1 /* 2 * netifd - network interface daemon 3 * Copyright (C) 2012 Felix Fietkau <nbd@openwrt.org> 4 * Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org> 5 * Copyright (C) 2013 Steven Barth <steven@midlink.org> 6 * Copyright (C) 2014 Gioacchino Mazzurco <gio@eigenlab.org> 7 * Copyright (C) 2017 Matthias Schiffer <mschiffer@universe-factory.net> 8 * Copyright (C) 2018 Hans Dedecker <dedeckeh@gmail.com> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 */ 19 #define _GNU_SOURCE 20 21 #include <sys/socket.h> 22 #include <sys/ioctl.h> 23 #include <sys/stat.h> 24 #include <sys/syscall.h> 25 26 #include <net/if.h> 27 #include <net/if_arp.h> 28 29 #include <limits.h> 30 #include <arpa/inet.h> 31 #include <netinet/ether.h> 32 #include <netinet/in.h> 33 34 #include <linux/rtnetlink.h> 35 #include <linux/neighbour.h> 36 #include <linux/sockios.h> 37 #include <linux/ip.h> 38 #include <linux/if_addr.h> 39 #include <linux/if_link.h> 40 #include <linux/if_vlan.h> 41 #include <linux/if_bridge.h> 42 #include <linux/if_tunnel.h> 43 #include <linux/ip6_tunnel.h> 44 #include <linux/ethtool.h> 45 #include <linux/fib_rules.h> 46 #include <linux/veth.h> 47 #include <linux/version.h> 48 49 #include <sched.h> 50 51 #ifndef RTN_FAILED_POLICY 52 #define RTN_FAILED_POLICY 12 53 #endif 54 55 #ifndef IFA_F_NOPREFIXROUTE 56 #define IFA_F_NOPREFIXROUTE 0x200 57 #endif 58 59 #ifndef IFA_FLAGS 60 #define IFA_FLAGS (IFA_MULTICAST + 1) 61 #endif 62 63 #include <string.h> 64 #include <fcntl.h> 65 #include <glob.h> 66 #include <time.h> 67 #include <unistd.h> 68 69 #include <netlink/msg.h> 70 #include <netlink/attr.h> 71 #include <netlink/socket.h> 72 #include <libubox/uloop.h> 73 74 #include "netifd.h" 75 #include "device.h" 76 #include "system.h" 77 #include "utils.h" 78 79 struct event_socket { 80 struct uloop_fd uloop; 81 struct nl_sock *sock; 82 int bufsize; 83 }; 84 85 static int sock_ioctl = -1; 86 static struct nl_sock *sock_rtnl = NULL; 87 88 static int cb_rtnl_event(struct nl_msg *msg, void *arg); 89 static void handle_hotplug_event(struct uloop_fd *u, unsigned int events); 90 static int system_add_proto_tunnel(const char *name, const uint8_t proto, 91 const unsigned int link, struct blob_attr **tb); 92 static int __system_del_ip_tunnel(const char *name, struct blob_attr **tb); 93 94 static char dev_buf[256]; 95 96 static void 97 handler_nl_event(struct uloop_fd *u, unsigned int events) 98 { 99 struct event_socket *ev = container_of(u, struct event_socket, uloop); 100 int err; 101 socklen_t errlen = sizeof(err); 102 103 if (!u->error) { 104 nl_recvmsgs_default(ev->sock); 105 return; 106 } 107 108 if (getsockopt(u->fd, SOL_SOCKET, SO_ERROR, (void *)&err, &errlen)) 109 goto abort; 110 111 switch(err) { 112 case ENOBUFS: 113 /* Increase rx buffer size on netlink socket */ 114 ev->bufsize *= 2; 115 if (nl_socket_set_buffer_size(ev->sock, ev->bufsize, 0)) 116 goto abort; 117 118 /* Request full dump since some info got dropped */ 119 struct rtgenmsg msg = { .rtgen_family = AF_UNSPEC }; 120 nl_send_simple(ev->sock, RTM_GETLINK, NLM_F_DUMP, &msg, sizeof(msg)); 121 break; 122 123 default: 124 goto abort; 125 } 126 u->error = false; 127 return; 128 129 abort: 130 uloop_fd_delete(&ev->uloop); 131 return; 132 } 133 134 static struct nl_sock * 135 create_socket(int protocol, int groups) 136 { 137 struct nl_sock *sock; 138 139 sock = nl_socket_alloc(); 140 if (!sock) 141 return NULL; 142 143 if (groups) 144 nl_join_groups(sock, groups); 145 146 if (nl_connect(sock, protocol)) { 147 nl_socket_free(sock); 148 return NULL; 149 } 150 151 return sock; 152 } 153 154 static bool 155 create_raw_event_socket(struct event_socket *ev, int protocol, int groups, 156 uloop_fd_handler cb, int flags) 157 { 158 ev->sock = create_socket(protocol, groups); 159 if (!ev->sock) 160 return false; 161 162 ev->uloop.fd = nl_socket_get_fd(ev->sock); 163 ev->uloop.cb = cb; 164 if (uloop_fd_add(&ev->uloop, ULOOP_READ|flags)) 165 return false; 166 167 return true; 168 } 169 170 static bool 171 create_event_socket(struct event_socket *ev, int protocol, 172 int (*cb)(struct nl_msg *msg, void *arg)) 173 { 174 if (!create_raw_event_socket(ev, protocol, 0, handler_nl_event, ULOOP_ERROR_CB)) 175 return false; 176 177 /* Install the valid custom callback handler */ 178 nl_socket_modify_cb(ev->sock, NL_CB_VALID, NL_CB_CUSTOM, cb, NULL); 179 180 /* Disable sequence number checking on event sockets */ 181 nl_socket_disable_seq_check(ev->sock); 182 183 /* Increase rx buffer size to 65K on event sockets */ 184 ev->bufsize = 65535; 185 if (nl_socket_set_buffer_size(ev->sock, ev->bufsize, 0)) 186 return false; 187 188 return true; 189 } 190 191 static bool 192 create_hotplug_event_socket(struct event_socket *ev, int protocol, 193 void (*cb)(struct uloop_fd *u, unsigned int events)) 194 { 195 if (!create_raw_event_socket(ev, protocol, 1, cb, ULOOP_ERROR_CB)) 196 return false; 197 198 /* Increase rx buffer size to 65K on event sockets */ 199 ev->bufsize = 65535; 200 if (nl_socket_set_buffer_size(ev->sock, ev->bufsize, 0)) 201 return false; 202 203 return true; 204 } 205 206 static bool 207 system_rtn_aton(const char *src, unsigned int *dst) 208 { 209 char *e; 210 unsigned int n; 211 212 if (!strcmp(src, "local")) 213 n = RTN_LOCAL; 214 else if (!strcmp(src, "nat")) 215 n = RTN_NAT; 216 else if (!strcmp(src, "broadcast")) 217 n = RTN_BROADCAST; 218 else if (!strcmp(src, "anycast")) 219 n = RTN_ANYCAST; 220 else if (!strcmp(src, "multicast")) 221 n = RTN_MULTICAST; 222 else if (!strcmp(src, "prohibit")) 223 n = RTN_PROHIBIT; 224 else if (!strcmp(src, "unreachable")) 225 n = RTN_UNREACHABLE; 226 else if (!strcmp(src, "blackhole")) 227 n = RTN_BLACKHOLE; 228 else if (!strcmp(src, "xresolve")) 229 n = RTN_XRESOLVE; 230 else if (!strcmp(src, "unicast")) 231 n = RTN_UNICAST; 232 else if (!strcmp(src, "throw")) 233 n = RTN_THROW; 234 else if (!strcmp(src, "failed_policy")) 235 n = RTN_FAILED_POLICY; 236 else { 237 n = strtoul(src, &e, 0); 238 if (!e || *e || e == src || n > 255) 239 return false; 240 } 241 242 *dst = n; 243 return true; 244 } 245 246 static bool 247 system_tos_aton(const char *src, unsigned *dst) 248 { 249 char *e; 250 251 *dst = strtoul(src, &e, 16); 252 if (e == src || *e || *dst > 255) 253 return false; 254 255 return true; 256 } 257 258 int system_init(void) 259 { 260 static struct event_socket rtnl_event; 261 static struct event_socket hotplug_event; 262 263 sock_ioctl = socket(AF_LOCAL, SOCK_DGRAM, 0); 264 system_fd_set_cloexec(sock_ioctl); 265 266 /* Prepare socket for routing / address control */ 267 sock_rtnl = create_socket(NETLINK_ROUTE, 0); 268 if (!sock_rtnl) 269 return -1; 270 271 if (!create_event_socket(&rtnl_event, NETLINK_ROUTE, cb_rtnl_event)) 272 return -1; 273 274 if (!create_hotplug_event_socket(&hotplug_event, NETLINK_KOBJECT_UEVENT, 275 handle_hotplug_event)) 276 return -1; 277 278 /* Receive network link events form kernel */ 279 nl_socket_add_membership(rtnl_event.sock, RTNLGRP_LINK); 280 281 return 0; 282 } 283 284 static void system_set_sysctl(const char *path, const char *val) 285 { 286 int fd; 287 288 fd = open(path, O_WRONLY); 289 if (fd < 0) 290 return; 291 292 if (write(fd, val, strlen(val))) {} 293 close(fd); 294 } 295 296 static void system_set_dev_sysctl(const char *path, const char *device, const char *val) 297 { 298 snprintf(dev_buf, sizeof(dev_buf), path, device); 299 system_set_sysctl(dev_buf, val); 300 } 301 302 static void system_set_disable_ipv6(struct device *dev, const char *val) 303 { 304 system_set_dev_sysctl("/proc/sys/net/ipv6/conf/%s/disable_ipv6", dev->ifname, val); 305 } 306 307 static void system_set_rpfilter(struct device *dev, const char *val) 308 { 309 system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/rp_filter", dev->ifname, val); 310 } 311 312 static void system_set_acceptlocal(struct device *dev, const char *val) 313 { 314 system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/accept_local", dev->ifname, val); 315 } 316 317 static void system_set_igmpversion(struct device *dev, const char *val) 318 { 319 system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/force_igmp_version", dev->ifname, val); 320 } 321 322 static void system_set_mldversion(struct device *dev, const char *val) 323 { 324 system_set_dev_sysctl("/proc/sys/net/ipv6/conf/%s/force_mld_version", dev->ifname, val); 325 } 326 327 static void system_set_neigh4reachabletime(struct device *dev, const char *val) 328 { 329 system_set_dev_sysctl("/proc/sys/net/ipv4/neigh/%s/base_reachable_time_ms", dev->ifname, val); 330 } 331 332 static void system_set_neigh6reachabletime(struct device *dev, const char *val) 333 { 334 system_set_dev_sysctl("/proc/sys/net/ipv6/neigh/%s/base_reachable_time_ms", dev->ifname, val); 335 } 336 337 static void system_set_neigh4gcstaletime(struct device *dev, const char *val) 338 { 339 system_set_dev_sysctl("/proc/sys/net/ipv4/neigh/%s/gc_stale_time", dev->ifname, val); 340 } 341 342 static void system_set_neigh6gcstaletime(struct device *dev, const char *val) 343 { 344 system_set_dev_sysctl("/proc/sys/net/ipv6/neigh/%s/gc_stale_time", dev->ifname, val); 345 } 346 347 static void system_set_neigh4locktime(struct device *dev, const char *val) 348 { 349 system_set_dev_sysctl("/proc/sys/net/ipv4/neigh/%s/locktime", dev->ifname, val); 350 } 351 352 static void system_set_dadtransmits(struct device *dev, const char *val) 353 { 354 system_set_dev_sysctl("/proc/sys/net/ipv6/conf/%s/dad_transmits", dev->ifname, val); 355 } 356 357 static void system_bridge_set_multicast_to_unicast(struct device *dev, const char *val) 358 { 359 system_set_dev_sysctl("/sys/class/net/%s/brport/multicast_to_unicast", dev->ifname, val); 360 } 361 362 static void system_bridge_set_multicast_fast_leave(struct device *dev, const char *val) 363 { 364 system_set_dev_sysctl("/sys/class/net/%s/brport/multicast_fast_leave", dev->ifname, val); 365 } 366 367 static void system_bridge_set_hairpin_mode(struct device *dev, const char *val) 368 { 369 system_set_dev_sysctl("/sys/class/net/%s/brport/hairpin_mode", dev->ifname, val); 370 } 371 372 static void system_bridge_set_isolated(struct device *dev, const char *val) 373 { 374 system_set_dev_sysctl("/sys/class/net/%s/brport/isolated", dev->ifname, val); 375 } 376 377 static void system_bridge_set_multicast_router(struct device *dev, const char *val, bool bridge) 378 { 379 system_set_dev_sysctl(bridge ? "/sys/class/net/%s/bridge/multicast_router" : 380 "/sys/class/net/%s/brport/multicast_router", 381 dev->ifname, val); 382 } 383 384 static void system_bridge_set_robustness(struct device *dev, const char *val) 385 { 386 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_startup_query_count", 387 dev->ifname, val); 388 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_last_member_count", 389 dev->ifname, val); 390 } 391 392 static void system_bridge_set_query_interval(struct device *dev, const char *val) 393 { 394 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_query_interval", 395 dev->ifname, val); 396 } 397 398 static void system_bridge_set_query_response_interval(struct device *dev, const char *val) 399 { 400 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_query_response_interval", 401 dev->ifname, val); 402 } 403 404 static void system_bridge_set_last_member_interval(struct device *dev, const char *val) 405 { 406 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_last_member_interval", 407 dev->ifname, val); 408 } 409 410 static void system_bridge_set_membership_interval(struct device *dev, const char *val) 411 { 412 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_membership_interval", 413 dev->ifname, val); 414 } 415 416 static void system_bridge_set_other_querier_timeout(struct device *dev, const char *val) 417 { 418 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_querier_interval", 419 