1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <netinet/in.h>
4 #include <linux/if.h>
5 #include <linux/if_arp.h>
6 #include <linux/if_bridge.h>
7
8 #include "missing_network.h"
9 #include "netif-util.h"
10 #include "netlink-util.h"
11 #include "networkd-address.h"
12 #include "networkd-can.h"
13 #include "networkd-link.h"
14 #include "networkd-manager.h"
15 #include "networkd-queue.h"
16 #include "networkd-setlink.h"
17
get_link_default_handler(sd_netlink * rtnl,sd_netlink_message * m,Link * link)18 static int get_link_default_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
19 return link_getlink_handler_internal(rtnl, m, link, "Failed to sync link information");
20 }
21
get_link_master_handler(sd_netlink * rtnl,sd_netlink_message * m,Link * link)22 static int get_link_master_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
23 if (get_link_default_handler(rtnl, m, link) > 0)
24 link->master_set = true;
25 return 0;
26 }
27
get_link_update_flag_handler(sd_netlink * rtnl,sd_netlink_message * m,Link * link)28 static int get_link_update_flag_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
29 assert(link);
30 assert(link->set_flags_messages > 0);
31
32 link->set_flags_messages--;
33
34 return get_link_default_handler(rtnl, m, link);
35 }
36
set_link_handler_internal(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,bool ignore,link_netlink_message_handler_t get_link_handler)37 static int set_link_handler_internal(
38 sd_netlink *rtnl,
39 sd_netlink_message *m,
40 Request *req,
41 Link *link,
42 bool ignore,
43 link_netlink_message_handler_t get_link_handler) {
44
45 int r;
46
47 assert(m);
48 assert(req);
49 assert(link);
50
51 r = sd_netlink_message_get_errno(m);
52 if (r < 0) {
53 const char *error_msg;
54
55 error_msg = strjoina("Failed to set ", request_type_to_string(req->type), ignore ? ", ignoring" : "");
56 log_link_message_warning_errno(link, m, r, error_msg);
57
58 if (!ignore)
59 link_enter_failed(link);
60 return 0;
61 }
62
63 log_link_debug(link, "%s set.", request_type_to_string(req->type));
64
65 if (get_link_handler) {
66 r = link_call_getlink(link, get_link_handler);
67 if (r < 0) {
68 link_enter_failed(link);
69 return 0;
70 }
71 }
72
73 if (link->set_link_messages == 0)
74 link_check_ready(link);
75
76 return 1;
77 }
78
link_set_addrgen_mode_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)79 static int link_set_addrgen_mode_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
80 int r;
81
82 r = set_link_handler_internal(rtnl, m, req, link, /* ignore = */ true, NULL);
83 if (r <= 0)
84 return r;
85
86 r = link_drop_ipv6ll_addresses(link);
87 if (r < 0) {
88 log_link_warning_errno(link, r, "Failed to drop IPv6LL addresses: %m");
89 link_enter_failed(link);
90 }
91
92 return 0;
93 }
94
link_set_bond_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)95 static int link_set_bond_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
96 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ false, NULL);
97 }
98
link_set_bridge_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)99 static int link_set_bridge_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
100 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ true, NULL);
101 }
102
link_set_bridge_vlan_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)103 static int link_set_bridge_vlan_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
104 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ false, NULL);
105 }
106
link_set_can_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)107 static int link_set_can_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
108 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ false, NULL);
109 }
110
link_set_flags_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)111 static int link_set_flags_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
112 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ false, get_link_default_handler);
113 }
114
link_set_group_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)115 static int link_set_group_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
116 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ false, NULL);
117 }
118
link_set_ipoib_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)119 static int link_set_ipoib_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
120 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ true, NULL);
121 }
122
link_set_mac_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)123 static int link_set_mac_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
124 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ true, get_link_default_handler);
125 }
126
link_set_mac_allow_retry_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)127 static int link_set_mac_allow_retry_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
128 int r;
129
130 assert(m);
131 assert(link);
132
133 r = sd_netlink_message_get_errno(m);
134 if (r == -EBUSY) {
135 /* Most real network devices refuse to set its hardware address with -EBUSY when its
136 * operstate is not down. See, eth_prepare_mac_addr_change() in net/ethernet/eth.c
137 * of kernel. */
138
139 log_link_message_debug_errno(link, m, r, "Failed to set MAC address, retrying again: %m");
140
141 r = link_request_to_set_mac(link, /* allow_retry = */ false);
142 if (r < 0)
143 link_enter_failed(link);
