1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3 * Linux interface driver for dhcpcd
4 * Copyright (c) 2006-2021 Roy Marples <roy@marples.name>
5 * All rights reserved
6
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <asm/types.h> /* Needed for 2.4 kernels */
30
31 #include <sys/types.h>
32 #include <sys/ioctl.h>
33 #include <sys/socket.h>
34 #include <sys/param.h>
35 #include <sys/stat.h>
36
37 #include <linux/icmpv6.h>
38 #include <linux/if_addr.h>
39 #include <linux/if_link.h>
40 #include <linux/if_packet.h>
41 #include <linux/if_tun.h>
42 #include <linux/if_vlan.h>
43 #include <linux/filter.h>
44 #include <linux/netlink.h>
45 #include <linux/sockios.h>
46 #include <linux/rtnetlink.h>
47
48 #include <arpa/inet.h>
49 #include <net/if.h>
50 #include <netinet/in_systm.h>
51 #include <netinet/in.h>
52 #include <net/route.h>
53
54 /* musl has its own definition of struct ethhdr, so only include
55 * netinet/if_ether.h on systems with GLIBC. For the ARPHRD constants,
56 * we must include linux/if_arp.h instead. */
57 #if defined(__GLIBC__)
58 #include <netinet/if_ether.h>
59 #else
60 #include <linux/if_arp.h>
61 #endif
62
63 #include <dirent.h>
64 #include <errno.h>
65 #include <fcntl.h>
66 #include <ctype.h>
67 #include <stdbool.h>
68 #include <stddef.h>
69 #include <stdio.h>
70 #include <stdlib.h>
71 #include <string.h>
72 #include <time.h>
73 #include <unistd.h>
74
75 #include "config.h"
76 #include "bpf.h"
77 #include "common.h"
78 #include "dev.h"
79 #include "dhcp.h"
80 #include "if.h"
81 #include "ipv4.h"
82 #include "ipv4ll.h"
83 #include "ipv6.h"
84 #include "ipv6nd.h"
85 #include "logerr.h"
86 #include "privsep.h"
87 #include "route.h"
88 #include "sa.h"
89
90 #ifdef HAVE_NL80211_H
91 #include <linux/genetlink.h>
92 #include <linux/nl80211.h>
93 #else
94 int if_getssid_wext(const char *ifname, uint8_t *ssid);
95 #endif
96
97 /* Support older kernels */
98 #ifndef IFLA_WIRELESS
99 #define IFLA_WIRELESS (IFLA_MASTER + 1)
100 #endif
101
102 /* For some reason, glibc doesn't include newer flags from linux/if.h
103 * However, we cannot include linux/if.h directly as it conflicts
104 * with the glibc version. D'oh! */
105 #ifndef IFF_LOWER_UP
106 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
107 #endif
108
109 /* Buggy CentOS and RedHat */
110 #ifndef SOL_NETLINK
111 #define SOL_NETLINK 270
112 #endif
113
114 /*
115 * Someone should fix kernel headers for clang alignment warnings.
116 * But this is unlikely.
117 * https://www.spinics.net/lists/netdev/msg646934.html
118 */
119
120 #undef NLA_ALIGNTO
121 #undef NLA_ALIGN
122 #undef NLA_HDRLEN
123 #define NLA_ALIGNTO 4U
124 #define NLA_ALIGN(len) (((len) + NLA_ALIGNTO - 1) & ~(NLA_ALIGNTO - 1))
125 #define NLA_HDRLEN ((int) NLA_ALIGN(sizeof(struct nlattr)))
126
127 #undef IFA_RTA
128 #define IFA_RTA(r) ((struct rtattr *)(void *)(((char *)(r)) \
129 + NLMSG_ALIGN(sizeof(struct ifaddrmsg))))
130 #undef IFLA_RTA
131 #define IFLA_RTA(r) ((struct rtattr *)(void *)(((char *)(r)) \
132 + NLMSG_ALIGN(sizeof(struct ifinfomsg))))
133 #undef NLMSG_NEXT
134 #define NLMSG_NEXT(nlh, len) ((len) -= NLMSG_ALIGN((nlh)->nlmsg_len), \
135 (struct nlmsghdr *)(void *)(((char *)(nlh)) \
136 + NLMSG_ALIGN((nlh)->nlmsg_len)))
137 #undef RTM_RTA
138 #define RTM_RTA(r) (void *)(((char *)(r)) + NLMSG_ALIGN(sizeof(struct rtmsg)))
139 #undef RTA_NEXT
140 #define RTA_NEXT(rta, attrlen) ((attrlen) -= RTA_ALIGN((rta)->rta_len), \
141 (struct rtattr *)(void *)(((char *)(rta)) \
142 + RTA_ALIGN((rta)->rta_len)))
143
144 struct priv {
145 int route_fd;
146 int generic_fd;
147 uint32_t route_pid;
148 };
149
150 /* We need this to send a broadcast for InfiniBand.
151 * Our old code used sendto, but our new code writes to a raw BPF socket.
152 * What header structure does IPoIB use? */
153 #if 0
154 /* Broadcast address for IPoIB */
155 static const uint8_t ipv4_bcast_addr[] = {
156 0x00, 0xff, 0xff, 0xff,
157 0xff, 0x12, 0x40, 0x1b, 0x00, 0x00, 0x00, 0x00,
158 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff
159 };
160 #endif
161
162 static int if_addressexists(struct interface *, struct in_addr *);
163
164 #define PROC_INET6 "/proc/net/if_inet6"
165 #define PROC_PROMOTE "/proc/sys/net/ipv4/conf/%s/promote_secondaries"
166 #define SYS_BRIDGE "/sys/class/net/%s/bridge/bridge_id"
167 #define SYS_LAYER2 "/sys/class/net/%s/device/layer2"
168 #define SYS_TUNTAP "/sys/class/net/%s/tun_flags"
169
170 #if defined(__aarch64__)
171 static const char *mproc = "AArch64";
172 int
if_machinearch(char * str,size_t len)173 if_machinearch(char *str, size_t len)
174 {
175
176 return snprintf(str, len, "%s", mproc);
177 }
178 #else
179 static const char *mproc =
180 #if defined(__alpha__)
181 "system type"
182 #elif defined(__arm__)
183 "Hardware"
184 #elif defined(__avr32__)
185 "cpu family"
186 #elif defined(__bfin__)
187 "BOARD Name"
188 #elif defined(__cris__)
189 "cpu model"
190 #elif defined(__frv__)
191 "System"
192 #elif defined(__i386__) || defined(__x86_64__)
193 "vendor_id"
194 #elif defined(__ia64__)
195 "vendor"
196 #elif defined(__hppa__)
197 "model"
198 #elif defined(__m68k__)
199 "MMU"
200 #elif defined(__mips__)
201 "system type"
202 #elif defined(__powerpc__) || defined(__powerpc64__)
203 "machine"
204 #elif defined(__s390__) || defined(__s390x__)
205 "Manufacturer"
206 #elif defined(__sh__)
207 "machine"
208 #elif defined(sparc) || defined(__sparc__)
209 "cpu"
210 #elif defined(__vax__)
211 "cpu"
212 #else
213 NULL
214 #endif
215 ;
216
217 int
if_machinearch(char * str,size_t len)218 if_machinearch(char *str, size_t len)
219 {
220 FILE *fp;
221 char buf[256];
222
223 if (mproc == NULL) {
224 errno = EINVAL;
225 return -1;
226 }
227
228 fp = fopen("/proc/cpuinfo", "r");
229 if (fp == NULL)
230 return -1;
231
232 while (fscanf(fp, "%255s : ", buf) != EOF) {
233 if (strncmp(buf, mproc, strlen(mproc)) == 0 &&
234 fscanf(fp, "%255s", buf) == 1)
235 {
236 fclose(fp);
237 return snprintf(str, len, "%s", buf);
238 }
239 }
240 fclose(fp);
241 errno = ESRCH;
242 return -1;
243 }
244 #endif
245
246 static int
check_proc_int(struct dhcpcd_ctx * ctx,const char * path)247 check_proc_int(struct dhcpcd_ctx *ctx, const char *path)
248 {
249 char buf[64];
250 int error, i;
251
252 if (dhcp_readfile(ctx, path, buf, sizeof(buf)) == -1)
253 return -1;
254 i = (int)strtoi(buf, NULL, 0, INT_MIN, INT_MAX, &error);
255 if (error != 0 && error != ENOTSUP) {
256 errno = error;
257 return -1;
258 }
259 return i;
260 }
261
262 static int
check_proc_uint(struct dhcpcd_ctx * ctx,const char * path,unsigned int * u)263 check_proc_uint(struct dhcpcd_ctx *ctx, const char *path, unsigned int *u)
264 {
265 char buf[64];
266 int error;
267
268 if (dhcp_readfile(ctx, path, buf, sizeof(buf)) == -1)
269 return -1;
270 *u = (unsigned int)strtou(buf, NULL, 0, 0, UINT_MAX, &error);
271 if (error != 0 && error != ENOTSUP) {
272 errno = error;
273 return error;
274 }
275 return 0;
276 }
277
278 static ssize_t
if_writepathuint(struct dhcpcd_ctx * ctx,const char * path,unsigned int val)279 if_writepathuint(struct dhcpcd_ctx *ctx, const char *path, unsigned int val)
280 {
281 char buf[64];
282 int len;
283
284 len = snprintf(buf, sizeof(buf), "%u\n", val);
285 if (len == -1)
286 return -1;
287 return dhcp_writefile(ctx, path, 0664, buf, (size_t)len);
288 }
289
290 int
if_init(struct interface * ifp)291 if_init(struct interface *ifp)
292 {
293 char path[sizeof(PROC_PROMOTE) + IF_NAMESIZE];