dev->ifname, val); 420 } 421 422 static void system_bridge_set_startup_query_interval(struct device *dev, const char *val) 423 { 424 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_startup_query_interval", 425 dev->ifname, val); 426 } 427 428 static void system_bridge_set_stp_state(struct device *dev, const char *val) 429 { 430 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/stp_state", dev->ifname, val); 431 } 432 433 static void system_bridge_set_forward_delay(struct device *dev, const char *val) 434 { 435 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/forward_delay", dev->ifname, val); 436 } 437 438 static void system_bridge_set_priority(struct device *dev, const char *val) 439 { 440 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/priority", dev->ifname, val); 441 } 442 443 static void system_bridge_set_ageing_time(struct device *dev, const char *val) 444 { 445 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/ageing_time", dev->ifname, val); 446 } 447 448 static void system_bridge_set_hello_time(struct device *dev, const char *val) 449 { 450 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/hello_time", dev->ifname, val); 451 } 452 453 static void system_bridge_set_max_age(struct device *dev, const char *val) 454 { 455 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/max_age", dev->ifname, val); 456 } 457 458 static void system_bridge_set_learning(struct device *dev, const char *val) 459 { 460 system_set_dev_sysctl("/sys/class/net/%s/brport/learning", dev->ifname, val); 461 } 462 463 static void system_bridge_set_unicast_flood(struct device *dev, const char *val) 464 { 465 system_set_dev_sysctl("/sys/class/net/%s/brport/unicast_flood", dev->ifname, val); 466 } 467 468 static void system_set_sendredirects(struct device *dev, const char *val) 469 { 470 system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/send_redirects", dev->ifname, val); 471 } 472 473 static int system_get_sysctl(const char *path, char *buf, const size_t buf_sz) 474 { 475 int fd = -1, ret = -1; 476 477 fd = open(path, O_RDONLY); 478 if (fd < 0) 479 goto out; 480 481 ssize_t len = read(fd, buf, buf_sz - 1); 482 if (len < 0) 483 goto out; 484 485 ret = buf[len] = 0; 486 487 out: 488 if (fd >= 0) 489 close(fd); 490 491 return ret; 492 } 493 494 static int 495 system_get_dev_sysctl(const char *path, const char *device, char *buf, const size_t buf_sz) 496 { 497 snprintf(dev_buf, sizeof(dev_buf), path, device); 498 return system_get_sysctl(dev_buf, buf, buf_sz); 499 } 500 501 static int system_get_disable_ipv6(struct device *dev, char *buf, const size_t buf_sz) 502 { 503 return system_get_dev_sysctl("/proc/sys/net/ipv6/conf/%s/disable_ipv6", 504 dev->ifname, buf, buf_sz); 505 } 506 507 static int system_get_rpfilter(struct device *dev, char *buf, const size_t buf_sz) 508 { 509 return system_get_dev_sysctl("/proc/sys/net/ipv4/conf/%s/rp_filter", 510 dev->ifname, buf, buf_sz); 511 } 512 513 static int system_get_acceptlocal(struct device *dev, char *buf, const size_t buf_sz) 514 { 515 return system_get_dev_sysctl("/proc/sys/net/ipv4/conf/%s/accept_local", 516 dev->ifname, buf, buf_sz); 517 } 518 519 static int system_get_igmpversion(struct device *dev, char *buf, const size_t buf_sz) 520 { 521 return system_get_dev_sysctl("/proc/sys/net/ipv4/conf/%s/force_igmp_version", 522 dev->ifname, buf, buf_sz); 523 } 524 525 static int system_get_mldversion(struct device *dev, char *buf, const size_t buf_sz) 526 { 527 return system_get_dev_sysctl("/proc/sys/net/ipv6/conf/%s/force_mld_version", 528 dev->ifname, buf, buf_sz); 529 } 530 531 static int system_get_neigh4reachabletime(struct device *dev, char *buf, const size_t buf_sz) 532 { 533 return system_get_dev_sysctl("/proc/sys/net/ipv4/neigh/%s/base_reachable_time_ms", 534 dev->ifname, buf, buf_sz); 535 } 536 537 static int system_get_neigh6reachabletime(struct device *dev, char *buf, const size_t buf_sz) 538 { 539 return system_get_dev_sysctl("/proc/sys/net/ipv6/neigh/%s/base_reachable_time_ms", 540 dev->ifname, buf, buf_sz); 541 } 542 543 static int system_get_neigh4gcstaletime(struct device *dev, char *buf, const size_t buf_sz) 544 { 545 return system_get_dev_sysctl("/proc/sys/net/ipv4/neigh/%s/gc_stale_time", 546 dev->ifname, buf, buf_sz); 547 } 548 549 static int system_get_neigh6gcstaletime(struct device *dev, char *buf, const size_t buf_sz) 550 { 551 return system_get_dev_sysctl("/proc/sys/net/ipv6/neigh/%s/gc_stale_time", 552 dev->ifname, buf, buf_sz); 553 } 554 555 static int system_get_neigh4locktime(struct device *dev, char *buf, const size_t buf_sz) 556 { 557 return system_get_dev_sysctl("/proc/sys/net/ipv4/neigh/%s/locktime", 558 dev->ifname, buf, buf_sz); 559 } 560 561 static int system_get_dadtransmits(struct device *dev, char *buf, const size_t buf_sz) 562 { 563 return system_get_dev_sysctl("/proc/sys/net/ipv6/conf/%s/dad_transmits", 564 dev->ifname, buf, buf_sz); 565 } 566 567 static int system_get_sendredirects(struct device *dev, char *buf, const size_t buf_sz) 568 { 569 return system_get_dev_sysctl("/proc/sys/net/ipv4/conf/%s/send_redirects", 570 dev->ifname, buf, buf_sz); 571 } 572 573 /* Evaluate netlink messages */ 574 static int cb_rtnl_event(struct nl_msg *msg, void *arg) 575 { 576 struct nlmsghdr *nh = nlmsg_hdr(msg); 577 struct nlattr *nla[__IFLA_MAX]; 578 int link_state = 0; 579 char buf[10]; 580 581 if (nh->nlmsg_type != RTM_NEWLINK) 582 goto out; 583 584 nlmsg_parse(nh, sizeof(struct ifinfomsg), nla, __IFLA_MAX - 1, NULL); 585 if (!nla[IFLA_IFNAME]) 586 goto out; 587 588 struct device *dev = device_find(nla_data(nla[IFLA_IFNAME])); 589 if (!dev) 590 goto out; 591 592 if (!system_get_dev_sysctl("/sys/class/net/%s/carrier", dev->ifname, buf, sizeof(buf))) 593 link_state = strtoul(buf, NULL, 0); 594 595 device_set_link(dev, link_state ? true : false); 596 597 out: 598 return 0; 599 } 600 601 static void 602 handle_hotplug_msg(char *data, int size) 603 { 604 const char *subsystem = NULL, *interface = NULL, *interface_old = NULL; 605 char *cur, *end, *sep; 606 struct device *dev; 607 int skip; 608 bool add, move = false; 609 610 if (!strncmp(data, "add@", 4)) 611 add = true; 612 else if (!strncmp(data, "remove@", 7)) 613 add = false; 614 else if (!strncmp(data, "move@", 5)) { 615 add = true; 616 move = true; 617 } 618 else 619 return; 620 621 skip = strlen(data) + 1; 622 end = data + size; 623 624 for (cur = data + skip; cur < end; cur += skip) { 625 skip = strlen(cur) + 1; 626 627 sep = strchr(cur, '='); 628 if (!sep) 629 continue; 630 631 *sep = 0; 632 if (!strcmp(cur, "INTERFACE")) 633 interface = sep + 1; 634 else if (!strcmp(cur, "SUBSYSTEM")) { 635 subsystem = sep + 1; 636 if (strcmp(subsystem, "net") != 0) 637 return; 638 } else if (!strcmp(cur, "DEVPATH_OLD")) { 639 interface_old = strrchr(sep + 1, '/'); 640 if (interface_old) 641 interface_old++; 642 } 643 } 644 645 if (subsystem && interface) { 646 if (move && interface_old) 647 goto move; 648 else 649 goto found; 650 } 651 652 return; 653 654 move: 655 dev = device_find(interface_old); 656 if (!dev) 657 goto found; 658 659 if (dev->type != &simple_device_type) 660 goto found; 661 662 device_set_present(dev, false); 663 664 found: 665 dev = device_find(interface); 666 if (!dev) 667 return; 668 669 if (dev->type != &simple_device_type) 670 return; 671 672 if (add && system_if_force_external(dev->ifname)) 673 return; 674 675 device_set_present(dev, add); 676 } 677 678 static void 679 handle_hotplug_event(struct uloop_fd *u, unsigned int events) 680 { 681 struct event_socket *ev = container_of(u, struct event_socket, uloop); 682 struct sockaddr_nl nla; 683 unsigned char *buf = NULL; 684 int size; 685 int err; 686 socklen_t errlen = sizeof(err); 687 688 if (!u->error) { 689 while ((size = nl_recv(ev->sock, &nla, &buf, NULL)) > 0) { 690 if (nla.nl_pid == 0) 691 handle_hotplug_msg((char *) buf, size); 692 693 free(buf); 694 } 695 return; 696 } 697 698 if (getsockopt(u->fd, SOL_SOCKET, SO_ERROR, (void *)&err, &errlen)) 699 goto abort; 700 701 switch(err) { 702 case ENOBUFS: 703 /* Increase rx buffer size on netlink socket */ 704 ev->bufsize *= 2; 705 if (nl_socket_set_buffer_size(ev->sock, ev->bufsize, 0)) 706 goto abort; 707 break; 708 709 default: 710 goto abort; 711 } 712 u->error = false; 713 return; 714 715 abort: 716 uloop_fd_delete(&ev->uloop); 717 return; 718 } 719 720 static int system_rtnl_call(struct nl_msg *msg) 721 { 722 int ret; 723 724 ret = nl_send_auto_complete(sock_rtnl, msg); 725 nlmsg_free(msg); 726 727 if (ret < 0) 728 return ret; 729 730 return nl_wait_for_ack(sock_rtnl); 731 } 732 733 int system_bridge_delbr(struct device *bridge) 734 { 735 return ioctl(sock_ioctl, SIOCBRDELBR, bridge->ifname); 736 } 737 738 static int system_bridge_if(const char *bridge, struct device *dev, int cmd, void *data) 739 { 740 struct ifreq ifr; 741 742 memset(&ifr, 0, sizeof(ifr)); 743 if (dev) 744 ifr.ifr_ifindex = dev->ifindex; 745 else 746 ifr.ifr_data = data; 747 strncpy(ifr.ifr_name, bridge, sizeof(ifr.ifr_name) - 1); 748 return ioctl(sock_ioctl, cmd, &ifr); 749 } 750 751 static bool system_is_bridge(const char *name, char *buf, int buflen) 752 { 753 struct stat st; 754 755 snprintf(buf, buflen, "/sys/devices/virtual/net/%s/bridge", name); 756 if (stat(buf, &st) < 0) 757 return false; 758 759 return true; 760 } 761 762 static char *system_get_bridge(const char *name, char *buf, int buflen) 763 { 764 char *path; 765 ssize_t len = -1; 766 glob_t gl; 767 768 snprintf(buf, buflen, "/sys/devices/virtual/net/*/brif/%s/bridge", name); 769 if (glob(buf, GLOB_NOSORT, NULL, &gl) < 0) 770 return NULL; 771 772 if (gl.gl_pathc > 0) 773 len = readlink(gl.gl_pathv[0], buf, buflen); 774 775 globfree(&gl); 776 777 if (len < 0) 778 return NULL; 779 780 buf[len] = 0; 781 path = strrchr(buf, '/'); 782 if (!path) 783 return NULL; 784 785 return path + 1; 786 } 787 788 static void 789 system_bridge_set_wireless(struct device *bridge, struct device *dev) 790 { 791 bool mcast_to_ucast = dev->wireless_ap; 792 bool hairpin = true; 793 794 if (bridge->settings.flags & DEV_OPT_MULTICAST_TO_UNICAST && 795 !bridge->settings.multicast_to_unicast) 796 mcast_to_ucast = false; 797 798 if (!mcast_to_ucast || dev->wireless_isolate) 799 hairpin = false; 800 801 system_bridge_set_multicast_to_unicast(dev, mcast_to_ucast ? "1" : ""); 802 system_bridge_set_hairpin_mode(dev, hairpin ? "1" : ""); 803 } 804 805 int system_bridge_addif(struct device *bridge, struct device *dev) 806 { 807 char buf[64]; 808 char *oldbr; 809 int ret = 0; 810 811 oldbr = system_get_bridge(dev->ifname, dev_buf, sizeof(dev_buf)); 812 if (!oldbr || strcmp(oldbr, bridge->ifname) != 0) 813 ret = system_bridge_if(bridge->ifname, dev, SIOCBRADDIF, NULL); 814 815 if (dev->wireless) 816 system_bridge_set_wireless(bridge, dev); 817 818 if (dev->settings.flags & DEV_OPT_MULTICAST_ROUTER) { 819 snprintf(buf, sizeof(buf), "%u", dev->settings.multicast_router); 820 system_bridge_set_multicast_router(dev, buf, false); 821 } 822 823 if (dev->settings.flags & DEV_OPT_MULTICAST_FAST_LEAVE && 824 dev->settings.multicast_fast_leave) 825 system_bridge_set_multicast_fast_leave(dev, "1"); 826 827 if (dev->settings.flags & DEV_OPT_LEARNING && 828 !dev->settings.learning) 829 system_bridge_set_learning(dev, ""); 830 831 if (dev->settings.flags & DEV_OPT_UNICAST_FLOOD && 832 !dev->settings.unicast_flood) 833 system_bridge_set_unicast_flood(dev, ""); 834 835 if (dev->settings.flags & DEV_OPT_ISOLATE && 836 dev->settings.isolate) 837 system_bridge_set_isolated(dev, "1"); 838 839 return ret; 840 } 841 842 int system_bridge_delif(struct device *bridge, struct device *dev) 843 { 844 return system_bridge_if(bridge->ifname, dev, SIOCBRDELIF, NULL); 845 } 846 847 int system_if_resolve(struct device *dev) 848 { 849 struct ifreq ifr; 850 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 851 if (!ioctl(sock_ioctl, SIOCGIFINDEX, &ifr)) 852 return ifr.ifr_ifindex; 853 else 854 return 0; 855 } 856 857 static int system_if_flags(const char *ifname, unsigned add, unsigned rem) 858 { 859 struct ifreq ifr; 860 861 memset(&ifr, 0, sizeof(ifr)); 862 strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name) - 1); 863 if (ioctl(sock_ioctl, SIOCGIFFLAGS, &ifr) < 0) 864 return -1; 865 866 ifr.ifr_flags |= add; 867 ifr.ifr_flags &= ~rem; 868 return ioctl(sock_ioctl, SIOCSIFFLAGS, &ifr); 869 } 870 871 struct clear_data { 872 struct nl_msg *msg; 873 struct device *dev; 874 int type; 875 int size; 876 int af; 877 }; 878 879 880 static bool check_ifaddr(struct nlmsghdr *hdr, int ifindex) 881 { 882 struct ifaddrmsg *ifa = NLMSG_DATA(hdr); 883 884 return ifa->ifa_index == ifindex; 885 } 886 887 static bool check_route(struct nlmsghdr *hdr, int ifindex) 888 { 889 struct rtmsg *r = NLMSG_DATA(hdr); 890 struct nlattr *tb[__RTA_MAX]; 891 892 if (r->rtm_protocol == RTPROT_KERNEL && 893 r->rtm_family == AF_INET6) 894 return false; 895 896 nlmsg_parse(hdr, sizeof(struct rtmsg), tb, __RTA_MAX - 1, NULL); 897 if (!tb[RTA_OIF]) 898 return false; 899 900 return *(int *)RTA_DATA(tb[RTA_OIF]) == ifindex; 901 } 902 903 static bool check_rule(struct nlmsghdr *hdr, int ifindex) 904 { 905 return true; 906 } 907 908 static int cb_clear_event(struct nl_msg *msg, void *arg) 909 { 910 struct clear_data *clr = arg; 911 struct nlmsghdr *hdr = nlmsg_hdr(msg); 912 bool (*cb)(struct nlmsghdr *, int ifindex); 913 int type, ret; 914 915 switch(clr->type) { 916 case RTM_GETADDR: 917 type = RTM_DELADDR; 918 if (hdr->nlmsg_type != RTM_NEWADDR) 919 return NL_SKIP; 920 921 cb = check_ifaddr; 922 break; 923 case RTM_GETROUTE: 924 type = RTM_DELROUTE; 925 if (hdr->nlmsg_type != RTM_NEWROUTE) 926 return NL_SKIP; 927 928 cb = check_route; 929 break; 930 case RTM_GETRULE: 931 type = RTM_DELRULE; 932 if (hdr->nlmsg_type != RTM_NEWRULE) 933 return NL_SKIP; 934 935 cb = check_rule; 936 break; 937 default: 938 return NL_SKIP; 939 } 940 941 if (!cb(hdr, clr->dev ? clr->dev->ifindex : 0)) 942 return NL_SKIP; 943 944 if (type == RTM_DELRULE) 945 D(SYSTEM, "Remove a rule\n"); 946 else 947 D(SYSTEM, "Remove %s from device %s\n", 948 type == RTM_DELADDR ? "an address" : "a route", 949 clr->dev->ifname); 950 951 memcpy(nlmsg_hdr(clr->msg), hdr, hdr->nlmsg_len); 952 hdr = nlmsg_hdr(clr->msg); 953 hdr->nlmsg_type = type; 954 hdr->nlmsg_flags = NLM_F_REQUEST; 955 956 nl_socket_disable_auto_ack(sock_rtnl); 957 ret = nl_send_auto_complete(sock_rtnl, clr->msg); 958 if (ret < 0) { 959 if (type == RTM_DELRULE) 960 D(SYSTEM, "Error deleting a rule: %d\n", ret); 961 else 962 D(SYSTEM, "Error deleting %s from device '%s': %d\n", 963 type == RTM_DELADDR ? "an address" : "a route", 964 clr->dev->ifname, ret); 965 } 966 967 nl_socket_enable_auto_ack(sock_rtnl); 968 969 return NL_SKIP; 970 } 971 972 static int 973 cb_finish_event(struct nl_msg *msg, void *arg) 974 { 975 int *pending = arg; 976 *pending = 0; 977 return NL_STOP; 978 } 979 980 static int 981 error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err, void *arg) 982 { 983 int *pending = arg; 984 *pending = err->error; 985 return NL_STOP; 986 } 987 988 static void 989 system_if_clear_entries(struct device *dev, int type, int af) 990 { 991 struct clear_data clr; 992 struct nl_cb *cb; 993 struct rtmsg rtm = { 994 .rtm_family = af, 995 .rtm_flags = RTM_F_CLONED, 996 }; 997 int flags = NLM_F_DUMP; 998 int pending = 1; 999 1000 clr.af = af; 1001 clr.dev = dev; 1002 clr.type = type; 1003 switch (type) { 1004 case RTM_GETADDR: 1005 case RTM_GETRULE: 1006 clr.size = sizeof(struct rtgenmsg); 1007 break; 1008 case RTM_GETROUTE: 1009 clr.size = sizeof(struct rtmsg); 1010 break; 1011 default: 1012 return; 1013 } 1014 1015 cb = nl_cb_alloc(NL_CB_DEFAULT); 1016 if (!cb) 1017 return; 1018 1019 clr.msg = nlmsg_alloc_simple(type, flags); 1020 if (!clr.msg) 1021 goto out; 1022 1023 nlmsg_append(clr.msg, &rtm, clr.size, 0); 1024 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, cb_clear_event, &clr); 1025 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, cb_finish_event, &pending); 1026 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &pending); 1027 1028 if (nl_send_auto_complete(sock_rtnl, clr.msg) < 0) 1029 goto free; 1030 1031 while (pending > 0) 1032 nl_recvmsgs(sock_rtnl, cb); 1033 1034 free: 1035 nlmsg_free(clr.msg); 1036 out: 1037 nl_cb_put(cb); 1038 } 1039 1040 /* 1041 * Clear bridge (membership) state and bring down device 1042 */ 1043 void system_if_clear_state(struct device *dev) 1044 { 1045 static char buf[256]; 1046 char *bridge; 1047 device_set_ifindex(dev, system_if_resolve(dev)); 1048 1049 if (dev->external || !dev->ifindex) 1050 return; 1051 1052 system_if_flags(dev->ifname, 0, IFF_UP); 1053 1054 if (system_is_bridge(dev->ifname, buf, sizeof(buf))) { 1055 D(SYSTEM, "Delete existing bridge named '%s'\n", dev->ifname); 1056 system_bridge_delbr(dev); 1057 return; 1058 } 1059 1060 bridge = system_get_bridge(dev->ifname, buf, sizeof(buf)); 1061 if (bridge) { 1062 D(SYSTEM, "Remove device '%s' from bridge '%s'\n", dev->ifname, bridge); 1063 system_bridge_if(bridge, dev, SIOCBRDELIF, NULL); 1064 } 1065 1066 system_if_clear_entries(dev, RTM_GETROUTE, AF_INET); 1067 system_if_clear_entries(dev, RTM_GETADDR, AF_INET); 1068 system_if_clear_entries(dev, RTM_GETROUTE, AF_INET6); 1069 system_if_clear_entries(dev, RTM_GETADDR, AF_INET6); 1070 system_if_clear_entries(dev, RTM_GETNEIGH, AF_INET); 1071 system_if_clear_entries(dev, RTM_GETNEIGH, AF_INET6); 1072 system_set_disable_ipv6(dev, ""); 1073 } 1074 1075 static inline unsigned long 1076 sec_to_jiffies(int val) 1077 { 1078 return (unsigned long) val * 100; 1079 } 1080 1081 static void system_bridge_conf_multicast_deps(struct device *bridge, 1082 struct bridge_config *cfg, 1083 char *buf, 1084 int buf_len) 1085 { 1086 int val; 1087 1088 if (cfg->flags & BRIDGE_OPT_ROBUSTNESS || 1089 cfg->flags & BRIDGE_OPT_QUERY_INTERVAL || 1090 cfg->flags & BRIDGE_OPT_QUERY_RESPONSE_INTERVAL) { 1091 val = cfg->robustness * cfg->query_interval + 1092 cfg->query_response_interval; 1093 1094 snprintf(buf, buf_len, "%i", val); 1095 system_bridge_set_membership_interval(bridge, buf); 1096 1097 val = cfg->robustness * cfg->query_interval + 1098 cfg->query_response_interval / 2; 1099 1100 snprintf(buf, buf_len, "%i", val); 1101 system_bridge_set_other_querier_timeout(bridge, buf); 1102 } 1103 1104 if (cfg->flags & BRIDGE_OPT_QUERY_INTERVAL) { 1105 val = cfg->query_interval / 4; 1106 1107 snprintf(buf, buf_len, "%i", val); 1108 system_bridge_set_startup_query_interval(bridge, buf); 1109 } 1110 } 1111 1112 static void system_bridge_conf_multicast(struct device *bridge, 1113 struct bridge_config *cfg, 1114 char *buf, 1115 int buf_len) 1116 { 1117 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_snooping", 1118 bridge->ifname, cfg->igmp_snoop ? "1" : ""); 1119 1120 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/multicast_querier", 1121 bridge->ifname, cfg->multicast_querier ? "1" : ""); 1122 1123 snprintf(buf, buf_len, "%i", cfg->hash_max); 1124 system_set_dev_sysctl("/sys/devices/virtual/net/%s/bridge/hash_max", 1125 bridge->ifname, buf); 1126 1127 if (bridge->settings.flags & DEV_OPT_MULTICAST_ROUTER) { 1128 snprintf(buf, buf_len, "%u", bridge->settings.multicast_router); 1129 system_bridge_set_multicast_router(bridge, buf, true); 1130 } 1131 1132 if (cfg->flags & BRIDGE_OPT_ROBUSTNESS) { 1133 snprintf(buf, buf_len, "%i", cfg->robustness); 1134 system_bridge_set_robustness(bridge, buf); 1135 } 1136 1137 if (cfg->flags & BRIDGE_OPT_QUERY_INTERVAL) { 1138 snprintf(buf, buf_len, "%i", cfg->query_interval); 1139 system_bridge_set_query_interval(bridge, buf); 1140 } 1141 1142 if (cfg->flags & BRIDGE_OPT_QUERY_RESPONSE_INTERVAL) { 1143 snprintf(buf, buf_len, "%i", cfg->query_response_interval); 1144 system_bridge_set_query_response_interval(bridge, buf); 1145 } 1146 1147 if (cfg->flags & BRIDGE_OPT_LAST_MEMBER_INTERVAL) { 1148 snprintf(buf, buf_len, "%i", cfg->last_member_interval); 1149 system_bridge_set_last_member_interval(bridge, buf); 1150 } 1151 1152 system_bridge_conf_multicast_deps(bridge, cfg, buf, buf_len); 1153 } 1154 1155 int system_bridge_addbr(struct device *bridge, struct bridge_config *cfg) 1156 { 1157 char buf[64]; 1158 1159 if (ioctl(sock_ioctl, SIOCBRADDBR, bridge->ifname) < 0) 1160 return -1; 1161 1162 system_bridge_set_stp_state(bridge, cfg->stp ? "1" : ""); 1163 1164 snprintf(buf, sizeof(buf), "%lu", sec_to_jiffies(cfg->forward_delay)); 1165 system_bridge_set_forward_delay(bridge, buf); 1166 1167 system_bridge_conf_multicast(bridge, cfg, buf, sizeof(buf)); 1168 1169 snprintf(buf, sizeof(buf), "%d", cfg->priority); 1170 system_bridge_set_priority(bridge, buf); 1171 1172 if (cfg->flags & BRIDGE_OPT_AGEING_TIME) { 1173 snprintf(buf, sizeof(buf), "%lu", sec_to_jiffies(cfg->ageing_time)); 1174 system_bridge_set_ageing_time(bridge, buf); 1175 } 1176 1177 if (cfg->flags & BRIDGE_OPT_HELLO_TIME) { 1178 snprintf(buf, sizeof(buf), "%lu", sec_to_jiffies(cfg->hello_time)); 1179 system_bridge_set_hello_time(bridge, buf); 1180 } 1181 1182 if (cfg->flags & BRIDGE_OPT_MAX_AGE) { 1183 snprintf(buf, sizeof(buf), "%lu", sec_to_jiffies(cfg->max_age)); 1184 system_bridge_set_max_age(bridge, buf); 1185 } 1186 1187 return 0; 1188 } 1189 1190 int system_macvlan_add(struct device *macvlan, struct device *dev, struct macvlan_config *cfg) 1191 { 1192 struct nl_msg *msg; 1193 struct nlattr *linkinfo, *data; 1194 struct ifinfomsg iim = { .ifi_family = AF_UNSPEC, }; 1195 int i, rv; 1196 static const struct { 1197 const char *name; 1198 enum macvlan_mode val; 1199 } modes[] = { 1200 { "private", MACVLAN_MODE_PRIVATE }, 1201 { "vepa", MACVLAN_MODE_VEPA }, 1202 { "bridge", MACVLAN_MODE_BRIDGE }, 1203 { "passthru", MACVLAN_MODE_PASSTHRU }, 1204 }; 1205 1206 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); 1207 1208 if (!msg) 1209 return -1; 1210 1211 nlmsg_append(msg, &iim, sizeof(iim), 0); 1212 1213 if (cfg->flags & MACVLAN_OPT_MACADDR) 1214 nla_put(msg, IFLA_ADDRESS, sizeof(cfg->macaddr), cfg->macaddr); 1215 nla_put_string(msg, IFLA_IFNAME, macvlan->ifname); 1216 nla_put_u32(msg, IFLA_LINK, dev->ifindex); 1217 1218 if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO))) 1219 goto nla_put_failure; 1220 1221 nla_put_string(msg, IFLA_INFO_KIND, "macvlan"); 1222 1223 if (!(data = nla_nest_start(msg, IFLA_INFO_DATA))) 1224 goto nla_put_failure; 1225 1226 if (cfg->mode) { 1227 for (i = 0; i < ARRAY_SIZE(modes); i++) { 1228 if (strcmp(cfg->mode, modes[i].name) != 0) 1229 continue; 1230 1231 nla_put_u32(msg, IFLA_MACVLAN_MODE, modes[i].val); 1232 break; 1233 } 1234 } 1235 1236 nla_nest_end(msg, data); 1237 nla_nest_end(msg, linkinfo); 1238 1239 rv = system_rtnl_call(msg); 1240 if (rv) 1241 D(SYSTEM, "Error adding macvlan '%s' over '%s': %d\n", macvlan->ifname, dev->ifname, rv); 1242 1243 return rv; 1244 1245 nla_put_failure: 1246 nlmsg_free(msg); 1247 return -ENOMEM; 1248 } 1249 1250 int system_link_netns_move(struct device *dev, int netns_fd, const char *target_ifname) 1251 { 1252 struct nl_msg *msg; 1253 struct ifinfomsg iim = { 1254 .ifi_family = AF_UNSPEC, 1255 }; 1256 1257 if (!dev) 1258 return -1; 1259 1260 iim.ifi_index = system_if_resolve(dev); 1261 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST); 1262 1263 if (!msg) 1264 return -1; 1265 1266 nlmsg_append(msg, &iim, sizeof(iim), 0); 1267 if (target_ifname) 1268 nla_put_string(msg, IFLA_IFNAME, target_ifname); 1269 1270 nla_put_u32(msg, IFLA_NET_NS_FD, netns_fd); 1271 return system_rtnl_call(msg); 1272 } 1273 1274 static int system_link_del(const char *ifname) 1275 { 1276 struct nl_msg *msg; 1277 struct ifinfomsg iim = { 1278 .ifi_family = AF_UNSPEC, 1279 .ifi_index = 0, 1280 }; 1281 1282 msg = nlmsg_alloc_simple(RTM_DELLINK, NLM_F_REQUEST); 1283 1284 if (!msg) 1285 return -1; 1286 1287 nlmsg_append(msg, &iim, sizeof(iim), 0); 1288 nla_put_string(msg, IFLA_IFNAME, ifname); 1289 return system_rtnl_call(msg); 1290 } 1291 1292 int system_macvlan_del(struct device *macvlan) 1293 { 1294 return system_link_del(macvlan->ifname); 1295 } 1296 1297 int system_netns_open(const pid_t target_ns) 1298 { 1299 char pid_net_path[PATH_MAX]; 1300 1301 snprintf(pid_net_path, sizeof(pid_net_path), "/proc/%u/ns/net", target_ns); 1302 1303 return open(pid_net_path, O_RDONLY); 1304 } 1305 1306 int system_netns_set(int netns_fd) 1307 { 1308 return setns(netns_fd, CLONE_NEWNET); 1309 } 1310 1311 int system_veth_add(struct device *veth, struct veth_config *cfg) 1312 { 1313 struct nl_msg *msg; 1314 struct ifinfomsg empty_iim = {}; 1315 struct nlattr *linkinfo, *data, *veth_info; 1316 int rv; 1317 1318 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); 1319 1320 if (!msg) 1321 return -1; 1322 1323 nlmsg_append(msg, &empty_iim, sizeof(empty_iim), 0); 1324 1325 if (cfg->flags & VETH_OPT_MACADDR) 1326 nla_put(msg, IFLA_ADDRESS, sizeof(cfg->macaddr), cfg->macaddr); 1327 nla_put_string(msg, IFLA_IFNAME, veth->ifname); 1328 1329 if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO))) 1330 goto nla_put_failure; 1331 1332 nla_put_string(msg, IFLA_INFO_KIND, "veth"); 1333 1334 if (!