summaryrefslogtreecommitdiffstats
path: root/src/network (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* | network/netdev: split out netdev_attach_name_full()Yu Watanabe2024-10-291-4/+10
|/ | | | No functional change, preparation for later commits.
* sd-json,tree-wide: add sd_json_format_enabled() and use it everwhereZbigniew Jędrzejewski-Szmek2024-10-282-2/+2
| | | | | | | | | | | | | | | | | | | We often used a pattern like if (!FLAGS_SET(flags, SD_JSON_FORMAT_OFF)), which is rather verbose and also contains a double negative, which we try to avoid. Add a little helper to avoid an explicit bit check. This change clarifies an aditional thing: in some cases we treated SD_JSON_FORMAT_OFF as a flag (flags & SD_JSON_FORMAT_OFF), while in other cases we treated it as an independent enum value (flags == SD_JSON_FORMAT_OFF). In the first form, flags like SD_JSON_FORMAT_SSE do _not_ turn the json output on, while in the second form they do. Let's use the first form everywhere. No functional change intended. Initially I wasn't sure if this helper should be made public or just internal, but it seems such a common pattern that if we expose the flags, we might just as well expose it too, to make life easier for any consumers.
* network: adjust log message about DNRRonan Pigott2024-10-231-4/+4
| | | | | The only possible error return in this position is -ENODATA, which is not interesting.
* Merge pull request #34848 from ↵Lennart Poettering2024-10-221-2/+21
|\ | | | | | | | | yuwata/network-dhcpv6-do-not-request-ia-pd-on-info-req network/dhcp6: do not request IA_PD on information requesting mode
| * network/dhcp6: do not request IA_PD when running in the other-information modeYu Watanabe2024-10-211-2/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts the following commits: - 180cc5421d9712fb95a6bbc725dc8ba459360c8b "sd-dhcp6-client: allow to request IA_PD on information requesting mode" - cf7a403e470368049165ecff7ac7686928778d7c "sd-dhcp6-lease: adjust information refresh time with lifetime of IA_PD" - 1918eda30d12e1ba3ee55921c18ec53267463e24 "network/dhcp6: process hostname and IA_PD on information requesting mode" As per discussion in #34299, https://github.com/systemd/systemd/issues/34299#issuecomment-2425153221 the offending commits violate RFC 8415 section 18.2.6: > The client uses an Information-request message to obtain > configuration information without having addresses and/or delegated > prefixes assigned to it.
* | Merge pull request #30952 from rpigott/resolved-dnrLennart Poettering2024-10-2213-1/+471
|\ \ | |/ |/| RFC9463: Discovery of Network-designated Resolvers
| * network: add dnr resolvers to networkctl status json outputRonan Pigott2024-10-211-0/+115
| |
| * network: Serialize ipv6ra DNRRonan Pigott2024-10-211-0/+24
| | | | | | | | | | Serialize DNR servers acquired by ipv6ra option, same as the V4/V6 DNR DHCP options.
| * network: Introduce IPv6RA UseDNR= optionRonan Pigott2024-10-215-0/+9
| | | | | | | | | | Same as the DHCP v4/v6 options, this controls the use of DNR received from ipv6ra.
| * ndisc: Parse RFC9463 encrypted DNS (DNR) optionRonan Pigott2024-10-213-1/+173
| | | | | | | | This option is equivalent to the V4/V6 DNR options for DHCP.
| * network: Serialize DHCPv6 DNR serversRonan Pigott2024-10-211-2/+41
| | | | | | | | | | This serializes DNR servers acquired by V6_DNR option, equivalent to the V4_DNR option.
| * network: Introduce UseDNR DHCPv6 optionRonan Pigott2024-10-216-0/+13
| | | | | | | | This is equivalent to the DHCPv4 option introduced earlier.
| * network: Serialize DNR serversRonan Pigott2024-10-215-5/+88
| | | | | | | | | | | | | | | | | | | | Implement serialization/deserialization for DNR servers. This re-uses the string format in place for user configuration of DoT servers, and as a consequence non-DoT servers are discarded when recording the link configuration, for correctness. This also enables sd-resolved to use these servers as it would other DNS servers.
| * network: Add serialization for DoT resolversRonan Pigott2024-10-211-0/+1
| | | | | | | | | | For now only DoT is supported, so DoT resolvers are represented using the existing configuration format.
| * network: Introduce UseDNR DHCPv4 optionRonan Pigott2024-10-214-0/+14
| | | | | | | | | | | | This option will control the use of DNR for choosing DNS servers on the link. Defaults to the value of UseDNS so that in most cases they will be toggled together.