294 int n;
295
296 /* We enable promote_secondaries so that we can do this
297 * add 192.168.1.2/24
298 * add 192.168.1.3/24
299 * del 192.168.1.2/24
300 * and the subnet mask moves onto 192.168.1.3/24
301 * This matches the behaviour of BSD which makes coding dhcpcd
302 * a little easier as there's just one behaviour. */
303 snprintf(path, sizeof(path), PROC_PROMOTE, ifp->name);
304 n = check_proc_int(ifp->ctx, path);
305 if (n == -1)
306 return errno == ENOENT ? 0 : -1;
307 if (n == 1)
308 return 0;
309 return if_writepathuint(ifp->ctx, path, 1) == -1 ? -1 : 0;
310 }
311
312 int
if_conf(struct interface * ifp)313 if_conf(struct interface *ifp)
314 {
315 char path[sizeof(SYS_LAYER2) + IF_NAMESIZE];
316 int n;
317
318 /* Some qeth setups require the use of the broadcast flag. */
319 snprintf(path, sizeof(path), SYS_LAYER2, ifp->name);
320 n = check_proc_int(ifp->ctx, path);
321 if (n == -1)
322 return errno == ENOENT ? 0 : -1;
323 if (n == 0)
324 ifp->options->options |= DHCPCD_BROADCAST;
325 return 0;
326 }
327
328 static bool
if_bridge(struct dhcpcd_ctx * ctx,const char * ifname)329 if_bridge(struct dhcpcd_ctx *ctx, const char *ifname)
330 {
331 char path[sizeof(SYS_BRIDGE) + IF_NAMESIZE], buf[64];
332
333 snprintf(path, sizeof(path), SYS_BRIDGE, ifname);
334 if (dhcp_readfile(ctx, path, buf, sizeof(buf)) == -1)
335 return false;
336 return true;
337 }
338
339 static bool
if_tap(struct dhcpcd_ctx * ctx,const char * ifname)340 if_tap(struct dhcpcd_ctx *ctx, const char *ifname)
341 {
342 char path[sizeof(SYS_TUNTAP) + IF_NAMESIZE];
343 unsigned int u;
344
345 snprintf(path, sizeof(path), SYS_TUNTAP, ifname);
346 if (check_proc_uint(ctx, path, &u) == -1)
347 return false;
348 return u & IFF_TAP;
349 }
350
351 bool
if_ignore(struct dhcpcd_ctx * ctx,const char * ifname)352 if_ignore(struct dhcpcd_ctx *ctx, const char *ifname)
353 {
354
355 if (if_tap(ctx, ifname) || if_bridge(ctx, ifname))
356 return true;
357 return false;
358 }
359
360 /* XXX work out Virtal Interface Masters */
361 int
if_vimaster(__unused struct dhcpcd_ctx * ctx,__unused const char * ifname)362 if_vimaster(__unused struct dhcpcd_ctx *ctx, __unused const char *ifname)
363 {
364
365 return 0;
366 }
367
368 unsigned short
if_vlanid(const struct interface * ifp)369 if_vlanid(const struct interface *ifp)
370 {
371 struct vlan_ioctl_args v;
372
373 memset(&v, 0, sizeof(v));
374 strlcpy(v.device1, ifp->name, sizeof(v.device1));
375 v.cmd = GET_VLAN_VID_CMD;
376 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGIFVLAN, &v) != 0)
377 return 0; /* 0 means no VLANID */
378 return (unsigned short)v.u.VID;
379 }
380
381 int
if_linksocket(struct sockaddr_nl * nl,int protocol,int flags)382 if_linksocket(struct sockaddr_nl *nl, int protocol, int flags)
383 {
384 int fd;
385
386 fd = xsocket(AF_NETLINK, SOCK_RAW | SOCK_CLOEXEC | flags, protocol);
387 if (fd == -1)
388 return -1;
389 nl->nl_family = AF_NETLINK;
390 if (bind(fd, (struct sockaddr *)nl, sizeof(*nl)) == -1) {
391 close(fd);
392 return -1;
393 }
394 return fd;
395 }
396
397 char *
if_getnetworknamespace(char * buf,size_t len)398 if_getnetworknamespace(char *buf, size_t len)
399 {
400 struct stat sb_self, sb_netns;
401 DIR *dir;
402 struct dirent *de;
403 char file[PATH_MAX], *bufp = NULL;
404
405 if (stat("/proc/self/ns/net", &sb_self) == -1)
406 return NULL;
407
408 dir = opendir("/var/run/netns");
409 if (dir == NULL)
410 return NULL;
411
412 while ((de = readdir(dir)) != NULL) {
413 snprintf(file, sizeof(file), "/var/run/netns/%s", de->d_name);
414 if (stat(file, &sb_netns) == -1)
415 continue;
416 if (sb_self.st_dev != sb_netns.st_dev ||
417 sb_self.st_ino != sb_netns.st_ino)
418 continue;
419 strlcpy(buf, de->d_name, len);
420 bufp = buf;
421 break;
422 }
423 closedir(dir);
424 return bufp;
425 }
426
427 int
os_init(void)428 os_init(void)
429 {
430 char netns[PATH_MAX], *p;
431
432 p = if_getnetworknamespace(netns, sizeof(netns));
433 if (p != NULL)
434 loginfox("network namespace: %s", p);
435
436 return 0;
437 }
438
439 int
if_opensockets_os(struct dhcpcd_ctx * ctx)440 if_opensockets_os(struct dhcpcd_ctx *ctx)
441 {
442 struct priv *priv;
443 struct sockaddr_nl snl;
444 socklen_t len;
445 #ifdef NETLINK_BROADCAST_ERROR
446 int on = 1;
447 #endif
448
449 /* Open the link socket first so it gets pid() for the socket.
450 * Then open our persistent route socket so we get a unique
451 * pid that doesn't clash with a process id for after we fork. */
452 memset(&snl, 0, sizeof(snl));
453 snl.nl_groups = RTMGRP_LINK;
454
455 #ifdef INET
456 snl.nl_groups |= RTMGRP_IPV4_ROUTE | RTMGRP_IPV4_IFADDR;
457 #endif
458 #ifdef INET6
459 snl.nl_groups |= RTMGRP_IPV6_ROUTE | RTMGRP_IPV6_IFADDR | RTMGRP_NEIGH;
460 #endif
461
462 ctx->link_fd = if_linksocket(&snl, NETLINK_ROUTE, SOCK_NONBLOCK);
463 if (ctx->link_fd == -1)
464 return -1;
465 #ifdef NETLINK_BROADCAST_ERROR
466 if (setsockopt(ctx->link_fd, SOL_NETLINK, NETLINK_BROADCAST_ERROR,
467 &on, sizeof(on)) == -1)
468 logerr("%s: NETLINK_BROADCAST_ERROR", __func__);
469 #endif
470
471 if ((priv = calloc(1, sizeof(*priv))) == NULL)
472 return -1;
473
474 ctx->priv = priv;
475 memset(&snl, 0, sizeof(snl));
476 priv->route_fd = if_linksocket(&snl, NETLINK_ROUTE, 0);
477 if (priv->route_fd == -1)
478 return -1;
479 len = sizeof(snl);
480 if (getsockname(priv->route_fd, (struct sockaddr *)&snl, &len) == -1)
481 return -1;
482 priv->route_pid = snl.nl_pid;
483
484 memset(&snl, 0, sizeof(snl));
485 priv->generic_fd = if_linksocket(&snl, NETLINK_GENERIC, 0);
486 if (priv->generic_fd == -1)
487 return -1;
488
489 return 0;
490 }
491
492 void
if_closesockets_os(struct dhcpcd_ctx * ctx)493 if_closesockets_os(struct dhcpcd_ctx *ctx)
494 {
495 struct priv *priv;
496
497 if (ctx->priv != NULL) {
498 priv = (struct priv *)ctx->priv;
499 close(priv->route_fd);
500 close(priv->generic_fd);
501 }
502 }
503
504 int
if_setmac(struct interface * ifp,void * mac,uint8_t maclen)505 if_setmac(struct interface *ifp, void *mac, uint8_t maclen)
506 {
507 struct ifreq ifr = {
508 .ifr_hwaddr.sa_family = ifp->hwtype,
509 };
510
511 if (ifp->hwlen != maclen || maclen > sizeof(ifr.ifr_hwaddr.sa_data)) {
512 errno = EINVAL;
513 return -1;
514 }
515
516 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
517 memcpy(ifr.ifr_hwaddr.sa_data, mac, maclen);
518 return if_ioctl(ifp->ctx, SIOCSIFHWADDR, &ifr, sizeof(ifr));
519 }
520
521 int
if_carrier(struct interface * ifp,__unused const void * ifadata)522 if_carrier(struct interface *ifp, __unused const void *ifadata)
523 {
524
525 return ifp->flags & IFF_RUNNING ? LINK_UP : LINK_DOWN;
526 }
527
528 bool
if_roaming(struct interface * ifp)529 if_roaming(struct interface *ifp)
530 {
531
532 #ifdef IFF_LOWER_UP
533 if (!ifp->wireless ||
534 ifp->flags & IFF_RUNNING ||
535 (ifp->flags & (IFF_UP | IFF_LOWER_UP)) != (IFF_UP | IFF_LOWER_UP))
536 return false;
537 return true;
538 #else
539 return false;
540 #endif
541 }
542
543 int
if_getnetlink(struct dhcpcd_ctx * ctx,struct iovec * iov,int fd,int flags,int (* cb)(struct dhcpcd_ctx *,void *,struct nlmsghdr *),void * cbarg)544 if_getnetlink(struct dhcpcd_ctx *ctx, struct iovec *iov, int fd, int flags,
545 int (*cb)(struct dhcpcd_ctx *, void *, struct nlmsghdr *), void *cbarg)
546 {
547 struct sockaddr_nl nladdr = { .nl_pid = 0 };
548 struct msghdr msg = {
549 .msg_name = &nladdr, .msg_namelen = sizeof(nladdr),
550 .msg_iov = iov, .msg_iovlen = 1,