144
145 return 0;
146 }
147
148 return link_set_mac_handler(rtnl, m, req, link, userdata);
149 }
150
link_set_master_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)151 static int link_set_master_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
152 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ false, get_link_master_handler);
153 }
154
link_unset_master_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)155 static int link_unset_master_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
156 /* Some devices do not support setting master ifindex. Let's ignore error on unsetting master ifindex. */
157 return set_link_handler_internal(rtnl, m, req, link, /* ignore = */ true, get_link_master_handler);
158 }
159
link_set_mtu_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)160 static int link_set_mtu_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
161 int r;
162
163 r = set_link_handler_internal(rtnl, m, req, link, /* ignore = */ true, get_link_default_handler);
164 if (r <= 0)
165 return r;
166
167 /* The kernel resets ipv6 mtu after changing device mtu;
168 * we must set this here, after we've set device mtu */
169 r = link_set_ipv6_mtu(link);
170 if (r < 0)
171 log_link_warning_errno(link, r, "Failed to set IPv6 MTU, ignoring: %m");
172
173 return 0;
174 }
175
link_configure_fill_message(Link * link,sd_netlink_message * req,RequestType type,void * userdata)176 static int link_configure_fill_message(
177 Link *link,
178 sd_netlink_message *req,
179 RequestType type,
180 void *userdata) {
181 int r;
182
183 switch (type) {
184 case REQUEST_TYPE_SET_LINK_ADDRESS_GENERATION_MODE:
185 r = ipv6ll_addrgen_mode_fill_message(req, PTR_TO_UINT8(userdata));
186 if (r < 0)
187 return r;
188 break;
189 case REQUEST_TYPE_SET_LINK_BOND:
190 r = sd_netlink_message_set_flags(req, NLM_F_REQUEST | NLM_F_ACK);
191 if (r < 0)
192 return r;
193
194 r = sd_netlink_message_open_container(req, IFLA_LINKINFO);
195 if (r < 0)
196 return r;
197
198 r = sd_netlink_message_open_container_union(req, IFLA_INFO_DATA, "bond");
199 if (r < 0)
200 return r;
201
202 if (link->network->active_slave) {
203 r = sd_netlink_message_append_u32(req, IFLA_BOND_ACTIVE_SLAVE, link->ifindex);
204 if (r < 0)
205 return r;
206 }
207
208 if (link->network->primary_slave) {
209 r = sd_netlink_message_append_u32(req, IFLA_BOND_PRIMARY, link->ifindex);
210 if (r < 0)
211 return r;
212 }
213
214 r = sd_netlink_message_close_container(req);
215 if (r < 0)
216 return r;
217
218 r = sd_netlink_message_close_container(req);
219 if (r < 0)
220 return r;
221
222 break;
223 case REQUEST_TYPE_SET_LINK_BRIDGE:
224 r = sd_rtnl_message_link_set_family(req, AF_BRIDGE);
225 if (r < 0)
226 return r;
227
228 r = sd_netlink_message_open_container(req, IFLA_PROTINFO);
229 if (r < 0)
230 return r;
231
232 if (link->network->use_bpdu >= 0) {
233 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_GUARD, link->network->use_bpdu);
234 if (r < 0)
235 return r;
236 }
237
238 if (link->network->hairpin >= 0) {
239 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MODE, link->network->hairpin);
240 if (r < 0)
241 return r;
242 }
243
244 if (link->network->isolated >= 0) {
245 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_ISOLATED, link->network->isolated);
246 if (r < 0)
247 return r;
248 }
249
250 if (link->network->fast_leave >= 0) {
251 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_FAST_LEAVE, link->network->fast_leave);
252 if (r < 0)
253 return r;
254 }
255
256 if (link->network->allow_port_to_be_root >= 0) {
257 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_PROTECT, link->network->allow_port_to_be_root);
258 if (r < 0)
259 return r;
260 }
261
262 if (link->network->unicast_flood >= 0) {
263 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_UNICAST_FLOOD, link->network->unicast_flood);
264 if (r < 0)
265 return r;
266 }
267
268 if (link->network->multicast_flood >= 0) {
269 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MCAST_FLOOD, link->network->multicast_flood);
270 if (r < 0)
271 return r;
272 }
273
274 if (link->network->multicast_to_unicast >= 0) {
275 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MCAST_TO_UCAST, link->network->multicast_to_unicast);
276 if (r < 0)
277 return r;
278 }
279
280 if (link->network->neighbor_suppression >= 0) {
281 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_NEIGH_SUPPRESS, link->network->neighbor_suppression);
282 if (r < 0)
283 return r;
284 }
285
286 if (link->network->learning >= 0) {
287 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_LEARNING, link->network->learning);
288 if (r < 0)
289 return r;
290 }
291
292 if (link->network->bridge_proxy_arp >= 0) {
293 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_PROXYARP, link->network->bridge_proxy_arp);
294 if (r < 0)
295 return r;
296 }
297
298 if (link->network->bridge_proxy_arp_wifi >= 0) {
299 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_PROXYARP_WIFI, link->network->bridge_proxy_arp_wifi);
300 if (r < 0)
301 return r;
302 }
303
304 if (link->network->cost != 0) {
305 r = sd_netlink_message_append_u32(req, IFLA_BRPORT_COST, link->network->cost);
306 if (r < 0)
307 return r;
308 }
309
310 if (link->network->priority != LINK_BRIDGE_PORT_PRIORITY_INVALID) {
311 r = sd_netlink_message_append_u16(req, IFLA_BRPORT_PRIORITY, link->network->priority);
312 if (r < 0)
