From: Yu Watanabe Date: Wed, 22 Nov 2023 19:53:43 +0000 (+0900) Subject: network: split out common checks X-Git-Tag: v256-rc1~1515^2~6 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=01a88375e3543d3ae6b19927cec23966aff39a1c;p=thirdparty%2Fsystemd.git network: split out common checks No functional change, just refactoring. Note, some checks may be redundant, but the cost is not heavy, so let's explicitly check for safety. --- diff --git a/src/network/networkd-sysctl.c b/src/network/networkd-sysctl.c index 2ac6c3527bc..24525a10c1a 100644 --- a/src/network/networkd-sysctl.c +++ b/src/network/networkd-sysctl.c @@ -2,6 +2,7 @@ #include #include +#include #include "missing_network.h" #include "networkd-link.h" @@ -12,10 +13,25 @@ #include "string-table.h" #include "sysctl-util.h" -static int link_update_ipv6_sysctl(Link *link) { +static bool link_is_configured_for_family(Link *link, int family) { assert(link); + if (!link->network) + return false; + if (link->flags & IFF_LOOPBACK) + return false; + + if (family == AF_INET6 && !socket_ipv6_is_supported()) + return false; + + return true; +} + +static int link_update_ipv6_sysctl(Link *link) { + assert(link); + + if (!link_is_configured_for_family(link, AF_INET6)) return 0; if (!link_ipv6_enabled(link)) @@ -27,10 +43,7 @@ static int link_update_ipv6_sysctl(Link *link) { static int link_set_proxy_arp(Link *link) { assert(link); - if (link->flags & IFF_LOOPBACK) - return 0; - - if (!link->network) + if (!link_is_configured_for_family(link, AF_INET)) return 0; if (link->network->proxy_arp < 0) @@ -43,13 +56,7 @@ static bool link_ip_forward_enabled(Link *link, int family) { assert(link); assert(IN_SET(family, AF_INET, AF_INET6)); - if (family == AF_INET6 && !socket_ipv6_is_supported()) - return false; - - if (link->flags & IFF_LOOPBACK) - return false; - - if (!link->network) + if (!link_is_configured_for_family(link, family)) return false; return link->network->ip_forward & (family == AF_INET ? ADDRESS_FAMILY_IPV4 : ADDRESS_FAMILY_IPV6); @@ -92,10 +99,7 @@ static int link_set_ipv6_forward(Link *link) { static int link_set_ipv4_rp_filter(Link *link) { assert(link); - if (link->flags & IFF_LOOPBACK) - return 0; - - if (!link->network) + if (!link_is_configured_for_family(link, AF_INET)) return 0; if (link->network->ipv4_rp_filter < 0) @@ -110,13 +114,7 @@ static int link_set_ipv6_privacy_extensions(Link *link) { assert(link); assert(link->manager); - if (!socket_ipv6_is_supported()) - return 0; - - if (link->flags & IFF_LOOPBACK) - return 0; - - if (!link->network) + if (!link_is_configured_for_family(link, AF_INET6)) return 0; val = link->network->ipv6_privacy_extensions; @@ -133,14 +131,7 @@ static int link_set_ipv6_privacy_extensions(Link *link) { static int link_set_ipv6_accept_ra(Link *link) { assert(link); - /* Make this a NOP if IPv6 is not available */ - if (!socket_ipv6_is_supported()) - return 0; - - if (link->flags & IFF_LOOPBACK) - return 0; - - if (!link->network) + if (!link_is_configured_for_family(link, AF_INET6)) return 0; return sysctl_write_ip_property(AF_INET6, link->ifname, "accept_ra", "0"); @@ -149,14 +140,7 @@ static int link_set_ipv6_accept_ra(Link *link) { static int link_set_ipv6_dad_transmits(Link *link) { assert(link); - /* Make this a NOP if IPv6 is not available */ - if (!socket_ipv6_is_supported()) - return 0; - - if (link->flags & IFF_LOOPBACK) - return 0; - - if (!link->network) + if (!link_is_configured_for_family(link, AF_INET6)) return 