551 };
552 ssize_t len;
553 struct nlmsghdr *nlm;
554 int r = 0;
555 unsigned int again;
556 bool terminated;
557
558 recv_again:
559 len = recvmsg(fd, &msg, flags);
560 if (len == -1 || len == 0)
561 return (int)len;
562
563 /* Check sender */
564 if (msg.msg_namelen != sizeof(nladdr)) {
565 errno = EINVAL;
566 return -1;
567 }
568
569 /* Ignore message if it is not from kernel */
570 if (nladdr.nl_pid != 0)
571 return 0;
572
573 again = 0;
574 terminated = false;
575 for (nlm = iov->iov_base;
576 nlm && NLMSG_OK(nlm, (size_t)len);
577 nlm = NLMSG_NEXT(nlm, len))
578 {
579 again = (nlm->nlmsg_flags & NLM_F_MULTI);
580 if (nlm->nlmsg_type == NLMSG_NOOP)
581 continue;
582
583 if (nlm->nlmsg_type == NLMSG_ERROR) {
584 struct nlmsgerr *err;
585
586 if (nlm->nlmsg_len - sizeof(*nlm) < sizeof(*err)) {
587 errno = EBADMSG;
588 return -1;
589 }
590 err = (struct nlmsgerr *)NLMSG_DATA(nlm);
591 if (err->error != 0) {
592 errno = -err->error;
593 return -1;
594 }
595 again = 0;
596 terminated = true;
597 break;
598 }
599 if (nlm->nlmsg_type == NLMSG_DONE) {
600 again = 0;
601 terminated = true;
602 break;
603 }
604 if (cb == NULL)
605 continue;
606 if (nlm->nlmsg_seq != (uint32_t)ctx->seq && fd != ctx->link_fd)
607 logwarnx("%s: received sequence %u, expecting %d",
608 __func__, nlm->nlmsg_seq, ctx->seq);
609 else
610 r = cb(ctx, cbarg, nlm);
611 }
612
613 if ((again || !terminated) && (ctx != NULL && ctx->link_fd != fd))
614 goto recv_again;
615
616 return r;
617 }
618
619 static int
if_copyrt(struct dhcpcd_ctx * ctx,struct rt * rt,struct nlmsghdr * nlm)620 if_copyrt(struct dhcpcd_ctx *ctx, struct rt *rt, struct nlmsghdr *nlm)
621 {
622 size_t len;
623 struct rtmsg *rtm;
624 struct rtattr *rta;
625 unsigned int ifindex;
626 struct sockaddr *sa;
627
628 len = nlm->nlmsg_len - sizeof(*nlm);
629 if (len < sizeof(*rtm)) {
630 errno = EBADMSG;
631 return -1;
632 }
633 rtm = (struct rtmsg *)NLMSG_DATA(nlm);
634 if (rtm->rtm_table != RT_TABLE_MAIN)
635 return -1;
636
637 memset(rt, 0, sizeof(*rt));
638 if (rtm->rtm_type == RTN_UNREACHABLE)
639 rt->rt_flags |= RTF_REJECT;
640
641 rta = RTM_RTA(rtm);
642 len = RTM_PAYLOAD(nlm);
643 for (; RTA_OK(rta, len); rta = RTA_NEXT(rta, len)) {
644 sa = NULL;
645 switch (rta->rta_type) {
646 case RTA_DST:
647 sa = &rt->rt_dest;
648 break;
649 case RTA_GATEWAY:
650 sa = &rt->rt_gateway;
651 break;
652 case RTA_PREFSRC:
653 sa = &rt->rt_ifa;
654 break;
655 case RTA_OIF:
656 ifindex = *(unsigned int *)RTA_DATA(rta);
657 rt->rt_ifp = if_findindex(ctx->ifaces, ifindex);
658 break;
659 case RTA_PRIORITY:
660 rt->rt_metric = *(unsigned int *)RTA_DATA(rta);
661 break;
662 case RTA_METRICS:
663 {
664 struct rtattr *r2;
665 size_t l2;
666
667 l2 = rta->rta_len;
668 r2 = (struct rtattr *)RTA_DATA(rta);
669 for (; RTA_OK(r2, l2); r2 = RTA_NEXT(r2, l2)) {
670 switch (r2->rta_type) {
671 case RTAX_MTU:
672 rt->rt_mtu = *(unsigned int *)RTA_DATA(r2);
673 break;
674 }
675 }
676 break;
677 }
678 }
679
680 if (sa != NULL) {
681 socklen_t salen;
682
683 sa->sa_family = rtm->rtm_family;
684 salen = sa_addrlen(sa);
685 /* sa is a union where sockaddr_in6 is the biggest. */
686 /* coverity[overrun-buffer-arg] */
687 memcpy((char *)sa + sa_addroffset(sa), RTA_DATA(rta),
688 MIN(salen, RTA_PAYLOAD(rta)));
689 }
690 }
691
692 /* If no RTA_DST set the unspecified address for the family. */
693 if (rt->rt_dest.sa_family == AF_UNSPEC)
694 rt->rt_dest.sa_family = rtm->rtm_family;
695
696 rt->rt_netmask.sa_family = rtm->rtm_family;
697 sa_fromprefix(&rt->rt_netmask, rtm->rtm_dst_len);
698 if (sa_is_allones(&rt->rt_netmask))
699 rt->rt_flags |= RTF_HOST;
700
701 #if 0
702 if (rt->rtp_ifp == NULL && rt->src.s_addr != INADDR_ANY) {
703 struct ipv4_addr *ap;
704
705 /* For some reason the default route comes back with the
706 * loopback interface in RTA_OIF? Lets find it by
707 * preferred source address */
708 if ((ap = ipv4_findaddr(ctx, &rt->src)))
709 rt->iface = ap->iface;
710 }
711 #endif
712
713 if (rt->rt_ifp == NULL) {
714 errno = ESRCH;
715 return -1;
716 }
717 return 0;
718 }
719
720 static int
link_route(struct dhcpcd_ctx * ctx,__unused struct interface * ifp,struct nlmsghdr * nlm)721 link_route(struct dhcpcd_ctx *ctx, __unused struct interface *ifp,
722 struct nlmsghdr *nlm)
723 {
724 size_t len;
725 int cmd;
726 struct priv *priv;
727 struct rt rt;
728
729 switch (nlm->nlmsg_type) {
730 case RTM_NEWROUTE:
731 cmd = RTM_ADD;
732 break;
733 case RTM_DELROUTE:
734 cmd = RTM_DELETE;
735 break;
736 default:
737 return 0;
738 }
739
740 len = nlm->nlmsg_len - sizeof(*nlm);
741 if (len < sizeof(struct rtmsg)) {
742 errno = EBADMSG;
743 return -1;
744 }
745
746 /* Ignore messages we sent. */
747 #ifdef PRIVSEP
748 if (ctx->ps_root_pid != 0 &&
749 nlm->nlmsg_pid == (uint32_t)ctx->ps_root_pid)
750 return 0;
751 #endif
752 priv = (struct priv *)ctx->priv;
753 if (nlm->nlmsg_pid == priv->route_pid)
754 return 0;
755
756 if (if_copyrt(ctx, &rt, nlm) == 0)
757 rt_recvrt(cmd, &rt, (pid_t)nlm->nlmsg_pid);
758
759 return 0;
760 }
761
762 static int
link_addr(struct dhcpcd_ctx * ctx,struct interface * ifp,struct nlmsghdr * nlm)763 link_addr(struct dhcpcd_ctx *ctx, struct interface *ifp, struct nlmsghdr *nlm)
764 {
765 size_t len;
766 struct rtattr *rta;
767 struct ifaddrmsg *ifa;
768 struct priv *priv;
769 #ifdef INET
770 struct in_addr addr, net, brd;
771 int ret;
772 #endif
773 #ifdef INET6
774 struct in6_addr addr6;
775 int flags;
776 #endif
777
778 if (nlm->nlmsg_type != RTM_DELADDR && nlm->nlmsg_type != RTM_NEWADDR)
779 return 0;
780
781 len = nlm->nlmsg_len - sizeof(*nlm);
782 if (len < sizeof(*ifa)) {
783 errno = EBADMSG;
784 return -1;
785 }
786
787 /* Ignore address deletions from ourself.
788 * We need to process address flag changes though. */
789 if (nlm->nlmsg_type == RTM_DELADDR) {
790 #ifdef PRIVSEP
791 if (ctx->ps_root_pid != 0 &&
792 nlm->nlmsg_pid == (uint32_t)ctx->ps_root_pid)
793 return 0;
794 #endif
795 priv = (struct priv*)ctx->priv;
796 if (nlm->nlmsg_pid == priv->route_pid)
797 return 0;
798 }
799
800 ifa = NLMSG_DATA(nlm);
801 if ((ifp = if_findindex(ctx->ifaces, ifa->ifa_index)) == NULL) {
802 /* We don't know about the interface the address is for
803 * so it's not really an error */
804 return 1;
805 }
806 rta = IFA_RTA(ifa);
807 len = NLMSG_PAYLOAD(nlm, sizeof(*ifa));
808 switch (ifa->ifa_family) {
809 #ifdef INET
810 case AF_INET:
811 addr.s_addr = brd.s_addr = INADDR_ANY;
812 inet_cidrtoaddr(ifa->ifa_prefixlen, &net);
813 for (; RTA_OK(rta, len); rta = RTA_NEXT(rta, len)) {
814 switch (rta->rta_type) {
815 case IFA_ADDRESS:
816 if (ifp->flags & IFF_POINTOPOINT) {
817 memcpy(&brd.s_addr, RTA_DATA(rta),
818 sizeof(brd.s_addr));
819 }
820 break;
821 case IFA_BROADCAST:
822 memcpy(&brd.s_addr, RTA_DATA(rta),
823 sizeof(brd.s_addr));
824 break;
825 case IFA_LOCAL:
826 memcpy(&addr.s_addr, RTA_DATA(rta),
827 sizeof(addr.s_addr));
828 break;
829 }
830 }
831
832 /* Validate RTM_DELADDR really means address deleted
833 * and anything else really means address exists. */
834 ret = if_addressexists(ifp, &addr);
835 if (ret == -1) {
836 logerr("if_addressexists: %s", inet_ntoa(addr));
837 break;
838 } else if (ret == 1) {
839 if (nlm->nlmsg_type == RTM_DELADDR)
840 break;
841 } else {
842 if (nlm->nlmsg_type != RTM_DELADDR)
843 break;
844 }
845
846 ipv4_handleifa(ctx, nlm->nlmsg_type, NULL, ifp->name,
847 &addr, &net, &brd, ifa->ifa_flags, (pid_t)nlm->nlmsg_pid);