* | networkd: raise limits on number of address 8xLennart Poettering2024-10-181-2/+2
| | | | | | | | | | | | | | | | | | | | Limits should be enforced, but not in a way real setups collide with them. There have been multiple reports that current limits are too low, hence raise them 8x. Fixes: #24852
* | network: add AF_TO_ADDRESS_FAMILY() helperLennart Poettering2024-10-154-11/+5
| | | | | | | | Make some code a bit shorter.
* | network/radv: update commentYu Watanabe2024-10-151-1/+1
| | | | | | | | DHCPv6PrefixDelegation= is replaced with DHCPPrefixDelegation=.
* | network/dhcp6: process hostname and IA_PD on information requesting modeYu Watanabe2024-10-151-21/+2
| | | | | | | | Fixes #34299.
* | network/dhcp6: set hostname even if UseAddress=noYu Watanabe2024-10-151-19/+33
| | | | | | | | | | Follow-up for f963f8953daeab03b892616ce0c65f7572932187 and 1536b7b2d00819615bf8eba194de7ccd20c3689f.
* | Merge pull request #34736 from yuwata/network-mtuYu Watanabe2024-10-156-24/+112
|\ \ | | | | | | network: wait for IPv6 MTU being synced to link MTU
| * | network: wait for IPv6 MTU being synced to link MTUYu Watanabe2024-10-144-1/+92
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The kernel resets the IPv6 MTU of an interface when its link MTU is changed. But it seems the operation is asynchronous, and even when we detect that the link MTU is changed, the IPv6 MTU may not be reset yet. ==== [ 2257.067613] systemd-networkd[447122]: veth99: MTU is changed: 1500 →1600 (min: 68, max: 65535) [ 2257.067641] systemd-networkd[447122]: Setting '/proc/sys/net/ipv6/conf/veth99/mtu' to '1410' [ 2257.067711] systemd-networkd[447122]: No change in value '1410', suppressing write ==== As you can see, even if the link MTU is changed to 1600, the IPv6 MTU is unchanged (in this case, still 1410).
| * | network/sysctl: make link_set_ipv6_mtu() log failuresYu Watanabe2024-10-143-17/+11
| | | | | | | | | | | | No functional change, just refactoring.
| * | network/route: use sysctl_read_ip_property_int() for reading route/max_sizeYu Watanabe2024-10-141-7/+10
| | |
* | | sd-radv: drop sd_radv_prefix and friends, and use sd_ndisc_option to manage ↵Yu Watanabe2024-10-141-115/+52
| | | | | | | | | | | | | | | | | | NDisc options No effective functional change, just refactoring.
* | | network/address: use config_parse_in_addr_non_null() at one more placeYu Watanabe2024-10-141-10/+6
| | | | | | | | | | | | No functional change, just refactoring.
* | | network/address: do not set family in config_parse_broadcast()Yu Watanabe2024-10-141-4/+5
|/ / | | | | | | | | | | | | | | | | | | | | The family will be checked later in address_section_verify() -> address_section_adjust_broadcast(), hence it is not necessary to set here. Follow-up for 5d15c7b19cae6d3332d4e213c380e0fcc1317a2c. Fixes oss-fuzz#372994449. Fixes #34748.
* | Merge pull request #34700 from yuwata/network-conf-parserYu Watanabe2024-10-1112-632/+349
|\ \ | | | | | | network: several cleanups for conf parsers
| * | network/route: use log_section_warning() moreYu Watanabe2024-10-112-46/+28
| | |
| * | network/route: use generic [Route] section parser moreYu Watanabe2024-10-113-152/+56
| | |
| * | network/route: use log_syntax_parse_error() moreYu Watanabe2024-10-111-41/+19
| | |
| * | network/route-nexthop: use generic [Route] section parser moreYu Watanabe2024-10-115-128/+43
| | |
| * | network/route-nexthop: use log_syntax_parse_error()Yu Watanabe2024-10-111-16/+6
| | |
| * | network/route-metric: merge conf parsers for route metricYu Watanabe2024-10-115-100/+105
| | | | | | | | | | | | | | | This introduces a generic [Route] section parser, then embed conf parsers for route metric into it.
| * | network/route-metric: use log_syntax_parse_error()Yu Watanabe2024-10-111-25/+12
| | |
| * | network/address: several cleanups for config_parse_address()Yu Watanabe2024-10-113-41/+36
| | | | | | | | | | | | | | | | | | | | | | | | - make it accept an empty string, - use config_parse_in_addr_prefix(), - move null address checker to address_section_verify(). No functional change, just refactoring.