313 return r;
314 }
315
316 if (link->network->multicast_router != _MULTICAST_ROUTER_INVALID) {
317 r = sd_netlink_message_append_u8(req, IFLA_BRPORT_MULTICAST_ROUTER, link->network->multicast_router);
318 if (r < 0)
319 return r;
320 }
321
322 r = sd_netlink_message_close_container(req);
323 if (r < 0)
324 return r;
325 break;
326 case REQUEST_TYPE_SET_LINK_BRIDGE_VLAN:
327 r = sd_rtnl_message_link_set_family(req, AF_BRIDGE);
328 if (r < 0)
329 return r;
330
331 r = sd_netlink_message_open_container(req, IFLA_AF_SPEC);
332 if (r < 0)
333 return r;
334
335 if (link->master_ifindex <= 0) {
336 /* master needs BRIDGE_FLAGS_SELF flag */
337 r = sd_netlink_message_append_u16(req, IFLA_BRIDGE_FLAGS, BRIDGE_FLAGS_SELF);
338 if (r < 0)
339 return r;
340 }
341
342 r = bridge_vlan_append_info(link, req, link->network->pvid, link->network->br_vid_bitmap, link->network->br_untagged_bitmap);
343 if (r < 0)
344 return r;
345
346 r = sd_netlink_message_close_container(req);
347 if (r < 0)
348 return r;
349
350 break;
351 case REQUEST_TYPE_SET_LINK_CAN:
352 r = can_set_netlink_message(link, req);
353 if (r < 0)
354 return r;
355 break;
356 case REQUEST_TYPE_SET_LINK_FLAGS: {
357 unsigned ifi_change = 0, ifi_flags = 0;
358
359 if (link->network->arp >= 0) {
360 ifi_change |= IFF_NOARP;
361 SET_FLAG(ifi_flags, IFF_NOARP, link->network->arp == 0);
362 }
363
364 if (link->network->multicast >= 0) {
365 ifi_change |= IFF_MULTICAST;
366 SET_FLAG(ifi_flags, IFF_MULTICAST, link->network->multicast);
367 }
368
369 if (link->network->allmulticast >= 0) {
370 ifi_change |= IFF_ALLMULTI;
371 SET_FLAG(ifi_flags, IFF_ALLMULTI, link->network->allmulticast);
372 }
373
374 if (link->network->promiscuous >= 0) {
375 ifi_change |= IFF_PROMISC;
376 SET_FLAG(ifi_flags, IFF_PROMISC, link->network->promiscuous);
377 }
378
379 r = sd_rtnl_message_link_set_flags(req, ifi_flags, ifi_change);
380 if (r < 0)
381 return r;
382
383 break;
384 }
385 case REQUEST_TYPE_SET_LINK_GROUP:
386 r = sd_netlink_message_append_u32(req, IFLA_GROUP, (uint32_t) link->network->group);
387 if (r < 0)
388 return r;
389 break;
390 case REQUEST_TYPE_SET_LINK_MAC:
391 r = netlink_message_append_hw_addr(req, IFLA_ADDRESS, &link->requested_hw_addr);
392 if (r < 0)
393 return r;
394 break;
395 case REQUEST_TYPE_SET_LINK_IPOIB:
396 r = ipoib_set_netlink_message(link, req);
397 if (r < 0)
398 return r;
399 break;
400 case REQUEST_TYPE_SET_LINK_MASTER:
401 r = sd_netlink_message_append_u32(req, IFLA_MASTER, PTR_TO_UINT32(userdata));
402 if (r < 0)
403 return r;
404 break;
405 case REQUEST_TYPE_SET_LINK_MTU:
406 r = sd_netlink_message_append_u32(req, IFLA_MTU, PTR_TO_UINT32(userdata));
407 if (r < 0)
408 return r;
409 break;
410 default:
411 assert_not_reached();
412 }
413
414 return 0;
415 }
416
link_configure(Link * link,Request * req)417 static int link_configure(Link *link, Request *req) {
418 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
419 int r;
420
421 assert(link);
422 assert(link->manager);
423 assert(req);
424
425 log_link_debug(link, "Setting %s", request_type_to_string(req->type));
426
427 if (req->type == REQUEST_TYPE_SET_LINK_BOND)
428 r = sd_rtnl_message_new_link(link->manager->rtnl, &m, RTM_NEWLINK, link->master_ifindex);
429 else if (IN_SET(req->type, REQUEST_TYPE_SET_LINK_CAN, REQUEST_TYPE_SET_LINK_IPOIB))
430 r = sd_rtnl_message_new_link(link->manager->rtnl, &m, RTM_NEWLINK, link->ifindex);
431 else
432 r = sd_rtnl_message_new_link(link->manager->rtnl, &m, RTM_SETLINK, link->ifindex);
433 if (r < 0)
434 return r;
435
436 r = link_configure_fill_message(link, m, req->type, req->userdata);
437 if (r < 0)
438 return r;
439
440 return request_call_netlink_async(link->manager->rtnl, m, req);
441 }
442
netdev_is_ready(NetDev * netdev)443 static bool netdev_is_ready(NetDev *netdev) {
444 assert(netdev);
445
446 if (netdev->state != NETDEV_STATE_READY)
447 return false;
448 if (netdev->ifindex == 0)
449 return false;
450
451 return true;
452 }
453
link_is_ready_to_set_link(Link * link,Request * req)454 static int link_is_ready_to_set_link(Link *link, Request *req) {
455 int r;
456
457 assert(link);
458 assert(link->manager);
459 assert(link->network);
460 assert(req);
461
462 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
463 return false;
464
465 switch (req->type) {
466 case REQUEST_TYPE_SET_LINK_BOND:
467 case REQUEST_TYPE_SET_LINK_BRIDGE:
468 if (!link->master_set)
469 return false;
470
471 if (link->network->keep_master && link->master_ifindex <= 0)
472 return false;
473 break;
474
475 case REQUEST_TYPE_SET_LINK_BRIDGE_VLAN:
476 if (!link->master_set)
477 return false;
478
479 if (link->network->keep_master && link->master_ifindex <= 0 && !streq_ptr(link->kind, "bridge"))
480 return false;
481
482 break;
483
484 case REQUEST_TYPE_SET_LINK_CAN:
485 /* Do not check link->set_flgas_messages here, as it is ok even if link->flags
486 * is outdated, and checking the counter causes a deadlock. */
487 if (FLAGS_SET(link->flags, IFF_UP)) {
488 /* The CAN interface must be down to configure bitrate, etc... */
489 r = link_down_now(link);
490 if (r < 0)
491 return r;
492 }
493 break;
494
495 case REQUEST_TYPE_SET_LINK_MAC:
496 if (req->netlink_handler == link_set_mac_handler) {
497 /* This is the second attempt to set hardware address. On the first attempt
498 * req->netlink_handler points to link_set_mac_allow_retry_handler().