848 break;
849 #endif
850 #ifdef INET6
851 case AF_INET6:
852 memset(&addr6, 0, sizeof(addr6));
853 for (; RTA_OK(rta, len); rta = RTA_NEXT(rta, len)) {
854 switch (rta->rta_type) {
855 case IFA_ADDRESS:
856 memcpy(&addr6.s6_addr, RTA_DATA(rta),
857 sizeof(addr6.s6_addr));
858 break;
859 }
860 }
861
862 /* Validate RTM_DELADDR really means address deleted
863 * and anything else really means address exists. */
864 flags = if_addrflags6(ifp, &addr6, NULL);
865 if (nlm->nlmsg_type == RTM_DELADDR) {
866 if (flags != -1)
867 break;
868 } else {
869 if (flags == -1)
870 break;
871 }
872
873 ipv6_handleifa(ctx, nlm->nlmsg_type, NULL, ifp->name,
874 &addr6, ifa->ifa_prefixlen, ifa->ifa_flags,
875 (pid_t)nlm->nlmsg_pid);
876 break;
877 #endif
878 }
879 return 0;
880 }
881
882 static uint8_t
l2addr_len(unsigned short if_type)883 l2addr_len(unsigned short if_type)
884 {
885
886 switch (if_type) {
887 case ARPHRD_ETHER: /* FALLTHROUGH */
888 case ARPHRD_IEEE802: /*FALLTHROUGH */
889 case ARPHRD_IEEE80211:
890 return 6;
891 case ARPHRD_IEEE1394:
892 return 8;
893 case ARPHRD_INFINIBAND:
894 return 20;
895 }
896
897 /* Impossible */
898 return 0;
899 }
900
901 #ifdef INET6
902 static int
link_neigh(struct dhcpcd_ctx * ctx,__unused struct interface * ifp,struct nlmsghdr * nlm)903 link_neigh(struct dhcpcd_ctx *ctx, __unused struct interface *ifp,
904 struct nlmsghdr *nlm)
905 {
906 struct ndmsg *r;
907 struct rtattr *rta;
908 size_t len;
909
910 if (nlm->nlmsg_type != RTM_NEWNEIGH && nlm->nlmsg_type != RTM_DELNEIGH)
911 return 0;
912 if (nlm->nlmsg_len < sizeof(*r))
913 return -1;
914
915 r = NLMSG_DATA(nlm);
916 rta = RTM_RTA(r);
917 len = RTM_PAYLOAD(nlm);
918 if (r->ndm_family == AF_INET6) {
919 bool unreachable;
920 struct in6_addr addr6;
921
922 unreachable = (nlm->nlmsg_type == RTM_NEWNEIGH &&
923 r->ndm_state & NUD_FAILED);
924 memset(&addr6, 0, sizeof(addr6));
925 for (; RTA_OK(rta, len); rta = RTA_NEXT(rta, len)) {
926 switch (rta->rta_type) {
927 case NDA_DST:
928 memcpy(&addr6.s6_addr, RTA_DATA(rta),
929 sizeof(addr6.s6_addr));
930 break;
931 }
932 }
933 ipv6nd_neighbour(ctx, &addr6, !unreachable);
934 }
935
936 return 0;
937 }
938 #endif
939
940 static int
link_netlink(struct dhcpcd_ctx * ctx,void * arg,struct nlmsghdr * nlm)941 link_netlink(struct dhcpcd_ctx *ctx, void *arg, struct nlmsghdr *nlm)
942 {
943 struct interface *ifp = arg;
944 int r;
945 size_t len;
946 struct rtattr *rta, *hwaddr;
947 struct ifinfomsg *ifi;
948 char ifn[IF_NAMESIZE + 1];
949
950 r = link_route(ctx, ifp, nlm);
951 if (r != 0)
952 return r;
953 r = link_addr(ctx, ifp, nlm);
954 if (r != 0)
955 return r;
956 #ifdef INET6
957 r = link_neigh(ctx, ifp, nlm);
958 if (r != 0)
959 return r;
960 #endif
961
962 if (nlm->nlmsg_type != RTM_NEWLINK && nlm->nlmsg_type != RTM_DELLINK)
963 return 0;
964 len = nlm->nlmsg_len - sizeof(*nlm);
965 if ((size_t)len < sizeof(*ifi)) {
966 errno = EBADMSG;
967 return -1;
968 }
969 ifi = NLMSG_DATA(nlm);
970 if (ifi->ifi_flags & IFF_LOOPBACK)
971 return 0;
972 rta = (void *)((char *)ifi + NLMSG_ALIGN(sizeof(*ifi)));
973 len = NLMSG_PAYLOAD(nlm, sizeof(*ifi));
974 *ifn = '\0';
975 hwaddr = NULL;
976
977 for (; RTA_OK(rta, len); rta = RTA_NEXT(rta, len)) {
978 switch (rta->rta_type) {
979 case IFLA_WIRELESS:
980 /* Ignore wireless messages */
981 if (nlm->nlmsg_type == RTM_NEWLINK &&
982 ifi->ifi_change == 0)
983 return 0;
984 break;
985 case IFLA_IFNAME:
986 strlcpy(ifn, (char *)RTA_DATA(rta), sizeof(ifn));
987 break;
988 case IFLA_ADDRESS:
989 hwaddr = rta;
990 break;
991 }
992 }
993
994 if (nlm->nlmsg_type == RTM_DELLINK) {
995 #ifdef PLUGIN_DEV
996 /* If are listening to a dev manager, let that remove
997 * the interface rather than the kernel. */
998 if (dev_listening(ctx) < 1)
999 #endif
1000 dhcpcd_handleinterface(ctx, -1, ifn);
1001 return 0;
1002 }
1003
1004 /* Virtual interfaces may not get a valid hardware address
1005 * at this point.
1006 * To trigger a valid hardware address pickup we need to pretend
1007 * that that don't exist until they have one. */
1008 if (ifi->ifi_flags & IFF_MASTER && !hwaddr) {
1009 dhcpcd_handleinterface(ctx, -1, ifn);
1010 return 0;
1011 }
1012
1013 /* Check for a new interface */
1014 ifp = if_findindex(ctx->ifaces, (unsigned int)ifi->ifi_index);
1015 if (ifp == NULL) {
1016 #ifdef PLUGIN_DEV
1017 /* If are listening to a dev manager, let that announce
1018 * the interface rather than the kernel. */
1019 if (dev_listening(ctx) < 1)
1020 #endif
1021 dhcpcd_handleinterface(ctx, 1, ifn);
1022 return 0;
1023 }
1024
1025 /* Handle interface being renamed */
1026 if (strcmp(ifp->name, ifn) != 0) {
1027 dhcpcd_handleinterface(ctx, -1, ifn);
1028 dhcpcd_handleinterface(ctx, 1, ifn);
1029 return 0;
1030 }
1031
1032 /* Re-read hardware address and friends */
1033 if (!(ifi->ifi_flags & IFF_UP)) {
1034 void *hwa = hwaddr != NULL ? RTA_DATA(hwaddr) : NULL;
1035 uint8_t hwl = l2addr_len(ifi->ifi_type);
1036
1037 if (hwaddr != NULL && hwaddr->rta_len != RTA_LENGTH(hwl))
1038 hwa = NULL;
1039 dhcpcd_handlehwaddr(ifp, ifi->ifi_type, hwa, hwl);
1040 }
1041
1042 dhcpcd_handlecarrier(ifp,
1043 ifi->ifi_flags & IFF_RUNNING ? LINK_UP : LINK_DOWN,
1044 ifi->ifi_flags);
1045 return 0;
1046 }
1047
1048 int
if_handlelink(struct dhcpcd_ctx * ctx)1049 if_handlelink(struct dhcpcd_ctx *ctx)
1050 {
1051 unsigned char buf[16 * 1024];
1052 struct iovec iov = {
1053 .iov_base = buf,
1054 .iov_len = sizeof(buf),
1055 };
1056
1057 return if_getnetlink(ctx, &iov, ctx->link_fd, MSG_DONTWAIT,
1058 &link_netlink, NULL);
1059 }
1060
1061 #ifdef PRIVSEP
1062 static bool
if_netlinkpriv(int protocol,struct nlmsghdr * nlm)1063 if_netlinkpriv(int protocol, struct nlmsghdr *nlm)
1064 {
1065
1066 if (protocol != NETLINK_ROUTE)
1067 return false;
1068
1069 switch(nlm->nlmsg_type) {
1070 case RTM_NEWADDR: /* FALLTHROUGH */
1071 case RTM_DELADDR: /* FALLTHROUGH */
1072 case RTM_NEWROUTE: /* FALLTHROUGH */
1073 case RTM_DELROUTE: /* FALLTHROUGH */
1074 case RTM_NEWLINK:
1075 return true;
1076 default:
1077 return false;
1078 }
1079 }
1080 #endif
1081
1082 static int
if_sendnetlink(struct dhcpcd_ctx * ctx,int protocol,struct nlmsghdr * hdr,int (* cb)(struct dhcpcd_ctx *,void *,struct nlmsghdr *),void * cbarg)1083 if_sendnetlink(struct dhcpcd_ctx *ctx, int protocol, struct nlmsghdr *hdr,
1084 int (*cb)(struct dhcpcd_ctx *, void *, struct nlmsghdr *), void *cbarg)
1085 {
1086 int s;
1087 struct sockaddr_nl snl = { .nl_family = AF_NETLINK };
1088 struct iovec iov = { .iov_base = hdr, .iov_len = hdr->nlmsg_len };
1089 struct msghdr msg = {
1090 .msg_name = &snl, .msg_namelen = sizeof(snl),
1091 .msg_iov = &iov, .msg_iovlen = 1
1092 };
1093 struct priv *priv = (struct priv *)ctx->priv;
1094 unsigned char buf[16 * 1024];
1095 struct iovec riov = {
1096 .iov_base = buf,
1097 .iov_len = sizeof(buf),
1098 };
1099
1100 /* Request a reply */
1101 hdr->nlmsg_flags |= NLM_F_ACK;
1102 hdr->nlmsg_seq = (uint32_t)++ctx->seq;
1103 if ((unsigned int)ctx->seq > UINT32_MAX)
1104 ctx->seq = 0;
1105
1106 #ifdef PRIVSEP
1107 if (ctx->options & DHCPCD_PRIVSEP && if_netlinkpriv(protocol, hdr))
1108 return (int)ps_root_sendnetlink(ctx, protocol, &msg);
1109 #endif
1110
1111 switch (protocol) {
1112 case NETLINK_ROUTE:
1113 s = priv->route_fd;
1114 break;
1115 case NETLINK_GENERIC:
1116 s = priv->generic_fd;
1117 #if 0
1118 #ifdef NETLINK_GET_STRICT_CHK
1119 if (hdr->nlmsg_type == RTM_GETADDR) {
