL, &space);
4012
4013 SET_FOREACH(dd, link->ndisc_dnssl, i)
4014 fputs_with_space(f, NDISC_DNSSL_DOMAIN(dd), NULL, &space);
4015 }
4016
4017 fputc('\n', f);
4018
4019 fputs("ROUTE_DOMAINS=", f);
4020 space = false;
4021 fputstrv(f, link->network->route_domains, NULL, &space);
4022
4023 if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_ROUTE) {
4024 NDiscDNSSL *dd;
4025
4026 if (dhcp_domainname)
4027 fputs_with_space(f, dhcp_domainname, NULL, &space);
4028 if (dhcp_domains)
4029 fputstrv(f, dhcp_domains, NULL, &space);
4030 if (dhcp6_domains)
4031 fputstrv(f, dhcp6_domains, NULL, &space);
4032
4033 SET_FOREACH(dd, link->ndisc_dnssl, i)
4034 fputs_with_space(f, NDISC_DNSSL_DOMAIN(dd), NULL, &space);
4035 }
4036
4037 fputc('\n', f);
4038
4039 fprintf(f, "LLMNR=%s\n",
4040 resolve_support_to_string(link->network->llmnr));
4041 fprintf(f, "MDNS=%s\n",
4042 resolve_support_to_string(link->network->mdns));
4043 if (link->network->dns_default_route >= 0)
4044 fprintf(f, "DNS_DEFAULT_ROUTE=%s\n", yes_no(link->network->dns_default_route));
4045
4046 if (link->network->dns_over_tls_mode != _DNS_OVER_TLS_MODE_INVALID)
4047 fprintf(f, "DNS_OVER_TLS=%s\n",
4048 dns_over_tls_mode_to_string(link->network->dns_over_tls_mode));
4049
4050 if (link->network->dnssec_mode != _DNSSEC_MODE_INVALID)
4051 fprintf(f, "DNSSEC=%s\n",
4052 dnssec_mode_to_string(link->network->dnssec_mode));
4053
4054 if (!set_isempty(link->network->dnssec_negative_trust_anchors)) {
4055 const char *n;
4056
4057 fputs("DNSSEC_NTA=", f);
4058 space = false;
4059 SET_FOREACH(n, link->network->dnssec_negative_trust_anchors, i)
4060 fputs_with_space(f, n, NULL, &space);
4061 fputc('\n', f);
4062 }
4063
4064 fputs("ADDRESSES=", f);
4065 space = false;
4066 SET_FOREACH(a, link->addresses, i) {
4067 _cleanup_free_ char *address_str = NULL;
4068
4069 r = in_addr_to_string(a->family, &a->in_addr, &address_str);
4070 if (r < 0)
4071 goto fail;
4072
4073 fprintf(f, "%s%s/%u", space ? " " : "", address_str, a->prefixlen);
4074 space = true;
4075 }
4076 fputc('\n', f);
4077
4078 fputs("ROUTES=", f);
4079 space = false;
4080 SET_FOREACH(route, link->routes, i) {
4081 _cleanup_free_ char *route_str = NULL;
4082
4083 r = in_addr_to_string(route->family, &route->dst, &route_str);
4084 if (r < 0)
4085 goto fail;
4086
4087 fprintf(f, "%s%s/%hhu/%hhu/%"PRIu32"/%"PRIu32"/"USEC_FMT,
4088 space ? " " : "", route_str,
4089 route->dst_prefixlen, route->tos, route->priority, route->table, route->lifetime);
4090 space = true;
4091 }
4092
4093 fputc('\n', f);
4094 }
4095
4096 print_link_hashmap(f, "CARRIER_BOUND_TO=", link->bound_to_links);
4097 print_link_hashmap(f, "CARRIER_BOUND_BY=", link->bound_by_links);
4098
4099 if (link->dhcp_lease) {
4100 struct in_addr address;
4101 const char *tz = NULL;
4102
4103 assert(link->network);
4104