499 * The first attempt failed as the interface was up. */
500 r = link_down_now(link);
501 if (r < 0)
502 return r;
503 }
504 break;
505
506 case REQUEST_TYPE_SET_LINK_MASTER: {
507 uint32_t m = 0;
508 Request req_mac = {
509 .link = link,
510 .type = REQUEST_TYPE_SET_LINK_MAC,
511 };
512
513 if (link->network->batadv) {
514 if (!netdev_is_ready(link->network->batadv))
515 return false;
516 m = link->network->batadv->ifindex;
517 } else if (link->network->bond) {
518 if (ordered_set_contains(link->manager->request_queue, &req_mac))
519 return false;
520 if (!netdev_is_ready(link->network->bond))
521 return false;
522 m = link->network->bond->ifindex;
523
524 /* Do not check link->set_flgas_messages here, as it is ok even if link->flags
525 * is outdated, and checking the counter causes a deadlock. */
526 if (FLAGS_SET(link->flags, IFF_UP)) {
527 /* link must be down when joining to bond master. */
528 r = link_down_now(link);
529 if (r < 0)
530 return r;
531 }
532 } else if (link->network->bridge) {
533 if (ordered_set_contains(link->manager->request_queue, &req_mac))
534 return false;
535 if (!netdev_is_ready(link->network->bridge))
536 return false;
537 m = link->network->bridge->ifindex;
538 } else if (link->network->vrf) {
539 if (!netdev_is_ready(link->network->vrf))
540 return false;
541 m = link->network->vrf->ifindex;
542 }
543
544 req->userdata = UINT32_TO_PTR(m);
545 break;
546 }
547 case REQUEST_TYPE_SET_LINK_MTU: {
548 Request req_ipoib = {
549 .link = link,
550 .type = REQUEST_TYPE_SET_LINK_IPOIB,
551 };
552
553 return !ordered_set_contains(link->manager->request_queue, &req_ipoib);
554 }
555 default:
556 break;
557 }
558
559 return true;
560 }
561
link_process_set_link(Request * req,Link * link,void * userdata)562 static int link_process_set_link(Request *req, Link *link, void *userdata) {
563 int r;
564
565 assert(req);
566 assert(link);
567
568 r = link_is_ready_to_set_link(link, req);
569 if (r <= 0)
570 return r;
571
572 r = link_configure(link, req);
573 if (r < 0)
574 return log_link_warning_errno(link, r, "Failed to set %s", request_type_to_string(req->type));
575
576 return 1;
577 }
578
link_request_set_link(Link * link,RequestType type,request_netlink_handler_t netlink_handler,Request ** ret)579 static int link_request_set_link(
580 Link *link,
581 RequestType type,
582 request_netlink_handler_t netlink_handler,
583 Request **ret) {
584
585 Request *req;
586 int r;
587
588 assert(link);
589
590 r = link_queue_request_full(link, type, NULL, NULL, NULL, NULL,
591 link_process_set_link,
592 &link->set_link_messages,
593 netlink_handler,
594 &req);
595 if (r < 0)
596 return log_link_warning_errno(link, r, "Failed to request to set %s: %m",
597 request_type_to_string(type));
598
599 log_link_debug(link, "Requested to set %s", request_type_to_string(type));
600
601 if (ret)
602 *ret = req;
603 return 0;
604 }
605
link_request_to_set_addrgen_mode(Link * link)606 int link_request_to_set_addrgen_mode(Link *link) {
607 IPv6LinkLocalAddressGenMode mode;
608 Request *req;
609 int r;
610
611 assert(link);
612 assert(link->network);
613
614 if (!socket_ipv6_is_supported())
615 return 0;
616
617 mode = link_get_ipv6ll_addrgen_mode(link);
618
619 if (mode == link->ipv6ll_address_gen_mode)
620 return 0;
621
622 /* If the link is already up, then changing the mode by netlink does not take effect until the
623 * link goes down. Hence, we need to reset the interface. However, setting the mode by sysctl
624 * does not need that. Let's use the sysctl interface when the link is already up.
