1 /* 2 * netifd - network interface daemon 3 * Copyright (C) 2012 Felix Fietkau <nbd@openwrt.org> 4 * Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org> 5 * Copyright (C) 2013 Steven Barth <steven@midlink.org> 6 * Copyright (C) 2014 Gioacchino Mazzurco <gio@eigenlab.org> 7 * Copyright (C) 2017 Matthias Schiffer <mschiffer@universe-factory.net> 8 * Copyright (C) 2018 Hans Dedecker <dedeckeh@gmail.com> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 */ 19 #define _GNU_SOURCE 20 21 #include <sys/socket.h> 22 #include <sys/ioctl.h> 23 #include <sys/stat.h> 24 #include <sys/syscall.h> 25 26 #include <net/if.h> 27 #include <net/if_arp.h> 28 29 #include <limits.h> 30 #include <arpa/inet.h> 31 #include <netinet/in.h> 32 #include <netinet/ether.h> 33 34 #include <linux/rtnetlink.h> 35 #include <linux/neighbour.h> 36 #include <linux/sockios.h> 37 #include <linux/ip.h> 38 #include <linux/if_addr.h> 39 #include <linux/if_link.h> 40 #include <linux/if_vlan.h> 41 #include <linux/if_bridge.h> 42 #include <linux/if_tunnel.h> 43 #include <linux/ip6_tunnel.h> 44 #include <linux/ethtool.h> 45 #include <linux/fib_rules.h> 46 #include <linux/veth.h> 47 #include <linux/version.h> 48 49 #include <sched.h> 50 51 #ifndef RTN_FAILED_POLICY 52 #define RTN_FAILED_POLICY 12 53 #endif 54 55 #ifndef IFA_F_NOPREFIXROUTE 56 #define IFA_F_NOPREFIXROUTE 0x200 57 #endif 58 59 #ifndef IFA_FLAGS 60 #define IFA_FLAGS (IFA_MULTICAST + 1) 61 #endif 62 63 #include <string.h> 64 #include <fcntl.h> 65 #include <glob.h> 66 #include <time.h> 67 #include <unistd.h> 68 69 #include <netlink/msg.h> 70 #include <netlink/attr.h> 71 #include <netlink/socket.h> 72 #include <libubox/uloop.h> 73 74 #include "netifd.h" 75 #include "device.h" 76 #include "system.h" 77 #include "utils.h" 78 79 struct event_socket { 80 struct uloop_fd uloop; 81 struct nl_sock *sock; 82 int bufsize; 83 }; 84 85 static int sock_ioctl = -1; 86 static struct nl_sock *sock_rtnl = NULL; 87 88 static int cb_rtnl_event(struct nl_msg *msg, void *arg); 89 static void handle_hotplug_event(struct uloop_fd *u, unsigned int events); 90 static int system_add_proto_tunnel(const char *name, const uint8_t proto, 91 const unsigned int link, struct blob_attr **tb); 92 static int __system_del_ip_tunnel(const char *name, struct blob_attr **tb); 93 94 static char dev_buf[256]; 95 static const char *proc_path = "/proc"; 96 static const char *sysfs_path = "/sys"; 97 98 static void 99 handler_nl_event(struct uloop_fd *u, unsigned int events) 100 { 101 struct event_socket *ev = container_of(u, struct event_socket, uloop); 102 int err; 103 socklen_t errlen = sizeof(err); 104 105 if (!u->error) { 106 nl_recvmsgs_default(ev->sock); 107 return; 108 } 109 110 if (getsockopt(u->fd, SOL_SOCKET, SO_ERROR, (void *)&err, &errlen)) 111 goto abort; 112 113 switch(err) { 114 case ENOBUFS: 115 /* Increase rx buffer size on netlink socket */ 116 ev->bufsize *= 2; 117 if (nl_socket_set_buffer_size(ev->sock, ev->bufsize, 0)) 118 goto abort; 119 120 /* Request full dump since some info got dropped */ 121 struct rtgenmsg msg = { .rtgen_family = AF_UNSPEC }; 122 nl_send_simple(ev->sock, RTM_GETLINK, NLM_F_DUMP, &msg, sizeof(msg)); 123 break; 124 125 default: 126 goto abort; 127 } 128 u->error = false; 129 return; 130 131 abort: 132 uloop_fd_delete(&ev->uloop); 133 return; 134 } 135 136 static struct nl_sock * 137 create_socket(int protocol, int groups) 138 { 139 struct nl_sock *sock; 140 141 sock = nl_socket_alloc(); 142 if (!sock) 143 return NULL; 144 145 if (groups) 146 nl_join_groups(sock, groups); 147 148 if (nl_connect(sock, protocol)) { 149 nl_socket_free(sock); 150 return NULL; 151 } 152 153 return sock; 154 } 155 156 static bool 157 create_raw_event_socket(struct event_socket *ev, int protocol, int groups, 158 uloop_fd_handler cb, int flags) 159 { 160 ev->sock = create_socket(protocol, groups); 161 if (!ev->sock) 162 return false; 163 164 ev->uloop.fd = nl_socket_get_fd(ev->sock); 165 ev->uloop.cb = cb; 166 if (uloop_fd_add(&ev->uloop, ULOOP_READ|flags)) 167 return false; 168 169 return true; 170 } 171 172 static bool 173 create_event_socket(struct event_socket *ev, int protocol, 174 int (*cb)(struct nl_msg *msg, void *arg)) 175 { 176 if (!create_raw_event_socket(ev, protocol, 0, handler_nl_event, ULOOP_ERROR_CB)) 177 return false; 178 179 /* Install the valid custom callback handler */ 180 nl_socket_modify_cb(ev->sock, NL_CB_VALID, NL_CB_CUSTOM, cb, NULL); 181 182 /* Disable sequence number checking on event sockets */ 183 nl_socket_disable_seq_check(ev->sock); 184 185 /* Increase rx buffer size to 65K on event sockets */ 186 ev->bufsize = 65535; 187 if (nl_socket_set_buffer_size(ev->sock, ev->bufsize, 0)) 188 return false; 189 190 return true; 191 } 192 193 static bool 194 create_hotplug_event_socket(struct event_socket *ev, int protocol, 195 void (*cb)(struct uloop_fd *u, unsigned int events)) 196 { 197 if (!create_raw_event_socket(ev, protocol, 1, cb, ULOOP_ERROR_CB)) 198 return false; 199 200 /* Increase rx buffer size to 65K on event sockets */ 201 ev->bufsize = 65535; 202 if (nl_socket_set_buffer_size(ev->sock, ev->bufsize, 0)) 203 return false; 204 205 return true; 206 } 207 208 static bool 209 system_rtn_aton(const char *src, unsigned int *dst) 210 { 211 char *e; 212 unsigned int n; 213 214 if (!strcmp(src, "local")) 215 n = RTN_LOCAL; 216 else if (!strcmp(src, "nat")) 217 n = RTN_NAT; 218 else if (!strcmp(src, "broadcast")) 219 n = RTN_BROADCAST; 220 else if (!strcmp(src, "anycast")) 221 n = RTN_ANYCAST; 222 else if (!strcmp(src, "multicast")) 223 n = RTN_MULTICAST; 224 else if (!strcmp(src, "prohibit")) 225 n = RTN_PROHIBIT; 226 else if (!strcmp(src, "unreachable")) 227 n = RTN_UNREACHABLE; 228 else if (!strcmp(src, "blackhole")) 229 n = RTN_BLACKHOLE; 230 else if (!strcmp(src, "xresolve")) 231 n = RTN_XRESOLVE; 232 else if (!strcmp(src, "unicast")) 233 n = RTN_UNICAST; 234 else if (!strcmp(src, "throw")) 235 n = RTN_THROW; 236 else if (!strcmp(src, "failed_policy")) 237 n = RTN_FAILED_POLICY; 238 else { 239 n = strtoul(src, &e, 0); 240 if (!e || *e || e == src || n > 255) 241 return false; 242 } 243 244 *dst = n; 245 return true; 246 } 247 248 static bool 249 system_tos_aton(const char *src, unsigned *dst) 250 { 251 char *e; 252 253 *dst = strtoul(src, &e, 16); 254 if (e == src || *e || *dst > 255) 255 return false; 256 257 return true; 258 } 259 260 int system_init(void) 261 { 262 static struct event_socket rtnl_event; 263 static struct event_socket hotplug_event; 264 265 sock_ioctl = socket(AF_LOCAL, SOCK_DGRAM, 0); 266 system_fd_set_cloexec(sock_ioctl); 267 268 /* Prepare socket for routing / address control */ 269 sock_rtnl = create_socket(NETLINK_ROUTE, 0); 270 if (!sock_rtnl) 271 return -1; 272 273 if (!create_event_socket(&rtnl_event, NETLINK_ROUTE, cb_rtnl_event)) 274 return -1; 275 276 if (!create_hotplug_event_socket(&hotplug_event, NETLINK_KOBJECT_UEVENT, 277 handle_hotplug_event)) 278 return -1; 279 280 /* Receive network link events form kernel */ 281 nl_socket_add_membership(rtnl_event.sock, RTNLGRP_LINK); 282 283 return 0; 284 } 285 286 static void write_file(const char *path, const char *val) 287 { 288 int fd; 289 290 fd = open(path, O_WRONLY); 291 if (fd < 0) 292 return; 293 294 if (write(fd, val, strlen(val))) {} 295 close(fd); 296 } 297 298 static int read_file(const char *path, char *buf, const size_t buf_sz) 299 { 300 int fd = -1, ret = -1; 301 302 fd = open(path, O_RDONLY); 303 if (fd < 0) 304 goto out; 305 306 ssize_t len = read(fd, buf, buf_sz - 1); 307 if (len < 0) 308 goto out; 309 310 ret = buf[len] = 0; 311 312 out: 313 if (fd >= 0) 314 close(fd); 315 316 return ret; 317 } 318 319 320 static const char * 321 dev_sysctl_path(const char *prefix, const char *ifname, const char *file) 322 { 323 snprintf(dev_buf, sizeof(dev_buf), "%s/sys/net/%s/%s/%s", proc_path, prefix, ifname, file); 324 325 return dev_buf; 326 } 327 328 static const char * 329 dev_sysfs_path(const char *ifname, const char *file) 330 { 331 snprintf(dev_buf, sizeof(dev_buf), "%s/class/net/%s/%s", sysfs_path, ifname, file); 332 333 return dev_buf; 334 } 335 336 static void 337 system_set_dev_sysctl(const char *prefix, const char *file, const char *ifname, 338 const char *val) 339 { 340 write_file(dev_sysctl_path(prefix, ifname, file), val); 341 } 342 343 static int 344 system_get_dev_sysctl(const char *prefix, const char *file, const char *ifname, 345 char *buf, size_t buf_sz) 346 { 347 return read_file(dev_sysctl_path(prefix, ifname, file), buf, buf_sz); 348 } 349 350 static void 351 system_set_dev_sysfs(const char *file, const char *ifname, const char *val) 352 { 353 if (!val) 354 return; 355 356 write_file(dev_sysfs_path(ifname, file), val); 357 } 358 359 static void 360 system_set_dev_sysfs_int(const char *file, const char *ifname, int val) 361 { 362 char buf[16]; 363 364 snprintf(buf, sizeof(buf), "%d", val); 365 system_set_dev_sysfs(file, ifname, buf); 366 } 367 368 static int 369 system_get_dev_sysfs(const char *file, const char *ifname, char *buf, size_t buf_sz) 370 { 371 return read_file(dev_sysfs_path(ifname, file), buf, buf_sz); 372 } 373 374 static void system_set_disable_ipv6(struct device *dev, const char *val) 375 { 376 system_set_dev_sysctl("ipv6/conf", "disable_ipv6", dev->ifname, val); 377 } 378 379 static void system_set_ip6segmentrouting(struct device *dev, const char *val) 380 { 381 system_set_dev_sysctl("ipv6/conf", "seg6_enabled", dev->ifname, val); 382 } 383 384 static void system_set_rpfilter(struct device *dev, const char *val) 385 { 386 system_set_dev_sysctl("ipv4/conf", "rp_filter", dev->ifname, val); 387 } 388 389 static void system_set_acceptlocal(struct device *dev, const char *val) 390 { 391 system_set_dev_sysctl("ipv4/conf", "accept_local", dev->ifname, val); 392 } 393 394 static void system_set_igmpversion(struct device *dev, const char *val) 395 { 396 system_set_dev_sysctl("ipv4/conf", "force_igmp_version", dev->ifname, val); 397 } 398 399 static void system_set_mldversion(struct device *dev, const char *val) 400 { 401 system_set_dev_sysctl("ipv6/conf", "force_mld_version", dev->ifname, val); 402 } 403 404 static void system_set_neigh4reachabletime(struct device *dev, const char *val) 405 { 406 system_set_dev_sysctl("ipv4/neigh", "base_reachable_time_ms", dev->ifname, val); 407 } 408 409 static void system_set_neigh6reachabletime(struct device *dev, const char *val) 410 { 411 system_set_dev_sysctl("ipv6/neigh", "base_reachable_time_ms", dev->ifname, val); 412 } 413 414 static void system_set_neigh4gcstaletime(struct device *dev, const char *val) 415 { 416 system_set_dev_sysctl("ipv4/neigh", "gc_stale_time", dev->ifname, val); 417 } 418 419 static void system_set_neigh6gcstaletime(struct device *dev, const char *val) 420 { 421 system_set_dev_sysctl("ipv6/neigh", "gc_stale_time", dev->ifname, val); 422 } 423 424 static void system_set_neigh4locktime(struct device *dev, const char *val) 425 { 426 system_set_dev_sysctl("ipv4/neigh", "locktime", dev->ifname, val); 427 } 428 429 static void system_set_dadtransmits(struct device *dev, const char *val) 430 { 431 system_set_dev_sysctl("ipv6/conf", "dad_transmits", dev->ifname, val); 432 } 433 434 static void system_set_sendredirects(struct device *dev, const char *val) 435 { 436 system_set_dev_sysctl("ipv4/conf", "send_redirects", dev->ifname, val); 437 } 438 439 static void system_set_drop_v4_unicast_in_l2_multicast(struct device *dev, const char *val) 440 { 441 system_set_dev_sysctl("ipv4/conf", "drop_unicast_in_l2_multicast", dev->ifname, val); 442 } 443 444 static void system_set_drop_v6_unicast_in_l2_multicast(struct device *dev, const char *val) 445 { 446 system_set_dev_sysctl("ipv6/conf", "drop_unicast_in_l2_multicast", dev->ifname, val); 447 } 448 449 static void system_set_drop_gratuitous_arp(struct device *dev, const char *val) 450 { 451 system_set_dev_sysctl("ipv4/conf", "drop_gratuitous_arp", dev->ifname, val); 452 } 453 454 static void system_set_drop_unsolicited_na(struct device *dev, const char *val) 455 { 456 system_set_dev_sysctl("ipv6/conf", "drop_unsolicited_na", dev->ifname, val); 457 } 458 459 static void system_set_arp_accept(struct device *dev, const char *val) 460 { 461 system_set_dev_sysctl("ipv4/conf", "arp_accept", dev->ifname, val); 462 } 463 464 static void system_bridge_set_multicast_to_unicast(struct device *dev, const char *val) 465 { 466 system_set_dev_sysfs("brport/multicast_to_unicast", dev->ifname, val); 467 } 468 469 static void system_bridge_set_multicast_fast_leave(struct device *dev, const char *val) 470 { 471 system_set_dev_sysfs("brport/multicast_fast_leave", dev->ifname, val); 472 } 473 474 static void system_bridge_set_hairpin_mode(struct device *dev, const char *val) 475 { 476 system_set_dev_sysfs("brport/hairpin_mode", dev->ifname, val); 477 } 478 479 static void system_bridge_set_proxyarp_wifi(struct device *dev, const char *val) 480 { 481 system_set_dev_sysfs("brport/proxyarp_wifi", dev->ifname, val); 482 } 483 484 static void system_bridge_set_bpdu_filter(struct device *dev, const char *val) 485 { 486 system_set_dev_sysfs("brport/bpdu_filter", dev->ifname, val); 487 } 488 489 static void system_bridge_set_isolated(struct device *dev, const char *val) 490 { 491 system_set_dev_sysfs("brport/isolated", dev->ifname, val); 492 } 493 494 static void system_bridge_set_multicast_router(struct device *dev, const char *val, bool bridge) 495 { 496 system_set_dev_sysfs(bridge ? "bridge/multicast_router" : 497 "brport/multicast_router", 498 dev->ifname, val); 499 } 500 501 static void system_bridge_set_robustness(struct device *dev, const char *val) 502 { 503 system_set_dev_sysfs("bridge/multicast_startup_query_count", 504 dev->ifname, val); 505 system_set_dev_sysfs("bridge/multicast_last_member_count", 506 dev->ifname, val); 507 } 508 509 static void system_bridge_set_query_interval(struct device *dev, const char *val) 510 { 511 system_set_dev_sysfs("bridge/multicast_query_interval", 512 dev->ifname, val); 513 } 514 515 static void system_bridge_set_query_response_interval(struct device *dev, const char *val) 516 { 517 system_set_dev_sysfs("bridge/multicast_query_response_interval", 518 dev->ifname, val); 519 } 520 521 static void system_bridge_set_last_member_interval(struct device *dev, const char *val) 522 { 523 system_set_dev_sysfs("bridge/multicast_last_member_interval", 524 dev->ifname, val); 525 } 526 527 static void system_bridge_set_membership_interval(struct device *dev, const char *val) 528 { 529 system_set_dev_sysfs("bridge/multicast_membership_interval", 530 dev->ifname, val); 531 } 532 533 static void system_bridge_set_other_querier_timeout(struct device *dev, const char *val) 534 { 535 system_set_dev_sysfs("bridge/multicast_querier_interval", 536 dev->ifname, val); 537 } 538 539 static void system_bridge_set_startup_query_interval(struct device *dev, const char *val) 540 { 541 system_set_dev_sysfs("bridge/multicast_startup_query_interval", 542 dev->ifname, val); 543 } 544 545 void system_bridge_set_stp_state(struct device *dev, bool val) 546 { 547 const char *valstr = val ? "1" : ""; 548 549 system_set_dev_sysfs("bridge/stp_state", dev->ifname, valstr); 550 } 551 552 static void system_bridge_set_forward_delay(struct device *dev, const char *val) 553 { 554 system_set_dev_sysfs("bridge/forward_delay", dev->ifname, val); 555 } 556 557 static void system_bridge_set_priority(struct device *dev, const char *val) 558 { 559 system_set_dev_sysfs("bridge/priority", dev->ifname, val); 560 } 561 562 static void system_bridge_set_ageing_time(struct device *dev, const char *val) 563 { 564 system_set_dev_sysfs("bridge/ageing_time", dev->ifname, val); 565 } 566 567 static void system_bridge_set_hello_time(struct device *dev, const char *val) 568 { 569 system_set_dev_sysfs("bridge/hello_time", dev->ifname, val); 570 } 571 572 static void system_bridge_set_max_age(struct device *dev, const char *val) 573 { 574 system_set_dev_sysfs("bridge/max_age", dev->ifname, val); 575 } 576 577 static void system_bridge_set_learning(struct device *dev, const char *val) 578 { 579 system_set_dev_sysfs("brport/learning", dev->ifname, val); 580 } 581 582 static void system_bridge_set_unicast_flood(struct device *dev, const char *val) 583 { 584 system_set_dev_sysfs("brport/unicast_flood", dev->ifname, val); 585 } 586 587 static void system_bridge_set_vlan_filtering(struct device *dev, const char *val) 588 { 589 system_set_dev_sysfs("bridge/vlan_filtering", dev->ifname, val); 590 } 591 592 static int system_get_disable_ipv6(struct device *dev, char *buf, const size_t buf_sz) 593 { 594 return system_get_dev_sysctl("ipv6/conf", "disable_ipv6", 595 dev->ifname, buf, buf_sz); 596 } 597 598 static int system_get_ip6segmentrouting(struct device *dev, char *buf, const size_t buf_sz) 599 { 600 return system_get_dev_sysctl("ipv6/conf", "seg6_enabled", 601 dev->ifname, buf, buf_sz); 602 } 603 604 static int system_get_rpfilter(struct device *dev, char *buf, const size_t buf_sz) 605 { 606 return system_get_dev_sysctl("ipv4/conf", "rp_filter", 607 dev->ifname, buf, buf_sz); 608 } 609 610 static int system_get_acceptlocal(struct device *dev, char *buf, const size_t buf_sz) 611 { 612 return system_get_dev_sysctl("ipv4/conf", "accept_local", 613 dev->ifname, buf, buf_sz); 614 } 615 616 static int system_get_igmpversion(struct device *dev, char *buf, const size_t buf_sz) 617 { 618 return system_get_dev_sysctl("ipv4/conf", "force_igmp_version", 619 dev->ifname, buf, buf_sz); 620 } 621 622 static int system_get_mldversion(struct device *dev, char *buf, const size_t buf_sz) 623 { 624 return system_get_dev_sysctl("ipv6/conf", "force_mld_version", 625 dev->ifname, buf, buf_sz); 626 } 627 628 static int system_get_neigh4reachabletime(struct device *dev, char *buf, const size_t buf_sz) 629 { 630 return system_get_dev_sysctl("ipv4/neigh", "base_reachable_time_ms", 631 dev->ifname, buf, buf_sz); 632 } 633 634 static int system_get_neigh6reachabletime(struct device *dev, char *buf, const size_t buf_sz) 635 { 636 return system_get_dev_sysctl("ipv6/neigh", "base_reachable_time_ms", 637 dev->ifname, buf, buf_sz); 638 } 639 640 static int system_get_neigh4gcstaletime(struct device *dev, char *buf, const size_t buf_sz) 641 { 642 return system_get_dev_sysctl("ipv4/neigh", "gc_stale_time", 643 dev->ifname, buf, buf_sz); 644 } 645 646 static int system_get_neigh6gcstaletime(struct device *dev, char *buf, const size_t buf_sz) 647 { 648 return system_get_dev_sysctl("ipv6/neigh", "gc_stale_time", 649 dev->ifname, buf, buf_sz); 650 } 651 652 static int system_get_neigh4locktime(struct device *dev, char *buf, const size_t buf_sz) 653 { 654 return system_get_dev_sysctl("ipv4/neigh", "locktime", 655 dev->ifname, buf, buf_sz); 656 } 657 658 static int system_get_dadtransmits(struct device *dev, char *buf, const size_t buf_sz) 659 { 660 return system_get_dev_sysctl("ipv6/conf", "dad_transmits", 661 dev->ifname, buf, buf_sz); 662 } 663 664 static int system_get_sendredirects(struct device *dev, char *buf, const size_t buf_sz) 665 { 666 return system_get_dev_sysctl("ipv4/conf", "send_redirects", 667 dev->ifname, buf, buf_sz); 668 } 669 670 671 static int system_get_drop_v4_unicast_in_l2_multicast(struct device *dev, char *buf, const size_t buf_sz) 672 { 673 return system_get_dev_sysctl("ipv4/conf", "drop_unicast_in_l2_multicast", 674 dev->ifname, buf, buf_sz); 675 } 676 677 static int system_get_drop_v6_unicast_in_l2_multicast(struct device *dev, char *buf, const size_t buf_sz) 678 { 679 return system_get_dev_sysctl("ipv6/conf", "drop_unicast_in_l2_multicast", 680 dev->ifname, buf, buf_sz); 681 } 682 683 static int system_get_drop_gratuitous_arp(struct device *dev, char *buf, const size_t buf_sz) 684 { 685 return system_get_dev_sysctl("ipv4/conf", "drop_gratuitous_arp", 686 dev->ifname, buf, buf_sz); 687 } 688 689 static int system_get_drop_unsolicited_na(struct device *dev, char *buf, const size_t buf_sz) 690 { 691 return system_get_dev_sysctl("ipv6/conf", "drop_unsolicited_na", 692 dev->ifname, buf, buf_sz); 693 } 694 695 static int system_get_arp_accept(struct device *dev, char *buf, const size_t buf_sz) 696 { 697 return system_get_dev_sysctl("ipv4/conf", "arp_accept", 698 dev->ifname, buf, buf_sz); 699 } 700 701 /* Evaluate netlink messages */ 702 static int cb_rtnl_event(struct nl_msg *msg, void *arg) 703 { 704 struct nlmsghdr *nh = nlmsg_hdr(msg); 705 struct nlattr *nla[__IFLA_MAX]; 706 int link_state = 0; 707 char buf[10]; 708 709 if (nh->nlmsg_type != RTM_NEWLINK) 710 goto out; 711 712 nlmsg_parse(nh, sizeof(struct ifinfomsg), nla, __IFLA_MAX - 1, NULL); 713 if (!nla[IFLA_IFNAME]) 714 goto out; 715 716 struct device *dev = device_find(nla_data(nla[IFLA_IFNAME])); 717 if (!dev) 718 goto out; 719 720 if (!system_get_dev_sysfs("carrier", dev->ifname, buf, sizeof(buf))) 721 link_state = strtoul(buf, NULL, 0); 722 723 if (dev->type == &simple_device_type) 724 device_set_present(dev, true); 725 726 device_set_link(dev, link_state ? true : false); 727 728 out: 729 return 0; 730 } 731 732 static void 733 handle_hotplug_msg(char *data, int size) 734 { 735 const char *subsystem = NULL, *interface = NULL, *interface_old = NULL; 736 char *cur, *end, *sep; 737 int skip; 738 bool add; 739 740 if (!strncmp(data, "add@", 4) || !strncmp(data, "move@", 5)) 741 add = true; 742 else if (!strncmp(data, "remove@", 7)) 743 add = false; 744 else 745 return; 746 747 skip = strlen(data) + 1; 748 end = data + size; 749 750 for (cur = data + skip; cur < end; cur += skip) { 751 skip = strlen(cur) + 1; 752 753 sep = strchr(cur, '='); 754 if (!sep) 755 continue; 756 757 *sep = 0; 758 if (!strcmp(cur, "INTERFACE")) 759 interface = sep + 1; 760 else if (!strcmp(cur, "SUBSYSTEM")) { 761 subsystem = sep + 1; 762 if (strcmp(subsystem, "net") != 0) 763 return; 764 } else if (!strcmp(cur, "DEVPATH_OLD")) { 765 interface_old = strrchr(sep + 1, '/'); 766 if (interface_old) 767 interface_old++; 768 } 769 } 770 771 if (!subsystem || !interface) 772 return; 773 774 if (interface_old) 775 device_hotplug_event(interface_old, false); 776 777 device_hotplug_event(interface, add); 778 } 779 780 static void 781 handle_hotplug_event(struct uloop_fd *u, unsigned int events) 782 { 783 struct event_socket *ev = container_of(u, struct event_socket, uloop); 784 struct sockaddr_nl nla; 785 unsigned char *buf = NULL; 786 int size; 787 int err; 788 socklen_t errlen = sizeof(err); 789 790 if (!u->error) { 791 while ((size = nl_recv(ev->sock, &nla, &buf, NULL)) > 0) { 792 if (nla.nl_pid == 0) 793 handle_hotplug_msg((char *) buf, size); 794 795 free(buf); 796 } 797 return; 798 } 799 800 if (getsockopt(u->fd, SOL_SOCKET, SO_ERROR, (void *)&err, &errlen)) 801 goto abort; 802 803 switch(err) { 804 case ENOBUFS: 805 /* Increase rx buffer size on netlink socket */ 806 ev->bufsize *= 2; 807 if (nl_socket_set_buffer_size(ev->sock, ev->bufsize, 0)) 808 goto abort; 809 break; 810 811 default: 812 goto abort; 813 } 814 u->error = false; 815 return; 816 817 abort: 818 uloop_fd_delete(&ev->uloop); 819 return; 820 } 821 822 static int system_rtnl_call(struct nl_msg *msg) 823 { 824 int ret; 825 826 ret = nl_send_auto_complete(sock_rtnl, msg); 827 nlmsg_free(msg); 828 829 if (ret < 0) 830 return ret; 831 832 return nl_wait_for_ack(sock_rtnl); 833 } 834 835 int system_bridge_delbr(struct device *bridge) 836 { 837 return ioctl(sock_ioctl, SIOCBRDELBR, bridge->ifname); 838 } 839 840 static int system_bridge_if(const char *bridge, struct device *dev, int cmd, void *data) 841 { 842 struct ifreq ifr; 843 844 memset(&ifr, 0, sizeof(ifr)); 845 if (dev) 846 ifr.ifr_ifindex = dev->ifindex; 847 else 848 ifr.ifr_data = data; 849 strncpy(ifr.ifr_name, bridge, sizeof(ifr.ifr_name) - 1); 850 return ioctl(sock_ioctl, cmd, &ifr); 851 } 852 853 static bool system_is_bridge(const char *name) 854 { 855 struct stat st; 856 857 return stat(dev_sysfs_path(name, "bridge"), &st) >= 0; 858 } 859 860 static char *system_get_bridge(const char *name, char *buf, int buflen) 861 { 862 char *path; 863 ssize_t len = -1; 864 glob_t gl; 865 866 snprintf(buf, buflen, "%s/devices/virtual/net/*/brif/%s/bridge", sysfs_path, name); 867 if (glob(buf, GLOB_NOSORT, NULL, &gl) < 0) 868 return NULL; 869 870 if (gl.gl_pathc > 0) 871 len = readlink(gl.gl_pathv[0], buf, buflen); 872 873 globfree(&gl); 874 875 if (len < 0) 876 return NULL; 877 878 buf[len] = 0; 879 path = strrchr(buf, '/'); 880 if (!path) 881 return NULL; 882 883 return path + 1; 884 } 885 886 static void 887 system_bridge_set_wireless(struct device *bridge, struct device *dev) 888 { 889 bool mcast_to_ucast = dev->wireless_ap; 890 bool hairpin; 891 892 if (bridge->settings.flags & DEV_OPT_MULTICAST_TO_UNICAST && 893 !bridge->settings.multicast_to_unicast) 894 mcast_to_ucast = false; 895 896 hairpin = mcast_to_ucast || dev->wireless_proxyarp; 897 if (dev->wireless_isolate) 898 hairpin = false; 899 900 system_bridge_set_multicast_to_unicast(dev, mcast_to_ucast ? "1" : ""); 901 system_bridge_set_hairpin_mode(dev, hairpin ? "1" : ""); 902 system_bridge_set_proxyarp_wifi(dev, dev->wireless_proxyarp ? "1" : ""); 903 } 904 905 int system_bridge_addif(struct device *bridge, struct device *dev) 906 { 907 char buf[64]; 908 char *oldbr; 909 int tries = 0; 910 int ret; 911 912 retry: 913 ret = 0; 914 oldbr = system_get_bridge(dev->ifname, dev_buf, sizeof(dev_buf)); 915 if (!oldbr || strcmp(oldbr, bridge->ifname) != 0) { 916 ret = system_bridge_if(bridge->ifname, dev, SIOCBRADDIF, NULL); 917 tries++; 918 D(SYSTEM, "Failed to add device '%s' to bridge '%s' (tries=%d): %s\n", 919 dev->ifname, bridge->ifname, tries, strerror(errno)); 920 if (tries <= 3) 921 goto retry; 922 } 923 924 if (dev->wireless) 925 system_bridge_set_wireless(bridge, dev); 926 927 if (dev->settings.flags & DEV_OPT_MULTICAST_ROUTER) { 928 snprintf(buf, sizeof(buf), "%u", dev->settings.multicast_router); 929 system_bridge_set_multicast_router(dev, buf, false); 930 } 931 932 if (dev->settings.flags & DEV_OPT_MULTICAST_FAST_LEAVE && 933 dev->settings.multicast_fast_leave) 934 system_bridge_set_multicast_fast_leave(dev, "1"); 935 936 if (dev->settings.flags & DEV_OPT_LEARNING && 937 !dev->settings.learning) 938 system_bridge_set_learning(dev, ""); 939 940 if (dev->settings.flags & DEV_OPT_UNICAST_FLOOD && 941 !dev->settings.unicast_flood) 942 system_bridge_set_unicast_flood(dev, ""); 943 944 if (dev->settings.flags & DEV_OPT_ISOLATE && 945 dev->settings.isolate) 946 system_bridge_set_isolated(dev, "1"); 947 948 if (dev->bpdu_filter) 949 system_bridge_set_bpdu_filter(dev, dev->bpdu_filter ? "1" : ""); 950 951 return ret; 952 } 953 954 int system_bridge_delif(struct device *bridge, struct device *dev) 955 { 956 return system_bridge_if(bridge->ifname, dev, SIOCBRDELIF, NULL); 957 } 958 959 int system_bridge_vlan(const char *iface, uint16_t vid, bool add, unsigned int vflags) 960 { 961 struct ifinfomsg ifi = { .ifi_family = PF_BRIDGE, }; 962 struct bridge_vlan_info vinfo = { .vid = vid, }; 963 unsigned short flags = 0; 964 struct nlattr *afspec; 965 struct nl_msg *nlm; 966 int ret = 0; 967 968 ifi.ifi_index = if_nametoindex(iface); 969 if (!ifi.ifi_index) 970 return -1; 971 972 nlm = nlmsg_alloc_simple(add ? RTM_SETLINK : RTM_DELLINK, NLM_F_REQUEST); 973 if (!nlm) 974 return -1; 975 976 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 977 978 if (vflags & BRVLAN_F_SELF) 979 flags |= BRIDGE_FLAGS_SELF; 980 981 if (vflags & BRVLAN_F_PVID) 982 vinfo.flags |= BRIDGE_VLAN_INFO_PVID; 983 984 if (vflags & BRVLAN_F_UNTAGGED) 985 vinfo.flags |= BRIDGE_VLAN_INFO_UNTAGGED; 986 987 afspec = nla_nest_start(nlm, IFLA_AF_SPEC); 988 if (!afspec) { 989 ret = -ENOMEM; 990 goto failure; 991 } 992 993 if (flags) 994 nla_put_u16(nlm, IFLA_BRIDGE_FLAGS, flags); 995 996 nla_put(nlm, IFLA_BRIDGE_VLAN_INFO, sizeof(vinfo), &vinfo); 997 nla_nest_end(nlm, afspec); 998 999 return system_rtnl_call(nlm); 1000 1001 failure: 1002 nlmsg_free(nlm); 1003 return ret; 1004 } 1005 1006 int system_bonding_set_device(struct device *dev, struct bonding_config *cfg) 1007 { 1008 const char *ifname = dev->ifname; 1009 struct blob_attr *cur; 1010 char op = cfg ? '+' : '-'; 1011 char buf[64]; 1012 int rem; 1013 1014 snprintf(dev_buf, sizeof(dev_buf), "%s/class/net/bonding_masters", sysfs_path); 1015 snprintf(buf, sizeof(buf), "%c%s", op, ifname); 1016 write_file(dev_buf, buf); 1017 1018 if (!cfg) 1019 return 0; 1020 1021 system_set_dev_sysfs("bonding/mode", ifname, bonding_policy_str[cfg->policy]); 1022 1023 system_set_dev_sysfs_int("bonding/all_ports_active", ifname, cfg->all_ports_active); 1024 1025 if (cfg->policy == BONDING_MODE_BALANCE_XOR || 1026 cfg->policy == BONDING_MODE_BALANCE_TLB || 1027 cfg->policy == BONDING_MODE_8023AD) 1028 system_set_dev_sysfs("bonding/xmit_hash_policy", ifname, cfg->xmit_hash_policy); 1029 1030 if (cfg->policy == BONDING_MODE_8023AD) { 1031 system_set_dev_sysfs("bonding/ad_actor_system", ifname, cfg->ad_actor_system); 1032 system_set_dev_sysfs_int("bonding/ad_actor_sys_prio", ifname, cfg->ad_actor_sys_prio); 1033 system_set_dev_sysfs("bonding/ad_select", ifname, cfg->ad_select); 1034 system_set_dev_sysfs("bonding/lacp_rate", ifname, cfg->lacp_rate); 1035 system_set_dev_sysfs_int("bonding/min_links", ifname, cfg->min_links); 1036 } 1037 1038 if (cfg->policy == BONDING_MODE_BALANCE_RR) 1039 system_set_dev_sysfs_int("bonding/packets_per_slave", ifname, cfg->packets_per_port); 1040 1041 if (cfg->policy == BONDING_MODE_BALANCE_TLB || 1042 cfg->policy == BONDING_MODE_BALANCE_ALB) 1043 system_set_dev_sysfs_int("bonding/lp_interval", ifname, cfg->lp_interval); 1044 1045 if (cfg->policy == BONDING_MODE_BALANCE_TLB) 1046 system_set_dev_sysfs_int("bonding/tlb_dynamic_lb", ifname, cfg->dynamic_lb); 1047 system_set_dev_sysfs_int("bonding/resend_igmp", ifname, cfg->resend_igmp); 1048 system_set_dev_sysfs_int("bonding/num_grat_arp", ifname, cfg->num_peer_notif); 1049 system_set_dev_sysfs("bonding/primary_reselect", ifname, cfg->primary_reselect); 1050 system_set_dev_sysfs("bonding/fail_over_mac", ifname, cfg->failover_mac); 1051 1052 system_set_dev_sysfs_int((cfg->monitor_arp ? 