1120 int on = 1;
1121
1122 if (setsockopt(s, SOL_NETLINK, NETLINK_GET_STRICT_CHK,
1123 &on, sizeof(on)) == -1 && errno != ENOPROTOOPT)
1124 logerr("%s: NETLINK_GET_STRICT_CHK", __func__);
1125 }
1126 #endif
1127 #endif
1128 break;
1129 default:
1130 errno = EINVAL;
1131 return -1;
1132 }
1133
1134 if (sendmsg(s, &msg, 0) == -1)
1135 return -1;
1136
1137 return if_getnetlink(ctx, &riov, s, 0, cb, cbarg);
1138 }
1139
1140 #define NLMSG_TAIL(nmsg) \
1141 ((struct rtattr *)(((ptrdiff_t)(nmsg))+NLMSG_ALIGN((nmsg)->nlmsg_len)))
1142
1143 static int
add_attr_l(struct nlmsghdr * n,unsigned short maxlen,unsigned short type,const void * data,unsigned short alen)1144 add_attr_l(struct nlmsghdr *n, unsigned short maxlen, unsigned short type,
1145 const void *data, unsigned short alen)
1146 {
1147 unsigned short len = (unsigned short)RTA_LENGTH(alen);
1148 struct rtattr *rta;
1149
1150 if (NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len) > maxlen) {
1151 errno = ENOBUFS;
1152 return -1;
1153 }
1154
1155 rta = NLMSG_TAIL(n);
1156 rta->rta_type = type;
1157 rta->rta_len = len;
1158 if (alen)
1159 memcpy(RTA_DATA(rta), data, alen);
1160 n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
1161
1162 return 0;
1163 }
1164
1165 static int
add_attr_8(struct nlmsghdr * n,unsigned short maxlen,unsigned short type,uint8_t data)1166 add_attr_8(struct nlmsghdr *n, unsigned short maxlen, unsigned short type,
1167 uint8_t data)
1168 {
1169
1170 return add_attr_l(n, maxlen, type, &data, sizeof(data));
1171 }
1172
1173 static int
add_attr_32(struct nlmsghdr * n,unsigned short maxlen,unsigned short type,uint32_t data)1174 add_attr_32(struct nlmsghdr *n, unsigned short maxlen, unsigned short type,
1175 uint32_t data)
1176 {
1177 unsigned short len = RTA_LENGTH(sizeof(data));
1178 struct rtattr *rta;
1179
1180 if (NLMSG_ALIGN(n->nlmsg_len) + len > maxlen) {
1181 errno = ENOBUFS;
1182 return -1;
1183 }
1184
1185 rta = NLMSG_TAIL(n);
1186 rta->rta_type = type;
1187 rta->rta_len = len;
1188 memcpy(RTA_DATA(rta), &data, sizeof(data));
1189 n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + len;
1190
1191 return 0;
1192 }
1193
1194 static int
rta_add_attr_32(struct rtattr * rta,unsigned short maxlen,unsigned short type,uint32_t data)1195 rta_add_attr_32(struct rtattr *rta, unsigned short maxlen,
1196 unsigned short type, uint32_t data)
1197 {
1198 unsigned short len = RTA_LENGTH(sizeof(data));
1199 struct rtattr *subrta;
1200
1201 if (RTA_ALIGN(rta->rta_len) + len > maxlen) {
1202 errno = ENOBUFS;
1203 return -1;
1204 }
1205
1206 subrta = (void *)((char*)rta + RTA_ALIGN(rta->rta_len));
1207 subrta->rta_type = type;
1208 subrta->rta_len = len;
1209 memcpy(RTA_DATA(subrta), &data, sizeof(data));
1210 rta->rta_len = (unsigned short)(NLMSG_ALIGN(rta->rta_len) + len);
1211 return 0;
1212 }
1213
1214 #ifdef HAVE_NL80211_H
1215 static struct nlattr *
nla_next(struct nlattr * nla,size_t * rem)1216 nla_next(struct nlattr *nla, size_t *rem)
1217 {
1218
1219 *rem -= (size_t)NLA_ALIGN(nla->nla_len);
1220 return (void *)((char *)nla + NLA_ALIGN(nla->nla_len));
1221 }
1222
1223 #define NLA_TYPE(nla) ((nla)->nla_type & NLA_TYPE_MASK)
1224 #define NLA_LEN(nla) (unsigned int)((nla)->nla_len - NLA_HDRLEN)
1225 #define NLA_OK(nla, rem) \
1226 ((rem) >= sizeof(struct nlattr) && \
1227 (nla)->nla_len >= sizeof(struct nlattr) && \
1228 (nla)->nla_len <= rem)
1229 #define NLA_DATA(nla) (void *)((char *)(nla) + NLA_HDRLEN)
1230 #define NLA_FOR_EACH_ATTR(pos, head, len, rem) \
1231 for (pos = head, rem = len; \
1232 NLA_OK(pos, rem); \
1233 pos = nla_next(pos, &(rem)))
1234
1235 struct nlmg
1236 {
1237 struct nlmsghdr hdr;
1238 struct genlmsghdr ghdr;
1239 char buffer[64];
1240 };
1241
1242 static int
nla_put_32(struct nlmsghdr * n,unsigned short maxlen,unsigned short type,uint32_t data)1243 nla_put_32(struct nlmsghdr *n, unsigned short maxlen,
1244 unsigned short type, uint32_t data)
1245 {
1246 unsigned short len;
1247 struct nlattr *nla;
1248
1249 len = NLA_ALIGN(NLA_HDRLEN + sizeof(data));
1250 if (NLMSG_ALIGN(n->nlmsg_len) + len > maxlen) {
1251 errno = ENOBUFS;
1252 return -1;
1253 }
1254
1255 nla = (struct nlattr *)NLMSG_TAIL(n);
1256 nla->nla_type = type;
1257 nla->nla_len = len;
1258 memcpy(NLA_DATA(nla), &data, sizeof(data));
1259 n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + len;
1260
1261 return 0;
1262 }
1263
1264 static int
nla_put_string(struct nlmsghdr * n,unsigned short maxlen,unsigned short type,const char * data)1265 nla_put_string(struct nlmsghdr *n, unsigned short maxlen,
1266 unsigned short type, const char *data)
1267 {
1268 struct nlattr *nla;
1269 size_t len, sl;
1270
1271 sl = strlen(data) + 1;
1272 len = NLA_ALIGN(NLA_HDRLEN + sl);
1273 if (NLMSG_ALIGN(n->nlmsg_len) + len > maxlen) {
1274 errno = ENOBUFS;
1275 return -1;
1276 }
1277
1278 nla = (struct nlattr *)NLMSG_TAIL(n);
1279 nla->nla_type = type;
1280 nla->nla_len = (unsigned short)len;
1281 memcpy(NLA_DATA(nla), data, sl);
1282 n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + (unsigned short)len;
1283 return 0;
1284 }
1285
1286 static int
nla_parse(struct nlattr * tb[],struct nlattr * head,size_t len,int maxtype)1287 nla_parse(struct nlattr *tb[], struct nlattr *head, size_t len, int maxtype)
1288 {
1289 struct nlattr *nla;
1290 size_t rem;
1291 int type;
1292
1293 memset(tb, 0, sizeof(*tb) * ((unsigned int)maxtype + 1));
1294 NLA_FOR_EACH_ATTR(nla, head, len, rem) {
1295 type = NLA_TYPE(nla);
1296 if (type > maxtype)
1297 continue;
1298 tb[type] = nla;
1299 }
1300 return 0;
1301 }
1302
1303 static int
genl_parse(struct nlmsghdr * nlm,struct nlattr * tb[],int maxtype)1304 genl_parse(struct nlmsghdr *nlm, struct nlattr *tb[], int maxtype)
1305 {
1306 struct genlmsghdr *ghdr;
1307 struct nlattr *head;
1308 size_t len;
1309
1310 ghdr = NLMSG_DATA(nlm);
1311 head = (void *)((char *)ghdr + GENL_HDRLEN);
1312 len = nlm->nlmsg_len - GENL_HDRLEN - NLMSG_HDRLEN;
1313 return nla_parse(tb, head, len, maxtype);
1314 }
1315
1316 static int
_gnl_getfamily(__unused struct dhcpcd_ctx * ctx,__unused void * arg,struct nlmsghdr * nlm)1317 _gnl_getfamily(__unused struct dhcpcd_ctx *ctx, __unused void *arg,
1318 struct nlmsghdr *nlm)
1319 {
1320 struct nlattr *tb[CTRL_ATTR_FAMILY_ID + 1];
1321 uint16_t family;
1322
1323 if (genl_parse(nlm, tb, CTRL_ATTR_FAMILY_ID) == -1)
1324 return -1;
1325 if (tb[CTRL_ATTR_FAMILY_ID] == NULL) {
1326 errno = ENOENT;
1327 return -1;
1328 }
1329 memcpy(&family, NLA_DATA(tb[CTRL_ATTR_FAMILY_ID]), sizeof(family));
1330 return (int)family;
1331 }
1332
1333 static int
gnl_getfamily(struct dhcpcd_ctx * ctx,const char * name)1334 gnl_getfamily(struct dhcpcd_ctx *ctx, const char *name)
1335 {
1336 struct nlmg nlm;
1337
1338 memset(&nlm, 0, sizeof(nlm));
1339 nlm.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct genlmsghdr));
1340 nlm.hdr.nlmsg_type = GENL_ID_CTRL;
1341 nlm.hdr.nlmsg_flags = NLM_F_REQUEST;
1342 nlm.ghdr.cmd = CTRL_CMD_GETFAMILY;
1343 nlm.ghdr.version = 1;
1344 if (nla_put_string(&nlm.hdr, sizeof(nlm),
1345 CTRL_ATTR_FAMILY_NAME, name) == -1)
1346 return -1;
1347 return if_sendnetlink(ctx, NETLINK_GENERIC, &nlm.hdr,
1348 &_gnl_getfamily, NULL);
1349 }
1350
1351 static int
_if_getssid_nl80211(__unused struct dhcpcd_ctx * ctx,void * arg,struct nlmsghdr * nlm)1352 _if_getssid_nl80211(__unused struct dhcpcd_ctx *ctx, void *arg,
1353 struct nlmsghdr *nlm)
1354 {
1355 struct interface *ifp = arg;
