#include "network-internal.h"
#include "networkd-manager.h"
#include "networkd-network.h"
+#include "networkd-sriov.h"
#include "parse-util.h"
#include "path-lookup.h"
#include "set.h"
/* RFC7844 section 3.6.:
The client intending to protect its privacy SHOULD only request a
minimal number of options in the PRL and SHOULD also randomly shuffle
- the ordering of option codes in the PRL. If this random ordering
+ the ordering of option codes in the PRL. If this random ordering
cannot be implemented, the client MAY order the option codes in the
PRL by option code number (lowest to highest).
*/
Route *route, *route_next;
FdbEntry *fdb, *fdb_next;
TrafficControl *tc;
+ SRIOV *sr_iov;
Iterator i;
assert(network);
if (traffic_control_section_verify(tc, &has_root, &has_clsact) < 0)
traffic_control_free(tc);
+ ORDERED_HASHMAP_FOREACH(sr_iov, network->sr_iov_by_section, i)
+ if (sr_iov_section_verify(sr_iov) < 0)
+ sr_iov_free(sr_iov);
+
return 0;
}
.dhcp6_use_ntp = true,
.dhcp6_use_dns = true,
- .dhcp6_pd_assign_prefix = true,
+ .dhcp6_pd_subnet_id = -1,
+ .dhcp6_pd_assign = true,
.dhcp_server_emit[SD_DHCP_LEASE_DNS].emit = true,
.dhcp_server_emit[SD_DHCP_LEASE_NTP].emit = true,
.dhcp_server_emit_router = true,
.dhcp_server_emit_timezone = true,
- .router_prefix_subnet_id = -1,
.router_emit_dns = true,
.router_emit_domains = true,
/* If LinkLocalAddressing= is not set, then set to ADDRESS_FAMILY_IPV6 later. */
.link_local = _ADDRESS_FAMILY_INVALID,
+ .ipv6ll_address_gen_mode = _IPV6_LINK_LOCAL_ADDRESS_GEN_MODE_INVALID,
.ipv4_accept_local = -1,
.configure_without_carrier = false,
.ignore_carrier_loss = -1,
.keep_configuration = _KEEP_CONFIGURATION_INVALID,
- .ipv6_address_gen_mode = _LINK_IPV6_ADDRESS_GEN_MODE_INVALID,
.can_triple_sampling = -1,
.can_termination = -1,
.ip_service_type = -1,
filename, NETWORK_DIRS, dropin_dirname,
"Match\0"
"Link\0"
+ "SR-IOV\0"
"Network\0"
"Address\0"
"Neighbor\0"
"DHCP\0" /* compat */
"DHCPv4\0"
"DHCPv6\0"
+ "DHCPv6PrefixDelegation\0"
"DHCPServer\0"
"IPv6AcceptRA\0"
"IPv6NDPProxyAddress\0"
"ControlledDelay\0"
"DeficitRoundRobinScheduler\0"
"DeficitRoundRobinSchedulerClass\0"
+ "EnhancedTransmissionSelection\0"
"FairQueueing\0"
"FairQueueingControlledDelay\0"
"GenericRandomEarlyDetection\0"
free(network->dhcp_mudurl);
strv_free(network->dhcp_user_class);
free(network->dhcp_hostname);
- set_free(network->dhcp_black_listed_ip);
+ set_free(network->dhcp_deny_listed_ip);
+ set_free(network->dhcp_allow_listed_ip);
set_free(network->dhcp_request_options);
set_free(network->dhcp6_request_options);
free(network->mac);
sd_ipv4acd_unref(network->dhcp_acd);
strv_free(network->ntp);
+ for (unsigned i = 0; i < network->n_dns; i++)
+ in_addr_full_free(network->dns[i]);
free(network->dns);
ordered_set_free_free(network->search_domains);
ordered_set_free_free(network->route_domains);
ordered_set_free_free(network->router_search_domains);
free(network->router_dns);
- set_free_free(network->ndisc_black_listed_prefix);
+ set_free_free(network->ndisc_deny_listed_prefix);
free(network->bridge_name);
free(network->bond_name);
hashmap_free(network->prefixes_by_section);
hashmap_free(network->route_prefixes_by_section);
hashmap_free(network->rules_by_section);
+ ordered_hashmap_free_with_destructor(network->sr_iov_by_section, sr_iov_free);
ordered_hashmap_free_with_destructor(network->tc_by_section, traffic_control_free);
if (network->manager &&
ordered_hashmap_free(network->dhcp_client_send_vendor_options);
ordered_hashmap_free(network->dhcp_server_send_options);
ordered_hashmap_free(network->dhcp_server_send_vendor_options);
- ordered_hashmap_free(network->ipv6_tokens);
+ ordered_set_free(network->ipv6_tokens);