(data = nla_nest_start(msg, IFLA_INFO_DATA))) 1335 goto nla_put_failure; 1336 1337 if (!(veth_info = nla_nest_start(msg, VETH_INFO_PEER))) 1338 goto nla_put_failure; 1339 1340 nlmsg_append(msg, &empty_iim, sizeof(empty_iim), 0); 1341 1342 if (cfg->flags & VETH_OPT_PEER_NAME) 1343 nla_put_string(msg, IFLA_IFNAME, cfg->peer_name); 1344 if (cfg->flags & VETH_OPT_PEER_MACADDR) 1345 nla_put(msg, IFLA_ADDRESS, sizeof(cfg->peer_macaddr), cfg->peer_macaddr); 1346 1347 nla_nest_end(msg, veth_info); 1348 nla_nest_end(msg, data); 1349 nla_nest_end(msg, linkinfo); 1350 1351 rv = system_rtnl_call(msg); 1352 if (rv) { 1353 if (cfg->flags & VETH_OPT_PEER_NAME) 1354 D(SYSTEM, "Error adding veth '%s' with peer '%s': %d\n", veth->ifname, cfg->peer_name, rv); 1355 else 1356 D(SYSTEM, "Error adding veth '%s': %d\n", veth->ifname, rv); 1357 } 1358 1359 return rv; 1360 1361 nla_put_failure: 1362 nlmsg_free(msg); 1363 return -ENOMEM; 1364 } 1365 1366 int system_veth_del(struct device *veth) 1367 { 1368 return system_link_del(veth->ifname); 1369 } 1370 1371 static int system_vlan(struct device *dev, int id) 1372 { 1373 struct vlan_ioctl_args ifr = { 1374 .cmd = SET_VLAN_NAME_TYPE_CMD, 1375 .u.name_type = VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD, 1376 }; 1377 1378 if (ioctl(sock_ioctl, SIOCSIFVLAN, &ifr) < 0) 1379 return -1; 1380 1381 if (id < 0) { 1382 ifr.cmd = DEL_VLAN_CMD; 1383 ifr.u.VID = 0; 1384 } else { 1385 ifr.cmd = ADD_VLAN_CMD; 1386 ifr.u.VID = id; 1387 } 1388 strncpy(ifr.device1, dev->ifname, sizeof(ifr.device1)); 1389 return ioctl(sock_ioctl, SIOCSIFVLAN, &ifr); 1390 } 1391 1392 int system_vlan_add(struct device *dev, int id) 1393 { 1394 return system_vlan(dev, id); 1395 } 1396 1397 int system_vlan_del(struct device *dev) 1398 { 1399 return system_vlan(dev, -1); 1400 } 1401 1402 int system_vlandev_add(struct device *vlandev, struct device *dev, struct vlandev_config *cfg) 1403 { 1404 struct nl_msg *msg; 1405 struct nlattr *linkinfo, *data, *qos; 1406 struct ifinfomsg iim = { .ifi_family = AF_UNSPEC }; 1407 struct vlan_qos_mapping *elem; 1408 struct ifla_vlan_qos_mapping nl_qos_map; 1409 int rv; 1410 1411 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); 1412 1413 if (!msg) 1414 return -1; 1415 1416 nlmsg_append(msg, &iim, sizeof(iim), 0); 1417 nla_put_string(msg, IFLA_IFNAME, vlandev->ifname); 1418 nla_put_u32(msg, IFLA_LINK, dev->ifindex); 1419 1420 if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO))) 1421 goto nla_put_failure; 1422 1423 nla_put_string(msg, IFLA_INFO_KIND, "vlan"); 1424 1425 if (!(data = nla_nest_start(msg, IFLA_INFO_DATA))) 1426 goto nla_put_failure; 1427 1428 nla_put_u16(msg, IFLA_VLAN_ID, cfg->vid); 1429 1430 #if LINUX_VERSION_CODE >= KERNEL_VERSION(3,10,0) 1431 nla_put_u16(msg, IFLA_VLAN_PROTOCOL, htons(cfg->proto)); 1432 #else 1433 if(cfg->proto == VLAN_PROTO_8021AD) 1434 netifd_log_message(L_WARNING, "%s Your kernel is older than linux 3.10.0, 802.1ad is not supported defaulting to 802.1q", vlandev->type->name); 1435 #endif 1436 1437 if (!(qos = nla_nest_start(msg, IFLA_VLAN_INGRESS_QOS))) 1438 goto nla_put_failure; 1439 1440 vlist_simple_for_each_element(&cfg->ingress_qos_mapping_list, elem, node) { 1441 nl_qos_map.from = elem->from; 1442 nl_qos_map.to = elem->to; 1443 nla_put(msg, IFLA_VLAN_QOS_MAPPING, sizeof(nl_qos_map), &nl_qos_map); 1444 } 1445 nla_nest_end(msg, qos); 1446 1447 if (!(qos = nla_nest_start(msg, IFLA_VLAN_EGRESS_QOS))) 1448 goto nla_put_failure; 1449 1450 vlist_simple_for_each_element(&cfg->egress_qos_mapping_list, elem, node) { 1451 nl_qos_map.from = elem->from; 1452 nl_qos_map.to = elem->to; 1453 nla_put(msg, IFLA_VLAN_QOS_MAPPING, sizeof(nl_qos_map), &nl_qos_map); 1454 } 1455 nla_nest_end(msg, qos); 1456 1457 nla_nest_end(msg, data); 1458 nla_nest_end(msg, linkinfo); 1459 1460 rv = system_rtnl_call(msg); 1461 if (rv) 1462 D(SYSTEM, "Error adding vlandev '%s' over '%s': %d\n", vlandev->ifname, dev->ifname, rv); 1463 1464 return rv; 1465 1466 nla_put_failure: 1467 nlmsg_free(msg); 1468 return -ENOMEM; 1469 } 1470 1471 int system_vlandev_del(struct device *vlandev) 1472 { 1473 return system_link_del(vlandev->ifname); 1474 } 1475 1476 void 1477 system_if_get_settings(struct device *dev, struct device_settings *s) 1478 { 1479 struct ifreq ifr; 1480 char buf[10]; 1481 1482 memset(&ifr, 0, sizeof(ifr)); 1483 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 1484 1485 if (ioctl(sock_ioctl, SIOCGIFMTU, &ifr) == 0) { 1486 s->mtu = ifr.ifr_mtu; 1487 s->flags |= DEV_OPT_MTU; 1488 } 1489 1490 s->mtu6 = system_update_ipv6_mtu(dev, 0); 1491 if (s->mtu6 > 0) 1492 s->flags |= DEV_OPT_MTU6; 1493 1494 if (ioctl(sock_ioctl, SIOCGIFTXQLEN, &ifr) == 0) { 1495 s->txqueuelen = ifr.ifr_qlen; 1496 s->flags |= DEV_OPT_TXQUEUELEN; 1497 } 1498 1499 if (ioctl(sock_ioctl, SIOCGIFHWADDR, &ifr) == 0) { 1500 memcpy(s->macaddr, &ifr.ifr_hwaddr.sa_data, sizeof(s->macaddr)); 1501 s->flags |= DEV_OPT_MACADDR; 1502 } 1503 1504 if (!system_get_disable_ipv6(dev, buf, sizeof(buf))) { 1505 s->ipv6 = !strtoul(buf, NULL, 0); 1506 s->flags |= DEV_OPT_IPV6; 1507 } 1508 1509 if (ioctl(sock_ioctl, SIOCGIFFLAGS, &ifr) == 0) { 1510 s->promisc = ifr.ifr_flags & IFF_PROMISC; 1511 s->flags |= DEV_OPT_PROMISC; 1512 1513 s->multicast = ifr.ifr_flags & IFF_MULTICAST; 1514 s->flags |= DEV_OPT_MULTICAST; 1515 } 1516 1517 if (!system_get_rpfilter(dev, buf, sizeof(buf))) { 1518 s->rpfilter = strtoul(buf, NULL, 0); 1519 s->flags |= DEV_OPT_RPFILTER; 1520 } 1521 1522 if (!system_get_acceptlocal(dev, buf, sizeof(buf))) { 1523 s->acceptlocal = strtoul(buf, NULL, 0); 1524 s->flags |= DEV_OPT_ACCEPTLOCAL; 1525 } 1526 1527 if (!system_get_igmpversion(dev, buf, sizeof(buf))) { 1528 s->igmpversion = strtoul(buf, NULL, 0); 1529 s->flags |= DEV_OPT_IGMPVERSION; 1530 } 1531 1532 if (!system_get_mldversion(dev, buf, sizeof(buf))) { 1533 s->mldversion = strtoul(buf, NULL, 0); 1534 s->flags |= DEV_OPT_MLDVERSION; 1535 } 1536 1537 if (!system_get_neigh4reachabletime(dev, buf, sizeof(buf))) { 1538 s->neigh4reachabletime = strtoul(buf, NULL, 0); 1539 s->flags |= DEV_OPT_NEIGHREACHABLETIME; 1540 } 1541 1542 if (!system_get_neigh6reachabletime(dev, buf, sizeof(buf))) { 1543 s->neigh6reachabletime = strtoul(buf, NULL, 0); 1544 s->flags |= DEV_OPT_NEIGHREACHABLETIME; 1545 } 1546 1547 if (!system_get_neigh4locktime(dev, buf, sizeof(buf))) { 1548 s->neigh4locktime = strtol(buf, NULL, 0); 1549 s->flags |= DEV_OPT_NEIGHLOCKTIME; 1550 } 1551 1552 if (!system_get_neigh4gcstaletime(dev, buf, sizeof(buf))) { 1553 s->neigh4gcstaletime = strtoul(buf, NULL, 0); 1554 s->flags |= DEV_OPT_NEIGHGCSTALETIME; 1555 } 1556 1557 if (!system_get_neigh6gcstaletime(dev, buf, sizeof(buf))) { 1558 s->neigh6gcstaletime = strtoul(buf, NULL, 0); 1559 s->flags |= DEV_OPT_NEIGHGCSTALETIME; 1560 } 1561 1562 if (!system_get_dadtransmits(dev, buf, sizeof(buf))) { 1563 s->dadtransmits = strtoul(buf, NULL, 0); 1564 s->flags |= DEV_OPT_DADTRANSMITS; 1565 } 1566 1567 if (!system_get_sendredirects(dev, buf, sizeof(buf))) { 1568 s->sendredirects = strtoul(buf, NULL, 0); 1569 s->flags |= DEV_OPT_SENDREDIRECTS; 1570 } 1571 } 1572 1573 void 1574 system_if_apply_settings(struct device *dev, struct device_settings *s, unsigned int apply_mask) 1575 { 1576 struct ifreq ifr; 1577 char buf[12]; 1578 1579 memset(&ifr, 0, sizeof(ifr)); 1580 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 1581 if (s->flags & DEV_OPT_MTU & apply_mask) { 1582 ifr.ifr_mtu = s->mtu; 1583 if (ioctl(sock_ioctl, SIOCSIFMTU, &ifr) < 0) 1584 s->flags &= ~DEV_OPT_MTU; 1585 } 1586 if (s->flags & DEV_OPT_MTU6 & apply_mask) { 1587 system_update_ipv6_mtu(dev, s->mtu6); 1588 } 1589 if (s->flags & DEV_OPT_TXQUEUELEN & apply_mask) { 1590 ifr.ifr_qlen = s->txqueuelen; 1591 if (ioctl(sock_ioctl, SIOCSIFTXQLEN, &ifr) < 0) 1592 s->flags &= ~DEV_OPT_TXQUEUELEN; 1593 } 1594 if ((s->flags & DEV_OPT_MACADDR & apply_mask) && !dev->external) { 1595 ifr.ifr_hwaddr.sa_family = ARPHRD_ETHER; 1596 memcpy(&ifr.ifr_hwaddr.sa_data, s->macaddr, sizeof(s->macaddr)); 1597 if (ioctl(sock_ioctl, SIOCSIFHWADDR, &ifr) < 0) 1598 s->flags &= ~DEV_OPT_MACADDR; 1599 } 1600 if (s->flags & DEV_OPT_IPV6 & apply_mask) 1601 system_set_disable_ipv6(dev, s->ipv6 ? "" : "1"); 1602 if (s->flags & DEV_OPT_PROMISC & apply_mask) { 1603 if (system_if_flags(dev->ifname, s->promisc ? IFF_PROMISC : 0, 1604 !s->promisc ? IFF_PROMISC : 0) < 0) 1605 s->flags &= ~DEV_OPT_PROMISC; 1606 } 1607 if (s->flags & DEV_OPT_RPFILTER & apply_mask) { 1608 snprintf(buf, sizeof(buf), "%u", s->rpfilter); 1609 system_set_rpfilter(dev, buf); 1610 } 1611 if (s->flags & DEV_OPT_ACCEPTLOCAL & apply_mask) 1612 system_set_acceptlocal(dev, s->acceptlocal ? "1" : ""); 1613 if (s->flags & DEV_OPT_IGMPVERSION & apply_mask) { 1614 snprintf(buf, sizeof(buf), "%u", s->igmpversion); 1615 system_set_igmpversion(dev, buf); 1616 } 1617 if (s->flags & DEV_OPT_MLDVERSION & apply_mask) { 1618 snprintf(buf, sizeof(buf), "%u", s->mldversion); 1619 system_set_mldversion(dev, buf); 1620 } 1621 if (s->flags & DEV_OPT_NEIGHREACHABLETIME & apply_mask) { 1622 snprintf(buf, sizeof(buf), "%u", s->neigh4reachabletime); 1623 system_set_neigh4reachabletime(dev, buf); 1624 snprintf(buf, sizeof(buf), "%u", s->neigh6reachabletime); 1625 system_set_neigh6reachabletime(dev, buf); 1626 } 1627 if (s->flags & DEV_OPT_NEIGHLOCKTIME & apply_mask) { 1628 snprintf(buf, sizeof(buf), "%d", s->neigh4locktime); 1629 system_set_neigh4locktime(dev, buf); 1630 } 1631 if (s->flags & DEV_OPT_NEIGHGCSTALETIME & apply_mask) { 1632 snprintf(buf, sizeof(buf), "%u", s->neigh4gcstaletime); 1633 system_set_neigh4gcstaletime(dev, buf); 1634 snprintf(buf, sizeof(buf), "%u", s->neigh6gcstaletime); 1635 system_set_neigh6gcstaletime(dev, buf); 1636 } 1637 if (s->flags & DEV_OPT_DADTRANSMITS & apply_mask) { 1638 snprintf(buf, sizeof(buf), "%u", s->dadtransmits); 1639 system_set_dadtransmits(dev, buf); 1640 } 1641 if (s->flags & DEV_OPT_MULTICAST & apply_mask) { 1642 if (system_if_flags(dev->ifname, s->multicast ? IFF_MULTICAST : 0, 1643 !s->multicast ? IFF_MULTICAST : 0) < 0) 1644 s->flags &= ~DEV_OPT_MULTICAST; 1645 } 1646 if (s->flags & DEV_OPT_SENDREDIRECTS & apply_mask) 1647 system_set_sendredirects(dev, s->sendredirects ? "1" : ""); 1648 } 1649 1650 int system_if_up(struct device *dev) 1651 { 1652 system_if_get_settings(dev, &dev->orig_settings); 1653 /* Only keep orig settings based on what needs to be set */ 1654 dev->orig_settings.valid_flags = dev->orig_settings.flags; 1655 dev->orig_settings.flags &= dev->settings.flags; 1656 