1356 struct nlattr *tb[NL80211_ATTR_BSS + 1];
1357 struct nlattr *bss[NL80211_BSS_STATUS + 1];
1358 uint32_t status;
1359 unsigned char *ie;
1360 int ie_len;
1361
1362 if (genl_parse(nlm, tb, NL80211_ATTR_BSS) == -1)
1363 return 0;
1364
1365 if (tb[NL80211_ATTR_BSS] == NULL)
1366 return 0;
1367
1368 if (nla_parse(bss,
1369 NLA_DATA(tb[NL80211_ATTR_BSS]),
1370 NLA_LEN(tb[NL80211_ATTR_BSS]),
1371 NL80211_BSS_STATUS) == -1)
1372 return 0;
1373
1374 if (bss[NL80211_BSS_BSSID] == NULL || bss[NL80211_BSS_STATUS] == NULL)
1375 return 0;
1376
1377 memcpy(&status, NLA_DATA(bss[NL80211_BSS_STATUS]), sizeof(status));
1378 if (status != NL80211_BSS_STATUS_ASSOCIATED)
1379 return 0;
1380
1381 if (bss[NL80211_BSS_INFORMATION_ELEMENTS] == NULL)
1382 return 0;
1383
1384 ie = NLA_DATA(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1385 ie_len = (int)NLA_LEN(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1386 /* ie[0] is type, ie[1] is lenth, ie[2..] is data */
1387 while (ie_len >= 2 && ie_len >= ie[1]) {
1388 if (ie[0] == 0) {
1389 /* SSID */
1390 if (ie[1] > IF_SSIDLEN) {
1391 errno = ENOBUFS;
1392 return -1;
1393 }
1394 ifp->ssid_len = ie[1];
1395 memcpy(ifp->ssid, ie + 2, ifp->ssid_len);
1396 return (int)ifp->ssid_len;
1397 }
1398 ie_len -= ie[1] + 2;
1399 ie += ie[1] + 2;
1400 }
1401
1402 return 0;
1403 }
1404
1405 static int
if_getssid_nl80211(struct interface * ifp)1406 if_getssid_nl80211(struct interface *ifp)
1407 {
1408 int family;
1409 struct nlmg nlm;
1410
1411 errno = 0;
1412 family = gnl_getfamily(ifp->ctx, "nl80211");
1413 if (family == -1)
1414 return -1;
1415
1416 /* Is this a wireless interface? */
1417 memset(&nlm, 0, sizeof(nlm));
1418 nlm.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct genlmsghdr));
1419 nlm.hdr.nlmsg_type = (unsigned short)family;
1420 nlm.hdr.nlmsg_flags = NLM_F_REQUEST;
1421 nlm.ghdr.cmd = NL80211_CMD_GET_WIPHY;
1422 nla_put_32(&nlm.hdr, sizeof(nlm), NL80211_ATTR_IFINDEX, ifp->index);
1423 if (if_sendnetlink(ifp->ctx, NETLINK_GENERIC, &nlm.hdr,
1424 NULL, NULL) == -1)
1425 return -1;
1426
1427 /* We need to parse out the list of scan results and find the one
1428 * we are connected to. */
1429 memset(&nlm, 0, sizeof(nlm));
1430 nlm.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct genlmsghdr));
1431 nlm.hdr.nlmsg_type = (unsigned short)family;
1432 nlm.hdr.nlmsg_flags = NLM_F_REQUEST | NLM_F_DUMP;
1433 nlm.ghdr.cmd = NL80211_CMD_GET_SCAN;
1434 nla_put_32(&nlm.hdr, sizeof(nlm), NL80211_ATTR_IFINDEX, ifp->index);
1435
1436 return if_sendnetlink(ifp->ctx, NETLINK_GENERIC, &nlm.hdr,
1437 &_if_getssid_nl80211, ifp);
1438 }
1439 #endif
1440
1441 int
if_getssid(struct interface * ifp)1442 if_getssid(struct interface *ifp)
1443 {
1444 int r;
1445
1446 #ifdef HAVE_NL80211_H
1447 r = if_getssid_nl80211(ifp);
1448 if (r == -1)
1449 ifp->ssid_len = 0;
1450 #else
1451 r = if_getssid_wext(ifp->name, ifp->ssid);
1452 if (r != -1)
1453 ifp->ssid_len = (unsigned int)r;
1454 #endif
1455
1456 ifp->ssid[ifp->ssid_len] = '\0';
1457 return r;
1458 }
1459
1460 struct nlma
1461 {
1462 struct nlmsghdr hdr;
1463 struct ifaddrmsg ifa;
1464 char buffer[64];
1465 };
1466
1467 #ifdef INET
1468 struct ifiaddr
1469 {
1470 unsigned int ifa_ifindex;
1471 struct in_addr ifa_addr;
1472 bool ifa_found;
1473 };
1474
1475 static int
_if_addressexists(__unused struct dhcpcd_ctx * ctx,void * arg,struct nlmsghdr * nlm)1476 _if_addressexists(__unused struct dhcpcd_ctx *ctx,
1477 void *arg, struct nlmsghdr *nlm)
1478 {
1479 struct ifiaddr *ia = arg;
1480 in_addr_t this_addr;
1481 size_t len;
1482 struct rtattr *rta;
1483 struct ifaddrmsg *ifa;
1484
1485 ifa = NLMSG_DATA(nlm);
1486 if (ifa->ifa_index != ia->ifa_ifindex || ifa->ifa_family != AF_INET)
1487 return 0;
1488
1489 rta = IFA_RTA(ifa);
1490 len = NLMSG_PAYLOAD(nlm, sizeof(*ifa));
1491 for (; RTA_OK(rta, len); rta = RTA_NEXT(rta, len)) {
1492 switch (rta->rta_type) {
1493 case IFA_LOCAL:
1494 memcpy(&this_addr, RTA_DATA(rta), sizeof(this_addr));
1495 if (this_addr == ia->ifa_addr.s_addr) {
1496 ia->ifa_found = true;
1497 return 1;
1498 }
1499 break;
1500 }
1501 }
1502 return 0;
1503 }
1504
1505 static int
if_addressexists(struct interface * ifp,struct in_addr * addr)1506 if_addressexists(struct interface *ifp, struct in_addr *addr)
1507 {
1508 struct ifiaddr ia = {
1509 .ifa_ifindex = ifp->index,
1510 .ifa_addr = *addr,
1511 .ifa_found = false,
1512 };
1513 struct nlma nlm = {
1514 .hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg)),
1515 .hdr.nlmsg_type = RTM_GETADDR,
1516 .hdr.nlmsg_flags = NLM_F_REQUEST | NLM_F_MATCH,
1517 .ifa.ifa_family = AF_INET,
1518 .ifa.ifa_index = ifp->index,
1519 };
1520
1521 int error = if_sendnetlink(ifp->ctx, NETLINK_ROUTE, &nlm.hdr,
1522 &_if_addressexists, &ia);
1523 if (error == -1)
1524 return -1;
1525 return ia.ifa_found ? 1 : 0;
1526 }
1527 #endif
1528
1529 struct nlmr
1530 {
1531 struct nlmsghdr hdr;
1532 struct rtmsg rt;
1533 char buffer[256];
1534 };
1535
1536 int
if_route(unsigned char cmd,const struct rt * rt)1537 if_route(unsigned char cmd, const struct rt *rt)
1538 {
1539 struct nlmr nlm;
1540 bool gateway_unspec;
1541
1542 memset(&nlm, 0, sizeof(nlm));
1543 nlm.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
1544 switch (cmd) {
1545 case RTM_CHANGE:
1546 nlm.hdr.nlmsg_type = RTM_NEWROUTE;
1547 nlm.hdr.nlmsg_flags = NLM_F_CREATE | NLM_F_REPLACE;
1548 break;
1549 case RTM_ADD:
1550 nlm.hdr.nlmsg_type = RTM_NEWROUTE;
1551 nlm.hdr.nlmsg_flags = NLM_F_CREATE | NLM_F_EXCL;
1552 break;
1553 case RTM_DELETE:
1554 nlm.hdr.nlmsg_type = RTM_DELROUTE;
1555 break;
1556 }
1557 nlm.hdr.nlmsg_flags |= NLM_F_REQUEST;
1558 nlm.rt.rtm_family = (unsigned char)rt->rt_dest.sa_family;
1559 nlm.rt.rtm_table = RT_TABLE_MAIN;
1560
1561 gateway_unspec = sa_is_unspecified(&rt->rt_gateway);
1562
1563 if (cmd == RTM_DELETE) {
1564 nlm.rt.rtm_scope = RT_SCOPE_NOWHERE;
1565 } else {
1566 /* Address generated routes are RTPROT_KERNEL,
1567 * otherwise RTPROT_BOOT */
1568 #ifdef RTPROT_RA
1569 if (rt->rt_dflags & RTDF_RA)
1570 nlm.rt.rtm_protocol = RTPROT_RA;
1571 else
1572 #endif
1573 #ifdef RTPROT_DHCP
1574 if (rt->rt_dflags & RTDF_DHCP)
1575 nlm.rt.rtm_protocol = RTPROT_DHCP;
1576 else
1577 #endif
1578 if (rt->rt_dflags & RTDF_IFA_ROUTE)
1579 nlm.rt.rtm_protocol = RTPROT_KERNEL;
1580 else
1581 nlm.rt.rtm_protocol = RTPROT_BOOT;
1582 if (rt->rt_ifp->flags & IFF_LOOPBACK)
1583 nlm.rt.rtm_scope = RT_SCOPE_HOST;
1584 else if (gateway_unspec)
1585 nlm.rt.rtm_scope = RT_SCOPE_LINK;
1586 else
1587 nlm.rt.rtm_scope = RT_SCOPE_UNIVERSE;
1588 if (rt->rt_flags & RTF_REJECT)
1589 nlm.rt.rtm_type = RTN_UNREACHABLE;
1590 else
1591 nlm.rt.rtm_type = RTN_UNICAST;
1592 }
1593
1594 #define ADDSA(type, sa) \
1595 add_attr_l(&nlm.hdr, sizeof(nlm), (type), \
1596 (const char *)(sa) + sa_addroffset((sa)), \
1597 (unsigned short)sa_addrlen((sa)));
1598 nlm.rt.rtm_dst_len = (unsigned char)sa_toprefix(&rt->rt_netmask);
1599 /* rt->rt_dest and rt->gateway are unions where sockaddr_in6
1600 * is the biggest member. However, we access them as the
1601 * generic sockaddr and coverity thinks this will overrun. */
1602 /* coverity[overrun-buffer-arg] */
1603 ADDSA(RTA_DST, &rt->rt_dest);
1604 if (cmd == RTM_ADD || cmd == RTM_CHANGE) {
1605 if (!gateway_unspec) {
1606 /* coverity[overrun-buffer-arg] */
1607 ADDSA(RTA_GATEWAY, &rt->rt_gateway);
1608 }
1609 /* Cannot add tentative source addresses.