625 * See also issue #22424. */
626 if (mode != IPV6_LINK_LOCAL_ADDRESSS_GEN_MODE_NONE &&
627 FLAGS_SET(link->flags, IFF_UP)) {
628 r = link_set_ipv6ll_addrgen_mode(link, mode);
629 if (r < 0)
630 log_link_warning_errno(link, r, "Cannot set IPv6 address generation mode, ignoring: %m");
631
632 return 0;
633 }
634
635 r = link_request_set_link(link, REQUEST_TYPE_SET_LINK_ADDRESS_GENERATION_MODE,
636 link_set_addrgen_mode_handler,
637 &req);
638 if (r < 0)
639 return r;
640
641 req->userdata = UINT8_TO_PTR(mode);
642 return 0;
643 }
644
link_request_to_set_bond(Link * link)645 int link_request_to_set_bond(Link *link) {
646 assert(link);
647 assert(link->network);
648
649 if (!link->network->bond) {
650 Link *master;
651
652 if (!link->network->keep_master)
653 return 0;
654
655 if (link_get_master(link, &master) < 0)
656 return 0;
657
658 if (!streq_ptr(master->kind, "bond"))
659 return 0;
660 }
661
662 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_BOND,
663 link_set_bond_handler, NULL);
664 }
665
link_request_to_set_bridge(Link * link)666 int link_request_to_set_bridge(Link *link) {
667 assert(link);
668 assert(link->network);
669
670 if (!link->network->bridge) {
671 Link *master;
672
673 if (!link->network->keep_master)
674 return 0;
675
676 if (link_get_master(link, &master) < 0)
677 return 0;
678
679 if (!streq_ptr(master->kind, "bridge"))
680 return 0;
681 }
682
683 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_BRIDGE,
684 link_set_bridge_handler,
685 NULL);
686 }
687
link_request_to_set_bridge_vlan(Link * link)688 int link_request_to_set_bridge_vlan(Link *link) {
689 assert(link);
690 assert(link->network);
691
692 if (!link->network->use_br_vlan)
693 return 0;
694
695 if (!link->network->bridge && !streq_ptr(link->kind, "bridge")) {
696 Link *master;
697
698 if (!link->network->keep_master)
699 return 0;
700
701 if (link_get_master(link, &master) < 0)
702 return 0;
703
704 if (!streq_ptr(master->kind, "bridge"))
705 return 0;
706 }
707
708 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_BRIDGE_VLAN,
709 link_set_bridge_vlan_handler,
710 NULL);
711 }
712
link_request_to_set_can(Link * link)713 int link_request_to_set_can(Link *link) {
714 assert(link);
715 assert(link->network);
716
717 if (link->iftype != ARPHRD_CAN)
718 return 0;
719
720 if (!streq_ptr(link->kind, "can"))
721 return 0;
722
723 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_CAN,
724 link_set_can_handler,
725 NULL);
726 }
727
link_request_to_set_flags(Link * link)728 int link_request_to_set_flags(Link *link) {
729 assert(link);
730 assert(link->network);
731
732 if (link->network->arp < 0 &&
733 link->network->multicast < 0 &&
734 link->network->allmulticast < 0 &&
735 link->network->promiscuous < 0)
736 return 0;
737
738 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_FLAGS,
739 link_set_flags_handler,
740 NULL);
741 }
742
link_request_to_set_group(Link * link)743 int link_request_to_set_group(Link *link) {
744 assert(link);
745 assert(link->network);
746
747 if (link->network->group < 0)
748 return 0;
749
750 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_GROUP,
751 link_set_group_handler,
752 NULL);
753 }
754
link_request_to_set_mac(Link * link,bool allow_retry)755 int link_request_to_set_mac(Link *link, bool allow_retry) {
756 int r;
757
758 assert(link);
759 assert(link->network);
760
761 if (link->network->hw_addr.length == 0)
762 return 0;
763
764 link->requested_hw_addr = link->network->hw_addr;
765 r = net_verify_hardware_address(link->ifname, /* is_static = */ true,
766 link->iftype, &link->hw_addr, &link->requested_hw_addr);
767 if (r < 0)
768 return r;
769
770 if (hw_addr_equal(&link->hw_addr, &link->requested_hw_addr))
771 return 0;
772
773 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_MAC,
774 allow_retry ? link_set_mac_allow_retry_handler : link_set_mac_handler,
775 NULL);
776 }
777
link_request_to_set_ipoib(Link * link)778 int link_request_to_set_ipoib(Link *link) {
779 assert(link);
780 assert(link->network);
781
782 if (link->iftype != ARPHRD_INFINIBAND)
783 return 0;
784
785 if (link->network->ipoib_mode < 0 &&
786 link->network->ipoib_umcast < 0)
787 return 0;
788
789 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_IPOIB,