system_if_apply_settings(dev, &dev->settings, dev->settings.flags); 1657 return system_if_flags(dev->ifname, IFF_UP, 0); 1658 } 1659 1660 int system_if_down(struct device *dev) 1661 { 1662 int ret = system_if_flags(dev->ifname, 0, IFF_UP); 1663 system_if_apply_settings(dev, &dev->orig_settings, dev->orig_settings.flags); 1664 return ret; 1665 } 1666 1667 struct if_check_data { 1668 struct device *dev; 1669 int pending; 1670 int ret; 1671 }; 1672 1673 #ifndef IFF_LOWER_UP 1674 #define IFF_LOWER_UP 0x10000 1675 #endif 1676 1677 static int cb_if_check_valid(struct nl_msg *msg, void *arg) 1678 { 1679 struct nlmsghdr *nh = nlmsg_hdr(msg); 1680 struct ifinfomsg *ifi = NLMSG_DATA(nh); 1681 struct if_check_data *chk = (struct if_check_data *)arg; 1682 1683 if (nh->nlmsg_type != RTM_NEWLINK) 1684 return NL_SKIP; 1685 1686 device_set_present(chk->dev, ifi->ifi_index > 0 ? true : false); 1687 device_set_link(chk->dev, ifi->ifi_flags & IFF_LOWER_UP ? true : false); 1688 1689 return NL_OK; 1690 } 1691 1692 static int cb_if_check_ack(struct nl_msg *msg, void *arg) 1693 { 1694 struct if_check_data *chk = (struct if_check_data *)arg; 1695 chk->pending = 0; 1696 return NL_STOP; 1697 } 1698 1699 static int cb_if_check_error(struct sockaddr_nl *nla, struct nlmsgerr *err, void *arg) 1700 { 1701 struct if_check_data *chk = (struct if_check_data *)arg; 1702 1703 device_set_present(chk->dev, false); 1704 device_set_link(chk->dev, false); 1705 chk->pending = err->error; 1706 1707 return NL_STOP; 1708 } 1709 1710 int system_if_check(struct device *dev) 1711 { 1712 struct nl_cb *cb = nl_cb_alloc(NL_CB_DEFAULT); 1713 struct nl_msg *msg; 1714 struct ifinfomsg ifi = { 1715 .ifi_family = AF_UNSPEC, 1716 .ifi_index = 0, 1717 }; 1718 struct if_check_data chk = { 1719 .dev = dev, 1720 .pending = 1, 1721 }; 1722 int ret = 1; 1723 1724 if (!cb) 1725 return ret; 1726 1727 msg = nlmsg_alloc_simple(RTM_GETLINK, 0); 1728 if (!msg) 1729 goto out; 1730 1731 if (nlmsg_append(msg, &ifi, sizeof(ifi), 0) || 1732 nla_put_string(msg, IFLA_IFNAME, dev->ifname)) 1733 goto free; 1734 1735 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, cb_if_check_valid, &chk); 1736 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, cb_if_check_ack, &chk); 1737 nl_cb_err(cb, NL_CB_CUSTOM, cb_if_check_error, &chk); 1738 1739 ret = nl_send_auto_complete(sock_rtnl, msg); 1740 if (ret < 0) 1741 goto free; 1742 1743 while (chk.pending > 0) 1744 nl_recvmsgs(sock_rtnl, cb); 1745 1746 ret = chk.pending; 1747 1748 free: 1749 nlmsg_free(msg); 1750 out: 1751 nl_cb_put(cb); 1752 return ret; 1753 } 1754 1755 struct device * 1756 system_if_get_parent(struct device *dev) 1757 { 1758 char buf[64], *devname; 1759 int ifindex, iflink, len; 1760 FILE *f; 1761 1762 snprintf(buf, sizeof(buf), "/sys/class/net/%s/iflink", dev->ifname); 1763 f = fopen(buf, "r"); 1764 if (!f) 1765 return NULL; 1766 1767 len = fread(buf, 1, sizeof(buf) - 1, f); 1768 fclose(f); 1769 1770 if (len <= 0) 1771 return NULL; 1772 1773 buf[len] = 0; 1774 iflink = strtoul(buf, NULL, 0); 1775 ifindex = system_if_resolve(dev); 1776 if (!iflink || iflink == ifindex) 1777 return NULL; 1778 1779 devname = if_indextoname(iflink, buf); 1780 if (!devname) 1781 return NULL; 1782 1783 return device_get(devname, true); 1784 } 1785 1786 static bool 1787 read_string_file(int dir_fd, const char *file, char *buf, int len) 1788 { 1789 bool ret = false; 1790 char *c; 1791 int fd; 1792 1793 fd = openat(dir_fd, file, O_RDONLY); 1794 if (fd < 0) 1795 return false; 1796 1797 retry: 1798 len = read(fd, buf, len - 1); 1799 if (len < 0) { 1800 if (errno == EINTR) 1801 goto retry; 1802 } else if (len > 0) { 1803 buf[len] = 0; 1804 1805 c = strchr(buf, '\n'); 1806 if (c) 1807 *c = 0; 1808 1809 ret = true; 1810 } 1811 1812 close(fd); 1813 1814 return ret; 1815 } 1816 1817 static bool 1818 read_uint64_file(int dir_fd, const char *file, uint64_t *val) 1819 { 1820 char buf[64]; 1821 bool ret = false; 1822 1823 ret = read_string_file(dir_fd, file, buf, sizeof(buf)); 1824 if (ret) 1825 *val = strtoull(buf, NULL, 0); 1826 1827 return ret; 1828 } 1829 1830 /* Assume advertised flags == supported flags */ 1831 static const struct { 1832 uint32_t mask; 1833 const char *name; 1834 } ethtool_link_modes[] = { 1835 { ADVERTISED_10baseT_Half, "10baseT-H" }, 1836 { ADVERTISED_10baseT_Full, "10baseT-F" }, 1837 { ADVERTISED_100baseT_Half, "100baseT-H" }, 1838 { ADVERTISED_100baseT_Full, "100baseT-F" }, 1839 { ADVERTISED_1000baseT_Half, "1000baseT-H" }, 1840 { ADVERTISED_1000baseT_Full, "1000baseT-F" }, 1841 { ADVERTISED_1000baseKX_Full, "1000baseKX-F" }, 1842 { ADVERTISED_2500baseX_Full, "2500baseX-F" }, 1843 { ADVERTISED_10000baseT_Full, "10000baseT-F" }, 1844 { ADVERTISED_10000baseKX4_Full, "10000baseKX4-F" }, 1845 { ADVERTISED_10000baseKR_Full, "10000baseKR-F" }, 1846 { ADVERTISED_20000baseMLD2_Full, "20000baseMLD2-F" }, 1847 { ADVERTISED_20000baseKR2_Full, "20000baseKR2-F" }, 1848 { ADVERTISED_40000baseKR4_Full, "40000baseKR4-F" }, 1849 { ADVERTISED_40000baseCR4_Full, "40000baseCR4-F" }, 1850 { ADVERTISED_40000baseSR4_Full, "40000baseSR4-F" }, 1851 { ADVERTISED_40000baseLR4_Full, "40000baseLR4-F" }, 1852 #ifdef ADVERTISED_56000baseKR4_Full 1853 { ADVERTISED_56000baseKR4_Full, "56000baseKR4-F" }, 1854 { ADVERTISED_56000baseCR4_Full, "56000baseCR4-F" }, 1855 { ADVERTISED_56000baseSR4_Full, "56000baseSR4-F" }, 1856 { ADVERTISED_56000baseLR4_Full, "56000baseLR4-F" }, 1857 #endif 1858 }; 1859 1860 static void system_add_link_modes(struct blob_buf *b, __u32 mask) 1861 { 1862 int i; 1863 for (i = 0; i < ARRAY_SIZE(ethtool_link_modes); i++) { 1864 if (mask & ethtool_link_modes[i].mask) 1865 blobmsg_add_string(b, NULL, ethtool_link_modes[i].name); 1866 } 1867 } 1868 1869 bool 1870 system_if_force_external(const char *ifname) 1871 { 1872 char buf[64]; 1873 struct stat s; 1874 1875 snprintf(buf, sizeof(buf), "/sys/class/net/%s/phy80211", ifname); 1876 return stat(buf, &s) == 0; 1877 } 1878 1879 int 1880 system_if_dump_info(struct device *dev, struct blob_buf *b) 1881 { 1882 struct ethtool_cmd ecmd; 1883 struct ifreq ifr; 1884 char *s; 1885 void *c; 1886 1887 memset(&ecmd, 0, sizeof(ecmd)); 1888 memset(&ifr, 0, sizeof(ifr)); 1889 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 1890 ifr.ifr_data = (caddr_t) &ecmd; 1891 ecmd.cmd = ETHTOOL_GSET; 1892 1893 if (ioctl(sock_ioctl, SIOCETHTOOL, &ifr) == 0) { 1894 c = blobmsg_open_array(b, "link-advertising"); 1895 system_add_link_modes(b, ecmd.advertising); 1896 blobmsg_close_array(b, c); 1897 1898 c = blobmsg_open_array(b, "link-partner-advertising"); 1899 system_add_link_modes(b, ecmd.lp_advertising); 1900 blobmsg_close_array(b, c); 1901 1902 c = blobmsg_open_array(b, "link-supported"); 1903 system_add_link_modes(b, ecmd.supported); 1904 blobmsg_close_array(b, c); 1905 1906 s = blobmsg_alloc_string_buffer(b, "speed", 8); 1907 snprintf(s, 8, "%d%c", ethtool_cmd_speed(&ecmd), 1908 ecmd.duplex == DUPLEX_HALF ? 'H' : 'F'); 1909 blobmsg_add_string_buffer(b); 1910 1911 blobmsg_add_u8(b, "autoneg", !!ecmd.autoneg); 1912 } 1913 1914 return 0; 1915 } 1916 1917 int 1918 system_if_dump_stats(struct device *dev, struct blob_buf *b) 1919 { 1920 const char *const counters[] = { 1921 "collisions", "rx_frame_errors", "tx_compressed", 1922 "multicast", "rx_length_errors", "tx_dropped", 1923 "rx_bytes", "rx_missed_errors", "tx_errors", 1924 "rx_compressed", "rx_over_errors", "tx_fifo_errors", 1925 "rx_crc_errors", "rx_packets", "tx_heartbeat_errors", 1926 "rx_dropped", "tx_aborted_errors", "tx_packets", 1927 "rx_errors", "tx_bytes", "tx_window_errors", 1928 "rx_fifo_errors", "tx_carrier_errors", 1929 }; 1930 char buf[64]; 1931 int stats_dir; 1932 int i; 1933 uint64_t val = 0; 1934 1935 snprintf(buf, sizeof(buf), "/sys/class/net/%s/statistics", dev->ifname); 1936 stats_dir = open(buf, O_DIRECTORY); 1937 if (stats_dir < 0) 1938 return -1; 1939 1940 for (i = 0; i < ARRAY_SIZE(counters); i++) 1941 if (read_uint64_file(stats_dir, counters[i], &val)) 1942 blobmsg_add_u64(b, counters[i], val); 1943 1944 close(stats_dir); 1945 return 0; 1946 } 1947 1948 static int system_addr(struct device *dev, struct device_addr *addr, int cmd) 1949 { 1950 bool v4 = ((addr->flags & DEVADDR_FAMILY) == DEVADDR_INET4); 1951 int alen = v4 ? 4 : 16; 1952 unsigned int flags = 0; 1953 struct ifaddrmsg ifa = { 1954 .ifa_family = (alen == 4) ? AF_INET : AF_INET6, 1955 .ifa_prefixlen = addr->mask, 1956 .ifa_index = dev->ifindex, 1957 }; 1958 1959 struct nl_msg *msg; 1960 if (cmd == RTM_NEWADDR) 1961 flags |= NLM_F_CREATE | NLM_F_REPLACE; 1962 1963 msg = nlmsg_alloc_simple(cmd, flags); 1964 if (!msg) 1965 return -1; 1966 1967 nlmsg_append(msg, &ifa, sizeof(ifa), 0); 1968 nla_put(msg, IFA_LOCAL, alen, &addr->addr); 1969 if (v4) { 1970 if (addr->broadcast) 1971 nla_put_u32(msg, IFA_BROADCAST, addr->broadcast); 1972 if (addr->point_to_point) 1973 nla_put_u32(msg, IFA_ADDRESS, addr->point_to_point); 1974 } else { 1975 time_t now = system_get_rtime(); 1976 struct ifa_cacheinfo cinfo = {0xffffffffU, 0xffffffffU, 0, 0}; 1977 1978 if (addr->preferred_until) { 1979 int64_t preferred = addr->preferred_until - now; 1980 if (preferred < 0) 1981 preferred = 0; 1982 else if (preferred > UINT32_MAX) 1983 preferred = UINT32_MAX; 1984 1985 cinfo.ifa_prefered = preferred; 1986 } 1987 1988 if (addr->valid_until) { 1989 int64_t valid = addr->valid_until - now; 1990 if (valid <= 0) { 1991 nlmsg_free(msg); 1992 return -1; 1993 } 1994 else if (valid > UINT32_MAX) 1995 valid = UINT32_MAX; 1996 1997 cinfo.ifa_valid = valid; 1998 } 1999 2000 nla_put(msg, IFA_CACHEINFO, sizeof(cinfo), &cinfo); 2001 2002 if (cmd == RTM_NEWADDR && (addr->flags & DEVADDR_OFFLINK)) 2003 nla_put_u32(msg, IFA_FLAGS, IFA_F_NOPREFIXROUTE); 2004 } 2005 2006 return system_rtnl_call(msg); 2007 } 2008 2009 int system_add_address(struct device *dev, struct device_addr *addr) 2010 { 2011 return system_addr(dev, addr, RTM_NEWADDR); 2012 } 2013 2014 int system_del_address(struct device *dev, struct device_addr *addr) 2015 { 2016 return system_addr(dev, addr, RTM_DELADDR); 2017 } 2018 2019 static int system_neigh(struct device *dev, struct device_neighbor *neighbor, int cmd) 2020 { 2021 int alen = ((neighbor->flags & DEVADDR_FAMILY) == DEVADDR_INET4) ? 4 : 16; 2022 unsigned int flags = 0; 2023 struct ndmsg ndm = { 2024 .ndm_family = (alen == 4) ? AF_INET : AF_INET6, 2025 .ndm_ifindex = dev->ifindex, 2026 .ndm_state = NUD_PERMANENT, 2027 .ndm_flags = (neighbor->proxy ? NTF_PROXY : 0) | (neighbor->router ? NTF_ROUTER : 0), 2028 }; 2029 struct nl_msg *msg; 2030 2031 if (cmd == RTM_NEWNEIGH) 2032 flags |= NLM_F_CREATE | NLM_F_REPLACE; 2033 2034 msg = nlmsg_alloc_simple(cmd, flags); 2035 2036 if (!msg) 2037 return -1; 2038 2039 nlmsg_append(msg, &ndm, sizeof(ndm), 0); 2040 2041 nla_put(msg, NDA_DST, alen, &neighbor->addr); 2042 if (neighbor->flags & DEVNEIGH_MAC) 2043 nla_put(msg, NDA_LLADDR, sizeof(neighbor->macaddr), &neighbor->macaddr); 2044 2045 2046 return system_rtnl_call(msg); 2047 } 2048 2049 int system_add_neighbor(struct device *dev, struct device_neighbor *neighbor) 2050 { 2051 return system_neigh(dev, neighbor, RTM_NEWNEIGH); 2052 } 2053 2054 int system_del_neighbor(struct device *dev, struct device_neighbor *neighbor) 2055 { 2056 return system_neigh(dev, neighbor, RTM_DELNEIGH); 2057 } 2058 2059 static int system_rt(struct device *dev, struct device_route *route, int cmd) 2060 { 2061 int alen = ((route->flags & DEVADDR_FAMILY) == DEVADDR_INET4) ? 4 : 16; 2062 bool have_gw; 2063 unsigned int flags = 0; 2064 2065 if (alen == 4) 2066 have_gw = !!route->nexthop.in.s_addr; 2067 else 2068 have_gw = route->nexthop.in6.s6_addr32[0] || 2069 route->nexthop.in6.s6_addr32[1] || 2070 route->nexthop.in6.s6_addr32[2] || 2071 route->nexthop.in6.s6_addr32[3]; 2072 2073 unsigned int table = (route->flags & (DEVROUTE_TABLE | DEVROUTE_SRCTABLE)) 2074 ? route->table : RT_TABLE_MAIN; 2075 2076 struct rtmsg rtm = { 2077 .rtm_family = (alen == 4) ? AF_INET : AF_INET6, 2078 .rtm_dst_len = route->mask, 2079 .rtm_src_len = route->sourcemask, 2080 .rtm_table = (table < 256) ? table : RT_TABLE_UNSPEC, 2081 .rtm_protocol = (route->flags & DEVROUTE_PROTO) ? route->proto : RTPROT_STATIC, 2082 .rtm_scope = RT_SCOPE_NOWHERE, 2083 .rtm_type = (cmd == RTM_DELROUTE) ? 