Line data Source code
1 : /* SPDX-License-Identifier: LGPL-2.1+ */
2 :
3 : #include <netinet/in.h>
4 : #include <linux/if.h>
5 : #include <unistd.h>
6 :
7 : #include "fileio.h"
8 : #include "netlink-util.h"
9 : #include "networkd-ipv6-proxy-ndp.h"
10 : #include "networkd-link.h"
11 : #include "networkd-manager.h"
12 : #include "networkd-network.h"
13 : #include "socket-util.h"
14 : #include "string-util.h"
15 : #include "sysctl-util.h"
16 :
17 0 : static bool ipv6_proxy_ndp_is_needed(Link *link) {
18 0 : assert(link);
19 :
20 0 : if (link->flags & IFF_LOOPBACK)
21 0 : return false;
22 :
23 0 : if (!link->network)
24 0 : return false;
25 :
26 0 : if (link->network->ipv6_proxy_ndp >= 0)
27 0 : return link->network->ipv6_proxy_ndp;
28 :
29 0 : if (link->network->n_ipv6_proxy_ndp_addresses == 0)
30 0 : return false;
31 :
32 0 : return true;
33 : }
34 :
35 0 : static int ipv6_proxy_ndp_set(Link *link) {
36 : bool v;
37 : int r;
38 :
39 0 : assert(link);
40 :
41 0 : if (!socket_ipv6_is_supported())
42 0 : return 0;
43 :
44 0 : v = ipv6_proxy_ndp_is_needed(link);
45 :
46 0 : r = sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "proxy_ndp", v);
47 0 : if (r < 0)
48 0 : log_link_warning_errno(link, r, "Cannot configure proxy NDP for interface: %m");
49 :
50 0 : return 0;
51 : }
52 :
53 0 : static int ipv6_proxy_ndp_address_new_static(Network *network, IPv6ProxyNDPAddress **ret) {
54 0 : _cleanup_(ipv6_proxy_ndp_address_freep) IPv6ProxyNDPAddress *ipv6_proxy_ndp_address = NULL;
55 :
56 0 : assert(network);
57 0 : assert(ret);
58 :
59 : /* allocate space for IPv6ProxyNDPAddress entry */
60 0 : ipv6_proxy_ndp_address = new(IPv6ProxyNDPAddress, 1);
61 0 : if (!ipv6_proxy_ndp_address)
62 0 : return -ENOMEM;
63 :
64 0 : *ipv6_proxy_ndp_address = (IPv6ProxyNDPAddress) {
65 : .network = network,
66 : };
67 :
68 0 : LIST_PREPEND(ipv6_proxy_ndp_addresses, network->ipv6_proxy_ndp_addresses, ipv6_proxy_ndp_address);
69 0 : network->n_ipv6_proxy_ndp_addresses++;
70 :
71 0 : *ret = TAKE_PTR(ipv6_proxy_ndp_address);
72 :
73 0 : return 0;
74 : }
75 :
76 0 : void ipv6_proxy_ndp_address_free(IPv6ProxyNDPAddress *ipv6_proxy_ndp_address) {
77 0 : if (!ipv6_proxy_ndp_address)
78 0 : return;
79 :
80 0 : if (ipv6_proxy_ndp_address->network) {
81 0 : LIST_REMOVE(ipv6_proxy_ndp_addresses, ipv6_proxy_ndp_address->network->ipv6_proxy_ndp_addresses,
82 : ipv6_proxy_ndp_address);
83 :
84 0 : assert(ipv6_proxy_ndp_address->network->n_ipv6_proxy_ndp_addresses > 0);
85 0 : ipv6_proxy_ndp_address->network->n_ipv6_proxy_ndp_addresses--;
86 : }
87 :
88 0 : free(ipv6_proxy_ndp_address);
89 : }
90 :
91 0 : int config_parse_ipv6_proxy_ndp_address(
92 : const char *unit,
93 : const char *filename,
94 : unsigned line,
95 : const char *section,
96 : unsigned section_line,
97 : const char *lvalue,
98 : int ltype,
99 : const char *rvalue,
100 : void *data,
101 : void *userdata) {
102 :
103 0 : Network *network = userdata;
104 0 : _cleanup_(ipv6_proxy_ndp_address_freep) IPv6ProxyNDPAddress *ipv6_proxy_ndp_address = NULL;
105 : int r;
106 : union in_addr_union buffer;
107 :