1053 "bonding/arp_interval" : 1054 "bonding/miimon"), ifname, cfg->monitor_interval); 1055 1056 blobmsg_for_each_attr(cur, cfg->arp_target, rem) { 1057 snprintf(buf, sizeof(buf), "+%s", blobmsg_get_string(cur)); 1058 system_set_dev_sysfs("bonding/arp_ip_target", ifname, buf); 1059 } 1060 1061 system_set_dev_sysfs_int("bonding/arp_all_targets", ifname, cfg->arp_all_targets); 1062 if (cfg->policy < BONDING_MODE_8023AD) 1063 system_set_dev_sysfs("bonding/arp_validate", ifname, cfg->arp_validate); 1064 system_set_dev_sysfs_int("bonding/use_carrier", ifname, cfg->use_carrier); 1065 if (!cfg->monitor_arp && cfg->monitor_interval) { 1066 system_set_dev_sysfs_int("bonding/updelay", ifname, cfg->updelay); 1067 system_set_dev_sysfs_int("bonding/downdelay", ifname, cfg->downdelay); 1068 } 1069 1070 return 0; 1071 } 1072 1073 int system_bonding_set_port(struct device *dev, struct device *port, bool add, bool primary) 1074 { 1075 const char *port_name = port->ifname; 1076 const char op_ch = add ? '+' : '-'; 1077 char buf[IFNAMSIZ + 2]; 1078 1079 snprintf(buf, sizeof(buf), "%c%s", op_ch, port_name); 1080 system_if_down(port); 1081 system_set_dev_sysfs("bonding/slaves", dev->ifname, buf); 1082 system_if_up(port); 1083 1084 if (primary) 1085 system_set_dev_sysfs("bonding/primary", dev->ifname, 1086 add ? port_name : ""); 1087 1088 return 0; 1089 } 1090 1091 int system_if_resolve(struct device *dev) 1092 { 1093 struct ifreq ifr; 1094 1095 memset(&ifr, 0, sizeof(ifr)); 1096 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 1097 if (!ioctl(sock_ioctl, SIOCGIFINDEX, &ifr)) 1098 return ifr.ifr_ifindex; 1099 else 1100 return 0; 1101 } 1102 1103 static int system_if_flags(const char *ifname, unsigned add, unsigned rem) 1104 { 1105 struct ifreq ifr; 1106 1107 memset(&ifr, 0, sizeof(ifr)); 1108 strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name) - 1); 1109 if (ioctl(sock_ioctl, SIOCGIFFLAGS, &ifr) < 0) 1110 return -1; 1111 1112 ifr.ifr_flags |= add; 1113 ifr.ifr_flags &= ~rem; 1114 return ioctl(sock_ioctl, SIOCSIFFLAGS, &ifr); 1115 } 1116 1117 struct clear_data { 1118 struct nl_msg *msg; 1119 struct device *dev; 1120 int type; 1121 int size; 1122 int af; 1123 }; 1124 1125 1126 static bool check_ifaddr(struct nlmsghdr *hdr, int ifindex) 1127 { 1128 struct ifaddrmsg *ifa = NLMSG_DATA(hdr); 1129 1130 return ifa->ifa_index == ifindex; 1131 } 1132 1133 static bool check_route(struct nlmsghdr *hdr, int ifindex) 1134 { 1135 struct rtmsg *r = NLMSG_DATA(hdr); 1136 struct nlattr *tb[__RTA_MAX]; 1137 1138 if (r->rtm_protocol == RTPROT_KERNEL && 1139 r->rtm_family == AF_INET6) 1140 return false; 1141 1142 nlmsg_parse(hdr, sizeof(struct rtmsg), tb, __RTA_MAX - 1, NULL); 1143 if (!tb[RTA_OIF]) 1144 return false; 1145 1146 return *(int *)RTA_DATA(tb[RTA_OIF]) == ifindex; 1147 } 1148 1149 static bool check_rule(struct nlmsghdr *hdr, int ifindex) 1150 { 1151 return true; 1152 } 1153 1154 static int cb_clear_event(struct nl_msg *msg, void *arg) 1155 { 1156 struct clear_data *clr = arg; 1157 struct nlmsghdr *hdr = nlmsg_hdr(msg); 1158 bool (*cb)(struct nlmsghdr *, int ifindex); 1159 int type, ret; 1160 1161 switch(clr->type) { 1162 case RTM_GETADDR: 1163 type = RTM_DELADDR; 1164 if (hdr->nlmsg_type != RTM_NEWADDR) 1165 return NL_SKIP; 1166 1167 cb = check_ifaddr; 1168 break; 1169 case RTM_GETROUTE: 1170 type = RTM_DELROUTE; 1171 if (hdr->nlmsg_type != RTM_NEWROUTE) 1172 return NL_SKIP; 1173 1174 cb = check_route; 1175 break; 1176 case RTM_GETRULE: 1177 type = RTM_DELRULE; 1178 if (hdr->nlmsg_type != RTM_NEWRULE) 1179 return NL_SKIP; 1180 1181 cb = check_rule; 1182 break; 1183 default: 1184 return NL_SKIP; 1185 } 1186 1187 if (!cb(hdr, clr->dev ? clr->dev->ifindex : 0)) 1188 return NL_SKIP; 1189 1190 if (type == RTM_DELRULE) 1191 D(SYSTEM, "Remove a rule\n"); 1192 else 1193 D(SYSTEM, "Remove %s from device %s\n", 1194 type == RTM_DELADDR ? "an address" : "a route", 1195 clr->dev->ifname); 1196 1197 memcpy(nlmsg_hdr(clr->msg), hdr, hdr->nlmsg_len); 1198 hdr = nlmsg_hdr(clr->msg); 1199 hdr->nlmsg_type = type; 1200 hdr->nlmsg_flags = NLM_F_REQUEST; 1201 1202 nl_socket_disable_auto_ack(sock_rtnl); 1203 ret = nl_send_auto_complete(sock_rtnl, clr->msg); 1204 if (ret < 0) { 1205 if (type == RTM_DELRULE) 1206 D(SYSTEM, "Error deleting a rule: %d\n", ret); 1207 else 1208 D(SYSTEM, "Error deleting %s from device '%s': %d\n", 1209 type == RTM_DELADDR ? "an address" : "a route", 1210 clr->dev->ifname, ret); 1211 } 1212 1213 nl_socket_enable_auto_ack(sock_rtnl); 1214 1215 return NL_SKIP; 1216 } 1217 1218 static int 1219 cb_finish_event(struct nl_msg *msg, void *arg) 1220 { 1221 int *pending = arg; 1222 *pending = 0; 1223 return NL_STOP; 1224 } 1225 1226 static int 1227 error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err, void *arg) 1228 { 1229 int *pending = arg; 1230 *pending = err->error; 1231 return NL_STOP; 1232 } 1233 1234 static void 1235 system_if_clear_entries(struct device *dev, int type, int af) 1236 { 1237 struct clear_data clr; 1238 struct nl_cb *cb; 1239 struct rtmsg rtm = { 1240 .rtm_family = af, 1241 .rtm_flags = RTM_F_CLONED, 1242 }; 1243 int flags = NLM_F_DUMP; 1244 int pending = 1; 1245 1246 clr.af = af; 1247 clr.dev = dev; 1248 clr.type = type; 1249 switch (type) { 1250 case RTM_GETADDR: 1251 case RTM_GETRULE: 1252 clr.size = sizeof(struct rtgenmsg); 1253 break; 1254 case RTM_GETROUTE: 1255 clr.size = sizeof(struct rtmsg); 1256 break; 1257 default: 1258 return; 1259 } 1260 1261 cb = nl_cb_alloc(NL_CB_DEFAULT); 1262 if (!cb) 1263 return; 1264 1265 clr.msg = nlmsg_alloc_simple(type, flags); 1266 if (!clr.msg) 1267 goto out; 1268 1269 nlmsg_append(clr.msg, &rtm, clr.size, 0); 1270 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, cb_clear_event, &clr); 1271 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, cb_finish_event, &pending); 1272 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &pending); 1273 1274 if (nl_send_auto_complete(sock_rtnl, clr.msg) < 0) 1275 goto free; 1276 1277 while (pending > 0) 1278 nl_recvmsgs(sock_rtnl, cb); 1279 1280 free: 1281 nlmsg_free(clr.msg); 1282 out: 1283 nl_cb_put(cb); 1284 } 1285 1286 /* 1287 * Clear bridge (membership) state and bring down device 1288 */ 1289 void system_if_clear_state(struct device *dev) 1290 { 1291 static char buf[256]; 1292 char *bridge; 1293 device_set_ifindex(dev, system_if_resolve(dev)); 1294 1295 if (dev->external || !dev->ifindex) 1296 return; 1297 1298 system_if_flags(dev->ifname, 0, IFF_UP); 1299 1300 if (system_is_bridge(dev->ifname)) { 1301 D(SYSTEM, "Delete existing bridge named '%s'\n", dev->ifname); 1302 system_bridge_delbr(dev); 1303 return; 1304 } 1305 1306 bridge = system_get_bridge(dev->ifname, buf, sizeof(buf)); 1307 if (bridge) { 1308 D(SYSTEM, "Remove device '%s' from bridge '%s'\n", dev->ifname, bridge); 1309 system_bridge_if(bridge, dev, SIOCBRDELIF, NULL); 1310 } 1311 1312 system_if_clear_entries(dev, RTM_GETROUTE, AF_INET); 1313 system_if_clear_entries(dev, RTM_GETADDR, AF_INET); 1314 system_if_clear_entries(dev, RTM_GETROUTE, AF_INET6); 1315 system_if_clear_entries(dev, RTM_GETADDR, AF_INET6); 1316 system_if_clear_entries(dev, RTM_GETNEIGH, AF_INET); 1317 system_if_clear_entries(dev, RTM_GETNEIGH, AF_INET6); 1318 system_set_disable_ipv6(dev, ""); 1319 } 1320 1321 static inline unsigned long 1322 sec_to_jiffies(int val) 1323 { 1324 return (unsigned long) val * 100; 1325 } 1326 1327 static void system_bridge_conf_multicast_deps(struct device *bridge, 1328 struct bridge_config *cfg, 1329 char *buf, 1330 int buf_len) 1331 { 1332 int val; 1333 1334 if (cfg->flags & BRIDGE_OPT_ROBUSTNESS || 1335 cfg->flags & BRIDGE_OPT_QUERY_INTERVAL || 1336 cfg->flags & BRIDGE_OPT_QUERY_RESPONSE_INTERVAL) { 1337 val = cfg->robustness * cfg->query_interval + 1338 cfg->query_response_interval; 1339 1340 snprintf(buf, buf_len, "%i", val); 1341 system_bridge_set_membership_interval(bridge, buf); 1342 1343 val = cfg->robustness * cfg->query_interval + 1344 cfg->query_response_interval / 2; 1345 1346 snprintf(buf, buf_len, "%i", val); 1347 system_bridge_set_other_querier_timeout(bridge, buf); 1348 } 1349 1350 if (cfg->flags & BRIDGE_OPT_QUERY_INTERVAL) { 1351 val = cfg->query_interval / 4; 1352 1353 snprintf(buf, buf_len, "%i", val); 1354 system_bridge_set_startup_query_interval(bridge, buf); 1355 } 1356 } 1357 1358 static void system_bridge_conf_multicast(struct device *bridge, 1359 struct bridge_config *cfg, 1360 char *buf, 1361 int buf_len) 1362 { 1363 system_set_dev_sysfs("bridge/multicast_snooping", 1364 bridge->ifname, cfg->igmp_snoop ? "1" : ""); 1365 1366 system_set_dev_sysfs("bridge/multicast_querier", 1367 bridge->ifname, cfg->multicast_querier ? "1" : ""); 1368 1369 snprintf(buf, buf_len, "%i", cfg->hash_max); 1370 system_set_dev_sysfs("/bridge/hash_max", 1371 bridge->ifname, buf); 1372 1373 if (bridge->settings.flags & DEV_OPT_MULTICAST_ROUTER) { 1374 snprintf(buf, buf_len, "%u", bridge->settings.multicast_router); 1375 system_bridge_set_multicast_router(bridge, buf, true); 1376 } 1377 1378 if (cfg->flags & BRIDGE_OPT_ROBUSTNESS) { 1379 snprintf(buf, buf_len, "%i", cfg->robustness); 1380 system_bridge_set_robustness(bridge, buf); 1381 } 1382 1383 if (cfg->flags & BRIDGE_OPT_QUERY_INTERVAL) { 1384 snprintf(buf, buf_len, "%i", cfg->query_interval); 1385 system_bridge_set_query_interval(bridge, buf); 1386 } 1387 1388 if (cfg->flags & BRIDGE_OPT_QUERY_RESPONSE_INTERVAL) { 1389 snprintf(buf, buf_len, "%i", cfg->query_response_interval); 1390 system_bridge_set_query_response_interval(bridge, buf); 1391 } 1392 1393 if (cfg->flags & BRIDGE_OPT_LAST_MEMBER_INTERVAL) { 1394 snprintf(buf, buf_len, "%i", cfg->last_member_interval); 1395 system_bridge_set_last_member_interval(bridge, buf); 1396 } 1397 1398 system_bridge_conf_multicast_deps(bridge, cfg, buf, buf_len); 1399 } 1400 1401 int system_bridge_addbr(struct device *bridge, struct bridge_config *cfg) 1402 { 1403 char buf[64]; 1404 1405 if (ioctl(sock_ioctl, SIOCBRADDBR, bridge->ifname) < 0) 1406 return -1; 1407 1408 system_bridge_set_stp_state(bridge, cfg->stp); 1409 1410 snprintf(buf, sizeof(buf), "%lu", sec_to_jiffies(cfg->forward_delay)); 1411 system_bridge_set_forward_delay(bridge, buf); 1412 1413 system_bridge_conf_multicast(bridge, cfg, buf, sizeof(buf)); 1414 system_bridge_set_vlan_filtering(bridge, cfg->vlan_filtering ? "1" : ""); 1415 1416 snprintf(buf, sizeof(buf), "%d", cfg->priority); 1417 system_bridge_set_priority(bridge, buf); 1418 1419 snprintf(buf, sizeof(buf), "%lu", sec_to_jiffies(cfg->hello_time)); 1420 system_bridge_set_hello_time(bridge, buf); 1421 1422 snprintf(buf, sizeof(buf), "%lu", sec_to_jiffies(cfg->max_age)); 1423 system_bridge_set_max_age(bridge, buf); 1424 1425 if (cfg->flags & BRIDGE_OPT_AGEING_TIME) { 1426 snprintf(buf, sizeof(buf), "%lu", sec_to_jiffies(cfg->ageing_time)); 1427 system_bridge_set_ageing_time(bridge, buf); 1428 } 1429 1430 return 0; 1431 } 1432 1433 int system_macvlan_add(struct device *macvlan, struct device *dev, struct macvlan_config *cfg) 1434 { 1435 struct nl_msg *msg; 1436 struct nlattr *linkinfo, *data; 1437 struct ifinfomsg iim = { .ifi_family = AF_UNSPEC, }; 1438 int i, rv; 1439 static const struct { 1440 const char *name; 1441 enum macvlan_mode val; 1442 } modes[] = { 1443 { "private", MACVLAN_MODE_PRIVATE }, 1444 { "vepa", MACVLAN_MODE_VEPA }, 1445 { "bridge", MACVLAN_MODE_BRIDGE }, 1446 { "passthru", MACVLAN_MODE_PASSTHRU }, 1447 }; 1448 1449 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); 1450 1451 if (!msg) 1452 return -1; 1453 1454 nlmsg_append(msg, &iim, sizeof(iim), 0); 1455 1456 if (cfg->flags & MACVLAN_OPT_MACADDR) 1457 nla_put(msg, IFLA_ADDRESS, sizeof(cfg->macaddr), cfg->macaddr); 1458 nla_put_string(msg, IFLA_IFNAME, macvlan->ifname); 1459 nla_put_u32(msg, IFLA_LINK, dev->ifindex); 1460 1461 if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO))) 1462 goto nla_put_failure; 1463 1464 nla_put_string(msg, IFLA_INFO_KIND, "macvlan"); 1465 1466 if (!