0: RTN_UNICAST, 2084 .rtm_flags = (route->flags & DEVROUTE_ONLINK) ? RTNH_F_ONLINK : 0, 2085 }; 2086 struct nl_msg *msg; 2087 2088 if (cmd == RTM_NEWROUTE) { 2089 flags |= NLM_F_CREATE | NLM_F_REPLACE; 2090 2091 if (!dev) { /* Add null-route */ 2092 rtm.rtm_scope = RT_SCOPE_UNIVERSE; 2093 rtm.rtm_type = RTN_UNREACHABLE; 2094 } 2095 else 2096 rtm.rtm_scope = (have_gw) ? RT_SCOPE_UNIVERSE : RT_SCOPE_LINK; 2097 } 2098 2099 if (route->flags & DEVROUTE_TYPE) { 2100 rtm.rtm_type = route->type; 2101 if (!(route->flags & (DEVROUTE_TABLE | DEVROUTE_SRCTABLE))) { 2102 if (rtm.rtm_type == RTN_LOCAL || rtm.rtm_type == RTN_BROADCAST || 2103 rtm.rtm_type == RTN_NAT || rtm.rtm_type == RTN_ANYCAST) 2104 rtm.rtm_table = RT_TABLE_LOCAL; 2105 } 2106 2107 if (rtm.rtm_type == RTN_LOCAL || rtm.rtm_type == RTN_NAT) { 2108 rtm.rtm_scope = RT_SCOPE_HOST; 2109 } else if (rtm.rtm_type == RTN_BROADCAST || rtm.rtm_type == RTN_MULTICAST || 2110 rtm.rtm_type == RTN_ANYCAST) { 2111 rtm.rtm_scope = RT_SCOPE_LINK; 2112 } else if (rtm.rtm_type == RTN_BLACKHOLE || rtm.rtm_type == RTN_UNREACHABLE || 2113 rtm.rtm_type == RTN_PROHIBIT || rtm.rtm_type == RTN_FAILED_POLICY || 2114 rtm.rtm_type == RTN_THROW) { 2115 rtm.rtm_scope = RT_SCOPE_UNIVERSE; 2116 dev = NULL; 2117 } 2118 } 2119 2120 msg = nlmsg_alloc_simple(cmd, flags); 2121 if (!msg) 2122 return -1; 2123 2124 nlmsg_append(msg, &rtm, sizeof(rtm), 0); 2125 2126 if (route->mask) 2127 nla_put(msg, RTA_DST, alen, &route->addr); 2128 2129 if (route->sourcemask) { 2130 if (rtm.rtm_family == AF_INET) 2131 nla_put(msg, RTA_PREFSRC, alen, &route->source); 2132 else 2133 nla_put(msg, RTA_SRC, alen, &route->source); 2134 } 2135 2136 if (route->metric > 0) 2137 nla_put_u32(msg, RTA_PRIORITY, route->metric); 2138 2139 if (have_gw) 2140 nla_put(msg, RTA_GATEWAY, alen, &route->nexthop); 2141 2142 if (dev) 2143 nla_put_u32(msg, RTA_OIF, dev->ifindex); 2144 2145 if (table >= 256) 2146 nla_put_u32(msg, RTA_TABLE, table); 2147 2148 if (route->flags & DEVROUTE_MTU) { 2149 struct nlattr *metrics; 2150 2151 if (!(metrics = nla_nest_start(msg, RTA_METRICS))) 2152 goto nla_put_failure; 2153 2154 nla_put_u32(msg, RTAX_MTU, route->mtu); 2155 2156 nla_nest_end(msg, metrics); 2157 } 2158 2159 return system_rtnl_call(msg); 2160 2161 nla_put_failure: 2162 nlmsg_free(msg); 2163 return -ENOMEM; 2164 } 2165 2166 int system_add_route(struct device *dev, struct device_route *route) 2167 { 2168 return system_rt(dev, route, RTM_NEWROUTE); 2169 } 2170 2171 int system_del_route(struct device *dev, struct device_route *route) 2172 { 2173 return system_rt(dev, route, RTM_DELROUTE); 2174 } 2175 2176 int system_flush_routes(void) 2177 { 2178 const char *names[] = { 2179 "/proc/sys/net/ipv4/route/flush", 2180 "/proc/sys/net/ipv6/route/flush" 2181 }; 2182 int fd, i; 2183 2184 for (i = 0; i < ARRAY_SIZE(names); i++) { 2185 fd = open(names[i], O_WRONLY); 2186 if (fd < 0) 2187 continue; 2188 2189 if (write(fd, "-1", 2)) {} 2190 close(fd); 2191 } 2192 return 0; 2193 } 2194 2195 bool system_resolve_rt_type(const char *type, unsigned int *id) 2196 { 2197 return system_rtn_aton(type, id); 2198 } 2199 2200 bool system_resolve_rt_proto(const char *type, unsigned int *id) 2201 { 2202 FILE *f; 2203 char *e, buf[128]; 2204 unsigned int n, proto = 256; 2205 n = strtoul(type, &e, 0); 2206 if (!*e && e != type) 2207 proto = n; 2208 else if (!strcmp(type, "unspec")) 2209 proto = RTPROT_UNSPEC; 2210 else if (!strcmp(type, "kernel")) 2211 proto = RTPROT_KERNEL; 2212 else if (!strcmp(type, "boot")) 2213 proto = RTPROT_BOOT; 2214 else if (!strcmp(type, "static")) 2215 proto = RTPROT_STATIC; 2216 else if ((f = fopen("/etc/iproute2/rt_protos", "r")) != NULL) { 2217 while (fgets(buf, sizeof(buf) - 1, f) != NULL) { 2218 if ((e = strtok(buf, " \t\n")) == NULL || *e == '#') 2219 continue; 2220 2221 n = strtoul(e, NULL, 10); 2222 e = strtok(NULL, " \t\n"); 2223 2224 if (e && !strcmp(e, type)) { 2225 proto = n; 2226 break; 2227 } 2228 } 2229 fclose(f); 2230 } 2231 2232 if (proto > 255) 2233 return false; 2234 2235 *id = proto; 2236 return true; 2237 } 2238 2239 bool system_resolve_rt_table(const char *name, unsigned int *id) 2240 { 2241 FILE *f; 2242 char *e, buf[128]; 2243 unsigned int n, table = RT_TABLE_UNSPEC; 2244 2245 /* first try to parse table as number */ 2246 if ((n = strtoul(name, &e, 0)) > 0 && !*e) 2247 table = n; 2248 2249 /* handle well known aliases */ 2250 else if (!strcmp(name, "default")) 2251 table = RT_TABLE_DEFAULT; 2252 else if (!strcmp(name, "main")) 2253 table = RT_TABLE_MAIN; 2254 else if (!strcmp(name, "local")) 2255 table = RT_TABLE_LOCAL; 2256 2257 /* try to look up name in /etc/iproute2/rt_tables */ 2258 else if ((f = fopen("/etc/iproute2/rt_tables", "r")) != NULL) 2259 { 2260 while (fgets(buf, sizeof(buf) - 1, f) != NULL) 2261 { 2262 if ((e = strtok(buf, " \t\n")) == NULL || *e == '#') 2263 continue; 2264 2265 n = strtoul(e, NULL, 10); 2266 e = strtok(NULL, " \t\n"); 2267 2268 if (e && !strcmp(e, name)) 2269 { 2270 table = n; 2271 break; 2272 } 2273 } 2274 2275 fclose(f); 2276 } 2277 2278 if (table == RT_TABLE_UNSPEC) 2279 return false; 2280 2281 *id = table; 2282 return true; 2283 } 2284 2285 bool system_is_default_rt_table(unsigned int id) 2286 { 2287 return (id == RT_TABLE_MAIN); 2288 } 2289 2290 bool system_resolve_rpfilter(const char *filter, unsigned int *id) 2291 { 2292 char *e; 2293 unsigned int n; 2294 2295 if (!strcmp(filter, "strict")) 2296 n = 1; 2297 else if (!strcmp(filter, "loose")) 2298 n = 2; 2299 else { 2300 n = strtoul(filter, &e, 0); 2301 if (*e || e == filter || n > 2) 2302 return false; 2303 } 2304 2305 *id = n; 2306 return true; 2307 } 2308 2309 static int system_iprule(struct iprule *rule, int cmd) 2310 { 2311 int alen = ((rule->flags & IPRULE_FAMILY) == IPRULE_INET4) ? 4 : 16; 2312 2313 struct nl_msg *msg; 2314 struct rtmsg rtm = { 2315 .rtm_family = (alen == 4) ? AF_INET : AF_INET6, 2316 .rtm_protocol = RTPROT_STATIC, 2317 .rtm_scope = RT_SCOPE_UNIVERSE, 2318 .rtm_table = RT_TABLE_UNSPEC, 2319 .rtm_type = RTN_UNSPEC, 2320 .rtm_flags = 0, 2321 }; 2322 2323 if (cmd == RTM_NEWRULE) 2324 rtm.rtm_type = RTN_UNICAST; 2325 2326 if (rule->invert) 2327 rtm.rtm_flags |= FIB_RULE_INVERT; 2328 2329 if (rule->flags & IPRULE_SRC) 2330 rtm.rtm_src_len = rule->src_mask; 2331 2332 if (rule->flags & IPRULE_DEST) 2333 rtm.rtm_dst_len = rule->dest_mask; 2334 2335 if (rule->flags & IPRULE_TOS) 2336 rtm.rtm_tos = rule->tos; 2337 2338 if (rule->flags & IPRULE_LOOKUP) { 2339 if (rule->lookup < 256) 2340 rtm.rtm_table = rule->lookup; 2341 } 2342 2343 if (rule->flags & IPRULE_ACTION) 2344 rtm.rtm_type = rule->action; 2345 else if (rule->flags & IPRULE_GOTO) 2346 rtm.rtm_type = FR_ACT_GOTO; 2347 else if (!(rule->flags & (IPRULE_LOOKUP | IPRULE_ACTION | IPRULE_GOTO))) 2348 rtm.rtm_type = FR_ACT_NOP; 2349 2350 msg = nlmsg_alloc_simple(cmd, NLM_F_REQUEST); 2351 2352 if (!msg) 2353 return -1; 2354 2355 nlmsg_append(msg, &rtm, sizeof(rtm), 0); 2356 2357 if (rule->flags & IPRULE_IN) 2358 nla_put(msg, FRA_IFNAME, strlen(rule->in_dev) + 1, rule->in_dev); 2359 2360 if (rule->flags & IPRULE_OUT) 2361 nla_put(msg, FRA_OIFNAME, strlen(rule->out_dev) + 1, rule->out_dev); 2362 2363 if (rule->flags & IPRULE_SRC) 2364 nla_put(msg, FRA_SRC, alen, &rule->src_addr); 2365 2366 if (rule->flags & IPRULE_DEST) 2367 nla_put(msg, FRA_DST, alen, &rule->dest_addr); 2368 2369 if (rule->flags & IPRULE_PRIORITY) 2370 nla_put_u32(msg, FRA_PRIORITY, rule->priority); 2371 else if (cmd == RTM_NEWRULE) 2372 nla_put_u32(msg, FRA_PRIORITY, rule->order); 2373 2374 if (rule->flags & IPRULE_FWMARK) 2375 nla_put_u32(msg, FRA_FWMARK, rule->fwmark); 2376 2377 if (rule->flags & IPRULE_FWMASK) 2378 nla_put_u32(msg, FRA_FWMASK, rule->fwmask); 2379 2380 if (rule->flags & IPRULE_LOOKUP) { 2381 if (rule->lookup >= 256) 2382 nla_put_u32(msg, FRA_TABLE, rule->lookup); 2383 } 2384 2385 if (rule->flags & IPRULE_SUP_PREFIXLEN) 2386 nla_put_u32(msg, FRA_SUPPRESS_PREFIXLEN, rule->sup_prefixlen); 2387 2388 if (rule->flags & IPRULE_GOTO) 2389 nla_put_u32(msg, FRA_GOTO, rule->gotoid); 2390 2391 return system_rtnl_call(msg); 2392 } 2393 2394 int system_add_iprule(struct iprule *rule) 2395 { 2396 return system_iprule(rule, RTM_NEWRULE); 2397 } 2398 2399 int system_del_iprule(struct iprule *rule) 2400 { 2401 return system_iprule(rule, RTM_DELRULE); 2402 } 2403 2404 int system_flush_iprules(void) 2405 { 2406 int rv = 0; 2407 struct iprule rule; 2408 2409 system_if_clear_entries(NULL, RTM_GETRULE, AF_INET); 2410 system_if_clear_entries(NULL, RTM_GETRULE, AF_INET6); 2411 2412 memset(&rule, 0, sizeof(rule)); 2413 2414 2415 rule.flags = IPRULE_INET4 | IPRULE_PRIORITY | IPRULE_LOOKUP; 2416 2417 rule.priority = 0; 2418 rule.lookup = RT_TABLE_LOCAL; 2419 rv |= system_iprule(&rule, RTM_NEWRULE); 2420 2421 rule.priority = 32766; 2422 rule.lookup = RT_TABLE_MAIN; 2423 rv |= system_iprule(&rule, RTM_NEWRULE); 2424 2425 rule.priority = 32767; 2426 rule.lookup = RT_TABLE_DEFAULT; 2427 rv |= system_iprule(&rule, RTM_NEWRULE); 2428 2429 2430 rule.flags = IPRULE_INET6 | IPRULE_PRIORITY | IPRULE_LOOKUP; 2431 2432 rule.priority = 0; 2433 rule.lookup = RT_TABLE_LOCAL; 2434 rv |= system_iprule(&rule, RTM_NEWRULE); 2435 2436 rule.priority = 32766; 2437 rule.lookup = RT_TABLE_MAIN; 2438 rv |= system_iprule(&rule, RTM_NEWRULE); 2439 2440 return rv; 2441 } 2442 2443 bool system_resolve_iprule_action(const char *action, unsigned int *id) 2444 { 2445 return system_rtn_aton(action, id); 2446 } 2447 2448 time_t system_get_rtime(void) 2449 { 2450 struct timespec ts; 2451 struct timeval tv; 2452 2453 if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) 2454 return ts.tv_sec; 2455 2456 if (gettimeofday(&tv, NULL) == 0) 2457 return tv.tv_sec; 2458 2459 return 0; 2460 } 2461 2462 #ifndef IP_DF 2463 #define IP_DF 0x4000 2464 #endif 2465 2466 static int tunnel_ioctl(const char *name, int cmd, void *p) 2467 { 2468 struct ifreq ifr; 2469 2470 memset(&ifr, 0, sizeof(ifr)); 2471 strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name) - 1); 2472 ifr.ifr_ifru.ifru_data = p; 2473 return ioctl(sock_ioctl, cmd, &ifr); 2474 } 2475 2476 #ifdef IFLA_IPTUN_MAX 2477 static int system_add_ip6_tunnel(const char *name, const unsigned int link, 2478 struct blob_attr **tb) 2479 { 2480 struct nl_msg *nlm = nlmsg_alloc_simple(RTM_NEWLINK, 2481 NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE); 2482 struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC }; 2483 struct blob_attr *cur; 2484 int ret = 0, ttl = 0; 2485 2486 if (!nlm) 2487 return -1; 2488 2489 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 2490 nla_put_string(nlm, IFLA_IFNAME, name); 2491 2492 if (link) 2493 nla_put_u32(nlm, IFLA_LINK, link); 2494 2495 struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO); 2496 if (!linkinfo) { 2497 ret = -ENOMEM; 2498 goto failure; 2499 } 2500 2501 nla_put_string(nlm, IFLA_INFO_KIND, "ip6tnl"); 2502 struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA); 2503 if (!infodata) { 2504 ret = -ENOMEM; 2505 goto failure; 2506 } 2507 2508 if (link) 2509 nla_put_u32(nlm, IFLA_IPTUN_LINK, link); 2510 2511 if ((cur = tb[TUNNEL_ATTR_TTL])) 2512 ttl = blobmsg_get_u32(cur); 2513 2514 nla_put_u8(nlm, IFLA_IPTUN_PROTO, IPPROTO_IPIP); 2515 nla_put_u8(nlm, IFLA_IPTUN_TTL, (ttl) ? ttl : 64); 2516 2517 struct in6_addr in6buf; 2518 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 2519 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 2520 ret = -EINVAL; 2521 goto failure; 2522 } 2523 nla_put(nlm, IFLA_IPTUN_LOCAL, sizeof(in6buf), &in6buf); 2524 } 2525 2526 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 2527 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 2528 ret = -EINVAL; 2529 goto failure; 2530 } 2531 nla_put(nlm, IFLA_IPTUN_REMOTE, sizeof(in6buf), &in6buf); 2532 } 2533 2534 if ((cur = tb[TUNNEL_ATTR_DATA])) { 2535 struct blob_attr *tb_data[__IPIP6_DATA_ATTR_MAX]; 2536 uint32_t tun_flags = IP6_TNL_F_IGN_ENCAP_LIMIT; 2537 2538 blobmsg_parse(ipip6_data_attr_list.params, __IPIP6_DATA_ATTR_MAX, tb_data, 2539 blobmsg_data(cur), blobmsg_len(cur)); 2540 2541 if ((cur = tb_data[IPIP6_DATA_ENCAPLIMIT])) { 2542 char *str = blobmsg_get_string(cur); 2543 2544 if (strcmp(str, "ignore")) { 2545 char *e; 2546 unsigned encap_limit = strtoul(str, &e, 0); 2547 2548 if (e == str || *e || encap_limit > 255) { 2549 ret = -EINVAL; 2550 goto failure; 2551 } 2552 2553 nla_put_u8(nlm, IFLA_IPTUN_ENCAP_LIMIT, encap_limit); 2554 tun_flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT; 2555 } 2556 } 2557 2558 #ifdef IFLA_IPTUN_FMR_MAX 2559 if ((cur = tb_data[IPIP6_DATA_FMRS])) { 2560 struct blob_attr *rcur; 2561 unsigned rrem, fmrcnt = 0; 2562 struct nlattr *fmrs = nla_nest_start(nlm, IFLA_IPTUN_FMRS); 2563 2564 if (!fmrs) { 2565 ret = -ENOMEM; 2566 goto failure; 2567 } 2568 2569 blobmsg_for_each_attr(rcur, cur, rrem) { 2570 struct blob_attr *tb_fmr[__FMR_DATA_ATTR_MAX], *tb_cur; 2571 struct in6_addr ip6prefix; 2572 struct in_addr ip4prefix; 2573 unsigned ip4len, ip6len, ealen, offset; 2574 2575 blobmsg_parse(fmr_data_attr_list.params, __FMR_DATA_ATTR_MAX, tb_fmr, 2576 blobmsg_data(rcur), blobmsg_len(rcur)); 2577 2578 if (!