1610 * We don't know this here, so just skip INET6 ifa's.*/
1611 if (!sa_is_unspecified(&rt->rt_ifa) &&
1612 rt->rt_ifa.sa_family != AF_INET6)
1613 ADDSA(RTA_PREFSRC, &rt->rt_ifa);
1614 if (rt->rt_mtu) {
1615 char metricsbuf[32];
1616 struct rtattr *metrics = (void *)metricsbuf;
1617
1618 metrics->rta_type = RTA_METRICS;
1619 metrics->rta_len = RTA_LENGTH(0);
1620 rta_add_attr_32(metrics, sizeof(metricsbuf),
1621 RTAX_MTU, rt->rt_mtu);
1622 add_attr_l(&nlm.hdr, sizeof(nlm), RTA_METRICS,
1623 RTA_DATA(metrics),
1624 (unsigned short)RTA_PAYLOAD(metrics));
1625 }
1626
1627 #ifdef HAVE_ROUTE_PREF
1628 if (rt->rt_dflags & RTDF_RA) {
1629 uint8_t pref;
1630
1631 switch(rt->rt_pref) {
1632 case RTPREF_LOW:
1633 pref = ICMPV6_ROUTER_PREF_LOW;
1634 break;
1635 case RTPREF_MEDIUM:
1636 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1637 break;
1638 case RTPREF_HIGH:
1639 pref = ICMPV6_ROUTER_PREF_HIGH;
1640 break;
1641 default:
1642 pref = ICMPV6_ROUTER_PREF_INVALID;
1643 break;
1644 }
1645 add_attr_8(&nlm.hdr, sizeof(nlm), RTA_PREF, pref);
1646 }
1647 #endif
1648 }
1649
1650 if (!sa_is_loopback(&rt->rt_gateway))
1651 add_attr_32(&nlm.hdr, sizeof(nlm), RTA_OIF, rt->rt_ifp->index);
1652
1653 if (rt->rt_metric != 0)
1654 add_attr_32(&nlm.hdr, sizeof(nlm), RTA_PRIORITY,
1655 rt->rt_metric);
1656
1657 return if_sendnetlink(rt->rt_ifp->ctx, NETLINK_ROUTE, &nlm.hdr,
1658 NULL, NULL);
1659 }
1660
1661 static int
_if_initrt(struct dhcpcd_ctx * ctx,void * arg,struct nlmsghdr * nlm)1662 _if_initrt(struct dhcpcd_ctx *ctx, void *arg,
1663 struct nlmsghdr *nlm)
1664 {
1665 struct rt rt, *rtn;
1666 rb_tree_t *kroutes = arg;
1667
1668 if (if_copyrt(ctx, &rt, nlm) != 0)
1669 return 0;
1670 if ((rtn = rt_new(rt.rt_ifp)) == NULL) {
1671 logerr(__func__);
1672 return 0;
1673 }
1674 memcpy(rtn, &rt, sizeof(*rtn));
1675 if (rb_tree_insert_node(kroutes, rtn) != rtn)
1676 rt_free(rtn);
1677 return 0;
1678 }
1679
1680 int
if_initrt(struct dhcpcd_ctx * ctx,rb_tree_t * kroutes,int af)1681 if_initrt(struct dhcpcd_ctx *ctx, rb_tree_t *kroutes, int af)
1682 {
1683 struct nlmr nlm = {
1684 .hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg)),
1685 .hdr.nlmsg_type = RTM_GETROUTE,
1686 .hdr.nlmsg_flags = NLM_F_REQUEST | NLM_F_MATCH,
1687 .rt.rtm_table = RT_TABLE_MAIN,
1688 .rt.rtm_family = (unsigned char)af,
1689 };
1690
1691 return if_sendnetlink(ctx, NETLINK_ROUTE, &nlm.hdr,
1692 &_if_initrt, kroutes);
1693 }
1694
1695 #ifdef INET
1696 /* Linux is a special snowflake when it comes to BPF. */
1697 const char *bpf_name = "Packet Socket";
1698
1699 /* Linux is a special snowflake for opening BPF. */
1700 struct bpf *
bpf_open(const struct interface * ifp,int (* filter)(const struct bpf *,const struct in_addr *),const struct in_addr * ia)1701 bpf_open(const struct interface *ifp,
1702 int (*filter)(const struct bpf *, const struct in_addr *),
1703 const struct in_addr *ia)
1704 {
1705 struct bpf *bpf;
1706 union sockunion {
1707 struct sockaddr sa;
1708 struct sockaddr_ll sll;
1709 struct sockaddr_storage ss;
1710 } su = {
1711 .sll = {
1712 .sll_family = PF_PACKET,
1713 .sll_protocol = htons(ETH_P_ALL),
1714 .sll_ifindex = (int)ifp->index,
1715 }
1716 };
1717 #ifdef PACKET_AUXDATA
1718 int n;
1719 #endif
1720
1721 bpf = calloc(1, sizeof(*bpf));
1722 if (bpf == NULL)
1723 return NULL;
1724 bpf->bpf_ifp = ifp;
1725
1726 /* Allocate a suitably large buffer for a single packet. */
1727 bpf->bpf_size = ETH_DATA_LEN;
1728 bpf->bpf_buffer = malloc(bpf->bpf_size);
1729 if (bpf->bpf_buffer == NULL)
1730 goto eexit;
1731
1732 bpf->bpf_fd = xsocket(PF_PACKET, SOCK_RAW|SOCK_CXNB,htons(ETH_P_ALL));
1733 if (bpf->bpf_fd == -1)
1734 goto eexit;
1735
1736 /* We cannot validate the correct interface,
1737 * so we MUST set this first. */
1738 if (bind(bpf->bpf_fd, &su.sa, sizeof(su.sll)) == -1)
1739 goto eexit;
1740
1741 if (filter(bpf, ia) != 0)
1742 goto eexit;
1743
1744 /* In the ideal world, this would be set before the bind and filter. */
1745 #ifdef PACKET_AUXDATA
1746 n = 1;
1747 if (setsockopt(bpf->bpf_fd, SOL_PACKET, PACKET_AUXDATA,
1748 &n, sizeof(n)) != 0) {
1749 if (errno != ENOPROTOOPT)
1750 goto eexit;
1751 }
1752 #endif
1753
1754 /*
1755 * At this point we could have received packets for the wrong
1756 * interface or which don't pass the filter.
1757 * Linux should flush upon setting the filter like every other OS.
1758 * There is no way of flushing them from userland.
1759 * As such, consumers need to inspect each packet to ensure it's valid.
1760 * Or to put it another way, don't trust the Linux BPF filter.
1761 */
1762
1763 return bpf;
1764
1765 eexit:
1766 if (bpf->bpf_fd != -1)
1767 close(bpf->bpf_fd);
1768 free(bpf->bpf_buffer);
1769 free(bpf);
1770 return NULL;
1771 }
1772
1773 /* BPF requires that we read the entire buffer.
1774 * So we pass the buffer in the API so we can loop on >1 packet. */
1775 ssize_t
bpf_read(struct bpf * bpf,void * data,size_t len)1776 bpf_read(struct bpf *bpf, void *data, size_t len)
1777 {
1778 ssize_t bytes;
1779 struct iovec iov = {
1780 .iov_base = bpf->bpf_buffer,
1781 .iov_len = bpf->bpf_size,
1782 };
1783 struct msghdr msg = { .msg_iov = &iov, .msg_iovlen = 1 };
1784 #ifdef PACKET_AUXDATA
1785 union {
1786 struct cmsghdr hdr;
1787 uint8_t buf[CMSG_SPACE(sizeof(struct tpacket_auxdata))];
1788 } cmsgbuf = { .buf = { 0 } };
1789 struct cmsghdr *cmsg;
1790 struct tpacket_auxdata *aux;
1791 #endif
1792
1793 #ifdef PACKET_AUXDATA
1794 msg.msg_control = cmsgbuf.buf;
1795 msg.msg_controllen = sizeof(cmsgbuf.buf);
1796 #endif
1797
1798 bytes = recvmsg(bpf->bpf_fd, &msg, 0);
1799 if (bytes == -1)
1800 return -1;
1801 bpf->bpf_flags |= BPF_EOF; /* We only ever read one packet. */
1802 bpf->bpf_flags &= ~BPF_PARTIALCSUM;
1803 if (bytes) {
1804 if (bpf_frame_bcast(bpf->bpf_ifp, bpf->bpf_buffer) == 0)
1805 bpf->bpf_flags |= BPF_BCAST;
1806 else
1807 bpf->bpf_flags &= ~BPF_BCAST;
1808 if ((size_t)bytes > len)
1809 bytes = (ssize_t)len;
1810 memcpy(data, bpf->bpf_buffer, (size_t)bytes);
1811 #ifdef PACKET_AUXDATA
1812 for (cmsg = CMSG_FIRSTHDR(&msg);
1813 cmsg;
1814 cmsg = CMSG_NXTHDR(&msg, cmsg))
1815 {
1816 if (cmsg->cmsg_level == SOL_PACKET &&
1817 cmsg->cmsg_type == PACKET_AUXDATA) {
1818 aux = (void *)CMSG_DATA(cmsg);
1819 if (aux->tp_status & TP_STATUS_CSUMNOTREADY)
1820 bpf->bpf_flags |= BPF_PARTIALCSUM;
1821 }
1822 }
1823 #endif
1824 }
1825 return bytes;
1826 }
1827
1828 int
bpf_attach(int s,void * filter,unsigned int filter_len)1829 bpf_attach(int s, void *filter, unsigned int filter_len)
1830 {
1831 struct sock_fprog pf = {
1832 .filter = filter,
1833 .len = (unsigned short)filter_len,
1834 };
1835
1836 /* Install the filter. */
1837 if (setsockopt(s, SOL_SOCKET, SO_ATTACH_FILTER, &pf, sizeof(pf)) == -1)
1838 return -1;
1839
1840 #ifdef SO_LOCK_FILTER
1841 int on = 1;
1842
1843 if (setsockopt(s, SOL_SOCKET, SO_LOCK_FILTER, &on, sizeof(on)) == -1)
1844 return -1;
1845 #endif
1846
1847 return 0;
1848 }
1849
1850 int
if_address(unsigned char cmd,const struct ipv4_addr * ia)1851 if_address(unsigned char cmd, const struct ipv4_addr *ia)
1852 {
1853 struct nlma nlm;
1854 struct ifa_cacheinfo cinfo;
1855 int retval = 0;
1856 #ifdef IFA_F_NOPREFIXROUTE
1857 uint32_t flags = 0;
1858 #endif
1859
1860 memset(&nlm, 0, sizeof(nlm));
1861 nlm.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
1862 nlm.hdr.nlmsg_flags = NLM_F_REQUEST;
1863 nlm.hdr.nlmsg_type = cmd;
1864 if (cmd == RTM_NEWADDR)
1865 nlm.hdr.nlmsg_flags |= NLM_F_CREATE | NLM_F_REPLACE;
1866 nlm.ifa.ifa_index = ia->iface->index;
1867 nlm.ifa.ifa_family = AF_INET;
1868
1869 nlm.ifa.ifa_prefixlen = inet_ntocidr(ia->mask);
1870
1871 #if 0
1872 /* This creates the aliased interface */
1873 add_attr_l(&nlm.hdr, sizeof(nlm), IFA_LABEL,
1874 ia->iface->alias,
1875 (unsigned short)(strlen(ia->iface->alias) + 1));
1876 #endif
1877
1878 add_attr_l(&nlm.hdr, sizeof(nlm), IFA_LOCAL,
1879 &ia->addr.s_addr, sizeof(ia->addr.s_addr));
1880
1881 if (cmd == RTM_NEWADDR) {
1882 #ifdef IFA_F_NOPREFIXROUTE
1883 if (nlm.ifa.ifa_prefixlen < 32)
1884 flags |= IFA_F_NOPREFIXROUTE;
1885 add_attr_32(&nlm.hdr, sizeof(nlm), IFA_FLAGS, flags);
1886 #endif
1887
1888 add_attr_l(&nlm.hdr, sizeof(nlm), IFA_BROADCAST,
1889 &ia->brd.s_addr, sizeof(ia->brd.s_addr));
1890
1891 memset(&cinfo, 0, sizeof(cinfo));
1892 cinfo.ifa_prefered = ia->pltime;
1893 cinfo.ifa_valid = ia->vltime;
1894 add_attr_l(&nlm.hdr, sizeof(nlm), IFA_CACHEINFO,
1895 &cinfo, sizeof(cinfo));
1896 }
1897
1898 if (if_sendnetlink(ia->iface->ctx, NETLINK_ROUTE, &nlm.hdr,
1899 NULL, NULL) == -1)
1900 retval = -1;
1901 return retval;
1902 }