4105 r = sd_dhcp_lease_get_timezone(link->dhcp_lease, &tz);
4106 if (r >= 0)
4107 fprintf(f, "TIMEZONE=%s\n", tz);
4108
4109 r = sd_dhcp_lease_get_address(link->dhcp_lease, &address);
4110 if (r >= 0) {
4111 fputs("DHCP4_ADDRESS=", f);
4112 serialize_in_addrs(f, &address, 1);
4113 fputc('\n', f);
4114 }
4115
4116 r = dhcp_lease_save(link->dhcp_lease, link->lease_file);
4117 if (r < 0)
4118 goto fail;
4119
4120 fprintf(f,
4121 "DHCP_LEASE=%s\n",
4122 link->lease_file);
4123 } else
4124 unlink(link->lease_file);
4125
4126 if (link->ipv4ll) {
4127 struct in_addr address;
4128
4129 r = sd_ipv4ll_get_address(link->ipv4ll, &address);
4130 if (r >= 0) {
4131 fputs("IPV4LL_ADDRESS=", f);
4132 serialize_in_addrs(f, &address, 1);
4133 fputc('\n', f);
4134 }
4135 }
4136
4137 r = fflush_and_check(f);
4138 if (r < 0)
4139 goto fail;
4140
4141 if (rename(temp_path, link->state_file) < 0) {
4142 r = -errno;
4143 goto fail;
4144 }
4145
4146 return 0;
4147
4148 fail:
4149 (void) unlink(link->state_file);
4150 if (temp_path)
4151 (void) unlink(temp_path);
4152
4153 return log_link_error_errno(link, r, "Failed to save link data to %s: %m", link->state_file);
4154 }
4155
4156 /* The serialized state in /run is no longer up-to-date. */
4157 void link_dirty(Link *link) {
4158 int r;
4159
4160 assert(link);
4161
4162 /* mark manager dirty as link is dirty */
4163 manager_dirty(link->manager);
4164
4165 r = set_ensure_allocated(&link->manager->dirty_links, NULL);
4166 if (r < 0)
4167 /* allocation errors are ignored */
4168 return;
4169
4170 r = set_put(link->manager->dirty_links, link);
4171 if (r <= 0)
4172 /* don't take another ref if the link was already dirty */
4173 return;
4174
4175 link_ref(link);
4176 }
4177
4178 /* The serialized state in /run is up-to-date */
4179 void link_clean(Link *link) {
4180 assert(link);
4181 assert(link->manager);
4182
4183 link_unref(set_remove(link->manager->dirty_links, link));
4184 }
4185
4186 static const char* const link_state_table[_LINK_STATE_MAX] = {
4187 [LINK_STATE_PENDING] = "pending",
4188 [LINK_STATE_CONFIGURING] = "configuring",
4189 [LINK_STATE_CONFIGURED] = "configured",
4190 [LINK_STATE_UNMANAGED] = "unmanaged",
4191 [LINK_STATE_FAILED] = "failed",
4192 [LINK_STATE_LINGER] = "linger",
4193 };
4194
4195 DEFINE_STRING_TABLE_LOOKUP(link_state, LinkState);
4196
4197 static const char* const link_operstate_table[_LINK_OPERSTATE_MAX] = {
4198 [LINK_OPERSTATE_OFF] = "off",
4199 [LINK_OPERSTATE_NO_CARRIER] = "no-carrier",
4200 [LINK_OPERSTATE_DORMANT] = "dormant",
4201 [LINK_OPERSTATE_CARRIER] = "carrier",
4202 [LINK_OPERSTATE_DEGRADED] = "degraded",
4203 [LINK_OPERSTATE_ROUTABLE] = "routable",
4204 };
4205
4206 DEFINE_STRING_TABLE_LOOKUP(link_operstate, LinkOperationalState);
Unnamed repository; edit this file 'description' to name the repository.