(tb_cur = tb_fmr[FMR_DATA_PREFIX6]) || 2579 !parse_ip_and_netmask(AF_INET6, 2580 blobmsg_data(tb_cur), &ip6prefix, 2581 &ip6len)) { 2582 ret = -EINVAL; 2583 goto failure; 2584 } 2585 2586 if (!(tb_cur = tb_fmr[FMR_DATA_PREFIX4]) || 2587 !parse_ip_and_netmask(AF_INET, 2588 blobmsg_data(tb_cur), &ip4prefix, 2589 &ip4len)) { 2590 ret = -EINVAL; 2591 goto failure; 2592 } 2593 2594 if (!(tb_cur = tb_fmr[FMR_DATA_EALEN])) { 2595 ret = -EINVAL; 2596 goto failure; 2597 } 2598 ealen = blobmsg_get_u32(tb_cur); 2599 2600 if (!(tb_cur = tb_fmr[FMR_DATA_OFFSET])) { 2601 ret = -EINVAL; 2602 goto failure; 2603 } 2604 offset = blobmsg_get_u32(tb_cur); 2605 2606 struct nlattr *rule = nla_nest_start(nlm, ++fmrcnt); 2607 if (!rule) { 2608 ret = -ENOMEM; 2609 goto failure; 2610 } 2611 2612 nla_put(nlm, IFLA_IPTUN_FMR_IP6_PREFIX, sizeof(ip6prefix), &ip6prefix); 2613 nla_put(nlm, IFLA_IPTUN_FMR_IP4_PREFIX, sizeof(ip4prefix), &ip4prefix); 2614 nla_put_u8(nlm, IFLA_IPTUN_FMR_IP6_PREFIX_LEN, ip6len); 2615 nla_put_u8(nlm, IFLA_IPTUN_FMR_IP4_PREFIX_LEN, ip4len); 2616 nla_put_u8(nlm, IFLA_IPTUN_FMR_EA_LEN, ealen); 2617 nla_put_u8(nlm, IFLA_IPTUN_FMR_OFFSET, offset); 2618 2619 nla_nest_end(nlm, rule); 2620 } 2621 2622 nla_nest_end(nlm, fmrs); 2623 } 2624 #endif 2625 if (tun_flags) 2626 nla_put_u32(nlm, IFLA_IPTUN_FLAGS, tun_flags); 2627 } 2628 2629 nla_nest_end(nlm, infodata); 2630 nla_nest_end(nlm, linkinfo); 2631 2632 return system_rtnl_call(nlm); 2633 2634 failure: 2635 nlmsg_free(nlm); 2636 return ret; 2637 } 2638 #endif 2639 2640 #ifdef IFLA_IPTUN_MAX 2641 #define IP6_FLOWINFO_TCLASS htonl(0x0FF00000) 2642 static int system_add_gre_tunnel(const char *name, const char *kind, 2643 const unsigned int link, struct blob_attr **tb, bool v6) 2644 { 2645 struct nl_msg *nlm; 2646 struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC, }; 2647 struct blob_attr *cur; 2648 uint32_t ikey = 0, okey = 0, flowinfo = 0, flags6 = IP6_TNL_F_IGN_ENCAP_LIMIT; 2649 uint16_t iflags = 0, oflags = 0; 2650 uint8_t tos = 0; 2651 int ret = 0, ttl = 0; 2652 unsigned encap_limit = 0; 2653 2654 nlm = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE); 2655 if (!nlm) 2656 return -1; 2657 2658 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 2659 nla_put_string(nlm, IFLA_IFNAME, name); 2660 2661 struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO); 2662 if (!linkinfo) { 2663 ret = -ENOMEM; 2664 goto failure; 2665 } 2666 2667 nla_put_string(nlm, IFLA_INFO_KIND, kind); 2668 struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA); 2669 if (!infodata) { 2670 ret = -ENOMEM; 2671 goto failure; 2672 } 2673 2674 if (link) 2675 nla_put_u32(nlm, IFLA_GRE_LINK, link); 2676 2677 if ((cur = tb[TUNNEL_ATTR_TTL])) 2678 ttl = blobmsg_get_u32(cur); 2679 2680 if ((cur = tb[TUNNEL_ATTR_TOS])) { 2681 char *str = blobmsg_get_string(cur); 2682 if (strcmp(str, "inherit")) { 2683 unsigned uval; 2684 2685 if (!system_tos_aton(str, &uval)) { 2686 ret = -EINVAL; 2687 goto failure; 2688 } 2689 2690 if (v6) 2691 flowinfo |= htonl(uval << 20) & IP6_FLOWINFO_TCLASS; 2692 else 2693 tos = uval; 2694 } else { 2695 if (v6) 2696 flags6 |= IP6_TNL_F_USE_ORIG_TCLASS; 2697 else 2698 tos = 1; 2699 } 2700 } 2701 2702 if ((cur = tb[TUNNEL_ATTR_DATA])) { 2703 struct blob_attr *tb_data[__GRE_DATA_ATTR_MAX]; 2704 2705 blobmsg_parse(gre_data_attr_list.params, __GRE_DATA_ATTR_MAX, tb_data, 2706 blobmsg_data(cur), blobmsg_len(cur)); 2707 2708 if ((cur = tb_data[GRE_DATA_IKEY])) { 2709 if ((ikey = blobmsg_get_u32(cur))) 2710 iflags |= GRE_KEY; 2711 } 2712 2713 if ((cur = tb_data[GRE_DATA_OKEY])) { 2714 if ((okey = blobmsg_get_u32(cur))) 2715 oflags |= GRE_KEY; 2716 } 2717 2718 if ((cur = tb_data[GRE_DATA_ICSUM])) { 2719 if (blobmsg_get_bool(cur)) 2720 iflags |= GRE_CSUM; 2721 } 2722 2723 if ((cur = tb_data[GRE_DATA_OCSUM])) { 2724 if (blobmsg_get_bool(cur)) 2725 oflags |= GRE_CSUM; 2726 } 2727 2728 if ((cur = tb_data[GRE_DATA_ISEQNO])) { 2729 if (blobmsg_get_bool(cur)) 2730 iflags |= GRE_SEQ; 2731 } 2732 2733 if ((cur = tb_data[GRE_DATA_OSEQNO])) { 2734 if (blobmsg_get_bool(cur)) 2735 oflags |= GRE_SEQ; 2736 } 2737 2738 if ((cur = tb_data[GRE_DATA_ENCAPLIMIT])) { 2739 char *str = blobmsg_get_string(cur); 2740 2741 if (strcmp(str, "ignore")) { 2742 char *e; 2743 2744 encap_limit = strtoul(str, &e, 0); 2745 2746 if (e == str || *e || encap_limit > 255) { 2747 ret = -EINVAL; 2748 goto failure; 2749 } 2750 2751 flags6 &= ~IP6_TNL_F_IGN_ENCAP_LIMIT; 2752 } 2753 } 2754 } 2755 2756 if (v6) { 2757 struct in6_addr in6buf; 2758 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 2759 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 2760 ret = -EINVAL; 2761 goto failure; 2762 } 2763 nla_put(nlm, IFLA_GRE_LOCAL, sizeof(in6buf), &in6buf); 2764 } 2765 2766 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 2767 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 2768 ret = -EINVAL; 2769 goto failure; 2770 } 2771 nla_put(nlm, IFLA_GRE_REMOTE, sizeof(in6buf), &in6buf); 2772 } 2773 2774 if (!(flags6 & IP6_TNL_F_IGN_ENCAP_LIMIT)) 2775 nla_put_u8(nlm, IFLA_GRE_ENCAP_LIMIT, encap_limit); 2776 2777 if (flowinfo) 2778 nla_put_u32(nlm, IFLA_GRE_FLOWINFO, flowinfo); 2779 2780 if (flags6) 2781 nla_put_u32(nlm, IFLA_GRE_FLAGS, flags6); 2782 2783 if (!ttl) 2784 ttl = 64; 2785 } else { 2786 struct in_addr inbuf; 2787 bool set_df = true; 2788 2789 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 2790 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 2791 ret = -EINVAL; 2792 goto failure; 2793 } 2794 nla_put(nlm, IFLA_GRE_LOCAL, sizeof(inbuf), &inbuf); 2795 } 2796 2797 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 2798 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 2799 ret = -EINVAL; 2800 goto failure; 2801 } 2802 nla_put(nlm, IFLA_GRE_REMOTE, sizeof(inbuf), &inbuf); 2803 2804 if (IN_MULTICAST(ntohl(inbuf.s_addr))) { 2805 if (!okey) { 2806 okey = inbuf.s_addr; 2807 oflags |= GRE_KEY; 2808 } 2809 2810 if (!ikey) { 2811 ikey = inbuf.s_addr; 2812 iflags |= GRE_KEY; 2813 } 2814 } 2815 } 2816 2817 if ((cur = tb[TUNNEL_ATTR_DF])) 2818 set_df = blobmsg_get_bool(cur); 2819 2820 if (!set_df) { 2821 /* ttl != 0 and nopmtudisc are incompatible */ 2822 if (ttl) { 2823 ret = -EINVAL; 2824 goto failure; 2825 } 2826 } else if (!ttl) 2827 ttl = 64; 2828 2829 nla_put_u8(nlm, IFLA_GRE_PMTUDISC, set_df ? 1 : 0); 2830 2831 nla_put_u8(nlm, IFLA_GRE_TOS, tos); 2832 } 2833 2834 if (ttl) 2835 nla_put_u8(nlm, IFLA_GRE_TTL, ttl); 2836 2837 if (oflags) 2838 nla_put_u16(nlm, IFLA_GRE_OFLAGS, oflags); 2839 2840 if (iflags) 2841 nla_put_u16(nlm, IFLA_GRE_IFLAGS, iflags); 2842 2843 if (okey) 2844 nla_put_u32(nlm, IFLA_GRE_OKEY, htonl(okey)); 2845 2846 if (ikey) 2847 nla_put_u32(nlm, IFLA_GRE_IKEY, htonl(ikey)); 2848 2849 nla_nest_end(nlm, infodata); 2850 nla_nest_end(nlm, linkinfo); 2851 2852 return system_rtnl_call(nlm); 2853 2854 failure: 2855 nlmsg_free(nlm); 2856 return ret; 2857 } 2858 #endif 2859 2860 #ifdef IFLA_VTI_MAX 2861 static int system_add_vti_tunnel(const char *name, const char *kind, 2862 const unsigned int link, struct blob_attr **tb, bool v6) 2863 { 2864 struct nl_msg *nlm; 2865 struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC, }; 2866 struct blob_attr *cur; 2867 int ret = 0; 2868 2869 nlm = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE); 2870 if (!nlm) 2871 return -1; 2872 2873 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 2874 nla_put_string(nlm, IFLA_IFNAME, name); 2875 2876 struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO); 2877 if (!linkinfo) { 2878 ret = -ENOMEM; 2879 goto failure; 2880 } 2881 2882 nla_put_string(nlm, IFLA_INFO_KIND, kind); 2883 struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA); 2884 if (!infodata) { 2885 ret = -ENOMEM; 2886 goto failure; 2887 } 2888 2889 if (link) 2890 nla_put_u32(nlm, IFLA_VTI_LINK, link); 2891 2892 if (v6) { 2893 struct in6_addr in6buf; 2894 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 2895 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 2896 ret = -EINVAL; 2897 goto failure; 2898 } 2899 nla_put(nlm, IFLA_VTI_LOCAL, sizeof(in6buf), &in6buf); 2900 } 2901 2902 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 2903 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 2904 ret = -EINVAL; 2905 goto failure; 2906 } 2907 nla_put(nlm, IFLA_VTI_REMOTE, sizeof(in6buf), &in6buf); 2908 } 2909 2910 } else { 2911 struct in_addr inbuf; 2912 2913 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 2914 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 2915 ret = -EINVAL; 2916 goto failure; 2917 } 2918 nla_put(nlm, IFLA_VTI_LOCAL, sizeof(inbuf), &inbuf); 2919 } 2920 2921 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 2922 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 2923 ret = -EINVAL; 2924 goto failure; 2925 } 2926 nla_put(nlm, IFLA_VTI_REMOTE, sizeof(inbuf), &inbuf); 2927 } 2928 2929 } 2930 2931 if ((cur = tb[TUNNEL_ATTR_DATA])) { 2932 struct blob_attr *tb_data[__VTI_DATA_ATTR_MAX]; 2933 uint32_t ikey = 0, okey = 0; 2934 2935 blobmsg_parse(vti_data_attr_list.params, __VTI_DATA_ATTR_MAX, tb_data, 2936 blobmsg_data(cur), blobmsg_len(cur)); 2937 2938 if ((cur = tb_data[VTI_DATA_IKEY])) { 2939 if ((ikey = blobmsg_get_u32(cur))) 2940 nla_put_u32(nlm, IFLA_VTI_IKEY, htonl(ikey)); 2941 } 2942 2943 if ((cur = tb_data[VTI_DATA_OKEY])) { 2944 if ((okey = blobmsg_get_u32(cur))) 2945 nla_put_u32(nlm, IFLA_VTI_OKEY, htonl(okey)); 2946 } 2947 } 2948 2949 nla_nest_end(nlm, infodata); 2950 nla_nest_end(nlm, linkinfo); 2951 2952 return system_rtnl_call(nlm); 2953 2954 failure: 2955 nlmsg_free(nlm); 2956 return ret; 2957 } 2958 #endif 2959 2960 #ifdef IFLA_XFRM_MAX 2961 static int system_add_xfrm_tunnel(const char *name, const char *kind, 2962 const unsigned int link, struct blob_attr **tb) 2963 { 2964 struct nl_msg *nlm; 2965 struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC, }; 2966 struct blob_attr *cur; 2967 int ret = 0; 2968 2969 nlm = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE); 2970 if (!nlm) 2971 return -1; 2972 2973 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 2974 nla_put_string(nlm, IFLA_IFNAME, name); 2975 2976 struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO); 