1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <linux/if_infiniband.h>
4 #include <net/ethernet.h>
5 #include <net/if_arp.h>
6
7 #include "sd-device.h"
8 #include "sd-id128.h"
9
10 #include "dhcp-identifier.h"
11 #include "netif-util.h"
12 #include "siphash24.h"
13 #include "sparse-endian.h"
14 #include "stat-util.h"
15 #include "string-table.h"
16 #include "udev-util.h"
17
18 #define HASH_KEY SD_ID128_MAKE(80,11,8c,c2,fe,4a,03,ee,3e,d6,0c,6f,36,39,14,09)
19 #define APPLICATION_ID SD_ID128_MAKE(a5,0a,d1,12,bf,60,45,77,a2,fb,74,1a,b1,95,5b,03)
20 #define USEC_2000 ((usec_t) 946684800000000) /* 2000-01-01 00:00:00 UTC */
21
22 static const char * const duid_type_table[_DUID_TYPE_MAX] = {
23 [DUID_TYPE_LLT] = "DUID-LLT",
24 [DUID_TYPE_EN] = "DUID-EN/Vendor",
25 [DUID_TYPE_LL] = "DUID-LL",
26 [DUID_TYPE_UUID] = "UUID",
27 };
28
29 DEFINE_STRING_TABLE_LOOKUP_TO_STRING(duid_type, DUIDType);
30
dhcp_validate_duid_len(DUIDType duid_type,size_t duid_len,bool strict)31 int dhcp_validate_duid_len(DUIDType duid_type, size_t duid_len, bool strict) {
32 struct duid d;
33
34 assert_cc(sizeof(d.raw) >= MAX_DUID_LEN);
35 if (duid_len > MAX_DUID_LEN)
36 return -EINVAL;
37
38 if (!strict)
39 /* Strict validation is not requested. We only ensure that the
40 * DUID is not too long. */
41 return 0;
42
43 switch (duid_type) {
44 case DUID_TYPE_LLT:
45 if (duid_len <= sizeof(d.llt))
46 return -EINVAL;
47 break;
48 case DUID_TYPE_EN:
49 if (duid_len != sizeof(d.en))
50 return -EINVAL;
51 break;
52 case DUID_TYPE_LL:
53 if (duid_len <= sizeof(d.ll))
54 return -EINVAL;
55 break;
56 case DUID_TYPE_UUID:
57 if (duid_len != sizeof(d.uuid))
58 return -EINVAL;
59 break;
60 default:
61 /* accept unknown type in order to be forward compatible */
62 break;
63 }
64 return 0;
65 }
66
dhcp_identifier_set_duid_llt(const uint8_t * addr,size_t addr_len,uint16_t arp_type,usec_t t,struct duid * ret_duid,size_t * ret_len)67 static int dhcp_identifier_set_duid_llt(const uint8_t *addr, size_t addr_len, uint16_t arp_type, usec_t t, struct duid *ret_duid, size_t *ret_len) {
68 uint16_t time_from_2000y;
69
70 assert(addr);
71 assert(ret_duid);
72 assert(ret_len);
73
74 if (addr_len == 0)
75 return -EOPNOTSUPP;
76
77 if (arp_type == ARPHRD_ETHER)
78 assert_return(addr_len == ETH_ALEN, -EINVAL);
79 else if (arp_type == ARPHRD_INFINIBAND)
80 assert_return(addr_len == INFINIBAND_ALEN, -EINVAL);
81 else
82 return -EOPNOTSUPP;
83
84 if (t < USEC_2000)
85 time_from_2000y = 0;
86 else
87 time_from_2000y = (uint16_t) (((t - USEC_2000) / USEC_PER_SEC) & 0xffffffff);
88
89 unaligned_write_be16(&ret_duid->type, DUID_TYPE_LLT);
90 unaligned_write_be16(&ret_duid->llt.htype, arp_type);
91 unaligned_write_be32(&ret_duid->llt.time, time_from_2000y);
92 memcpy(ret_duid->llt.haddr, addr, addr_len);
93
94 *ret_len = offsetof(struct duid, llt.haddr) + addr_len;
95
96 return 0;
97 }
98
dhcp_identifier_set_duid_ll(const uint8_t * addr,size_t addr_len,uint16_t arp_type,struct duid * ret_duid,size_t * ret_len)99 static int dhcp_identifier_set_duid_ll(const uint8_t *addr, size_t addr_len, uint16_t arp_type, struct duid *ret_duid, size_t *ret_len) {
100 assert(addr);
101 assert(ret_duid);
102 assert(ret_len);
103
104 if (addr_len == 0)
105 return -EOPNOTSUPP;
106
107 if (arp_type == ARPHRD_ETHER)
108 assert_return(addr_len == ETH_ALEN, -EINVAL);
109 else if (arp_type == ARPHRD_INFINIBAND)
110 assert_return(addr_len == INFINIBAND_ALEN, -EINVAL);
111 else
112 return -EOPNOTSUPP;
113
114 unaligned_write_be16(&ret_duid->type, DUID_TYPE_LL);
115 unaligned_write_be16(&ret_duid->ll.htype, arp_type);
116 memcpy(ret_duid->ll.haddr, addr, addr_len);
117
118 *ret_len = offsetof(struct duid, ll.haddr) + addr_len;
119
120 return 0;
121 }
122
dhcp_identifier_set_duid_en(bool test_mode,struct duid * ret_duid,size_t * ret_len)123 int dhcp_identifier_set_duid_en(bool test_mode, struct duid *ret_duid, size_t *ret_len) {
124 sd_id128_t machine_id;
125 uint64_t hash;
126 int r;
127
128 assert(ret_duid);
129 assert(ret_len);
130
131 if (!test_mode) {
132 r = sd_id128_get_machine(&machine_id);
133 if (r < 0)
134 return r;
135 } else
136 /* For tests, especially for fuzzers, reproducibility is important.