(data = nla_nest_start(msg, IFLA_INFO_DATA))) 1467 goto nla_put_failure; 1468 1469 if (cfg->mode) { 1470 for (i = 0; i < ARRAY_SIZE(modes); i++) { 1471 if (strcmp(cfg->mode, modes[i].name) != 0) 1472 continue; 1473 1474 nla_put_u32(msg, IFLA_MACVLAN_MODE, modes[i].val); 1475 break; 1476 } 1477 } 1478 1479 nla_nest_end(msg, data); 1480 nla_nest_end(msg, linkinfo); 1481 1482 rv = system_rtnl_call(msg); 1483 if (rv) 1484 D(SYSTEM, "Error adding macvlan '%s' over '%s': %d\n", macvlan->ifname, dev->ifname, rv); 1485 1486 return rv; 1487 1488 nla_put_failure: 1489 nlmsg_free(msg); 1490 return -ENOMEM; 1491 } 1492 1493 int system_link_netns_move(struct device *dev, int netns_fd, const char *target_ifname) 1494 { 1495 struct nl_msg *msg; 1496 struct ifinfomsg iim = { 1497 .ifi_family = AF_UNSPEC, 1498 }; 1499 1500 if (!dev) 1501 return -1; 1502 1503 iim.ifi_index = system_if_resolve(dev); 1504 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST); 1505 1506 if (!msg) 1507 return -1; 1508 1509 nlmsg_append(msg, &iim, sizeof(iim), 0); 1510 if (target_ifname) 1511 nla_put_string(msg, IFLA_IFNAME, target_ifname); 1512 1513 nla_put_u32(msg, IFLA_NET_NS_FD, netns_fd); 1514 return system_rtnl_call(msg); 1515 } 1516 1517 static int system_link_del(const char *ifname) 1518 { 1519 struct nl_msg *msg; 1520 struct ifinfomsg iim = { 1521 .ifi_family = AF_UNSPEC, 1522 .ifi_index = 0, 1523 }; 1524 1525 msg = nlmsg_alloc_simple(RTM_DELLINK, NLM_F_REQUEST); 1526 1527 if (!msg) 1528 return -1; 1529 1530 nlmsg_append(msg, &iim, sizeof(iim), 0); 1531 nla_put_string(msg, IFLA_IFNAME, ifname); 1532 return system_rtnl_call(msg); 1533 } 1534 1535 int system_macvlan_del(struct device *macvlan) 1536 { 1537 return system_link_del(macvlan->ifname); 1538 } 1539 1540 int system_netns_open(const pid_t target_ns) 1541 { 1542 char pid_net_path[PATH_MAX]; 1543 1544 snprintf(pid_net_path, sizeof(pid_net_path), "/proc/%u/ns/net", target_ns); 1545 1546 return open(pid_net_path, O_RDONLY); 1547 } 1548 1549 int system_netns_set(int netns_fd) 1550 { 1551 return setns(netns_fd, CLONE_NEWNET); 1552 } 1553 1554 int system_veth_add(struct device *veth, struct veth_config *cfg) 1555 { 1556 struct nl_msg *msg; 1557 struct ifinfomsg empty_iim = {}; 1558 struct nlattr *linkinfo, *data, *veth_info; 1559 int rv; 1560 1561 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); 1562 1563 if (!msg) 1564 return -1; 1565 1566 nlmsg_append(msg, &empty_iim, sizeof(empty_iim), 0); 1567 1568 if (cfg->flags & VETH_OPT_MACADDR) 1569 nla_put(msg, IFLA_ADDRESS, sizeof(cfg->macaddr), cfg->macaddr); 1570 nla_put_string(msg, IFLA_IFNAME, veth->ifname); 1571 1572 if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO))) 1573 goto nla_put_failure; 1574 1575 nla_put_string(msg, IFLA_INFO_KIND, "veth"); 1576 1577 if (!(data = nla_nest_start(msg, IFLA_INFO_DATA))) 1578 goto nla_put_failure; 1579 1580 if (!(veth_info = nla_nest_start(msg, VETH_INFO_PEER))) 1581 goto nla_put_failure; 1582 1583 nlmsg_append(msg, &empty_iim, sizeof(empty_iim), 0); 1584 1585 if (cfg->flags & VETH_OPT_PEER_NAME) 1586 nla_put_string(msg, IFLA_IFNAME, cfg->peer_name); 1587 if (cfg->flags & VETH_OPT_PEER_MACADDR) 1588 nla_put(msg, IFLA_ADDRESS, sizeof(cfg->peer_macaddr), cfg->peer_macaddr); 1589 1590 nla_nest_end(msg, veth_info); 1591 nla_nest_end(msg, data); 1592 nla_nest_end(msg, linkinfo); 1593 1594 rv = system_rtnl_call(msg); 1595 if (rv) { 1596 if (cfg->flags & VETH_OPT_PEER_NAME) 1597 D(SYSTEM, "Error adding veth '%s' with peer '%s': %d\n", veth->ifname, cfg->peer_name, rv); 1598 else 1599 D(SYSTEM, "Error adding veth '%s': %d\n", veth->ifname, rv); 1600 } 1601 1602 return rv; 1603 1604 nla_put_failure: 1605 nlmsg_free(msg); 1606 return -ENOMEM; 1607 } 1608 1609 int system_veth_del(struct device *veth) 1610 { 1611 return system_link_del(veth->ifname); 1612 } 1613 1614 static int system_vlan(struct device *dev, int id) 1615 { 1616 struct vlan_ioctl_args ifr = { 1617 .cmd = SET_VLAN_NAME_TYPE_CMD, 1618 .u.name_type = VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD, 1619 }; 1620 1621 if (ioctl(sock_ioctl, SIOCSIFVLAN, &ifr) < 0) 1622 return -1; 1623 1624 if (id < 0) { 1625 ifr.cmd = DEL_VLAN_CMD; 1626 ifr.u.VID = 0; 1627 } else { 1628 ifr.cmd = ADD_VLAN_CMD; 1629 ifr.u.VID = id; 1630 } 1631 strncpy(ifr.device1, dev->ifname, sizeof(ifr.device1)); 1632 return ioctl(sock_ioctl, SIOCSIFVLAN, &ifr); 1633 } 1634 1635 int system_vlan_add(struct device *dev, int id) 1636 { 1637 return system_vlan(dev, id); 1638 } 1639 1640 int system_vlan_del(struct device *dev) 1641 { 1642 return system_vlan(dev, -1); 1643 } 1644 1645 int system_vlandev_add(struct device *vlandev, struct device *dev, struct vlandev_config *cfg) 1646 { 1647 struct nl_msg *msg; 1648 struct nlattr *linkinfo, *data, *qos; 1649 struct ifinfomsg iim = { .ifi_family = AF_UNSPEC }; 1650 struct vlan_qos_mapping *elem; 1651 struct ifla_vlan_qos_mapping nl_qos_map; 1652 int rv; 1653 1654 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); 1655 1656 if (!msg) 1657 return -1; 1658 1659 nlmsg_append(msg, &iim, sizeof(iim), 0); 1660 nla_put_string(msg, IFLA_IFNAME, vlandev->ifname); 1661 nla_put_u32(msg, IFLA_LINK, dev->ifindex); 1662 1663 if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO))) 1664 goto nla_put_failure; 1665 1666 nla_put_string(msg, IFLA_INFO_KIND, "vlan"); 1667 1668 if (!(data = nla_nest_start(msg, IFLA_INFO_DATA))) 1669 goto nla_put_failure; 1670 1671 nla_put_u16(msg, IFLA_VLAN_ID, cfg->vid); 1672 1673 #if LINUX_VERSION_CODE >= KERNEL_VERSION(3,10,0) 1674 nla_put_u16(msg, IFLA_VLAN_PROTOCOL, htons(cfg->proto)); 1675 #else 1676 if(cfg->proto == VLAN_PROTO_8021AD) 1677 netifd_log_message(L_WARNING, "%s Your kernel is older than linux 3.10.0, 802.1ad is not supported defaulting to 802.1q", vlandev->type->name); 1678 #endif 1679 1680 if (!(qos = nla_nest_start(msg, IFLA_VLAN_INGRESS_QOS))) 1681 goto nla_put_failure; 1682 1683 vlist_simple_for_each_element(&cfg->ingress_qos_mapping_list, elem, node) { 1684 nl_qos_map.from = elem->from; 1685 nl_qos_map.to = elem->to; 1686 nla_put(msg, IFLA_VLAN_QOS_MAPPING, sizeof(nl_qos_map), &nl_qos_map); 1687 } 1688 nla_nest_end(msg, qos); 1689 1690 if (!(qos = nla_nest_start(msg, IFLA_VLAN_EGRESS_QOS))) 1691 goto nla_put_failure; 1692 1693 vlist_simple_for_each_element(&cfg->egress_qos_mapping_list, elem, node) { 1694 nl_qos_map.from = elem->from; 1695 nl_qos_map.to = elem->to; 1696 nla_put(msg, IFLA_VLAN_QOS_MAPPING, sizeof(nl_qos_map), &nl_qos_map); 1697 } 1698 nla_nest_end(msg, qos); 1699 1700 nla_nest_end(msg, data); 1701 nla_nest_end(msg, linkinfo); 1702 1703 rv = system_rtnl_call(msg); 1704 if (rv) 1705 D(SYSTEM, "Error adding vlandev '%s' over '%s': %d\n", vlandev->ifname, dev->ifname, rv); 1706 1707 return rv; 1708 1709 nla_put_failure: 1710 nlmsg_free(msg); 1711 return -ENOMEM; 1712 } 1713 1714 int system_vlandev_del(struct device *vlandev) 1715 { 1716 return system_link_del(vlandev->ifname); 1717 } 1718 1719 static void 1720 system_set_ethtool_settings(struct device *dev, struct device_settings *s) 1721 { 1722 struct ethtool_cmd ecmd = { 1723 .cmd = ETHTOOL_GSET, 1724 }; 1725 struct ifreq ifr = { 1726 .ifr_data = (caddr_t)&ecmd, 1727 }; 1728 static const struct { 1729 int speed; 1730 uint8_t bit_half; 1731 uint8_t bit_full; 1732 } speed_mask[] = { 1733 { 10, ETHTOOL_LINK_MODE_10baseT_Half_BIT, ETHTOOL_LINK_MODE_10baseT_Full_BIT }, 1734 { 100, ETHTOOL_LINK_MODE_100baseT_Half_BIT, ETHTOOL_LINK_MODE_100baseT_Full_BIT }, 1735 { 1000, ETHTOOL_LINK_MODE_1000baseT_Half_BIT, ETHTOOL_LINK_MODE_1000baseT_Full_BIT }, 1736 }; 1737 uint32_t adv; 1738 int i; 1739 1740 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 1741 1742 if (ioctl(sock_ioctl, SIOCETHTOOL, &ifr) != 0) 1743 return; 1744 1745 adv = ecmd.supported; 1746 for (i = 0; i < ARRAY_SIZE(speed_mask); i++) { 1747 if (s->flags & DEV_OPT_DUPLEX) { 1748 int bit = s->duplex ? speed_mask[i].bit_half : speed_mask[i].bit_full; 1749 adv &= ~(1 << bit); 1750 } 1751 1752 if (!(s->flags & DEV_OPT_SPEED) || 1753 s->speed == speed_mask[i].speed) 1754 continue; 1755 1756 adv &= ~(1 << speed_mask[i].bit_full); 1757 adv &= ~(1 << speed_mask[i].bit_half); 1758 } 1759 1760 1761 if (ecmd.autoneg && ecmd.advertising == adv) 1762 return; 1763 1764 ecmd.autoneg = 1; 1765 ecmd.advertising = adv; 1766 ecmd.cmd = ETHTOOL_SSET; 1767 ioctl(sock_ioctl, SIOCETHTOOL, &ifr); 1768 } 1769 1770 void 1771 system_if_get_settings(struct device *dev, struct device_settings *s) 1772 { 1773 struct ifreq ifr; 1774 char buf[10]; 1775 1776 memset(&ifr, 0, sizeof(ifr)); 1777 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 1778 1779 if (ioctl(sock_ioctl, SIOCGIFMTU, &ifr) == 0) { 1780 s->mtu = ifr.ifr_mtu; 1781 s->flags |= DEV_OPT_MTU; 1782 } 1783 1784 s->mtu6 = system_update_ipv6_mtu(dev, 0); 1785 if (s->mtu6 > 0) 1786 s->flags |= DEV_OPT_MTU6; 1787 1788 if (ioctl(sock_ioctl, SIOCGIFTXQLEN, &ifr) == 0) { 1789 s->txqueuelen = ifr.ifr_qlen; 1790 s->flags |= DEV_OPT_TXQUEUELEN; 1791 } 1792 1793 if (ioctl(sock_ioctl, SIOCGIFHWADDR, &ifr) == 0) { 1794 memcpy(s->macaddr, &ifr.ifr_hwaddr.sa_data, sizeof(s->macaddr)); 1795 s->flags |= DEV_OPT_MACADDR; 1796 } 1797 1798 if (!system_get_disable_ipv6(dev, buf, sizeof(buf))) { 1799 s->ipv6 = !strtoul(buf, NULL, 0); 1800 s->flags |= DEV_OPT_IPV6; 1801 } 1802 1803 if (!system_get_ip6segmentrouting(dev, buf, sizeof(buf))) { 1804 s->ip6segmentrouting = strtoul(buf, NULL, 0); 1805 s->flags |= DEV_OPT_IP6SEGMENTROUTING; 1806 } 1807 1808 if (ioctl(sock_ioctl, SIOCGIFFLAGS, &ifr) == 0) { 1809 s->promisc = ifr.ifr_flags & IFF_PROMISC; 1810 s->flags |= DEV_OPT_PROMISC; 1811 1812 s->multicast = ifr.ifr_flags & IFF_MULTICAST; 1813 s->flags |= DEV_OPT_MULTICAST; 1814 } 1815 1816 if (!system_get_rpfilter(dev, buf, sizeof(buf))) { 1817 s->rpfilter = strtoul(buf, NULL, 0); 1818 s->flags |= DEV_OPT_RPFILTER; 1819 } 1820 1821 if (!system_get_acceptlocal(dev, buf, sizeof(buf))) { 1822 s->acceptlocal = strtoul(buf, NULL, 0); 1823 s->flags |= DEV_OPT_ACCEPTLOCAL; 1824 } 1825 1826 if (!system_get_igmpversion(dev, buf, sizeof(buf))) { 1827 s->igmpversion = strtoul(buf, NULL, 0); 1828 s->flags |= DEV_OPT_IGMPVERSION; 1829 } 1830 1831 if (!system_get_mldversion(dev, buf, sizeof(buf))) { 1832 s->mldversion = strtoul(buf, NULL, 0); 1833 s->flags |= DEV_OPT_MLDVERSION; 1834 } 1835 1836 if (!system_get_neigh4reachabletime(dev, buf, sizeof(buf))) { 1837 s->neigh4reachabletime = strtoul(buf, NULL, 0); 1838 s->flags |= DEV_OPT_NEIGHREACHABLETIME; 1839 } 1840 1841 if (!system_get_neigh6reachabletime(dev, buf, sizeof(buf))) { 1842 s->neigh6reachabletime = strtoul(buf, NULL, 0); 1843 s->flags |= DEV_OPT_NEIGHREACHABLETIME; 1844 } 1845 1846 if (!system_get_neigh4locktime(dev, buf, sizeof(buf))) { 1847 s->neigh4locktime = strtol(buf, NULL, 0); 1848 s->flags |= DEV_OPT_NEIGHLOCKTIME; 1849 } 1850 1851 if (!system_get_neigh4gcstaletime(dev, buf, sizeof(buf))) { 1852 s->neigh4gcstaletime = strtoul(buf, NULL, 0); 1853 s->flags |= DEV_OPT_NEIGHGCSTALETIME; 1854 } 1855 1856 if (!system_get_neigh6gcstaletime(dev, buf, sizeof(buf))) { 1857 s->neigh6gcstaletime = strtoul(buf, NULL, 0); 1858 s->flags |= DEV_OPT_NEIGHGCSTALETIME; 1859 } 1860 1861 if (!system_get_dadtransmits(dev, buf, sizeof(buf))) { 1862 s->dadtransmits = strtoul(buf, NULL, 0); 1863 s->flags |= DEV_OPT_DADTRANSMITS; 1864 } 1865 1866 if (!system_get_sendredirects(dev, buf, sizeof(buf))) { 1867 s->sendredirects = strtoul(buf, NULL, 0); 1868 s->flags |= DEV_OPT_SENDREDIRECTS; 1869 } 1870 1871 if (!system_get_drop_v4_unicast_in_l2_multicast(dev, buf, sizeof(buf))) { 1872 s->drop_v4_unicast_in_l2_multicast = strtoul(buf, NULL, 0); 1873 s->flags |= DEV_OPT_DROP_V4_UNICAST_IN_L2_MULTICAST; 1874 } 1875 1876 if (!system_get_drop_v6_unicast_in_l2_multicast(dev, buf, sizeof(buf))) { 1877 s->drop_v6_unicast_in_l2_multicast = strtoul(buf, NULL, 0); 1878 s->flags |= DEV_OPT_DROP_V6_UNICAST_IN_L2_MULTICAST; 1879 } 1880 1881 if (!system_get_drop_gratuitous_arp(dev, buf, sizeof(buf))) { 1882 s->drop_gratuitous_arp = strtoul(buf, NULL, 0); 1883 s->flags |= DEV_OPT_DROP_GRATUITOUS_ARP; 1884 } 1885 1886 if (!system_get_drop_unsolicited_na(dev, buf, sizeof(buf))) { 1887 s->drop_unsolicited_na = strtoul(buf, NULL, 0); 1888 s->flags |= DEV_OPT_DROP_UNSOLICITED_NA; 1889 } 1890 1891 if (!system_get_arp_accept(dev, buf, sizeof(buf))) { 1892 s->arp_accept = strtoul(buf, NULL, 0); 1893 s->flags |= DEV_OPT_ARP_ACCEPT; 1894 } 1895 } 1896 1897 void 1898 system_if_apply_settings(struct device *dev, struct device_settings *s, uint64_t apply_mask) 1899 { 1900 struct ifreq ifr; 1901 char buf[12]; 1902 1903 apply_mask &= s->flags; 1904 1905 memset(&ifr, 0, sizeof(ifr)); 1906 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 1907 if (apply_mask & DEV_OPT_MTU) { 1908 ifr.ifr_mtu = s->mtu; 1909 if (ioctl(sock_ioctl, SIOCSIFMTU, &ifr) < 0) 1910 s->flags &= ~DEV_OPT_MTU; 1911 } 1912 if (apply_mask & DEV_OPT_MTU6) { 1913 system_update_ipv6_mtu(dev, s->mtu6); 1914 } 1915 if (apply_mask & DEV_OPT_TXQUEUELEN) { 1916 ifr.ifr_qlen = s->txqueuelen; 1917 if (ioctl(sock_ioctl, SIOCSIFTXQLEN, &ifr) < 0) 1918 s->flags &= ~DEV_OPT_TXQUEUELEN; 1919 } 1920 if ((apply_mask & (DEV_OPT_MACADDR | DEV_OPT_DEFAULT_MACADDR)) && !dev->external) { 1921 ifr.ifr_hwaddr.sa_family = ARPHRD_ETHER; 1922 memcpy(&ifr.ifr_hwaddr.sa_data, s->macaddr, sizeof(s->macaddr)); 1923 if (ioctl(sock_ioctl, SIOCSIFHWADDR, &ifr) < 0) 1924 s->flags &= ~DEV_OPT_MACADDR; 1925 } 1926 if (apply_mask & DEV_OPT_IPV6) 1927 system_set_disable_ipv6(dev, s->ipv6 ? "" : "1"); 1928 if (s->flags & DEV_OPT_IP6SEGMENTROUTING & apply_mask) { 1929 struct device dummy = { 1930 .ifname = "all", 1931 }; 1932 bool ip6segmentrouting = device_check_ip6segmentrouting(); 1933 1934 system_set_ip6segmentrouting(dev, s->ip6segmentrouting ? "1" : ""); 1935 system_set_ip6segmentrouting(&dummy, ip6segmentrouting ? "1" : ""); 1936 } 1937 if (apply_mask & DEV_OPT_PROMISC) { 1938 if (system_if_flags(dev->ifname, s->promisc ? IFF_PROMISC : 0, 1939 !s->promisc ? IFF_PROMISC : 0) < 0) 1940 s->flags &= ~DEV_OPT_PROMISC; 1941 } 1942 if (apply_mask & DEV_OPT_RPFILTER) { 1943 snprintf(buf, sizeof(buf), "%u", s->rpfilter); 1944 system_set_rpfilter(dev, buf); 1945 } 1946 if (apply_mask & DEV_OPT_ACCEPTLOCAL) 1947 system_set_acceptlocal(dev, s->acceptlocal ? "1" : ""); 1948 if (apply_mask & DEV_OPT_IGMPVERSION) { 1949 snprintf(buf, sizeof(buf), "%u", s->igmpversion); 1950 system_set_igmpversion(dev, buf); 1951 } 1952 if (apply_mask & DEV_OPT_MLDVERSION) { 1953 snprintf(buf, sizeof(buf), "%u", s->mldversion); 1954 system_set_mldversion(dev, buf); 1955 } 1956 if (apply_mask & DEV_OPT_NEIGHREACHABLETIME) { 1957 snprintf(buf, sizeof(buf), "%u", s->neigh4reachabletime); 1958 system_set_neigh4reachabletime(dev, buf); 1959 snprintf(buf, sizeof(buf), "%u", s->neigh6reachabletime); 1960 system_set_neigh6reachabletime(dev, buf); 1961 } 1962 if (apply_mask & DEV_OPT_NEIGHLOCKTIME) { 1963 snprintf(buf, sizeof(buf), "%d", s->neigh4locktime); 1964 system_set_neigh4locktime(dev, buf); 1965 } 1966 if (apply_mask & DEV_OPT_NEIGHGCSTALETIME) { 1967 snprintf(buf, sizeof(buf), "%u", s->neigh4gcstaletime); 1968 system_set_neigh4gcstaletime(dev, buf); 1969 snprintf(buf, sizeof(buf), "%u", s->neigh6gcstaletime); 1970 system_set_neigh6gcstaletime(dev, buf); 1971 } 1972 if (apply_mask & DEV_OPT_DADTRANSMITS) { 1973 snprintf(buf, sizeof(buf), "%u", s->dadtransmits); 1974 system_set_dadtransmits(dev, buf); 1975 } 1976 if (apply_mask & DEV_OPT_MULTICAST) { 1977 if (system_if_flags(dev->ifname, s->multicast ? IFF_MULTICAST : 0, 1978 !s->multicast ? IFF_MULTICAST : 0) < 0) 1979 s->flags &= ~DEV_OPT_MULTICAST; 1980 } 1981 if (apply_mask & DEV_OPT_SENDREDIRECTS) 1982 system_set_sendredirects(dev, s->sendredirects ? "1" : ""); 1983 if (apply_mask & DEV_OPT_DROP_V4_UNICAST_IN_L2_MULTICAST) 1984 system_set_drop_v4_unicast_in_l2_multicast(dev, s->drop_v4_unicast_in_l2_multicast ? "1" : ""); 1985 if (apply_mask & DEV_OPT_DROP_V6_UNICAST_IN_L2_MULTICAST) 1986 system_set_drop_v6_unicast_in_l2_multicast(dev, s->drop_v6_unicast_in_l2_multicast ? "1" : ""); 1987 if (apply_mask & DEV_OPT_DROP_GRATUITOUS_ARP) 1988 system_set_drop_gratuitous_arp(dev, s->drop_gratuitous_arp ? "1" : ""); 1989 if (apply_mask & DEV_OPT_DROP_UNSOLICITED_NA) 1990 system_set_drop_unsolicited_na(dev, s->drop_unsolicited_na ? "1" : ""); 1991 if (apply_mask & DEV_OPT_ARP_ACCEPT) 1992 system_set_arp_accept(dev, s->arp_accept ? "1" : ""); 1993 system_set_ethtool_settings(dev, s); 1994 } 1995 1996 int system_if_up(struct device *dev) 1997 { 1998 return system_if_flags(dev->ifname, IFF_UP, 0); 1999 } 2000 2001 int system_if_down(struct device *dev) 2002 { 2003 return system_if_flags(dev->ifname, 0, IFF_UP); 2004 } 2005 2006 struct if_check_data { 2007 struct device *dev; 2008 int pending; 2009 int ret; 2010 }; 2011 2012 #ifndef IFF_LOWER_UP 2013 #define IFF_LOWER_UP 0x10000 2014 #endif 2015 2016 static int cb_if_check_valid(struct nl_msg *msg, void *arg) 2017 { 2018 struct nlmsghdr *nh = nlmsg_hdr(msg); 2019 struct ifinfomsg *ifi = NLMSG_DATA(nh); 2020 struct if_check_data *chk = (struct if_check_data *)arg; 2021 2022 if (nh->nlmsg_type != RTM_NEWLINK) 2023 return NL_SKIP; 2024 2025 if (chk->dev->type == &simple_device_type) 2026 device_set_present(chk->dev, ifi->ifi_index > 0 ? true : false); 2027 device_set_link(chk->dev, ifi->ifi_flags & IFF_LOWER_UP ? true : false); 2028 2029 return NL_OK; 2030 } 2031 2032 static int cb_if_check_ack(struct nl_msg *msg, void *arg) 2033 { 2034 struct if_check_data *chk = (struct if_check_data *)arg; 2035 chk->pending = 0; 2036 return NL_STOP; 2037 } 2038 2039 static int cb_if_check_error(struct sockaddr_nl *nla, struct nlmsgerr *err, void *arg) 2040 { 2041 struct if_check_data *chk = (struct if_check_data *)arg; 2042 2043 if (chk->dev->type == &simple_device_type) 2044 device_set_present(chk->dev, false); 2045 device_set_link(chk->dev, false); 2046 chk->pending = err->error; 2047 2048 return NL_STOP; 2049 } 2050 2051 struct bridge_vlan_check_data { 2052 struct device *check_dev; 2053 int ifindex; 2054 int ret; 2055 bool pending; 2056 }; 2057 2058 static void bridge_vlan_check_port(struct bridge_vlan_check_data *data, 2059 struct bridge_vlan_port *port, 2060 struct bridge_vlan_info *vinfo) 2061 { 2062 uint16_t flags = 0, diff, mask; 2063 2064 if (port->flags & BRVLAN_F_PVID) 2065 flags |= BRIDGE_VLAN_INFO_PVID; 2066 if (port->flags & BRVLAN_F_UNTAGGED) 2067 flags |= BRIDGE_VLAN_INFO_UNTAGGED; 2068 2069 diff = vinfo->flags ^ flags; 2070 mask = BRVLAN_F_UNTAGGED | (flags & BRIDGE_VLAN_INFO_PVID); 2071 if (diff & mask) { 2072 data->ret = 1; 2073 data->pending = false; 2074 } 2075 2076 port->check = 1; 2077 } 2078 2079 static void bridge_vlan_check_attr(struct bridge_vlan_check_data *data, 2080 struct rtattr *attr) 2081 { 2082 struct bridge_vlan_hotplug_port *port; 2083 struct bridge_vlan_info *vinfo; 2084 struct bridge_vlan *vlan; 2085 struct rtattr *cur; 2086 int rem = RTA_PAYLOAD(attr); 2087 int i; 2088 2089 for (cur = RTA_DATA(attr); RTA_OK(cur, rem); cur = RTA_NEXT(cur, rem)) { 2090 if (cur->rta_type != IFLA_BRIDGE_VLAN_INFO) 2091 continue; 2092 2093 vinfo = RTA_DATA(cur); 2094 vlan = vlist_find(&data->check_dev->vlans, &vinfo->vid, vlan, node); 2095 if (!vlan) { 2096 data->ret = 1; 2097 data->pending = false; 2098 return; 2099 } 2100 2101 for (i = 0; i < vlan->n_ports; i++) 2102 if (!vlan->ports[i].check) 2103 bridge_vlan_check_port(data, &vlan->ports[i], vinfo); 2104 2105 list_for_each_entry(port, &vlan->hotplug_ports, list) 2106 if (!port->port.check) 2107 bridge_vlan_check_port(data, &port->port, vinfo); 2108 } 2109 } 2110 2111 static int bridge_vlan_check_cb(struct nl_msg *msg, void *arg) 2112 { 2113 struct bridge_vlan_check_data *data = arg; 2114 struct nlmsghdr *nh = nlmsg_hdr(msg); 2115 struct ifinfomsg *ifi = NLMSG_DATA(nh); 2116 struct rtattr *attr; 2117 int rem; 2118 2119 if (nh->nlmsg_type != RTM_NEWLINK) 2120 return NL_SKIP; 2121 2122 if (ifi->ifi_family != AF_BRIDGE) 2123 return NL_SKIP; 2124 2125 if (ifi->ifi_index != data->ifindex) 2126 return NL_SKIP; 2127 2128 attr = IFLA_RTA(ifi); 2129 rem = nh->nlmsg_len - NLMSG_LENGTH(sizeof(*ifi)); 2130 while (RTA_OK(attr, rem)) { 2131 if (attr->rta_type == IFLA_AF_SPEC) 2132 bridge_vlan_check_attr(data, attr); 2133 2134 attr = RTA_NEXT(attr, rem); 2135 } 2136 2137 return NL_SKIP; 2138 } 2139 2140 static int bridge_vlan_ack_cb(struct nl_msg *msg, void *arg) 2141 { 2142 struct bridge_vlan_check_data *data = arg; 2143 data->pending = false; 2144 return NL_STOP; 2145 } 2146 2147 static int bridge_vlan_error_cb(struct sockaddr_nl *nla, struct nlmsgerr *err, void *arg) 2148 { 2149 struct bridge_vlan_check_data *data = arg; 2150 data->pending = false; 2151 return NL_STOP; 2152 } 2153 2154 int system_bridge_vlan_check(struct device *dev, char *ifname) 2155 { 2156 struct bridge_vlan_check_data data = { 2157 .check_dev = dev, 2158 .ifindex = if_nametoindex(ifname), 2159 .ret = -1, 2160 .pending = true, 2161 }; 2162 static struct ifinfomsg ifi = { 2163 .ifi_family = AF_BRIDGE 2164 }; 2165 static struct rtattr ext_req = { 2166 .rta_type = IFLA_EXT_MASK, 2167 .rta_len = RTA_LENGTH(sizeof(uint32_t)), 2168 }; 2169 uint32_t filter = RTEXT_FILTER_BRVLAN; 2170 struct nl_cb *cb = nl_cb_alloc(NL_CB_DEFAULT); 2171 struct bridge_vlan *vlan; 2172 struct nl_msg *msg; 2173 int i; 2174 2175 if (!data.ifindex) 2176 return 0; 2177 2178 msg = nlmsg_alloc_simple(RTM_GETLINK, NLM_F_DUMP); 2179 2180 if (nlmsg_append(msg, &ifi, sizeof(ifi), 0) || 2181 nlmsg_append(msg, &ext_req, sizeof(ext_req), NLMSG_ALIGNTO) || 2182 nlmsg_append(msg, &filter, sizeof(filter), 0)) 2183 goto free; 2184 2185 vlist_for_each_element(&dev->vlans, vlan, node) { 2186 struct bridge_vlan_hotplug_port *port; 2187 2188 for (i = 0; i < vlan->n_ports; i++) { 2189 if (!strcmp(vlan->ports[i].ifname, ifname)) 2190 vlan->ports[i].check = 0; 2191 else 2192 vlan->ports[i].check = -1; 2193 } 2194 2195 list_for_each_entry(port, &vlan->hotplug_ports, list) { 2196 if (!strcmp(port->port.ifname, ifname)) 2197 port->port.check = 0; 2198 else 2199 port->port.check = -1; 2200 } 2201 } 2202 2203 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, bridge_vlan_check_cb, &data); 2204 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, bridge_vlan_ack_cb, &data); 2205 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, bridge_vlan_ack_cb, &data); 2206 nl_cb_err(cb, NL_CB_CUSTOM, bridge_vlan_error_cb, &data); 2207 2208 if (nl_send_auto_complete(sock_rtnl, msg) < 0) 2209 goto free; 2210 2211 data.ret = 0; 2212 while (data.pending) 2213 nl_recvmsgs(sock_rtnl, cb); 2214 2215 vlist_for_each_element(&dev->vlans, vlan, node) { 2216 struct bridge_vlan_hotplug_port *port; 2217 2218 for (i = 0; i < vlan->n_ports; i++) { 2219 if (!vlan->ports[i].check) { 2220 data.ret = 1; 2221 break; 2222 } 2223 } 2224 2225 list_for_each_entry(port, &vlan->hotplug_ports, list) { 2226 if (!port->port.check) { 2227 data.ret = 1; 2228 break; 2229 } 2230 } 2231 } 2232 2233 goto out; 2234 2235 free: 2236 nlmsg_free(msg); 2237 out: 2238 nl_cb_put(cb); 2239 return data.ret; 2240 } 2241 2242 int system_if_check(struct device *dev) 2243 { 2244 struct nl_cb *cb = nl_cb_alloc(NL_CB_DEFAULT); 2245 struct nl_msg *msg; 2246 struct ifinfomsg ifi = { 2247 .ifi_family = AF_UNSPEC, 2248 .ifi_index = 0, 2249 }; 2250 struct if_check_data chk = { 2251 .dev = dev, 2252 .pending = 1, 2253 }; 2254 int ret = 1; 2255 2256 if (!cb) 2257 return ret; 2258 2259 msg = nlmsg_alloc_simple(RTM_GETLINK, 0); 2260 if (!msg) 2261 goto out; 2262 2263 if (nlmsg_append(msg, &ifi, sizeof(ifi), 0) || 2264 nla_put_string(msg, IFLA_IFNAME, dev->ifname)) 2265 goto free; 2266 2267 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, cb_if_check_valid, &chk); 2268 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, cb_if_check_ack, &chk); 2269 nl_cb_err(cb, NL_CB_CUSTOM, cb_if_check_error, &chk); 2270 2271 ret = nl_send_auto_complete(sock_rtnl, msg); 2272 if (ret < 0) 2273 goto free; 2274 2275 while (chk.pending > 0) 2276 nl_recvmsgs(sock_rtnl, cb); 2277 2278 ret = chk.pending; 2279 2280 free: 2281 nlmsg_free(msg); 2282 out: 2283 nl_cb_put(cb); 2284 return ret; 2285 } 2286 2287 struct device * 2288 system_if_get_parent(struct device *dev) 2289 { 2290 char buf[64], *devname; 2291 int ifindex, iflink; 2292 2293 if (system_get_dev_sysfs("iflink", dev->ifname, buf, sizeof(buf)) < 0) 2294 return NULL; 2295 2296 iflink = strtoul(buf, NULL, 0); 2297 ifindex = system_if_resolve(dev); 2298 if (!iflink || iflink == ifindex) 2299 return NULL; 2300 2301 devname = if_indextoname(iflink, buf); 2302 if (!devname) 2303 return NULL; 2304 2305 return device_get(devname, true); 2306 } 2307 2308 static bool 2309 read_string_file(int dir_fd, const char *file, char *buf, int len) 2310 { 2311 bool ret = false; 2312 char *c; 2313 int fd; 2314 2315 fd = openat(dir_fd, file, O_RDONLY); 2316 if (fd < 0) 2317 return false; 2318 2319 retry: 2320 len = read(fd, buf, len - 1); 2321 if (len < 0) { 2322 if (errno == EINTR) 2323 goto retry; 2324 } else if (len > 0) { 2325 buf[len] = 0; 2326 2327 c = strchr(buf, '\n'); 2328 if (c) 2329 *c = 0; 2330 2331 ret = true; 2332 } 2333 2334 close(fd); 2335 2336 return ret; 2337 } 2338 2339 static bool 2340 read_uint64_file(int dir_fd, const char *file, uint64_t *val) 2341 { 2342 char buf[64]; 2343 bool ret = false; 2344 2345 ret = read_string_file(dir_fd, file, buf, sizeof(buf)); 2346 if (ret) 2347 *val = strtoull(buf, NULL, 0); 2348 2349 return ret; 2350 } 2351 2352 /* Assume advertised flags == supported flags */ 2353 static const struct { 2354 uint32_t mask; 2355 const char *name; 2356 } ethtool_link_modes[] = { 2357 { ADVERTISED_10baseT_Half, "10baseT-H" }, 2358 { ADVERTISED_10baseT_Full, "10baseT-F" }, 2359 { ADVERTISED_100baseT_Half, "100baseT-H" }, 2360 { ADVERTISED_100baseT_Full, "100baseT-F" }, 2361 { ADVERTISED_1000baseT_Half, "1000baseT-H" }, 2362 { ADVERTISED_1000baseT_Full, "1000baseT-F" }, 2363 { ADVERTISED_1000baseKX_Full, "1000baseKX-F" }, 2364 { ADVERTISED_2500baseX_Full, "2500baseX-F" }, 2365 { ADVERTISED_10000baseT_Full, "10000baseT-F" }, 2366 { ADVERTISED_10000baseKX4_Full, "10000baseKX4-F" }, 2367 { ADVERTISED_10000baseKR_Full, "10000baseKR-F" }, 2368 { ADVERTISED_20000baseMLD2_Full, "20000baseMLD2-F" }, 2369 { ADVERTISED_20000baseKR2_Full, "20000baseKR2-F" }, 2370 { ADVERTISED_40000baseKR4_Full, "40000baseKR4-F" }, 2371 { ADVERTISED_40000baseCR4_Full, "40000baseCR4-F" }, 2372 { ADVERTISED_40000baseSR4_Full, "40000baseSR4-F" }, 2373 { ADVERTISED_40000baseLR4_Full, "40000baseLR4-F" }, 2374 #ifdef ADVERTISED_56000baseKR4_Full 2375 { ADVERTISED_56000baseKR4_Full, "56000baseKR4-F" }, 2376 { ADVERTISED_56000baseCR4_Full, "56000baseCR4-F" }, 2377 { ADVERTISED_56000baseSR4_Full, "56000baseSR4-F" }, 2378 { ADVERTISED_56000baseLR4_Full, "56000baseLR4-F" }, 2379 #endif 2380 }; 2381 2382 static void system_add_link_modes(struct blob_buf *b, __u32 mask) 2383 { 2384 int i; 2385 for (i = 0; i < ARRAY_SIZE(ethtool_link_modes); i++) { 2386 if (mask & ethtool_link_modes[i].mask) 2387 blobmsg_add_string(b, NULL, ethtool_link_modes[i].name); 2388 } 2389 } 2390 2391 bool 2392 system_if_force_external(const char *ifname) 2393 { 2394 struct stat s; 2395 2396 return stat(dev_sysfs_path(ifname, "phy80211"), &s) == 0; 2397 } 2398 2399 int 2400 system_if_dump_info(struct device *dev, struct blob_buf *b) 2401 { 2402 struct ethtool_cmd ecmd; 2403 struct ifreq ifr; 2404 char *s; 2405 void *c; 2406 2407 memset(&ecmd, 0, sizeof(ecmd)); 2408 memset(&ifr, 0, sizeof(ifr)); 2409 strncpy(ifr.ifr_name, dev->ifname, sizeof(ifr.ifr_name) - 1); 2410 ifr.ifr_data = (caddr_t) &ecmd; 2411 ecmd.cmd = ETHTOOL_GSET; 2412 2413 if (ioctl(sock_ioctl, SIOCETHTOOL, &ifr) == 0) { 2414 c = blobmsg_open_array(b, "link-advertising"); 2415 system_add_link_modes(b, ecmd.advertising); 2416 blobmsg_close_array(b, c); 2417 2418 c = blobmsg_open_array(b, "link-partner-advertising"); 2419 system_add_link_modes(b, ecmd.lp_advertising); 2420 blobmsg_close_array(b, c); 2421 2422 c = blobmsg_open_array(b, "link-supported"); 2423 system_add_link_modes(b, ecmd.supported); 2424 blobmsg_close_array(b, c); 2425 2426 s = blobmsg_alloc_string_buffer(b, "speed", 8); 2427 snprintf(s, 8, "%d%c", ethtool_cmd_speed(&ecmd), 2428 ecmd.duplex == DUPLEX_HALF ? 