790 link_set_ipoib_handler,
791 NULL);
792 }
793
link_request_to_set_master(Link * link)794 int link_request_to_set_master(Link *link) {
795 assert(link);
796 assert(link->network);
797
798 if (link->network->keep_master) {
799 link->master_set = true;
800 return 0;
801 }
802
803 link->master_set = false;
804
805 if (link->network->batadv || link->network->bond || link->network->bridge || link->network->vrf)
806 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_MASTER,
807 link_set_master_handler,
808 NULL);
809 else
810 return link_request_set_link(link, REQUEST_TYPE_SET_LINK_MASTER,
811 link_unset_master_handler,
812 NULL);
813 }
814
link_request_to_set_mtu(Link * link,uint32_t mtu)815 int link_request_to_set_mtu(Link *link, uint32_t mtu) {
816 const char *origin;
817 uint32_t min_mtu;
818 Request *req;
819 int r;
820
821 assert(link);
822 assert(link->network);
823
824 min_mtu = link->min_mtu;
825 origin = "the minimum MTU of the interface";
826 if (link_ipv6_enabled(link)) {
827 /* IPv6 protocol requires a minimum MTU of IPV6_MTU_MIN(1280) bytes on the interface. Bump up
828 * MTU bytes to IPV6_MTU_MIN. */
829 if (min_mtu < IPV6_MIN_MTU) {
830 min_mtu = IPV6_MIN_MTU;
831 origin = "the minimum IPv6 MTU";
832 }
833 if (min_mtu < link->network->ipv6_mtu) {
834 min_mtu = link->network->ipv6_mtu;
835 origin = "the requested IPv6 MTU in IPv6MTUBytes=";
836 }
837 }
838
839 if (mtu < min_mtu) {
840 log_link_warning(link, "Bumping the requested MTU %"PRIu32" to %s (%"PRIu32")",
841 mtu, origin, min_mtu);
842 mtu = min_mtu;
843 }
844
845 if (mtu > link->max_mtu) {
846 log_link_warning(link, "Reducing the requested MTU %"PRIu32" to the interface's maximum MTU %"PRIu32".",
847 mtu, link->max_mtu);
848 mtu = link->max_mtu;
849 }
850
851 if (link->mtu == mtu)
852 return 0;
853
854 r = link_request_set_link(link, REQUEST_TYPE_SET_LINK_MTU,
855 link_set_mtu_handler,
856 &req);
857 if (r < 0)
858 return r;
859
860 req->userdata = UINT32_TO_PTR(mtu);
861 return 0;
862 }
863
link_reduces_vlan_mtu(Link * link)864 static bool link_reduces_vlan_mtu(Link *link) {
865 /* See netif_reduces_vlan_mtu() in kernel. */
866 return streq_ptr(link->kind, "macsec");
867 }
868
link_get_requested_mtu_by_stacked_netdevs(Link * link)869 static uint32_t link_get_requested_mtu_by_stacked_netdevs(Link *link) {
870 uint32_t mtu = 0;
871 NetDev *dev;
872
873 HASHMAP_FOREACH(dev, link->network->stacked_netdevs)
874 if (dev->kind == NETDEV_KIND_VLAN && dev->mtu > 0)
875 /* See vlan_dev_change_mtu() in kernel. */
876 mtu = MAX(mtu, link_reduces_vlan_mtu(link) ? dev->mtu + 4 : dev->mtu);
877
878 else if (dev->kind == NETDEV_KIND_MACVLAN && dev->mtu > mtu)
879 /* See macvlan_change_mtu() in kernel. */
880 mtu = dev->mtu;
881
882 return mtu;
883 }
884
link_configure_mtu(Link * link)885 int link_configure_mtu(Link *link) {
886 uint32_t mtu;
887
888 assert(link);
889 assert(link->network);
890
891 if (link->network->mtu > 0)
892 return link_request_to_set_mtu(link, link->network->mtu);
893
894 mtu = link_get_requested_mtu_by_stacked_netdevs(link);
895 if (link->mtu >= mtu)
896 return 0;
897
898 log_link_notice(link, "Bumping MTU bytes from %"PRIu32" to %"PRIu32" because of stacked device. "
899 "If it is not desired, then please explicitly specify MTUBytes= setting.",
900 link->mtu, mtu);
901
902 return link_request_to_set_mtu(link, mtu);
903 }
904
link_up_dsa_slave(Link * link)905 static int link_up_dsa_slave(Link *link) {
906 Link *master;
907 int r;
908
909 assert(link);
910
911 /* For older kernels (specifically, older than 9d5ef190e5615a7b63af89f88c4106a5bc127974, kernel-5.12),
912 * it is necessary to bring up a DSA slave that its master interface is already up. And bringing up
913 * the slave fails with -ENETDOWN. So, let's bring up the master even if it is not managed by us,
914 * and try to bring up the slave after the master becomes up. */
915
916 if (link->dsa_master_ifindex <= 0)
917 return 0;
918
919 if (!streq_ptr(link->driver, "dsa"))
920 return 0;
921
922 if (link_get_by_index(link->manager, link->dsa_master_ifindex, &master) < 0)
923 return 0;
924
925 if (master->state == LINK_STATE_UNMANAGED) {
926 /* If the DSA master interface is unmanaged, then it will never become up.