ordered_hashmap_free(network->dhcp6_client_send_options);
ordered_hashmap_free(network->dhcp6_client_send_vendor_options);
NETDEV_KIND_XFRM));
if (!ifname_valid(rvalue)) {
- log_syntax(unit, LOG_ERR, filename, line, 0,
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
"Invalid netdev name in %s=, ignoring assignment: %s", lvalue, rvalue);
return 0;
}
r = hashmap_put(*h, name, INT_TO_PTR(kind));
if (r < 0)
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Cannot add NetDev '%s' to network, ignoring assignment: %m", name);
else if (r == 0)
log_syntax(unit, LOG_DEBUG, filename, line, r,
void *data,
void *userdata) {
- const char *p;
Network *n = data;
int r;
return 0;
}
- p = rvalue;
- for (;;) {
+ for (const char *p = rvalue;;) {
_cleanup_free_ char *w = NULL, *normalized = NULL;
const char *domain;
bool is_route;
r = extract_first_word(&p, &w, NULL, 0);
+ if (r == -ENOMEM)
+ return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to extract search or route domain, ignoring: %s", rvalue);
- break;
+ return 0;
}
if (r == 0)
- break;
+ return 0;
is_route = w[0] == '~';
domain = is_route ? w + 1 : w;
} else {
r = dns_name_normalize(domain, 0, &normalized);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"'%s' is not a valid domain name, ignoring.", domain);
continue;
}
domain = normalized;
if (is_localhost(domain)) {
- log_syntax(unit, LOG_ERR, filename, line, 0,
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
"'localhost' domain may not be configured as search or route domain, ignoring assignment: %s",
domain);
continue;
OrderedSet **set = is_route ? &n->route_domains : &n->search_domains;
r = ordered_set_ensure_allocated(set, &string_hash_ops);
if (r < 0)
- return r;
+ return log_oom();
r = ordered_set_put_strdup(*set, domain);
if (r < 0)
return log_oom();
}
-
- return 0;
}
int config_parse_ipv6token(
r = in_addr_from_string(AF_INET6, rvalue, &buffer);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to parse IPv6 token, ignoring: %s", rvalue);
return 0;
}
if (in_addr_is_null(AF_INET6, &buffer)) {
- log_syntax(unit, LOG_ERR, filename, line, 0,
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
"IPv6 token cannot be the ANY address, ignoring: %s", rvalue);
return 0;
}
if ((buffer.in6.s6_addr32[0] | buffer.in6.s6_addr32[1]) != 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0,
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
"IPv6 token cannot be longer than 64 bits, ignoring: %s", rvalue);
return 0;
}
if (streq(rvalue, "kernel"))
s = _IPV6_PRIVACY_EXTENSIONS_INVALID;
else {
- log_syntax(unit, LOG_ERR, filename, line, 0,
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
"Failed to parse IPv6 privacy extensions option, ignoring: %s", rvalue);
return 0;
}
return r;
if (!hostname_is_valid(hn, false)) {
- log_syntax(unit, LOG_ERR, filename, line, 0,
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
"Hostname is not valid, ignoring assignment: %s", rvalue);
return 0;
}
r = dns_name_is_valid(hn);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to check validity of hostname '%s', ignoring assignment: %m", rvalue);
return 0;
}
if (r == 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0,
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
"Hostname is not a valid DNS domain name, ignoring assignment: %s", rvalue);
return 0;
}
if (r < 0)
return r;
- if (!timezone_is_valid(tz, LOG_ERR)) {
- log_syntax(unit, LOG_ERR, filename, line, 0,
+ if (!timezone_is_valid(tz, LOG_WARNING)) {
+ log_syntax(unit, LOG_WARNING, filename, line, 0,
"Timezone is not valid, ignoring assignment: %s", rvalue);
return 0;
}
assert(lvalue);
assert(rvalue);
- for (;;) {
+ if (isempty(rvalue)) {
+ for (unsigned i = 0; i < n->n_dns; i++)