'H' : 'F'); 2429 blobmsg_add_string_buffer(b); 2430 2431 blobmsg_add_u8(b, "autoneg", !!ecmd.autoneg); 2432 } 2433 2434 return 0; 2435 } 2436 2437 int 2438 system_if_dump_stats(struct device *dev, struct blob_buf *b) 2439 { 2440 const char *const counters[] = { 2441 "collisions", "rx_frame_errors", "tx_compressed", 2442 "multicast", "rx_length_errors", "tx_dropped", 2443 "rx_bytes", "rx_missed_errors", "tx_errors", 2444 "rx_compressed", "rx_over_errors", "tx_fifo_errors", 2445 "rx_crc_errors", "rx_packets", "tx_heartbeat_errors", 2446 "rx_dropped", "tx_aborted_errors", "tx_packets", 2447 "rx_errors", "tx_bytes", "tx_window_errors", 2448 "rx_fifo_errors", "tx_carrier_errors", 2449 }; 2450 int stats_dir; 2451 int i; 2452 uint64_t val = 0; 2453 2454 stats_dir = open(dev_sysfs_path(dev->ifname, "statistics"), O_DIRECTORY); 2455 if (stats_dir < 0) 2456 return -1; 2457 2458 for (i = 0; i < ARRAY_SIZE(counters); i++) 2459 if (read_uint64_file(stats_dir, counters[i], &val)) 2460 blobmsg_add_u64(b, counters[i], val); 2461 2462 close(stats_dir); 2463 return 0; 2464 } 2465 2466 static int system_addr(struct device *dev, struct device_addr *addr, int cmd) 2467 { 2468 bool v4 = ((addr->flags & DEVADDR_FAMILY) == DEVADDR_INET4); 2469 int alen = v4 ? 4 : 16; 2470 unsigned int flags = 0; 2471 struct ifaddrmsg ifa = { 2472 .ifa_family = (alen == 4) ? AF_INET : AF_INET6, 2473 .ifa_prefixlen = addr->mask, 2474 .ifa_index = dev->ifindex, 2475 }; 2476 2477 struct nl_msg *msg; 2478 if (cmd == RTM_NEWADDR) 2479 flags |= NLM_F_CREATE | NLM_F_REPLACE; 2480 2481 msg = nlmsg_alloc_simple(cmd, flags); 2482 if (!msg) 2483 return -1; 2484 2485 nlmsg_append(msg, &ifa, sizeof(ifa), 0); 2486 nla_put(msg, IFA_LOCAL, alen, &addr->addr); 2487 if (v4) { 2488 if (addr->broadcast) 2489 nla_put_u32(msg, IFA_BROADCAST, addr->broadcast); 2490 if (addr->point_to_point) 2491 nla_put_u32(msg, IFA_ADDRESS, addr->point_to_point); 2492 } else { 2493 time_t now = system_get_rtime(); 2494 struct ifa_cacheinfo cinfo = {0xffffffffU, 0xffffffffU, 0, 0}; 2495 2496 if (addr->preferred_until) { 2497 int64_t preferred = addr->preferred_until - now; 2498 if (preferred < 0) 2499 preferred = 0; 2500 else if (preferred > UINT32_MAX) 2501 preferred = UINT32_MAX; 2502 2503 cinfo.ifa_prefered = preferred; 2504 } 2505 2506 if (addr->valid_until) { 2507 int64_t valid = addr->valid_until - now; 2508 if (valid <= 0) { 2509 nlmsg_free(msg); 2510 return -1; 2511 } 2512 else if (valid > UINT32_MAX) 2513 valid = UINT32_MAX; 2514 2515 cinfo.ifa_valid = valid; 2516 } 2517 2518 nla_put(msg, IFA_CACHEINFO, sizeof(cinfo), &cinfo); 2519 2520 if (cmd == RTM_NEWADDR && (addr->flags & DEVADDR_OFFLINK)) 2521 nla_put_u32(msg, IFA_FLAGS, IFA_F_NOPREFIXROUTE); 2522 } 2523 2524 return system_rtnl_call(msg); 2525 } 2526 2527 int system_add_address(struct device *dev, struct device_addr *addr) 2528 { 2529 return system_addr(dev, addr, RTM_NEWADDR); 2530 } 2531 2532 int system_del_address(struct device *dev, struct device_addr *addr) 2533 { 2534 return system_addr(dev, addr, RTM_DELADDR); 2535 } 2536 2537 static int system_neigh(struct device *dev, struct device_neighbor *neighbor, int cmd) 2538 { 2539 int alen = ((neighbor->flags & DEVADDR_FAMILY) == DEVADDR_INET4) ? 4 : 16; 2540 unsigned int flags = 0; 2541 struct ndmsg ndm = { 2542 .ndm_family = (alen == 4) ? AF_INET : AF_INET6, 2543 .ndm_ifindex = dev->ifindex, 2544 .ndm_state = NUD_PERMANENT, 2545 .ndm_flags = (neighbor->proxy ? NTF_PROXY : 0) | (neighbor->router ? NTF_ROUTER : 0), 2546 }; 2547 struct nl_msg *msg; 2548 2549 if (cmd == RTM_NEWNEIGH) 2550 flags |= NLM_F_CREATE | NLM_F_REPLACE; 2551 2552 msg = nlmsg_alloc_simple(cmd, flags); 2553 2554 if (!msg) 2555 return -1; 2556 2557 nlmsg_append(msg, &ndm, sizeof(ndm), 0); 2558 2559 nla_put(msg, NDA_DST, alen, &neighbor->addr); 2560 if (neighbor->flags & DEVNEIGH_MAC) 2561 nla_put(msg, NDA_LLADDR, sizeof(neighbor->macaddr), &neighbor->macaddr); 2562 2563 2564 return system_rtnl_call(msg); 2565 } 2566 2567 int system_add_neighbor(struct device *dev, struct device_neighbor *neighbor) 2568 { 2569 return system_neigh(dev, neighbor, RTM_NEWNEIGH); 2570 } 2571 2572 int system_del_neighbor(struct device *dev, struct device_neighbor *neighbor) 2573 { 2574 return system_neigh(dev, neighbor, RTM_DELNEIGH); 2575 } 2576 2577 static int system_rt(struct device *dev, struct device_route *route, int cmd) 2578 { 2579 int alen = ((route->flags & DEVADDR_FAMILY) == DEVADDR_INET4) ? 4 : 16; 2580 bool have_gw; 2581 unsigned int flags = 0; 2582 2583 if (alen == 4) 2584 have_gw = !!route->nexthop.in.s_addr; 2585 else 2586 have_gw = route->nexthop.in6.s6_addr32[0] || 2587 route->nexthop.in6.s6_addr32[1] || 2588 route->nexthop.in6.s6_addr32[2] || 2589 route->nexthop.in6.s6_addr32[3]; 2590 2591 unsigned int table = (route->flags & (DEVROUTE_TABLE | DEVROUTE_SRCTABLE)) 2592 ? route->table : RT_TABLE_MAIN; 2593 2594 struct rtmsg rtm = { 2595 .rtm_family = (alen == 4) ? AF_INET : AF_INET6, 2596 .rtm_dst_len = route->mask, 2597 .rtm_src_len = route->sourcemask, 2598 .rtm_table = (table < 256) ? table : RT_TABLE_UNSPEC, 2599 .rtm_protocol = (route->flags & DEVROUTE_PROTO) ? route->proto : RTPROT_STATIC, 2600 .rtm_scope = RT_SCOPE_NOWHERE, 2601 .rtm_type = (cmd == RTM_DELROUTE) ? 0: RTN_UNICAST, 2602 .rtm_flags = (route->flags & DEVROUTE_ONLINK) ? RTNH_F_ONLINK : 0, 2603 }; 2604 struct nl_msg *msg; 2605 2606 if (cmd == RTM_NEWROUTE) { 2607 flags |= NLM_F_CREATE | NLM_F_REPLACE; 2608 2609 if (!dev) { /* Add null-route */ 2610 rtm.rtm_scope = RT_SCOPE_UNIVERSE; 2611 rtm.rtm_type = RTN_UNREACHABLE; 2612 } 2613 else 2614 rtm.rtm_scope = (have_gw) ? RT_SCOPE_UNIVERSE : RT_SCOPE_LINK; 2615 } 2616 2617 if (route->flags & DEVROUTE_TYPE) { 2618 rtm.rtm_type = route->type; 2619 if (!(route->flags & (DEVROUTE_TABLE | DEVROUTE_SRCTABLE))) { 2620 if (rtm.rtm_type == RTN_LOCAL || rtm.rtm_type == RTN_BROADCAST || 2621 rtm.rtm_type == RTN_NAT || rtm.rtm_type == RTN_ANYCAST) 2622 rtm.rtm_table = RT_TABLE_LOCAL; 2623 } 2624 2625 if (rtm.rtm_type == RTN_LOCAL || rtm.rtm_type == RTN_NAT) { 2626 rtm.rtm_scope = RT_SCOPE_HOST; 2627 } else if (rtm.rtm_type == RTN_BROADCAST || rtm.rtm_type == RTN_MULTICAST || 2628 rtm.rtm_type == RTN_ANYCAST) { 2629 rtm.rtm_scope = RT_SCOPE_LINK; 2630 } else if (rtm.rtm_type == RTN_BLACKHOLE || rtm.rtm_type == RTN_UNREACHABLE || 2631 rtm.rtm_type == RTN_PROHIBIT || rtm.rtm_type == RTN_FAILED_POLICY || 2632 rtm.rtm_type == RTN_THROW) { 2633 rtm.rtm_scope = RT_SCOPE_UNIVERSE; 2634 dev = NULL; 2635 } 2636 } 2637 2638 msg = nlmsg_alloc_simple(cmd, flags); 2639 if (!msg) 2640 return -1; 2641 2642 nlmsg_append(msg, &rtm, sizeof(rtm), 0); 2643 2644 if (route->mask) 2645 nla_put(msg, RTA_DST, alen, &route->addr); 2646 2647 if (route->sourcemask) { 2648 if (rtm.rtm_family == AF_INET) 2649 nla_put(msg, RTA_PREFSRC, alen, &route->source); 2650 else 2651 nla_put(msg, RTA_SRC, alen, &route->source); 2652 } 2653 2654 if (route->metric > 0) 2655 nla_put_u32(msg, RTA_PRIORITY, route->metric); 2656 2657 if (have_gw) 2658 nla_put(msg, RTA_GATEWAY, alen, &route->nexthop); 2659 2660 if (dev) 2661 nla_put_u32(msg, RTA_OIF, dev->ifindex); 2662 2663 if (table >= 256) 2664 nla_put_u32(msg, RTA_TABLE, table); 2665 2666 if (route->flags & DEVROUTE_MTU) { 2667 struct nlattr *metrics; 2668 2669 if (!(metrics = nla_nest_start(msg, RTA_METRICS))) 2670 goto nla_put_failure; 2671 2672 nla_put_u32(msg, RTAX_MTU, route->mtu); 2673 2674 nla_nest_end(msg, metrics); 2675 } 2676 2677 return system_rtnl_call(msg); 2678 2679 nla_put_failure: 2680 nlmsg_free(msg); 2681 return -ENOMEM; 2682 } 2683 2684 int system_add_route(struct device *dev, struct device_route *route) 2685 { 2686 return system_rt(dev, route, RTM_NEWROUTE); 2687 } 2688 2689 int system_del_route(struct device *dev, struct device_route *route) 2690 { 2691 return system_rt(dev, route, RTM_DELROUTE); 2692 } 2693 2694 int system_flush_routes(void) 2695 { 2696 const char *names[] = { "ipv4", "ipv6" }; 2697 int fd, i; 2698 2699 for (i = 0; i < ARRAY_SIZE(names); i++) { 2700 snprintf(dev_buf, sizeof(dev_buf), "%s/sys/net/%s/route/flush", proc_path, names[i]); 2701 fd = open(dev_buf, O_WRONLY); 2702 if (fd < 0) 2703 continue; 2704 2705 if (write(fd, "-1", 2)) {} 2706 close(fd); 2707 } 2708 return 0; 2709 } 2710 2711 bool system_resolve_rt_type(const char *type, unsigned int *id) 2712 { 2713 return system_rtn_aton(type, id); 2714 } 2715 2716 bool system_resolve_rt_proto(const char *type, unsigned int *id) 2717 { 2718 FILE *f; 2719 char *e, buf[128]; 2720 unsigned int n, proto = 256; 2721 n = strtoul(type, &e, 0); 2722 if (!*e && e != type) 2723 proto = n; 2724 else if (!strcmp(type, "unspec")) 2725 proto = RTPROT_UNSPEC; 2726 else if (!strcmp(type, "kernel")) 2727 proto = RTPROT_KERNEL; 2728 else if (!strcmp(type, "boot")) 2729 proto = RTPROT_BOOT; 2730 else if (!strcmp(type, "static")) 2731 proto = RTPROT_STATIC; 2732 else if ((f = fopen("/etc/iproute2/rt_protos", "r")) != NULL) { 2733 while (fgets(buf, sizeof(buf) - 1, f) != NULL) { 2734 if ((e = strtok(buf, " \t\n")) == NULL || *e == '#') 2735 continue; 2736 2737 n = strtoul(e, NULL, 10); 2738 e = strtok(NULL, " \t\n"); 2739 2740 if (e && !strcmp(e, type)) { 2741 proto = n; 2742 break; 2743 } 2744 } 2745 fclose(f); 2746 } 2747 2748 if (proto > 255) 2749 return false; 2750 2751 *id = proto; 2752 return true; 2753 } 2754 2755 bool system_resolve_rt_table(const char *name, unsigned int *id) 2756 { 2757 FILE *f; 2758 char *e, buf[128]; 2759 unsigned int n, table = RT_TABLE_UNSPEC; 2760 2761 /* first try to parse table as number */ 2762 if ((n = strtoul(name, &e, 0)) > 0 && !*e) 2763 table = n; 2764 2765 /* handle well known aliases */ 2766 else if (!strcmp(name, "default")) 2767 table = RT_TABLE_DEFAULT; 2768 else if (!strcmp(name, "main")) 2769 table = RT_TABLE_MAIN; 2770 else if (!strcmp(name, "local")) 2771 table = RT_TABLE_LOCAL; 2772 2773 /* try to look up name in /etc/iproute2/rt_tables */ 2774 else if ((f = fopen("/etc/iproute2/rt_tables", "r")) != NULL) 2775 { 2776 while (fgets(buf, sizeof(buf) - 1, f) != NULL) 2777 { 2778 if ((e = strtok(buf, " \t\n")) == NULL || *e == '#') 2779 continue; 2780 2781 n = strtoul(e, NULL, 10); 2782 e = strtok(NULL, " \t\n"); 2783 2784 if (e && !strcmp(e, name)) 2785 { 2786 table = n; 2787 break; 2788 } 2789 } 2790 2791 fclose(f); 2792 } 2793 2794 if (table == RT_TABLE_UNSPEC) 2795 return false; 2796 2797 *id = table; 2798 return true; 2799 } 2800 2801 bool system_is_default_rt_table(unsigned int id) 2802 { 2803 return (id == RT_TABLE_MAIN); 2804 } 2805 2806 bool system_resolve_rpfilter(const char *filter, unsigned int *id) 2807 { 2808 char *e; 2809 unsigned int n; 2810 2811 if (!strcmp(filter, "strict")) 2812 n = 1; 2813 else if (!strcmp(filter, "loose")) 2814 n = 2; 2815 else { 2816 n = strtoul(filter, &e, 0); 2817 if (*e || e == filter || n > 2) 2818 return false; 2819 } 2820 2821 *id = n; 2822 return true; 2823 } 2824 2825 static int system_iprule(struct iprule *rule, int cmd) 2826 { 2827 int alen = ((rule->flags & IPRULE_FAMILY) == IPRULE_INET4) ? 4 : 16; 2828 2829 struct nl_msg *msg; 2830 struct rtmsg rtm = { 2831 .rtm_family = (alen == 4) ? AF_INET : AF_INET6, 2832 .rtm_protocol = RTPROT_STATIC, 2833 .rtm_scope = RT_SCOPE_UNIVERSE, 2834 .rtm_table = RT_TABLE_UNSPEC, 2835 .rtm_type = RTN_UNSPEC, 2836 .rtm_flags = 0, 2837 }; 2838 2839 if (cmd == RTM_NEWRULE) 2840 rtm.rtm_type = RTN_UNICAST; 2841 2842 if (rule->invert) 2843 rtm.rtm_flags |= FIB_RULE_INVERT; 2844 2845 if (rule->flags & IPRULE_SRC) 2846 rtm.rtm_src_len = rule->src_mask; 2847 2848 if (rule->flags & IPRULE_DEST) 2849 rtm.rtm_dst_len = rule->dest_mask; 2850 2851 if (rule->flags & IPRULE_TOS) 2852 rtm.rtm_tos = rule->tos; 2853 2854 if (rule->flags & IPRULE_LOOKUP) { 2855 if (rule->lookup < 256) 2856 rtm.rtm_table = rule->lookup; 2857 } 2858 2859 if (rule->flags & IPRULE_ACTION) 2860 rtm.rtm_type = rule->action; 2861 else if (rule->flags & IPRULE_GOTO) 2862 rtm.rtm_type = FR_ACT_GOTO; 2863 else if (!(rule->flags & (IPRULE_LOOKUP | IPRULE_ACTION | IPRULE_GOTO))) 2864 rtm.rtm_type = FR_ACT_NOP; 2865 2866 msg = nlmsg_alloc_simple(cmd, NLM_F_REQUEST); 2867 2868 if (!msg) 2869 return -1; 2870 2871 nlmsg_append(msg, &rtm, sizeof(rtm), 0); 2872 2873 if (rule->flags & IPRULE_IN) 2874 nla_put(msg, FRA_IFNAME, strlen(rule->in_dev) + 1, rule->in_dev); 2875 2876 if (rule->flags & IPRULE_OUT) 2877 nla_put(msg, FRA_OIFNAME, strlen(rule->out_dev) + 1, rule->out_dev); 2878 2879 if (rule->flags & IPRULE_SRC) 2880 nla_put(msg, FRA_SRC, alen, &rule->src_addr); 2881 2882 if (rule->flags & IPRULE_DEST) 2883 nla_put(msg, FRA_DST, alen, &rule->dest_addr); 2884 2885 if (rule->flags & IPRULE_PRIORITY) 2886 nla_put_u32(msg, FRA_PRIORITY, rule->priority); 2887 else if (cmd == RTM_NEWRULE) 2888 nla_put_u32(msg, FRA_PRIORITY, rule->order); 2889 2890 if (rule->flags & IPRULE_FWMARK) 2891 nla_put_u32(msg, FRA_FWMARK, rule->fwmark); 2892 2893 if (rule->flags & IPRULE_FWMASK) 2894 nla_put_u32(msg, FRA_FWMASK, rule->fwmask); 2895 2896 if (rule->flags & IPRULE_LOOKUP) { 2897 if (rule->lookup >= 256) 2898 nla_put_u32(msg, FRA_TABLE, rule->lookup); 2899 } 2900 2901 if (rule->flags & IPRULE_SUP_PREFIXLEN) 2902 nla_put_u32(msg, FRA_SUPPRESS_PREFIXLEN, rule->sup_prefixlen); 2903 2904 if (rule->flags & IPRULE_GOTO) 2905 nla_put_u32(msg, FRA_GOTO, rule->gotoid); 2906 2907 return system_rtnl_call(msg); 2908 } 2909 2910 int system_add_iprule(struct iprule *rule) 2911 { 2912 return system_iprule(rule, RTM_NEWRULE); 2913 } 2914 2915 int system_del_iprule(struct iprule *rule) 2916 { 2917 return system_iprule(rule, RTM_DELRULE); 2918 } 2919 2920 int system_flush_iprules(void) 2921 { 2922 int rv = 0; 2923 struct iprule rule; 2924 2925 system_if_clear_entries(NULL, RTM_GETRULE, AF_INET); 2926 system_if_clear_entries(NULL, RTM_GETRULE, AF_INET6); 2927 2928 memset(&rule, 0, sizeof(rule)); 2929 2930 2931 rule.flags = IPRULE_INET4 | IPRULE_PRIORITY | IPRULE_LOOKUP; 2932 2933 rule.priority = 0; 2934 rule.lookup = RT_TABLE_LOCAL; 2935 rv |= system_iprule(&rule, RTM_NEWRULE); 2936 2937 rule.priority = 32766; 2938 rule.lookup = RT_TABLE_MAIN; 2939 rv |= system_iprule(&rule, RTM_NEWRULE); 