108 0 : assert(filename);
109 0 : assert(section);
110 0 : assert(lvalue);
111 0 : assert(rvalue);
112 0 : assert(data);
113 :
114 0 : r = ipv6_proxy_ndp_address_new_static(network, &ipv6_proxy_ndp_address);
115 0 : if (r < 0)
116 0 : return r;
117 :
118 0 : r = in_addr_from_string(AF_INET6, rvalue, &buffer);
119 0 : if (r < 0) {
120 0 : log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IPv6 proxy NDP address, ignoring: %s",
121 : rvalue);
122 0 : return 0;
123 : }
124 :
125 0 : if (in_addr_is_null(AF_INET6, &buffer)) {
126 0 : log_syntax(unit, LOG_ERR, filename, line, 0,
127 : "IPv6 proxy NDP address cannot be the ANY address, ignoring: %s", rvalue);
128 0 : return 0;
129 : }
130 :
131 0 : ipv6_proxy_ndp_address->in_addr = buffer.in6;
132 0 : ipv6_proxy_ndp_address = NULL;
133 :
134 0 : return 0;
135 : }
136 :
137 0 : static int set_ipv6_proxy_ndp_address_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
138 : int r;
139 :
140 0 : assert(link);
141 :
142 0 : r = sd_netlink_message_get_errno(m);
143 0 : if (r < 0 && r != -EEXIST)
144 0 : log_link_error_errno(link, r, "Could not add IPv6 proxy ndp address entry: %m");
145 :
146 0 : return 1;
147 : }
148 :
149 : /* send a request to the kernel to add a IPv6 Proxy entry to the neighbour table */
150 0 : int ipv6_proxy_ndp_address_configure(Link *link, IPv6ProxyNDPAddress *ipv6_proxy_ndp_address) {
151 0 : _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
152 : sd_netlink *rtnl;
153 : int r;
154 :
155 0 : assert(link);
156 0 : assert(link->network);
157 0 : assert(link->manager);
158 0 : assert(ipv6_proxy_ndp_address);
159 :
160 0 : rtnl = link->manager->rtnl;
161 :
162 : /* create new netlink message */
163 0 : r = sd_rtnl_message_new_neigh(rtnl, &req, RTM_NEWNEIGH, link->ifindex, AF_INET6);
164 0 : if (r < 0)
165 0 : return rtnl_log_create_error(r);
166 :
167 0 : r = sd_rtnl_message_neigh_set_flags(req, NLM_F_REQUEST | NTF_PROXY);
168 0 : if (r < 0)
169 0 : return rtnl_log_create_error(r);
170 :
171 0 : r = sd_netlink_message_append_in6_addr(req, NDA_DST, &ipv6_proxy_ndp_address->in_addr);
172 0 : if (r < 0)
173 0 : return rtnl_log_create_error(r);
174 :
175 0 : r = netlink_call_async(rtnl, NULL, req, set_ipv6_proxy_ndp_address_handler,
176 : link_netlink_destroy_callback, link);
177 0 : if (r < 0)
178 0 : return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
179 :
180 0 : link_ref(link);
181 :
182 0 : return 0;
183 : }
184 :
185 : /* configure all ipv6 proxy ndp addresses */
186 0 : int ipv6_proxy_ndp_addresses_configure(Link *link) {
187 : IPv6ProxyNDPAddress *ipv6_proxy_ndp_address;
188 : int r;
189 :
190 0 : assert(link);
191 :
192 : /* enable or disable proxy_ndp itself depending on whether ipv6_proxy_ndp_addresses are set or not */
193 0 : r = ipv6_proxy_ndp_set(link);
194 0 : if (r != 0)
195 0 : return r;
196 :
197 0 : LIST_FOREACH(ipv6_proxy_ndp_addresses, ipv6_proxy_ndp_address, link->network->ipv6_proxy_ndp_addresses) {
198 0 : r = ipv6_proxy_ndp_address_configure(link, ipv6_proxy_ndp_address);
199 0 : if (r != 0)
200 0 : return r;
201 : }
202 0 : return 0;
203 : }
|