927 * Let's request to bring up the master. */
928 r = link_request_to_bring_up_or_down(master, /* up = */ true);
929 if (r < 0)
930 return r;
931 }
932
933 r = link_request_to_bring_up_or_down(link, /* up = */ true);
934 if (r < 0)
935 return r;
936
937 return 1;
938 }
939
link_up_or_down_handler(sd_netlink * rtnl,sd_netlink_message * m,Request * req,Link * link,void * userdata)940 static int link_up_or_down_handler(sd_netlink *rtnl, sd_netlink_message *m, Request *req, Link *link, void *userdata) {
941 bool on_activate, up;
942 int r;
943
944 assert(m);
945 assert(req);
946 assert(link);
947
948 on_activate = req->type == REQUEST_TYPE_ACTIVATE_LINK;
949 up = PTR_TO_INT(req->userdata);
950
951 r = sd_netlink_message_get_errno(m);
952 if (r == -ENETDOWN && up && link_up_dsa_slave(link) > 0)
953 log_link_message_debug_errno(link, m, r, "Could not bring up dsa slave, retrying again after dsa master becomes up");
954 else if (r < 0) {
955 const char *error_msg;
956
957 error_msg = up ?
958 (on_activate ? "Could not bring up interface" : "Could not bring up interface, ignoring") :
959 (on_activate ? "Could not bring down interface" : "Could not bring down interface, ignoring");
960
961 log_link_message_warning_errno(link, m, r, error_msg);
962 if (on_activate)
963 return 0;
964 }
965
966 r = link_call_getlink(link, get_link_update_flag_handler);
967 if (r < 0) {
968 link_enter_failed(link);
969 return 0;
970 }
971
972 link->set_flags_messages++;
973
974 if (on_activate) {
975 link->activated = true;
976 link_check_ready(link);
977 }
978
979 return 0;
980 }
981
up_or_down(bool up)982 static const char *up_or_down(bool up) {
983 return up ? "up" : "down";
984 }
985
link_up_or_down(Link * link,bool up,Request * req)986 static int link_up_or_down(Link *link, bool up, Request *req) {
987 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL;
988 int r;
989
990 assert(link);
991 assert(link->manager);
992 assert(link->manager->rtnl);
993 assert(req);
994
995 log_link_debug(link, "Bringing link %s", up_or_down(up));
996
997 r = sd_rtnl_message_new_link(link->manager->rtnl, &m, RTM_SETLINK, link->ifindex);
998 if (r < 0)
999 return r;
1000
1001 r = sd_rtnl_message_link_set_flags(m, up ? IFF_UP : 0, IFF_UP);
1002 if (r < 0)
1003 return r;
1004
1005 return request_call_netlink_async(link->manager->rtnl, m, req);
1006 }
1007
link_is_ready_to_activate(Link * link)1008 static bool link_is_ready_to_activate(Link *link) {
1009 assert(link);
1010
1011 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
1012 return false;
1013
1014 if (link->set_link_messages > 0)
1015 return false;
1016
1017 return true;
1018 }
1019
link_process_activation(Request * req,Link * link,void * userdata)1020 static int link_process_activation(Request *req, Link *link, void *userdata) {
1021 bool up = PTR_TO_INT(userdata);
1022 int r;
1023
1024 assert(req);
1025 assert(link);
1026
1027 if (!link_is_ready_to_activate(link))
1028 return 0;
1029
1030 r = link_up_or_down(link, up, req);
1031 if (r < 0)
1032 return log_link_warning_errno(link, r, "Failed to activate link: %m");
1033
1034 return 1;
1035 }
1036
link_request_to_activate(Link * link)1037 int link_request_to_activate(Link *link) {
1038 bool up;
1039 int r;
1040
1041 assert(link);
1042 assert(link->network);
1043
1044 switch (link->network->activation_policy) {
1045 case ACTIVATION_POLICY_BOUND:
1046 r = link_handle_bound_to_list(link);
1047 if (r < 0)
1048 return r;
1049 _fallthrough_;
1050 case ACTIVATION_POLICY_MANUAL:
1051 link->activated = true;
1052 link_check_ready(link);
1053 return 0;
1054 case ACTIVATION_POLICY_UP:
1055 case ACTIVATION_POLICY_ALWAYS_UP:
1056 up = true;
1057 break;
1058 case ACTIVATION_POLICY_DOWN:
1059 case ACTIVATION_POLICY_ALWAYS_DOWN:
1060 up = false;
1061 break;
1062 default:
1063 assert_not_reached();
1064 }
1065
1066 link->activated = false;
1067
1068 r = link_queue_request_full(link, REQUEST_TYPE_ACTIVATE_LINK,
1069 INT_TO_PTR(up), NULL, NULL, NULL,
1070 link_process_activation,
1071 &link->set_flags_messages,
1072 link_up_or_down_handler, NULL);
1073 if (r < 0)
1074 return log_link_error_errno(link, r, "Failed to request to activate link: %m");
1075
1076 log_link_debug(link, "Requested to activate link");
1077 return 0;
1078 }
1079
link_is_ready_to_bring_up_or_down(Link * link,bool up)1080 static bool link_is_ready_to_bring_up_or_down(Link *link, bool up) {
1081 assert(link);
1082
1083 if (up && link->dsa_master_ifindex > 0) {
1084 Link *master;
1085