2940 2941 rule.priority = 32767; 2942 rule.lookup = RT_TABLE_DEFAULT; 2943 rv |= system_iprule(&rule, RTM_NEWRULE); 2944 2945 2946 rule.flags = IPRULE_INET6 | IPRULE_PRIORITY | IPRULE_LOOKUP; 2947 2948 rule.priority = 0; 2949 rule.lookup = RT_TABLE_LOCAL; 2950 rv |= system_iprule(&rule, RTM_NEWRULE); 2951 2952 rule.priority = 32766; 2953 rule.lookup = RT_TABLE_MAIN; 2954 rv |= system_iprule(&rule, RTM_NEWRULE); 2955 2956 return rv; 2957 } 2958 2959 bool system_resolve_iprule_action(const char *action, unsigned int *id) 2960 { 2961 return system_rtn_aton(action, id); 2962 } 2963 2964 time_t system_get_rtime(void) 2965 { 2966 struct timespec ts; 2967 struct timeval tv; 2968 2969 if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) 2970 return ts.tv_sec; 2971 2972 if (gettimeofday(&tv, NULL) == 0) 2973 return tv.tv_sec; 2974 2975 return 0; 2976 } 2977 2978 #ifndef IP_DF 2979 #define IP_DF 0x4000 2980 #endif 2981 2982 static int tunnel_ioctl(const char *name, int cmd, void *p) 2983 { 2984 struct ifreq ifr; 2985 2986 memset(&ifr, 0, sizeof(ifr)); 2987 strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name) - 1); 2988 ifr.ifr_ifru.ifru_data = p; 2989 return ioctl(sock_ioctl, cmd, &ifr); 2990 } 2991 2992 #ifdef IFLA_IPTUN_MAX 2993 static int system_add_ip6_tunnel(const char *name, const unsigned int link, 2994 struct blob_attr **tb) 2995 { 2996 struct nl_msg *nlm = nlmsg_alloc_simple(RTM_NEWLINK, 2997 NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE); 2998 struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC }; 2999 struct blob_attr *cur; 3000 int ret = 0, ttl = 0; 3001 3002 if (!nlm) 3003 return -1; 3004 3005 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 3006 nla_put_string(nlm, IFLA_IFNAME, name); 3007 3008 if (link) 3009 nla_put_u32(nlm, IFLA_LINK, link); 3010 3011 struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO); 3012 if (!linkinfo) { 3013 ret = -ENOMEM; 3014 goto failure; 3015 } 3016 3017 nla_put_string(nlm, IFLA_INFO_KIND, "ip6tnl"); 3018 struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA); 3019 if (!infodata) { 3020 ret = -ENOMEM; 3021 goto failure; 3022 } 3023 3024 if (link) 3025 nla_put_u32(nlm, IFLA_IPTUN_LINK, link); 3026 3027 if ((cur = tb[TUNNEL_ATTR_TTL])) 3028 ttl = blobmsg_get_u32(cur); 3029 3030 nla_put_u8(nlm, IFLA_IPTUN_PROTO, IPPROTO_IPIP); 3031 nla_put_u8(nlm, IFLA_IPTUN_TTL, (ttl) ? ttl : 64); 3032 3033 struct in6_addr in6buf; 3034 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3035 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3036 ret = -EINVAL; 3037 goto failure; 3038 } 3039 nla_put(nlm, IFLA_IPTUN_LOCAL, sizeof(in6buf), &in6buf); 3040 } 3041 3042 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3043 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3044 ret = -EINVAL; 3045 goto failure; 3046 } 3047 nla_put(nlm, IFLA_IPTUN_REMOTE, sizeof(in6buf), &in6buf); 3048 } 3049 3050 if ((cur = tb[TUNNEL_ATTR_DATA])) { 3051 struct blob_attr *tb_data[__IPIP6_DATA_ATTR_MAX]; 3052 uint32_t tun_flags = IP6_TNL_F_IGN_ENCAP_LIMIT; 3053 3054 blobmsg_parse(ipip6_data_attr_list.params, __IPIP6_DATA_ATTR_MAX, tb_data, 3055 blobmsg_data(cur), blobmsg_len(cur)); 3056 3057 if ((cur = tb_data[IPIP6_DATA_ENCAPLIMIT])) { 3058 char *str = blobmsg_get_string(cur); 3059 3060 if (strcmp(str, "ignore")) { 3061 char *e; 3062 unsigned encap_limit = strtoul(str, &e, 0); 3063 3064 if (e == str || *e || encap_limit > 255) { 3065 ret = -EINVAL; 3066 goto failure; 3067 } 3068 3069 nla_put_u8(nlm, IFLA_IPTUN_ENCAP_LIMIT, encap_limit); 3070 tun_flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT; 3071 } 3072 } 3073 3074 #ifdef IFLA_IPTUN_FMR_MAX 3075 if ((cur = tb_data[IPIP6_DATA_FMRS])) { 3076 struct blob_attr *rcur; 3077 unsigned rrem, fmrcnt = 0; 3078 struct nlattr *fmrs = nla_nest_start(nlm, IFLA_IPTUN_FMRS); 3079 3080 if (!fmrs) { 3081 ret = -ENOMEM; 3082 goto failure; 3083 } 3084 3085 blobmsg_for_each_attr(rcur, cur, rrem) { 3086 struct blob_attr *tb_fmr[__FMR_DATA_ATTR_MAX], *tb_cur; 3087 struct in6_addr ip6prefix; 3088 struct in_addr ip4prefix; 3089 unsigned ip4len, ip6len, ealen, offset; 3090 3091 blobmsg_parse(fmr_data_attr_list.params, __FMR_DATA_ATTR_MAX, tb_fmr, 3092 blobmsg_data(rcur), blobmsg_len(rcur)); 3093 3094 if (!(tb_cur = tb_fmr[FMR_DATA_PREFIX6]) || 3095 !parse_ip_and_netmask(AF_INET6, 3096 blobmsg_data(tb_cur), &ip6prefix, 3097 &ip6len)) { 3098 ret = -EINVAL; 3099 goto failure; 3100 } 3101 3102 if (!(tb_cur = tb_fmr[FMR_DATA_PREFIX4]) || 3103 !parse_ip_and_netmask(AF_INET, 3104 blobmsg_data(tb_cur), &ip4prefix, 3105 &ip4len)) { 3106 ret = -EINVAL; 3107 goto failure; 3108 } 3109 3110 if (!(tb_cur = tb_fmr[FMR_DATA_EALEN])) { 3111 ret = -EINVAL; 3112 goto failure; 3113 } 3114 ealen = blobmsg_get_u32(tb_cur); 3115 3116 if (!(tb_cur = tb_fmr[FMR_DATA_OFFSET])) { 3117 ret = -EINVAL; 3118 goto failure; 3119 } 3120 offset = blobmsg_get_u32(tb_cur); 3121 3122 struct nlattr *rule = nla_nest_start(nlm, ++fmrcnt); 3123 if (!rule) { 3124 ret = -ENOMEM; 3125 goto failure; 3126 } 3127 3128 nla_put(nlm, IFLA_IPTUN_FMR_IP6_PREFIX, sizeof(ip6prefix), &ip6prefix); 3129 nla_put(nlm, IFLA_IPTUN_FMR_IP4_PREFIX, sizeof(ip4prefix), &ip4prefix); 3130 nla_put_u8(nlm, IFLA_IPTUN_FMR_IP6_PREFIX_LEN, ip6len); 3131 nla_put_u8(nlm, IFLA_IPTUN_FMR_IP4_PREFIX_LEN, ip4len); 3132 nla_put_u8(nlm, IFLA_IPTUN_FMR_EA_LEN, ealen); 3133 nla_put_u8(nlm, IFLA_IPTUN_FMR_OFFSET, offset); 3134 3135 nla_nest_end(nlm, rule); 3136 } 3137 3138 nla_nest_end(nlm, fmrs); 3139 } 3140 #endif 3141 if (tun_flags) 3142 nla_put_u32(nlm, IFLA_IPTUN_FLAGS, tun_flags); 3143 } 3144 3145 nla_nest_end(nlm, infodata); 3146 nla_nest_end(nlm, linkinfo); 3147 3148 return system_rtnl_call(nlm); 3149 3150 failure: 3151 nlmsg_free(nlm); 3152 return ret; 3153 } 3154 #endif 3155 3156 #ifdef IFLA_IPTUN_MAX 3157 #define IP6_FLOWINFO_TCLASS htonl(0x0FF00000) 3158 static int system_add_gre_tunnel(const char *name, const char *kind, 3159 const unsigned int link, struct blob_attr **tb, bool v6) 3160 { 3161 struct nl_msg *nlm; 3162 struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC, }; 3163 struct blob_attr *cur; 3164 uint32_t ikey = 0, okey = 0, flowinfo = 0, flags6 = IP6_TNL_F_IGN_ENCAP_LIMIT; 3165 uint16_t iflags = 0, oflags = 0; 3166 uint8_t tos = 0; 3167 int ret = 0, ttl = 0; 3168 unsigned encap_limit = 0; 3169 3170 nlm = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE); 3171 if (!nlm) 3172 return -1; 3173 3174 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 3175 nla_put_string(nlm, IFLA_IFNAME, name); 3176 3177 struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO); 3178 if (!linkinfo) { 3179 ret = -ENOMEM; 3180 goto failure; 3181 } 3182 3183 nla_put_string(nlm, IFLA_INFO_KIND, kind); 3184 struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA); 3185 if (!infodata) { 3186 ret = -ENOMEM; 3187 goto failure; 3188 } 3189 3190 if (link) 3191 nla_put_u32(nlm, IFLA_GRE_LINK, link); 3192 3193 if ((cur = tb[TUNNEL_ATTR_TTL])) 3194 ttl = blobmsg_get_u32(cur); 3195 3196 if ((cur = tb[TUNNEL_ATTR_TOS])) { 3197 char *str = blobmsg_get_string(cur); 3198 if (strcmp(str, "inherit")) { 3199 unsigned uval; 3200 3201 if (!system_tos_aton(str, &uval)) { 3202 ret = -EINVAL; 3203 goto failure; 3204 } 3205 3206 if (v6) 3207 flowinfo |= htonl(uval << 20) & IP6_FLOWINFO_TCLASS; 3208 else 3209 tos = uval; 3210 } else { 3211 if (v6) 3212 flags6 |= IP6_TNL_F_USE_ORIG_TCLASS; 3213 else 3214 tos = 1; 3215 } 3216 } 3217 3218 if ((cur = tb[TUNNEL_ATTR_DATA])) { 3219 struct blob_attr *tb_data[__GRE_DATA_ATTR_MAX]; 3220 3221 blobmsg_parse(gre_data_attr_list.params, __GRE_DATA_ATTR_MAX, tb_data, 3222 blobmsg_data(cur), blobmsg_len(cur)); 3223 3224 if ((cur = tb_data[GRE_DATA_IKEY])) { 3225 if ((ikey = blobmsg_get_u32(cur))) 3226 iflags |= GRE_KEY; 3227 } 3228 3229 if ((cur = tb_data[GRE_DATA_OKEY])) { 3230 if ((okey = blobmsg_get_u32(cur))) 3231 oflags |= GRE_KEY; 3232 } 3233 3234 if ((cur = tb_data[GRE_DATA_ICSUM])) { 3235 if (blobmsg_get_bool(cur)) 3236 iflags |= GRE_CSUM; 3237 } 3238 3239 if ((cur = tb_data[GRE_DATA_OCSUM])) { 3240 if (blobmsg_get_bool(cur)) 3241 oflags |= GRE_CSUM; 3242 } 3243 3244 if ((cur = tb_data[GRE_DATA_ISEQNO])) { 3245 if (blobmsg_get_bool(cur)) 3246 iflags |= GRE_SEQ; 3247 } 3248 3249 if ((cur = tb_data[GRE_DATA_OSEQNO])) { 3250 if (blobmsg_get_bool(cur)) 3251 oflags |= GRE_SEQ; 3252 } 3253 3254 if ((cur = tb_data[GRE_DATA_ENCAPLIMIT])) { 3255 char *str = blobmsg_get_string(cur); 3256 3257 if (strcmp(str, "ignore")) { 3258 char *e; 3259 3260 encap_limit = strtoul(str, &e, 0); 3261 3262 if (e == str || *e || encap_limit > 255) { 3263 ret = -EINVAL; 3264 goto failure; 3265 } 3266 3267 flags6 &= ~IP6_TNL_F_IGN_ENCAP_LIMIT; 3268 } 3269 } 3270 } 3271 3272 if (v6) { 3273 struct in6_addr in6buf; 3274 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3275 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3276 ret = -EINVAL; 3277 goto failure; 3278 } 3279 nla_put(nlm, IFLA_GRE_LOCAL, sizeof(in6buf), &in6buf); 3280 } 3281 3282 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3283 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3284 ret = -EINVAL; 3285 goto failure; 3286 } 3287 nla_put(nlm, IFLA_GRE_REMOTE, sizeof(in6buf), &in6buf); 3288 } 3289 3290 if (!(flags6 & IP6_TNL_F_IGN_ENCAP_LIMIT)) 3291 nla_put_u8(nlm, IFLA_GRE_ENCAP_LIMIT, encap_limit); 3292 3293 if (flowinfo) 3294 nla_put_u32(nlm, IFLA_GRE_FLOWINFO, flowinfo); 3295 3296 if (flags6) 3297 nla_put_u32(nlm, IFLA_GRE_FLAGS, flags6); 3298 3299 if (!ttl) 3300 ttl = 64; 3301 } else { 3302 struct in_addr inbuf; 3303 bool set_df = true; 3304 3305 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3306 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 3307 ret = -EINVAL; 3308 goto failure; 3309 } 3310 nla_put(nlm, IFLA_GRE_LOCAL, sizeof(inbuf), &inbuf); 3311 } 3312 3313 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3314 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 3315 ret = -EINVAL; 3316 goto failure; 3317 } 3318 nla_put(nlm, IFLA_GRE_REMOTE, sizeof(inbuf), &inbuf); 3319 3320 if (IN_MULTICAST(ntohl(inbuf.s_addr))) { 3321 if (!okey) { 3322 okey = inbuf.s_addr; 3323 oflags |= GRE_KEY; 3324 } 3325 3326 if (!ikey) { 3327 ikey = inbuf.s_addr; 3328 iflags |= GRE_KEY; 3329 } 3330 } 3331 } 3332 3333 if ((cur = tb[TUNNEL_ATTR_DF])) 3334 set_df = blobmsg_get_bool(cur); 3335 3336 if (!set_df) { 3337 /* ttl != 0 and nopmtudisc are incompatible */ 3338 if (ttl) { 3339 ret = -EINVAL; 3340 goto failure; 3341 } 3342 } else if (!ttl) 3343 ttl = 64; 3344 3345 nla_put_u8(nlm, IFLA_GRE_PMTUDISC, set_df ? 1 : 0); 3346 3347 nla_put_u8(nlm, IFLA_GRE_TOS, tos); 3348 } 3349 3350 if (ttl) 3351 nla_put_u8(nlm, IFLA_GRE_TTL, ttl); 3352 3353 if (oflags) 3354 nla_put_u16(nlm, IFLA_GRE_OFLAGS, oflags); 3355 3356 if (iflags) 3357 nla_put_u16(nlm, IFLA_GRE_IFLAGS, iflags); 3358 3359 if (okey) 3360 nla_put_u32(nlm, IFLA_GRE_OKEY, htonl(okey)); 3361 3362 if (ikey) 3363 nla_put_u32(nlm, IFLA_GRE_IKEY, htonl(ikey)); 3364 3365 nla_nest_end(nlm, infodata); 3366 nla_nest_end(nlm, linkinfo); 3367 3368 return system_rtnl_call(nlm); 3369 3370 failure: 3371 nlmsg_free(nlm); 3372 return ret; 3373 } 3374 #endif 3375 3376 #ifdef IFLA_VTI_MAX 3377 static int system_add_vti_tunnel(const char *name, const char *kind, 3378 const unsigned int link, struct blob_attr **tb, bool v6) 3379 { 3380 struct nl_msg *nlm; 3381 struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC, }; 3382 struct blob_attr *cur; 3383 int ret = 0; 3384 3385 nlm = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE); 3386 if (!nlm) 3387 return -1; 3388 3389 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 3390 nla_put_string(nlm, IFLA_IFNAME, name); 3391 3392 struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO); 3393 if (!linkinfo) { 3394 ret = -ENOMEM; 3395 goto failure; 3396 } 3397 3398 nla_put_string(nlm, IFLA_INFO_KIND, kind); 3399 struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA); 3400 if (!infodata) { 3401 ret = -ENOMEM; 3402 goto failure; 3403 } 3404 3405 if (link) 3406 nla_put_u32(nlm, IFLA_VTI_LINK, link); 3407 3408 if (v6) { 3409 struct in6_addr in6buf; 3410 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3411 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3412 ret = -EINVAL; 3413 goto failure; 3414 } 3415 nla_put(nlm, IFLA_VTI_LOCAL, sizeof(in6buf), &in6buf); 3416 } 3417 3418 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3419 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3420 ret = -EINVAL; 3421 goto failure; 3422 } 3423 nla_put(nlm, IFLA_VTI_REMOTE, sizeof(in6buf), &in6buf); 3424 } 3425 3426 } else { 3427 struct in_addr inbuf; 3428 3429 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3430 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 3431 ret = -EINVAL; 3432 goto failure; 3433 } 3434 nla_put(nlm, IFLA_VTI_LOCAL, sizeof(inbuf), &inbuf); 3435 } 3436 3437 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3438 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 3439 ret = -EINVAL; 3440 goto failure; 3441 } 3442 nla_put(nlm, IFLA_VTI_REMOTE, sizeof(inbuf), &inbuf); 3443 } 3444 3445 } 3446 3447 if ((cur = tb[TUNNEL_ATTR_DATA])) { 3448 struct blob_attr *tb_data[__VTI_DATA_ATTR_MAX]; 3449 uint32_t ikey = 0, okey = 0; 3450 3451 blobmsg_parse(vti_data_attr_list.params, __VTI_DATA_ATTR_MAX, tb_data, 3452 blobmsg_data(cur), blobmsg_len(cur)); 3453 3454 if ((cur = tb_data[VTI_DATA_IKEY])) { 3455 if ((ikey = blobmsg_get_u32(cur))) 3456 nla_put_u32(nlm, IFLA_VTI_IKEY, htonl(ikey)); 3457 } 3458 3459 if ((cur = tb_data[VTI_DATA_OKEY])) { 3460 if ((okey = blobmsg_get_u32(cur))) 3461 nla_put_u32(nlm, IFLA_VTI_OKEY, htonl(okey)); 3462 } 3463 } 3464 3465 nla_nest_end(nlm, infodata); 3466 nla_nest_end(nlm, linkinfo); 3467 3468 return system_rtnl_call(nlm); 3469 3470 failure: 3471 nlmsg_free(nlm); 3472 return ret; 3473 } 3474 #endif 3475 3476 #ifdef IFLA_XFRM_MAX 3477 static int system_add_xfrm_tunnel(const char *name, const char *kind, 3478 const unsigned int link, struct blob_attr **tb) 3479 { 3480 struct nl_msg *nlm; 3481 struct ifinfomsg ifi = { .ifi_family = AF_UNSPEC, }; 3482 struct blob_attr *cur; 3483 int ret = 0; 3484 3485 nlm = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE); 3486 if (!nlm) 3487 return -1; 3488 3489 nlmsg_append(nlm, &ifi, sizeof(ifi), 0); 3490 nla_put_string(nlm, IFLA_IFNAME, name); 3491 3492 struct nlattr *linkinfo = nla_nest_start(nlm, IFLA_LINKINFO); 3493 if (!linkinfo) { 3494 ret = -ENOMEM; 3495 goto failure; 3496 } 3497 3498 nla_put_string(nlm, IFLA_INFO_KIND, kind); 3499 struct nlattr *infodata = nla_nest_start(nlm, IFLA_INFO_DATA); 3500 if (!infodata) { 3501 ret = -ENOMEM; 3502 goto failure; 3503 } 3504 3505 if (link) 3506 nla_put_u32(nlm, IFLA_XFRM_LINK, link); 3507 3508 if ((cur = tb[TUNNEL_ATTR_DATA])) { 3509 struct blob_attr *tb_data[__XFRM_DATA_ATTR_MAX]; 3510 uint32_t if_id = 0; 3511 3512 blobmsg_parse(xfrm_data_attr_list.params, __XFRM_DATA_ATTR_MAX, tb_data, 3513 blobmsg_data(cur), blobmsg_len(cur)); 3514 3515 if ((cur = tb_data[XFRM_DATA_IF_ID])) { 3516 if ((if_id = blobmsg_get_u32(cur))) 3517 nla_put_u32(nlm, IFLA_XFRM_IF_ID, if_id); 3518 } 3519 3520 } 3521 3522 nla_nest_end(nlm, infodata); 3523 nla_nest_end(nlm, linkinfo); 3524 3525 return system_rtnl_call(nlm); 3526 3527 failure: 3528 nlmsg_free(nlm); 3529 return ret; 3530 } 3531 #endif 3532 3533 #ifdef IFLA_VXLAN_MAX 3534 static void system_vxlan_map_bool_attr(struct nl_msg *msg, struct blob_attr **tb_data, int attrtype, int vxlandatatype, bool invert) { 3535 struct blob_attr *cur; 3536 if ((cur = tb_data[vxlandatatype])) { 3537 bool val = blobmsg_get_bool(cur); 3538 if (invert) 3539 val = !val; 3540 3541 if ((attrtype == IFLA_VXLAN_GBP) && val) 3542 nla_put_flag(msg, attrtype); 3543 else 3544 nla_put_u8(msg, attrtype, val); 3545 3546 } 3547 } 3548 3549 static int system_add_vxlan(const char *name, const unsigned int link, struct blob_attr **tb, bool v6) 3550 { 3551 struct blob_attr *tb_data[__VXLAN_DATA_ATTR_MAX]; 3552 struct nl_msg *msg; 3553 struct nlattr *linkinfo, *data; 3554 struct ifinfomsg iim = { .ifi_family = AF_UNSPEC, }; 3555 struct blob_attr *cur; 3556 int ret = 0; 3557 3558 if ((cur = tb[TUNNEL_ATTR_DATA])) 3559 blobmsg_parse(vxlan_data_attr_list.params, __VXLAN_DATA_ATTR_MAX, tb_data, 3560 blobmsg_data(cur), blobmsg_len(cur)); 3561 else 3562 return -EINVAL; 3563 3564 msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL); 3565 3566 if (!msg) 3567 return -1; 3568 3569 nlmsg_append(msg, &iim, sizeof(iim), 0); 3570 3571 nla_put_string(msg, IFLA_IFNAME, name); 3572 3573 if ((cur = tb_data[VXLAN_DATA_ATTR_MACADDR])) { 3574 struct ether_addr *ea = ether_aton(blobmsg_get_string(cur)); 3575 if (!ea) { 3576 ret = -EINVAL; 3577 goto failure; 3578 } 3579 3580 nla_put(msg, IFLA_ADDRESS, ETH_ALEN, ea); 3581 } 3582 3583 if ((cur = tb[TUNNEL_ATTR_MTU])) { 3584 uint32_t mtu = blobmsg_get_u32(cur); 3585 nla_put_u32(msg, IFLA_MTU, mtu); 3586 } 3587 3588 if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO))) { 3589 ret = -ENOMEM; 3590 goto failure; 3591 } 3592 3593 nla_put_string(msg, IFLA_INFO_KIND, "vxlan"); 3594 3595 if (!(data = nla_nest_start(msg, IFLA_INFO_DATA))) { 3596 ret = -ENOMEM; 3597 goto failure; 3598 } 3599 3600 if (link) 3601 nla_put_u32(msg, IFLA_VXLAN_LINK, link); 3602 3603 if ((cur = tb_data[VXLAN_DATA_ATTR_ID])) { 3604 uint32_t id = blobmsg_get_u32(cur); 3605 if (id >= (1u << 24) - 1) { 3606 ret = -EINVAL; 3607 goto failure; 3608 } 3609 3610 nla_put_u32(msg, IFLA_VXLAN_ID, id); 3611 } 3612 3613 if (v6) { 3614 struct in6_addr in6buf; 3615 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3616 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3617 ret = -EINVAL; 3618 goto failure; 3619 } 3620 nla_put(msg, IFLA_VXLAN_LOCAL6, sizeof(in6buf), &in6buf); 3621 } 3622 3623 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3624 if (inet_pton(AF_INET6, blobmsg_data(cur), &in6buf) < 1) { 3625 ret = -EINVAL; 3626 goto failure; 3627 } 3628 nla_put(msg, IFLA_VXLAN_GROUP6, sizeof(in6buf), &in6buf); 3629 } 3630 } else { 3631 struct in_addr inbuf; 3632 3633 if ((cur = tb[TUNNEL_ATTR_LOCAL])) { 3634 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 3635 ret = -EINVAL; 3636 goto failure; 3637 } 3638 nla_put(msg, IFLA_VXLAN_LOCAL, sizeof(inbuf), &inbuf); 3639 } 3640 3641 if ((cur = tb[TUNNEL_ATTR_REMOTE])) { 3642 if (inet_pton(AF_INET, blobmsg_data(cur), &inbuf) < 1) { 3643 ret = -EINVAL; 3644 goto failure; 3645 } 3646 nla_put(msg, IFLA_VXLAN_GROUP, sizeof(inbuf), &inbuf); 3647 } 3648 } 3649 3650 uint32_t port = 4789; 3651 if ((cur = tb_data[VXLAN_DATA_ATTR_PORT])) { 3652 port = blobmsg_get_u32(cur); 3653 if (port < 1 || port > 65535) { 3654 ret = -EINVAL; 3655 goto failure; 3656 } 3657 } 3658 nla_put_u16(msg, IFLA_VXLAN_PORT, htons(port)); 3659 3660 if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMIN])) { 3661 struct ifla_vxlan_port_range srcports = {0,0}; 3662 3663 uint32_t low = blobmsg_get_u32(cur); 3664 if (low < 1 || low > 65535 - 1) { 3665 ret = -EINVAL; 3666 goto failure; 3667 } 3668 3669 srcports.low = htons((uint16_t) low); 3670 srcports.high = htons((uint16_t) (low+1)); 3671 3672 if ((cur = tb_data[VXLAN_DATA_ATTR_SRCPORTMAX])) { 3673 uint32_t high = blobmsg_get_u32(cur); 3674 if (high < 1 || high > 65535) { 3675 ret = -EINVAL; 3676 goto failure; 3677 } 3678 3679 if (high > low) 3680 srcports.high = htons((uint16_t) high); 3681 } 3682 3683 nla_put(msg, IFLA_VXLAN_PORT_RANGE, sizeof(srcports), &srcports); 3684 } 3685 3686 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_CSUM, VXLAN_DATA_ATTR_TXCSUM, false); 3687 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_RX, VXLAN_DATA_ATTR_RXCSUM, true); 3688 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_UDP_ZERO_CSUM6_TX, VXLAN_DATA_ATTR_TXCSUM, true); 3689 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_LEARNING, VXLAN_DATA_ATTR_LEARNING, false); 3690 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_RSC , VXLAN_DATA_ATTR_RSC, false); 3691 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_PROXY , VXLAN_DATA_ATTR_PROXY, false); 3692 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L2MISS , VXLAN_DATA_ATTR_L2MISS, false); 3693 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_L3MISS , VXLAN_DATA_ATTR_L3MISS, false); 3694 system_vxlan_map_bool_attr(msg, tb_data, IFLA_VXLAN_GBP , VXLAN_DATA_ATTR_GBP, false); 3695 3696 if ((cur = tb_data[VXLAN_DATA_ATTR_AGEING])) { 3697 uint32_t ageing = blobmsg_get_u32(cur); 3698 nla_put_u32(msg, IFLA_VXLAN_AGEING, ageing); 3699 } 3700 3701 if ((cur = tb_data[VXLAN_DATA_ATTR_LIMIT])) { 3702 uint32_t maxaddress = blobmsg_get_u32(cur); 3703 nla_put_u32(msg, IFLA_VXLAN_LIMIT, maxaddress); 3704 } 3705 3706 if ((cur = tb[TUNNEL_ATTR_TOS])) { 3707 char *str = blobmsg_get_string(cur); 3708 unsigned tos = 1; 3709 3710 if (strcmp(str, "inherit")) { 3711 if (!system_tos_aton(str, &tos)) { 3712 ret = -EINVAL; 3713 goto failure; 3714 } 3715 } 3716 3717 nla_put_u8(msg, IFLA_VXLAN_TOS, tos); 3718 } 3719 3720 if ((cur = tb[TUNNEL_ATTR_TTL])) { 3721 uint32_t ttl = blobmsg_get_u32(cur); 3722 if (ttl < 1 || ttl > 255) { 3723 ret = -EINVAL; 3724 goto failure; 3725 } 3726 3727 nla_put_u8(msg, IFLA_VXLAN_TTL, ttl); 3728 } 3729 3730 nla_nest_end(msg, data); 3731 nla_nest_end(msg, linkinfo); 3732 3733 ret = system_rtnl_call(msg); 3734 if (ret) 3735 D(SYSTEM, "Error adding vxlan '%s': %d\n", name, ret); 3736 3737 return ret; 3738 3739 failure: 3740 nlmsg_free(msg); 3741 return ret; 3742 } 3743 #endif 3744 3745 static int system_add_sit_tunnel(const char *name, const unsigned int link, struct blob_attr **tb) 3746 { 3747 struct blob_attr *cur; 3748 int ret = 0; 3749 3750 if (system_add_proto_tunnel(name, IPPROTO_IPV6, link, tb) < 0) 3751 return -1; 3752 3753 #ifdef SIOCADD6RD 3754 if ((cur = tb[TUNNEL_ATTR_DATA])) { 3755 struct blob_attr *tb_data[__SIXRD_DATA_ATTR_MAX]; 3756 unsigned int mask; 3757 struct ip_tunnel_6rd p6; 3758 3759 blobmsg_parse(sixrd_data_attr_list.params, __SIXRD_DATA_ATTR_MAX, tb_data, 3760 blobmsg_data(cur), blobmsg_len(cur)); 3761 3762 memset(&p6, 0, sizeof(p6)); 3763 3764 if ((cur = tb_data[SIXRD_DATA_PREFIX])) { 3765 if (!parse_ip_and_netmask(AF_INET6, blobmsg_data(cur), 3766 &p6.prefix, &mask) || mask > 128) { 3767 ret = -EINVAL; 3768 goto failure; 3769 } 3770 3771 p6.prefixlen = mask; 3772 } 3773 3774 if ((cur = tb_data[SIXRD_DATA_RELAY_PREFIX])) { 3775 if (!parse_ip_and_netmask(AF_INET, blobmsg_data(cur), 3776 &p6.relay_prefix, &mask) || mask > 32) { 3777 ret = -EINVAL; 3778 goto failure; 3779 } 3780 3781 p6.relay_prefixlen = mask; 3782 } 3783 3784 if (tunnel_ioctl(name, SIOCADD6RD, &p6) < 0) { 3785 ret = -1; 3786 goto failure; 3787 } 3788 } 3789 #endif 3790 3791 return ret; 3792 3793 failure: 3794 __system_del_ip_tunnel(name, tb); 3795 return ret; 3796 } 3797 3798 static int system_add_proto_tunnel(const char *name, const uint8_t proto, const unsigned int link, struct blob_attr **tb) 3799 { 3800 struct blob_attr *cur; 3801 bool set_df = true; 3802 struct ip_tunnel_parm p = { 3803 .link = link, 3804 .iph = { 3805 .version = 4, 3806 .ihl = 5, 3807 .protocol = proto, 3808 } 3809 }; 3810 3811 if ((cur = tb[TUNNEL_ATTR_LOCAL]) && 3812 inet_pton(AF_INET, blobmsg_data(cur), &p.iph.saddr) < 1) 3813 return -EINVAL; 3814 3815 if ((cur = tb[TUNNEL_ATTR_REMOTE]) && 3816 inet_pton(AF_INET, blobmsg_data(cur), &p.iph.daddr) < 1) 3817 return -EINVAL; 3818 3819 if ((cur = tb[TUNNEL_ATTR_DF])) 3820 set_df = blobmsg_get_bool(cur); 3821 3822 if ((cur = tb[TUNNEL_ATTR_TTL])) 3823 p.iph.ttl = blobmsg_get_u32(cur); 3824 3825 if ((cur = tb[TUNNEL_ATTR_TOS])) { 3826 char *str = blobmsg_get_string(cur); 3827 if (strcmp(str, "inherit")) { 3828 unsigned uval; 3829 3830 if (!system_tos_aton(str, &uval)) 3831 return -EINVAL; 3832 3833 p.iph.tos = uval; 3834 } else 3835 p.iph.tos = 1; 3836 } 3837 3838 p.iph.frag_off = set_df ? htons(IP_DF) : 0; 3839 /* ttl !=0 and nopmtudisc are incompatible */ 3840 if (p.iph.ttl && p.iph.frag_off == 0) 3841 return -EINVAL; 3842 3843 strncpy(p.name, name, sizeof(p.name) - 1); 3844 3845 switch (p.iph.protocol) { 3846 case IPPROTO_IPIP: 3847 return tunnel_ioctl("tunl0", SIOCADDTUNNEL, &p); 3848 case IPPROTO_IPV6: 3849 return tunnel_ioctl("sit0", SIOCADDTUNNEL, &p); 3850 default: 3851 break; 3852 } 3853 return -1; 3854 } 3855 3856 static int __system_del_ip_tunnel(const char *name, struct blob_attr **tb) 3857 { 3858 struct blob_attr *cur; 3859 const char *str; 3860 3861 if (!(cur = tb[TUNNEL_ATTR_TYPE])) 3862 return -EINVAL; 3863 str = blobmsg_data(cur); 3864 3865 if (!strcmp(str, "greip") || !strcmp(str, "gretapip") || 3866 !strcmp(str, "greip6") || !strcmp(str, "gretapip6") || 3867 !strcmp(str, "vtiip") || !strcmp(str, "vtiip6") || 3868 !strcmp(str, "vxlan") || !strcmp(str, "vxlan6") || 3869 !strcmp(str, "xfrm")) 3870 return system_link_del(name); 3871 else 3872 return tunnel_ioctl(name, SIOCDELTUNNEL, NULL); 3873 } 3874 3875 int system_del_ip_tunnel(const char *name, struct blob_attr *attr) 3876 { 3877 struct blob_attr *tb[__TUNNEL_ATTR_MAX]; 3878 3879 blobmsg_parse(tunnel_attr_list.params, __TUNNEL_ATTR_MAX, tb, 3880 blob_data(attr), blob_len(attr)); 3881 3882 return __system_del_ip_tunnel(name, tb); 3883 } 3884 3885 int system_update_ipv6_mtu(struct device *dev, int mtu) 3886 { 3887 int ret = -1; 3888 char buf[64]; 3889 int fd; 3890 3891 fd = open(dev_sysctl_path("ipv6/conf", dev->ifname, "mtu"), O_RDWR); 3892 if (fd < 0) 3893 return ret; 3894 3895 if (!mtu) { 3896 ssize_t len = read(fd, buf, sizeof(buf) - 1); 3897 if (len < 0) 3898 goto out; 3899 3900 buf[len] = 0; 3901 ret = atoi(buf); 3902 } else { 3903 if (write(fd, buf, snprintf(buf, sizeof(buf), "%i", mtu)) > 0) 3904 ret = mtu; 3905 } 3906 3907 out: 3908 close(fd); 3909 return ret; 3910 } 3911 3912 int system_add_ip_tunnel(const char *name, struct blob_attr *attr) 3913 { 3914 struct blob_attr *tb[__TUNNEL_ATTR_MAX]; 3915 struct blob_attr *cur; 3916 const char *str; 3917 3918 blobmsg_parse(tunnel_attr_list.params, __TUNNEL_ATTR_MAX, tb, 3919 blob_data(attr), blob_len(attr)); 3920 3921 __system_del_ip_tunnel(name, tb); 3922 3923 if (!(cur = tb[TUNNEL_ATTR_TYPE])) 3924 return -EINVAL; 3925 str = blobmsg_data(cur); 3926 3927 unsigned int ttl = 0; 3928 if ((cur = tb[TUNNEL_ATTR_TTL])) { 3929 ttl = blobmsg_get_u32(cur); 3930 if (ttl > 255) 3931 return -EINVAL; 3932 } 3933 3934 unsigned int link = 0; 3935 if ((cur = tb[TUNNEL_ATTR_LINK])) { 3936 struct interface *iface = vlist_find(&interfaces, blobmsg_data(cur), iface, node); 3937 if (!iface) 3938 return -EINVAL; 3939 3940 if (iface->l3_dev.dev) 3941 link = iface->l3_dev.dev->ifindex; 3942 } 3943 3944 if (!strcmp(str, "sit")) 3945 return system_add_sit_tunnel(name, link, tb); 3946 #ifdef IFLA_IPTUN_MAX 3947 else if (!strcmp(str, "ipip6")) { 3948 return system_add_ip6_tunnel(name, link, tb); 3949 } else if (!strcmp(str, "greip")) { 3950 return system_add_gre_tunnel(name, "gre", link, tb, false); 3951 } else if (!strcmp(str, "gretapip")) { 3952 return system_add_gre_tunnel(name, "gretap", link, tb, false); 3953 } else if (!strcmp(str, "greip6")) { 3954 return system_add_gre_tunnel(name, "ip6gre", link, tb, true); 3955 } else if (!strcmp(str, "gretapip6")) { 3956 return system_add_gre_tunnel(name, "ip6gretap", link, tb, true); 3957 #ifdef IFLA_VTI_MAX 3958 } else if (!strcmp(str, "vtiip")) { 3959 return system_add_vti_tunnel(name, "vti", link, tb, false); 3960 } else if (!strcmp(str, "vtiip6")) { 3961 return system_add_vti_tunnel(name, "vti6", link, tb, true); 3962 #endif 3963 #ifdef IFLA_XFRM_MAX 3964 } else if (!strcmp(str, "xfrm")) { 3965 return system_add_xfrm_tunnel(name, "xfrm", link, tb); 3966 #endif 3967 #ifdef IFLA_VXLAN_MAX 3968 } else if(!strcmp(str, "vxlan")) { 3969 return system_add_vxlan(name, link, tb, false); 3970 } else if(!strcmp(str, "vxlan6")) { 3971 return system_add_vxlan(name, link, tb, true); 3972 #endif 3973 #endif 3974 } else if (!strcmp(str, "ipip")) { 3975 return system_add_proto_tunnel(name, IPPROTO_IPIP, link, tb); 3976 } 3977 else 3978 return -EINVAL; 3979 3980 return 0; 3981 } 3982
This page was automatically generated by LXR 0.3.1. • OpenWrt