1903
1904 int
if_addrflags(__unused const struct interface * ifp,__unused const struct in_addr * addr,__unused const char * alias)1905 if_addrflags(__unused const struct interface *ifp,
1906 __unused const struct in_addr *addr, __unused const char *alias)
1907 {
1908
1909 /* Linux has no support for IPv4 address flags */
1910 return 0;
1911 }
1912 #endif
1913
1914 #ifdef INET6
1915 int
if_address6(unsigned char cmd,const struct ipv6_addr * ia)1916 if_address6(unsigned char cmd, const struct ipv6_addr *ia)
1917 {
1918 struct nlma nlm;
1919 struct ifa_cacheinfo cinfo;
1920 #if defined(IFA_F_MANAGETEMPADDR) || defined(IFA_F_NOPREFIXROUTE)
1921 uint32_t flags = 0;
1922 #endif
1923
1924 memset(&nlm, 0, sizeof(nlm));
1925 nlm.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
1926 nlm.hdr.nlmsg_flags = NLM_F_REQUEST;
1927 nlm.hdr.nlmsg_type = cmd;
1928 if (cmd == RTM_NEWADDR)
1929 nlm.hdr.nlmsg_flags |= NLM_F_CREATE | NLM_F_REPLACE;
1930 nlm.ifa.ifa_index = ia->iface->index;
1931 nlm.ifa.ifa_family = AF_INET6;
1932
1933 /* Add as /128 if no IFA_F_NOPREFIXROUTE ? */
1934 nlm.ifa.ifa_prefixlen = ia->prefix_len;
1935
1936 #if 0
1937 /* This creates the aliased interface */
1938 add_attr_l(&nlm.hdr, sizeof(nlm), IFA_LABEL,
1939 ia->iface->alias, (unsigned short)(strlen(ia->iface->alias) + 1));
1940 #endif
1941 add_attr_l(&nlm.hdr, sizeof(nlm), IFA_LOCAL,
1942 &ia->addr.s6_addr, sizeof(ia->addr.s6_addr));
1943
1944 if (cmd == RTM_NEWADDR) {
1945 #ifdef IPV6_MANAGETEMPADDR
1946 if (ia->flags & IPV6_AF_TEMPORARY) {
1947 /* Currently the kernel filters out these flags */
1948 #ifdef IFA_F_NOPREFIXROUTE
1949 flags |= IFA_F_TEMPORARY;
1950 #else
1951 nlm.ifa.ifa_flags |= IFA_F_TEMPORARY;
1952 #endif
1953 }
1954 #elif IFA_F_MANAGETEMPADDR
1955 if (ia->flags & IPV6_AF_AUTOCONF && IA6_CANAUTOCONF(ia))
1956 flags |= IFA_F_MANAGETEMPADDR;
1957 #endif
1958 #ifdef IFA_F_NOPREFIXROUTE
1959 if (!IN6_IS_ADDR_LINKLOCAL(&ia->addr))
1960 flags |= IFA_F_NOPREFIXROUTE;
1961 #endif
1962 #if defined(IFA_F_MANAGETEMPADDR) || defined(IFA_F_NOPREFIXROUTE)
1963 add_attr_32(&nlm.hdr, sizeof(nlm), IFA_FLAGS, flags);
1964 #endif
1965
1966 memset(&cinfo, 0, sizeof(cinfo));
1967 cinfo.ifa_prefered = ia->prefix_pltime;
1968 cinfo.ifa_valid = ia->prefix_vltime;
1969 add_attr_l(&nlm.hdr, sizeof(nlm), IFA_CACHEINFO,
1970 &cinfo, sizeof(cinfo));
1971 }
1972
1973 return if_sendnetlink(ia->iface->ctx, NETLINK_ROUTE, &nlm.hdr,
1974 NULL, NULL);
1975 }
1976
1977 int
if_addrflags6(const struct interface * ifp,const struct in6_addr * addr,__unused const char * alias)1978 if_addrflags6(const struct interface *ifp, const struct in6_addr *addr,
1979 __unused const char *alias)
1980 {
1981 char buf[PS_BUFLEN], *bp = buf, *line;
1982 ssize_t buflen;
1983 char *p, ifaddress[33], address[33], name[IF_NAMESIZE + 1];
1984 unsigned int ifindex;
1985 int prefix, scope, flags, i;
1986
1987 buflen = dhcp_readfile(ifp->ctx, PROC_INET6, buf, sizeof(buf));
1988 if (buflen == -1)
1989 return -1;
1990 if ((size_t)buflen == sizeof(buf)) {
1991 errno = ENOBUFS;
1992 return -1;
1993 }
1994
1995 p = ifaddress;
1996 for (i = 0; i < (int)sizeof(addr->s6_addr); i++) {
1997 p += snprintf(p, 3, "%.2x", addr->s6_addr[i]);
1998 }
1999 *p = '\0';
2000
2001 while ((line = get_line(&bp, &buflen)) != NULL) {
2002 if (sscanf(line,
2003 "%32[a-f0-9] %x %x %x %x %"TOSTRING(IF_NAMESIZE)"s\n",
2004 address, &ifindex, &prefix, &scope, &flags, name) != 6 ||
2005 strlen(address) != 32)
2006 {
2007 errno = EINVAL;
2008 return -1;
2009 }
2010 if (strcmp(name, ifp->name) == 0 &&
2011 strcmp(ifaddress, address) == 0)
2012 return flags;
2013 }
2014
2015 errno = ESRCH;
2016 return -1;
2017 }
2018
2019 int
if_getlifetime6(__unused struct ipv6_addr * ia)2020 if_getlifetime6(__unused struct ipv6_addr *ia)
2021 {
2022
2023 /* God knows how to work out address lifetimes on Linux */
2024 errno = ENOTSUP;
2025 return -1;
2026 }
2027
2028 struct nlml
2029 {
2030 struct nlmsghdr hdr;
2031 struct ifinfomsg i;
2032 char buffer[32];
2033 };
2034
2035 #ifdef HAVE_IN6_ADDR_GEN_MODE_NONE
2036 static struct rtattr *
add_attr_nest(struct nlmsghdr * n,unsigned short maxlen,unsigned short type)2037 add_attr_nest(struct nlmsghdr *n, unsigned short maxlen, unsigned short type)
2038 {
2039 struct rtattr *nest;
2040
2041 nest = NLMSG_TAIL(n);
2042 add_attr_l(n, maxlen, type, NULL, 0);
2043 return nest;
2044 }
2045
2046 static void
add_attr_nest_end(struct nlmsghdr * n,struct rtattr * nest)2047 add_attr_nest_end(struct nlmsghdr *n, struct rtattr *nest)
2048 {
2049
2050 nest->rta_len = (unsigned short)((char *)NLMSG_TAIL(n) - (char *)nest);
2051 }
2052 #endif
2053
2054 static int
if_disable_autolinklocal(struct dhcpcd_ctx * ctx,unsigned int ifindex)2055 if_disable_autolinklocal(struct dhcpcd_ctx *ctx, unsigned int ifindex)
2056 {
2057 #ifdef HAVE_IN6_ADDR_GEN_MODE_NONE
2058 struct nlml nlm;
2059 struct rtattr *afs, *afs6;
2060
2061 memset(&nlm, 0, sizeof(nlm));
2062 nlm.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
2063 nlm.hdr.nlmsg_type = RTM_NEWLINK;
2064 nlm.hdr.nlmsg_flags = NLM_F_REQUEST;
2065 nlm.i.ifi_family = AF_INET6;
2066 nlm.i.ifi_index = (int)ifindex;
2067 afs = add_attr_nest(&nlm.hdr, sizeof(nlm), IFLA_AF_SPEC);
2068 afs6 = add_attr_nest(&nlm.hdr, sizeof(nlm), AF_INET6);
2069 add_attr_8(&nlm.hdr, sizeof(nlm), IFLA_INET6_ADDR_GEN_MODE,
2070 IN6_ADDR_GEN_MODE_NONE);
2071 add_attr_nest_end(&nlm.hdr, afs6);
2072 add_attr_nest_end(&nlm.hdr, afs);
2073
2074 return if_sendnetlink(ctx, NETLINK_ROUTE, &nlm.hdr, NULL, NULL);
2075 #else
2076 UNUSED(ctx);
2077 UNUSED(ifindex);
2078 errno = ENOTSUP;
2079 return -1;
2080 #endif
2081 }
2082
2083 static const char *p_conf = "/proc/sys/net/ipv6/conf";
2084 static const char *p_neigh = "/proc/sys/net/ipv6/neigh";
2085
2086 void
if_setup_inet6(const struct interface * ifp)2087 if_setup_inet6(const struct interface *ifp)
2088 {
2089 struct dhcpcd_ctx *ctx = ifp->ctx;
2090 int ra;
2091 char path[256];
2092
2093 /* The kernel cannot make stable private addresses.
2094 * However, a lot of distros ship newer kernel headers than
2095 * the kernel itself so sweep that error under the table. */
2096 if (if_disable_autolinklocal(ctx, ifp->index) == -1 &&
2097 errno != ENODEV && errno != ENOTSUP && errno != EINVAL)
2098 logdebug("%s: if_disable_autolinklocal", ifp->name);
2099
2100 /*
2101 * If not doing autoconf, don't disable the kernel from doing it.
2102 * If we need to, we should have another option actively disable it.
2103 */
2104 if (!(ifp->options->options & DHCPCD_IPV6RS))
2105 return;
2106
2107 snprintf(path, sizeof(path), "%s/%s/autoconf", p_conf, ifp->name);
2108 ra = check_proc_int(ctx, path);
2109 if (ra != 1 && ra != -1) {
2110 if (if_writepathuint(ctx, path, 0) == -1)
2111 logerr("%s: %s", __func__, path);
2112 }
2113
2114 snprintf(path, sizeof(path), "%s/%s/accept_ra", p_conf, ifp->name);
2115 ra = check_proc_int(ctx, path);
2116 if (ra == -1) {
2117 /* The sysctl probably doesn't exist, but this isn't an
2118 * error as such so just log it and continue */
2119 if (errno != ENOENT)
2120 logerr("%s: %s", __func__, path);
2121 } else if (ra != 0) {
2122 if (if_writepathuint(ctx, path, 0) == -1)
2123 logerr("%s: %s", __func__, path);
2124 }
2125 }
2126
2127 int
if_applyra(const struct ra * rap)2128 if_applyra(const struct ra *rap)
2129 {
2130 char path[256];
2131 const char *ifname = rap->iface->name;
2132 struct dhcpcd_ctx *ctx = rap->iface->ctx;
2133 int error = 0;
2134
2135 if (rap->hoplimit != 0) {
2136 snprintf(path, sizeof(path), "%s/%s/hop_limit", p_conf, ifname);
2137 if (if_writepathuint(ctx, path, rap->hoplimit) == -1)
2138 error = -1;
2139 }
2140
2141 if (rap->retrans != 0) {
2142 snprintf(path, sizeof(path), "%s/%s/retrans_time_ms",
2143 p_neigh, ifname);
2144 if (if_writepathuint(ctx, path, rap->retrans) == -1)
2145 error = -1;
2146 }
2147
2148 if (rap->reachable != 0) {
2149 snprintf(path, sizeof(path), "%s/%s/base_reachable_time_ms",
2150 p_neigh, ifname);
2151 if (if_writepathuint(ctx, path, rap->reachable) == -1)
2152 error = -1;
2153 }
2154
2155 return error;
2156 }
2157
2158 int
ip6_forwarding(const char * ifname)2159 ip6_forwarding(const char *ifname)
2160 {
2161 char path[256], buf[64];
2162 int error, i;
2163
2164 if (ifname == NULL)
2165 ifname = "all";
2166 snprintf(path, sizeof(path), "%s/%s/forwarding", p_conf, ifname);
2167 if (readfile(path, buf, sizeof(buf)) == -1)
2168 return 0;
2169 i = (int)strtoi(buf, NULL, 0, INT_MIN, INT_MAX, &error);
2170 if (error != 0 && error != ENOTSUP)
2171 return 0;
2172 return i;
2173 }
2174
2175 #endif /* INET6 */
2176