137 * Hence, use a static and constant machine ID.
138 * See 9216fddc5a8ac2742e6cfa7660f95c20ca4f2193. */
139 machine_id = SD_ID128_MAKE(01, 02, 03, 04, 05, 06, 07, 08, 09, 0a, 0b, 0c, 0d, 0e, 0f, 10);
140
141 unaligned_write_be16(&ret_duid->type, DUID_TYPE_EN);
142 unaligned_write_be32(&ret_duid->en.pen, SYSTEMD_PEN);
143
144 /* a bit of snake-oil perhaps, but no need to expose the machine-id
145 * directly; duid->en.id might not be aligned, so we need to copy */
146 hash = htole64(siphash24(&machine_id, sizeof(machine_id), HASH_KEY.bytes));
147 memcpy(ret_duid->en.id, &hash, sizeof(ret_duid->en.id));
148
149 *ret_len = offsetof(struct duid, en.id) + sizeof(ret_duid->en.id);
150
151 if (test_mode)
152 assert_se(memcmp(ret_duid, (const uint8_t[]) { 0x00, 0x02, 0x00, 0x00, 0xab, 0x11, 0x61, 0x77, 0x40, 0xde, 0x13, 0x42, 0xc3, 0xa2 }, *ret_len) == 0);
153
154 return 0;
155 }
156
dhcp_identifier_set_duid_uuid(struct duid * ret_duid,size_t * ret_len)157 static int dhcp_identifier_set_duid_uuid(struct duid *ret_duid, size_t *ret_len) {
158 sd_id128_t machine_id;
159 int r;
160
161 assert(ret_duid);
162 assert(ret_len);
163
164 r = sd_id128_get_machine_app_specific(APPLICATION_ID, &machine_id);
165 if (r < 0)
166 return r;
167
168 unaligned_write_be16(&ret_duid->type, DUID_TYPE_UUID);
169 memcpy(&ret_duid->uuid.uuid, &machine_id, sizeof(machine_id));
170
171 *ret_len = offsetof(struct duid, uuid.uuid) + sizeof(machine_id);
172
173 return 0;
174 }
175
dhcp_identifier_set_duid(DUIDType duid_type,const uint8_t * addr,size_t addr_len,uint16_t arp_type,usec_t llt_time,bool test_mode,struct duid * ret_duid,size_t * ret_len)176 int dhcp_identifier_set_duid(
177 DUIDType duid_type,
178 const uint8_t *addr,
179 size_t addr_len,
180 uint16_t arp_type,
181 usec_t llt_time,
182 bool test_mode,
183 struct duid *ret_duid,
184 size_t *ret_len) {
185
186 switch (duid_type) {
187 case DUID_TYPE_LLT:
188 return dhcp_identifier_set_duid_llt(addr, addr_len, arp_type, llt_time, ret_duid, ret_len);
189 case DUID_TYPE_EN:
190 return dhcp_identifier_set_duid_en(test_mode, ret_duid, ret_len);
191 case DUID_TYPE_LL:
192 return dhcp_identifier_set_duid_ll(addr, addr_len, arp_type, ret_duid, ret_len);
193 case DUID_TYPE_UUID:
194 return dhcp_identifier_set_duid_uuid(ret_duid, ret_len);
195 default:
196 return -EINVAL;
197 }
198 }
199
dhcp_identifier_set_iaid(int ifindex,const uint8_t * mac,size_t mac_len,bool legacy_unstable_byteorder,bool use_mac,void * ret)200 int dhcp_identifier_set_iaid(
201 int ifindex,
202 const uint8_t *mac,
203 size_t mac_len,
204 bool legacy_unstable_byteorder,
205 bool use_mac,
206 void *ret) {
207
208 /* name is a pointer to memory in the sd_device struct, so must
209 * have the same scope */
210 _cleanup_(sd_device_unrefp) sd_device *device = NULL;
211 const char *name = NULL;
212 uint32_t id32;
213 uint64_t id;
214 int r;
215
216 if (path_is_read_only_fs("/sys") <= 0 && !use_mac) {
217 /* udev should be around */
218
219 r = sd_device_new_from_ifindex(&device, ifindex);
220 if (r < 0)
221 return r;
222
223 r = sd_device_get_is_initialized(device);
224 if (r < 0)
225 return r;
226 if (r == 0)
227 /* not yet ready */
228 return -EBUSY;
229
230 r = device_is_renaming(device);
231 if (r < 0)
232 return r;
233 if (r > 0)
234 /* device is under renaming */
235 return -EBUSY;
236
237 name = net_get_persistent_name(device);
238 }
239
240 if (name)
241 id = siphash24(name, strlen(name), HASH_KEY.bytes);
242 else
243 /* fall back to MAC address if no predictable name available */
244 id = siphash24(mac, mac_len, HASH_KEY.bytes);
245
246 id32 = (id & 0xffffffff) ^ (id >> 32);
247
248 if (legacy_unstable_byteorder)
249 /* for historical reasons (a bug), the bits were swapped and thus
250 * the result was endianness dependent. Preserve that behavior. */
251 id32 = bswap_32(id32);
252 else
253 /* the fixed behavior returns a stable byte order. Since LE is expected
254 * to be more common, swap the bytes on LE to give the same as legacy
255 * behavior. */
256 id32 = be32toh(id32);
257
258 unaligned_write_ne32(ret, id32);
259 return 0;
260 }
261