+ in_addr_full_free(n->dns[i]);
+ n->dns = mfree(n->dns);
+ n->n_dns = 0;
+ return 0;
+ }
+
+ for (const char *p = rvalue;;) {
+ _cleanup_(in_addr_full_freep) struct in_addr_full *dns = NULL;
_cleanup_free_ char *w = NULL;
- union in_addr_union a;
- struct in_addr_data *m;
- int family;
+ struct in_addr_full **m;
- r = extract_first_word(&rvalue, &w, NULL, 0);
+ r = extract_first_word(&p, &w, NULL, 0);
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Invalid syntax, ignoring: %s", rvalue);
- break;
+ return 0;
}
if (r == 0)
- break;
+ return 0;
- r = in_addr_from_string_auto(w, &family, &a);
+ r = in_addr_full_new_from_string(w, &dns);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to parse dns server address, ignoring: %s", w);
continue;
}
- m = reallocarray(n->dns, n->n_dns + 1, sizeof(struct in_addr_data));
+ if (IN_SET(dns->port, 53, 853))
+ dns->port = 0;
+
+ m = reallocarray(n->dns, n->n_dns + 1, sizeof(struct in_addr_full*));
if (!m)
return log_oom();
- m[n->n_dns++] = (struct in_addr_data) {
- .family = family,
- .address = a,
- };
-
+ m[n->n_dns++] = TAKE_PTR(dns);
n->dns = m;
}
-
- return 0;
}
int config_parse_dnssec_negative_trust_anchors(
void *data,
void *userdata) {
- const char *p = rvalue;
Network *n = data;
int r;
return 0;
}
- for (;;) {
+ for (const char *p = rvalue;;) {
_cleanup_free_ char *w = NULL;
r = extract_first_word(&p, &w, NULL, 0);
+ if (r == -ENOMEM)
+ return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to extract negative trust anchor domain, ignoring: %s", rvalue);
- break;
+ return 0;
}
if (r == 0)
- break;
+ return 0;
r = dns_name_is_valid(w);
if (r <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"%s is not a valid domain name, ignoring.", w);
continue;
}
if (r < 0)
return log_oom();
}
-
- return 0;
}
int config_parse_ntp(
return 0;
}
- for (;;) {
+ for (const char *p = rvalue;;) {
_cleanup_free_ char *w = NULL;
- r = extract_first_word(&rvalue, &w, NULL, 0);
+ r = extract_first_word(&p, &w, NULL, 0);
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to extract NTP server name, ignoring: %s", rvalue);
- break;
+ return 0;
}
if (r == 0)
- break;
+ return 0;
r = dns_name_is_valid_or_address(w);
if (r <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"%s is not a valid domain name or IP address, ignoring.", w);
continue;
}
log_syntax(unit, LOG_WARNING, filename, line, 0,
"More than %u NTP servers specified, ignoring \"%s\" and any subsequent entries.",
MAX_NTP_SERVERS, w);
- break;
+ return 0;
}
r = strv_consume(l, TAKE_PTR(w));
if (r < 0)
return log_oom();
}
-
- return 0;
}
int config_parse_required_for_online(
if (r < 0) {
r = parse_boolean(rvalue);
if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
+ log_syntax(unit, LOG_WARNING, filename, line, r,
"Failed to parse %s= setting, ignoring assignment: %s",
lvalue, rvalue);
return 0;
};
DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(keep_configuration, KeepConfiguration, KEEP_CONFIGURATION_YES);
+
+static const char* const ipv6_link_local_address_gen_mode_table[_IPV6_LINK_LOCAL_ADDRESS_GEN_MODE_MAX] = {
+ [IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_EUI64] = "eui64",
+ [IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_NONE] = "none",
+ [IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_STABLE_PRIVACY] = "stable-privacy",
+ [IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_RANDOM] = "random",
+};
+
+DEFINE_STRING_TABLE_LOOKUP(ipv6_link_local_address_gen_mode, IPv6LinkLocalAddressGenMode);
+DEFINE_CONFIG_PARSE_ENUM(config_parse_ipv6_link_local_address_gen_mode, ipv6_link_local_address_gen_mode, IPv6LinkLocalAddressGenMode, "Failed to parse IPv6 link local address generation mode");