1086 /* The master interface must be up. See comments in link_up_dsa_slave(). */
1087
1088 if (link_get_by_index(link->manager, link->dsa_master_ifindex, &master) < 0)
1089 return false;
1090
1091 if (!FLAGS_SET(master->flags, IFF_UP))
1092 return false;
1093 }
1094
1095 if (link->state == LINK_STATE_UNMANAGED)
1096 return true;
1097
1098 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
1099 return false;
1100
1101 if (link->set_link_messages > 0)
1102 return false;
1103
1104 if (!link->activated)
1105 return false;
1106
1107 return true;
1108 }
1109
link_process_up_or_down(Request * req,Link * link,void * userdata)1110 static int link_process_up_or_down(Request *req, Link *link, void *userdata) {
1111 bool up = PTR_TO_INT(userdata);
1112 int r;
1113
1114 assert(req);
1115 assert(link);
1116
1117 if (!link_is_ready_to_bring_up_or_down(link, up))
1118 return 0;
1119
1120 r = link_up_or_down(link, up, req);
1121 if (r < 0)
1122 return log_link_warning_errno(link, r, "Failed to bring link %s: %m", up_or_down(up));
1123
1124 return 1;
1125 }
1126
link_request_to_bring_up_or_down(Link * link,bool up)1127 int link_request_to_bring_up_or_down(Link *link, bool up) {
1128 int r;
1129
1130 assert(link);
1131
1132 r = link_queue_request_full(link, REQUEST_TYPE_UP_DOWN,
1133 INT_TO_PTR(up), NULL, NULL, NULL,
1134 link_process_up_or_down,
1135 &link->set_flags_messages,
1136 link_up_or_down_handler, NULL);
1137 if (r < 0)
1138 return log_link_warning_errno(link, r, "Failed to request to bring link %s: %m",
1139 up_or_down(up));
1140
1141 log_link_debug(link, "Requested to bring link %s", up_or_down(up));
1142 return 0;
1143 }
1144
link_down_now_handler(sd_netlink * rtnl,sd_netlink_message * m,Link * link)1145 static int link_down_now_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1146 int r;
1147
1148 assert(m);
1149 assert(link);
1150 assert(link->set_flags_messages > 0);
1151
1152 link->set_flags_messages--;
1153
1154 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1155 return 0;
1156
1157 r = sd_netlink_message_get_errno(m);
1158 if (r < 0)
1159 log_link_message_warning_errno(link, m, r, "Could not bring down interface, ignoring");
1160
1161 r = link_call_getlink(link, get_link_update_flag_handler);
1162 if (r < 0) {
1163 link_enter_failed(link);
1164 return 0;
1165 }
1166
1167 link->set_flags_messages++;
1168 return 0;
1169 }
1170
link_down_now(Link * link)1171 int link_down_now(Link *link) {
1172 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1173 int r;
1174
1175 assert(link);
1176 assert(link->manager);
1177 assert(link->manager->rtnl);
1178
1179 log_link_debug(link, "Bringing link down");
1180
1181 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex);
1182 if (r < 0)
1183 return log_link_warning_errno(link, r, "Could not allocate RTM_SETLINK message: %m");
1184
1185 r = sd_rtnl_message_link_set_flags(req, 0, IFF_UP);
1186 if (r < 0)
1187 return log_link_warning_errno(link, r, "Could not set link flags: %m");
1188
1189 r = netlink_call_async(link->manager->rtnl, NULL, req, link_down_now_handler,
1190 link_netlink_destroy_callback, link);
1191 if (r < 0)
1192 return log_link_warning_errno(link, r, "Could not send rtnetlink message: %m");
1193
1194 link->set_flags_messages++;
1195 link_ref(link);
1196 return 0;
1197 }
1198
link_remove_handler(sd_netlink * rtnl,sd_netlink_message * m,Link * link)1199 static int link_remove_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
1200 int r;
1201
1202 assert(m);
1203 assert(link);
1204
1205 if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
1206 return 0;
1207
1208 r = sd_netlink_message_get_errno(m);
1209 if (r < 0)
1210 log_link_message_warning_errno(link, m, r, "Could not remove interface, ignoring");
1211
1212 return 0;
1213 }
1214
link_remove(Link * link)1215 int link_remove(Link *link) {
1216 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
1217 int r;
1218
1219 assert(link);
1220 assert(link->manager);
1221 assert(link->manager->rtnl);
1222
1223 log_link_debug(link, "Removing link.");
1224
1225 r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_DELLINK, link->ifindex);
1226 if (r < 0)
1227 return log_link_debug_errno(link, r, "Could not allocate RTM_DELLINK message: %m");
1228
1229 r = netlink_call_async(link->manager->rtnl, NULL, req, link_remove_handler,
1230 link_netlink_destroy_callback, link);
1231 if (r < 0)
1232 return log_link_debug_errno(link, r, "Could not send rtnetlink message: %m");
1233
1234 link_ref(link);
1235
1236 return 0;
1237 }
1238