0; if (link->network->ipv6_dad_transmits < 0) @@ -168,14 +152,7 @@ static int link_set_ipv6_dad_transmits(Link *link) { static int link_set_ipv6_hop_limit(Link *link) { assert(link); - /* Make this a NOP if IPv6 is not available */ - if (!socket_ipv6_is_supported()) - return 0; - - if (link->flags & IFF_LOOPBACK) - return 0; - - if (!link->network) + if (!link_is_configured_for_family(link, AF_INET6)) return 0; if (link->network->ipv6_hop_limit <= 0) @@ -189,13 +166,7 @@ static int link_set_ipv6_proxy_ndp(Link *link) { assert(link); - if (!socket_ipv6_is_supported()) - return 0; - - if (link->flags & IFF_LOOPBACK) - return 0; - - if (!link->network) + if (!link_is_configured_for_family(link, AF_INET6)) return 0; if (link->network->ipv6_proxy_ndp >= 0) @@ -211,14 +182,7 @@ int link_set_ipv6_mtu(Link *link) { assert(link); - /* Make this a NOP if IPv6 is not available */ - if (!socket_ipv6_is_supported()) - return 0; - - if (link->flags & IFF_LOOPBACK) - return 0; - - if (!link->network) + if (!link_is_configured_for_family(link, AF_INET6)) return 0; if (link->network->ipv6_mtu == 0) @@ -237,7 +201,7 @@ int link_set_ipv6_mtu(Link *link) { static int link_set_ipv4_accept_local(Link *link) { assert(link); - if (link->flags & IFF_LOOPBACK) + if (!link_is_configured_for_family(link, AF_INET)) return 0; if (link->network->ipv4_accept_local < 0) @@ -249,7 +213,7 @@ static int link_set_ipv4_accept_local(Link *link) { static int link_set_ipv4_route_localnet(Link *link) { assert(link); - if (link->flags & IFF_LOOPBACK) + if (!link_is_configured_for_family(link, AF_INET)) return 0; if (link->network->ipv4_route_localnet < 0) @@ -258,6 +222,20 @@ static int link_set_ipv4_route_localnet(Link *link) { return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "route_localnet", link->network->ipv4_route_localnet > 0); } +static int link_set_ipv4_promote_secondaries(Link *link) { + assert(link); + + if (!link_is_configured_for_family(link, AF_INET)) + return 0; + + /* If promote_secondaries is not set, DHCP will work only as long as the IP address does not + * changes between leases. The kernel will remove all secondary IP addresses of an interface + * otherwise. The way systemd-networkd works is that the new IP of a lease is added as a + * secondary IP and when the primary one expires it relies on the kernel to promote the + * secondary IP. See also https://github.com/systemd/systemd/issues/7163 */ + return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "promote_secondaries", true); +} + int link_set_sysctl(Link *link) { int r; @@ -321,12 +299,7 @@ int link_set_sysctl(Link *link) { if (r < 0) log_link_warning_errno(link, r, "Cannot set IPv4 reverse path filtering for interface, ignoring: %m"); - /* If promote_secondaries is not set, DHCP will work only as long as the IP address does not - * changes between leases. The kernel will remove all secondary IP addresses of an interface - * otherwise. The way systemd-networkd works is that the new IP of a lease is added as a - * secondary IP and when the primary one expires it relies on the kernel to promote the - * secondary IP. See also https://github.com/systemd/systemd/issues/7163 */ - r = sysctl_write_ip_property_boolean(AF_INET, link->ifname, "promote_secondaries", true); + r = link_set_ipv4_promote_secondaries(link); if (r < 0) log_link_warning_errno(link, r, "Cannot enable promote_secondaries for interface, ignoring: %m");