2977 if (!linkinfo) { 2978 ret = -ENOMEM; 2979 goto failure; 2980 } 2981 2982 nla_put_string(nlm, IFLA_INFO_KIND, kind); 2983 struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA); 2984 if (!infodata) { 2985 ret = -ENOMEM; 2986 goto failure; 2987 } 2988 2989 if (link) 2990 nla_put_u32(nlm, IFLA_XFRM_LINK, link); 2991 2992 if ((cur = tb[TUNNEL_ATTR_DATA])) { 2993 struct blob_attr *tb_data[__XFRM_DATA_ATTR_MAX]; 2994 uint32_t if_id = 0; 2995 2996 blobmsg_parse(xfrm_data_attr_list.params, __XFRM_DATA_ATTR_MAX, tb_data, 2997 blobmsg_data(cur), blobmsg_len(cur)); 2998 2999 if ((cur = tb_data[XFRM_DATA_IF_ID])) { 3000 if ((if_id = blobmsg_get_u32(cur))) 3001 nla_put_u32(nlm, IFLA_XFRM_IF_ID, if_id); 3002 } 3003 3004 } 3005 3006 nla_nest_end(nlm, infodata); 3007 nla_nest_end(nlm, linkinfo); 3008 3009 return system_rtnl_call(nlm); 3010 3011 failure: 3012 nlmsg_free(nlm); 3013 return ret; 3014 } 3015 #endif 3016 3017 #ifdef IFLA_VXLAN_MAX 3018 static int system_add_vxlan(const char *name, const unsigned int link, struct blob_attr **tb, bool v6) 3019 { 3020 struct blob_attr *tb_data[__VXLAN_DATA_ATTR_MAX]; 3021 struct nl_msg *msg; 3022 struct nlattr *linkinfo, *data; 3023 struct ifinfomsg iim = { .ifi_family = AF_UNSPEC, }; 3024 struct blob_attr *cur; 3025 int ret = 0; 3026 3027 if ((cur = tb[TUNNEL_ATTR_DATA])) 3028 blobmsg_parse(vxlan_data_attr_list.params, __VXLAN_DATA_ATTR_MAX, tb_data, 3029 blobmsg_data(cur), blobmsg_len(cur)); 3030 else 3031 return -EINVAL; 3032 3033 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); 3034 3035 if (!msg) 3036 return -1; 3037 3038 nlmsg_append(msg, &iim, sizeof(iim), 0); 3039 3040 nla_put_string(msg, IFLA_IFNAME, name); 3041 3042 if ((cur = tb_data[VXLAN_DATA_ATTR_MACADDR])) { 3043 struct ether_addr *ea = ether_aton(blobmsg_get_string(cur)); 3044 if (!ea) { 3045 ret = -EINVAL; 3046 goto failure; 3047 } 3048 3049 nla_put(msg, IFLA_ADDRESS, ETH_ALEN, ea); 3050 } 3051 3052 if ((cur = tb[TUNNEL_ATTR_MTU])) { 3053 uint32_t mtu = blobmsg_get_u32(cur); 3054 nla_put_u32(msg, IFLA_MTU, mtu); 3055 } 3056 3057 if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO))) { 3058 ret = -ENOMEM; 3059 goto failure; 3060 } 3061 3062 nla_put_string(msg, IFLA_INFO_KIND, "vxlan"); 3063 3064 if (!(data = nla_nest_start(msg, IFLA_INFO_DATA))) { 3065 ret = -ENOMEM; 3066 goto failure; 3067 } 3068 3069 if (link) 3070 nla_put_u32(msg, IFLA_VXLAN_LINK, link); 3071 3072 if ((cur = tb_data[VXLAN_DATA_ATTR_ID])) { 3073 uint32_t id = blobmsg_get_u32(cur); 3074 if (id >= (1u << 24) - 1) { 3075 ret = -EINVAL; 3076 goto failure; 3077 } 3078 3079 nla_put_u32(msg, IFLA_VXLAN_ID, id); 3080 } 3081 3082 if (v6) { 3083 struct in6_addr in6buf; 3084 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3085 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3086 ret = -EINVAL; 3087 goto failure; 3088 } 3089 nla_put(msg, IFLA_VXLAN_LOCAL6, sizeof(in6buf), &in6buf); 3090 } 3091 3092 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3093 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3094 ret = -EINVAL; 3095 goto failure; 3096 } 3097 nla_put(msg, IFLA_VXLAN_GROUP6, sizeof(in6buf), &in6buf); 3098 } 3099 } else { 3100 struct in_addr inbuf; 3101 3102 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3103 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 3104 ret = -EINVAL; 3105 goto failure; 3106 } 3107 nla_put(msg, IFLA_VXLAN_LOCAL, sizeof(inbuf), &inbuf); 3108 } 3109 3110 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3111 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 3112 ret = -EINVAL; 3113 goto failure; 3114 } 3115 nla_put(msg, IFLA_VXLAN_GROUP, sizeof(inbuf), &inbuf); 3116 } 3117 } 3118 3119 uint32_t port = 4789; 3120 if ((cur = tb_data[VXLAN_DATA_ATTR_PORT])) { 3121 port = blobmsg_get_u32(cur); 3122 if (port < 1 || port > 65535) { 3123 ret = -EINVAL; 3124 goto failure; 3125 } 3126 } 3127 nla_put_u16(msg, IFLA_VXLAN_PORT, htons(port)); 3128 3129 if ((cur = tb_data[VXLAN_DATA_ATTR_RXCSUM])) { 3130 bool rxcsum = blobmsg_get_bool(cur); 3131 nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, !rxcsum); 3132 } 3133 3134 if ((cur = tb_data[VXLAN_DATA_ATTR_TXCSUM])) { 3135 bool txcsum = blobmsg_get_bool(cur); 3136 nla_put_u8(msg, IFLA_VXLAN_UDP_CSUM, txcsum); 3137 nla_put_u8(msg, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, !txcsum); 3138 } 3139 3140 if ((cur = tb[TUNNEL_ATTR_TOS])) { 3141 char *str = blobmsg_get_string(cur); 3142 unsigned tos = 1; 3143 3144 if (strcmp(str, "inherit")) { 3145 if (!system_tos_aton(str, &tos)) { 3146 ret = -EINVAL; 3147 goto failure; 3148 } 3149 } 3150 3151 nla_put_u8(msg, IFLA_VXLAN_TOS, tos); 3152 } 3153 3154 if ((cur = tb[TUNNEL_ATTR_TTL])) { 3155 uint32_t ttl = blobmsg_get_u32(cur); 3156 if (ttl < 1 || ttl > 255) { 3157 ret = -EINVAL; 3158 goto failure; 3159 } 3160 3161 nla_put_u8(msg, IFLA_VXLAN_TTL, ttl); 3162 } 3163 3164 nla_nest_end(msg, data); 3165 nla_nest_end(msg, linkinfo); 3166 3167 ret = system_rtnl_call(msg); 3168 if (ret) 3169 D(SYSTEM, "Error adding vxlan '%s': %d\n", name, ret); 3170 3171 return ret; 3172 3173 failure: 3174 nlmsg_free(msg); 3175 return ret; 3176 } 3177 #endif 3178 3179 static int system_add_sit_tunnel(const char *name, const unsigned int link, struct blob_attr **tb) 3180 { 3181 struct blob_attr *cur; 3182 int ret = 0; 3183 3184 if (system_add_proto_tunnel(name, IPPROTO_IPV6, link, tb) < 0) 3185 return -1; 3186 3187 #ifdef SIOCADD6RD 3188 if ((cur = tb[TUNNEL_ATTR_DATA])) { 3189 struct blob_attr *tb_data[__SIXRD_DATA_ATTR_MAX]; 3190 unsigned int mask; 3191 struct ip_tunnel_6rd p6; 3192 3193 blobmsg_parse(sixrd_data_attr_list.params, __SIXRD_DATA_ATTR_MAX, tb_data, 3194 blobmsg_data(cur), blobmsg_len(cur)); 3195 3196 memset(&p6, 0, sizeof(p6)); 3197 3198 if ((cur = tb_data[SIXRD_DATA_PREFIX])) { 3199 if (!parse_ip_and_netmask(AF_INET6, blobmsg_data(cur), 3200 &p6.prefix, &mask) || mask > 128) { 3201 ret = -EINVAL; 3202 goto failure; 3203 } 3204 3205 p6.prefixlen = mask; 3206 } 3207 3208 if ((cur = tb_data[SIXRD_DATA_RELAY_PREFIX])) { 3209 if (!parse_ip_and_netmask(AF_INET, blobmsg_data(cur), 3210 &p6.relay_prefix, &mask) || mask > 32) { 3211 ret = -EINVAL; 3212 goto failure; 3213 } 3214 3215 p6.relay_prefixlen = mask; 3216 } 3217 3218 if (tunnel_ioctl(name, SIOCADD6RD, &p6) < 0) { 3219 ret = -1; 3220 goto failure; 3221 } 3222 } 3223 #endif 3224 3225 return ret; 3226 3227 failure: 3228 __system_del_ip_tunnel(name, tb); 3229 return ret; 3230 } 3231 3232 static int system_add_proto_tunnel(const char *name, const uint8_t proto, const unsigned int link, struct blob_attr **tb) 3233 { 3234 struct blob_attr *cur; 3235 bool set_df = true; 3236 struct ip_tunnel_parm p = { 3237 .link = link, 3238 .iph = { 3239 .version = 4, 3240 .ihl = 5, 3241 .protocol = proto, 3242 } 3243 }; 3244 3245 if ((cur = tb[TUNNEL_ATTR_LOCAL]) && 3246 inet_pton(AF_INET, blobmsg_data(cur), &p.iph.saddr) < 1) 3247 return -EINVAL; 3248 3249 if ((cur = tb[TUNNEL_ATTR_REMOTE]) && 3250 inet_pton(AF_INET, blobmsg_data(cur), &p.iph.daddr) < 1) 3251 return -EINVAL; 3252 3253 if ((cur = tb[TUNNEL_ATTR_DF])) 3254 set_df = blobmsg_get_bool(cur); 3255 3256 if ((cur = tb[TUNNEL_ATTR_TTL])) 3257 p.iph.ttl = blobmsg_get_u32(cur); 3258 3259 if ((cur = tb[TUNNEL_ATTR_TOS])) { 3260 char *str = blobmsg_get_string(cur); 3261 if (strcmp(str, "inherit")) { 3262 unsigned uval; 3263 3264 if (!system_tos_aton(str, &uval)) 3265 return -EINVAL; 3266 3267 p.iph.tos = uval; 3268 } else 3269 p.iph.tos = 1; 3270 } 3271 3272 p.iph.frag_off = set_df ? htons(IP_DF) : 0; 3273 /* ttl !=0 and nopmtudisc are incompatible */ 3274 if (p.iph.ttl && p.iph.frag_off == 0) 3275 return -EINVAL; 3276 3277 strncpy(p.name, name, sizeof(p.name) - 1); 3278 3279 switch (p.iph.protocol) { 3280 case IPPROTO_IPIP: 3281 return tunnel_ioctl("tunl0", SIOCADDTUNNEL, &p); 3282 case IPPROTO_IPV6: 3283 return tunnel_ioctl("sit0", SIOCADDTUNNEL, &p); 3284 default: 3285 break; 3286 } 3287 return -1; 3288 } 3289 3290 static int __system_del_ip_tunnel(const char *name, struct blob_attr **tb) 3291 { 3292 struct blob_attr *cur; 3293 const char *str; 3294 3295 if (!(cur = tb[TUNNEL_ATTR_TYPE])) 3296 return -EINVAL; 3297 str = blobmsg_data(cur); 3298 3299 if (!strcmp(str, "greip") || !strcmp(str, "gretapip") || 3300 !strcmp(str, "greip6") || !strcmp(str, "gretapip6") || 3301 !strcmp(str, "vtiip") || !strcmp(str, "vtiip6") || 3302 !strcmp(str, "vxlan") || !strcmp(str, "vxlan6") || 3303 !strcmp(str, "xfrm")) 3304 return system_link_del(name); 3305 else 3306 return tunnel_ioctl(name, SIOCDELTUNNEL, NULL); 3307 } 3308 3309 int system_del_ip_tunnel(const char *name, struct blob_attr *attr) 3310 { 3311 struct blob_attr *tb[__TUNNEL_ATTR_MAX]; 3312 3313 blobmsg_parse(tunnel_attr_list.params, __TUNNEL_ATTR_MAX, tb, 3314 blob_data(attr), blob_len(attr)); 3315 3316 return __system_del_ip_tunnel(name, tb); 3317 } 3318 3319 int system_update_ipv6_mtu(struct device *dev, int mtu) 3320 { 3321 int ret = -1; 3322 char buf[64]; 3323 int fd; 3324 3325 snprintf(buf, sizeof(buf), "/proc/sys/net/ipv6/conf/%s/mtu", 3326 dev->ifname); 3327 3328 fd = open(buf, O_RDWR); 3329 if (fd < 0) 3330 return ret; 3331 3332 if (!mtu) { 3333 ssize_t len = read(fd, buf, sizeof(buf) - 1); 3334 if (len < 0) 3335 goto out; 3336 3337 buf[len] = 0; 3338 ret = atoi(buf); 3339 } else { 3340 if (write(fd, buf, snprintf(buf, sizeof(buf), "%i", mtu)) > 0) 3341 ret = mtu; 3342 } 3343 3344 out: 3345 close(fd); 3346 return ret; 3347 } 3348 3349 int system_add_ip_tunnel(const char *name, struct blob_attr *attr) 3350 { 3351 struct blob_attr *tb[__TUNNEL_ATTR_MAX]; 3352 struct blob_attr *cur; 3353 const char *str; 3354 3355 blobmsg_parse(tunnel_attr_list.params, __TUNNEL_ATTR_MAX, tb, 3356 blob_data(attr), blob_len(attr)); 3357 3358 __system_del_ip_tunnel(name, tb); 3359 3360 if (!(cur = tb[TUNNEL_ATTR_TYPE])) 3361 return -EINVAL; 3362 str = blobmsg_data(cur); 3363 3364 unsigned int ttl = 0; 3365 if ((cur = tb[TUNNEL_ATTR_TTL])) { 3366 ttl = blobmsg_get_u32(cur); 3367 if (ttl > 255) 3368 return -EINVAL; 3369 } 3370 3371 unsigned int link = 0; 3372 if ((cur = tb[TUNNEL_ATTR_LINK])) { 3373 struct interface *iface = vlist_find(&interfaces, blobmsg_data(cur), iface, node); 3374 if (!iface) 3375 return -EINVAL; 3376 3377 if (iface->l3_dev.dev) 3378 link = iface->l3_dev.dev->ifindex; 3379 } 3380 3381 if (!strcmp(str, "sit")) 3382 return system_add_sit_tunnel(name, link, tb); 3383 #ifdef IFLA_IPTUN_MAX 3384 else if (!strcmp(str, "ipip6")) { 3385 return system_add_ip6_tunnel(name, link, tb); 3386 } else if (!strcmp(str, "greip")) { 3387 return system_add_gre_tunnel(name, "gre", link, tb, false); 3388 } else if (!strcmp(str, "gretapip")) { 3389 return system_add_gre_tunnel(name, "gretap", link, tb, false); 3390 } else if (!strcmp(str, "greip6")) { 3391 return system_add_gre_tunnel(name, "ip6gre", link, tb, true); 3392 } else if (!strcmp(str, "gretapip6")) { 3393 return system_add_gre_tunnel(name, "ip6gretap", link, tb, true); 3394 #ifdef IFLA_VTI_MAX 3395 } else if (!strcmp(str, "vtiip")) { 3396 return system_add_vti_tunnel(name, "vti", link, tb, false); 3397 } else if (!strcmp(str, "vtiip6")) { 3398 return system_add_vti_tunnel(name, "vti6", link, tb, true); 3399 #endif 3400 #ifdef IFLA_XFRM_MAX 3401 } else if (!strcmp(str, "xfrm")) { 3402 return system_add_xfrm_tunnel(name, "xfrm", link, tb); 3403 #endif 3404 #ifdef IFLA_VXLAN_MAX 3405 } else if(!strcmp(str, "vxlan")) { 3406 return system_add_vxlan(name, link, tb, false); 3407 } else if(!strcmp(str, "vxlan6")) { 3408 return system_add_vxlan(name, link, tb, true); 3409 #endif 3410 #endif 3411 } else if (!strcmp(str, "ipip")) { 3412 return system_add_proto_tunnel(name, IPPROTO_IPIP, link, tb); 3413 } 3414 else 3415 return -EINVAL; 3416 3417 return 0; 3418 } 3419
This page was automatically generated by LXR 0.3.1. • OpenWrt