| * | network/address: warn but ignore Broadcast= setting for an IPv6 addressYu Watanabe2024-10-111-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the below was refused and the IPv6 address would not assigned. === [Address] Address=2001:db8:0:f101::15/64 Broadcast=192.168.0.255 === However, in the following case, networkd warned about the broadcast address would be ignored, and the IPv6 address would be configured. === [Address] Broadcast=192.168.0.255 Address=2001:db8:0:f101::15/64 ===
| * | network/address: use log_section_warning() moreYu Watanabe2024-10-111-12/+13
| | |
| * | network/routing-policy-rule: use in_addr_prefix for From= and To=Yu Watanabe2024-10-114-78/+44
| | | | | | | | | | | | | | | | | | | | | Also, this makes the settings parsed independently, and the inconsistency will be checked in the section verifier. No functional change, just refactoring.
| * | in-addr-util: rename in_addr_prefix_from_string_auto_internal() -> _full()Yu Watanabe2024-10-111-1/+1
| | | | | | | | | | | | | | | The function is also used in other source files. Hence, not internal. No functional change, just refactoring.
* | | report bpf_current_task_under_cgroup() errors to userspaceMatteo Croce2024-10-111-4/+8
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bpf_current_task_under_cgroup() returns 1 if the task is under the specified cgroup, 0 if not, negative if an error happens. Differentiate the 1 and -1 cases, and report to userspace when we got and error. An error like this is mostly unlikely, the only common one is that the userspace doesn't populate the map, and the call returns -EAGAIN. Tested by mocking the return value of bpf_current_task_under_cgroup(): Enumeration completed enp1s0f0np0: Configuring with /etc/systemd/network/20-test.network. Sysctl monitor BPF returned error: Link number out of range Sysctl monitor BPF returned error: No CSI structure available Sysctl monitor BPF returned error: Invalid exchange Sysctl monitor BPF returned error: Exchange full Sysctl monitor BPF returned error: Invalid request code Sysctl monitor BPF returned error: Unknown error 58 Sysctl monitor BPF returned error: Device not a stream Sysctl monitor BPF returned error: Timer expired Sysctl monitor BPF returned error: Machine is not on the network Sysctl monitor BPF returned error: Object is remote Sysctl monitor BPF returned error: Advertise error
* | sd-netlink,network: rename functions and RoutingPolicyRule.typeYu Watanabe2024-10-104-30/+30
| | | | | | | | | | To make them consistent to the netlink message header. No functional change, just refactoring.
* | sd-netlink: various cleanupsYu Watanabe2024-10-101-1/+1
| | | | | | | | | | | | | | - use uint8_t, uint16_t, and so on, rather than unsigned char, unsigned short, and so on, respectively, - rename output parameters to ret or ret_xyz, - add several missing assertions.
* | network/dhcp4: add support for ARPHRD_RAWIP and ARPHRD_NONE network ↵Darsey Litzenberger2024-10-101-2/+4
| | | | | | | | | | | | | | interface types This should fix QMI wwan modems, as noted in https://github.com/systemd/systemd/issues/27219
* | network/sysctl-monitor: change variable type to avoid preverifier denialMatteo Croce2024-10-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The compiler clones the u32 i variable to another register, and fails to calculate the range of possible values, so the verification fails. libbpf: prog 'sysctl_monitor': BPF program load failed: Permission denied libbpf: prog 'sysctl_monitor': -- BEGIN PROG LOAD LOG -- 0: R1=ctx() R10=fp0 ; int sysctl_monitor(struct bpf_sysctl *ctx) { @ sysctl-monitor.bpf.c:65 0: (bf) r6 = r1 ; R1=ctx() R6_w=ctx() ; if (bpf_current_task_under_cgroup(&cgroup_map, 0)) @ sysctl-monitor.bpf.c:69 1: (18) r1 = 0xffff892a0fda9c00 ; R1_w=map_ptr(map=cgroup_map,ks=4,vs=4) 3: (b7) r2 = 0 ; R2_w=0 4: (85) call bpf_current_task_under_cgroup#37 ; R0_w=scalar() 5: (55) if r0 != 0x0 goto pc+88 ; R0_w=0 ; if (!ctx->write) @ sysctl-monitor.bpf.c:73 6: (61) r1 = *(u32 *)(r6 +0) ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6_w=ctx() 7: (15) if r1 == 0x0 goto pc+86 ; R1_w=scalar(smin=umin=umin32=1,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) 8: (b7) r1 = 1 ; R1_w=1 ; we.version = 1; @ sysctl-monitor.bpf.c:81 9: (7b) *(u64 *)(r10 -480) = r1 ; R1_w=1 R10=fp0 fp-480_w=1 10: (b7) r8 = 0 ; R8_w=0 ; we.path[0] = 0; @ sysctl-monitor.bpf.c:83 11: (73) *(u8 *)(r10 -440) = r8 ; R8_w=0 R10=fp0 fp-440=???????0 ; we.newvalue[0] = 0; @ sysctl-monitor.bpf.c:86 12: (73) *(u8 *)(r10 -180) = r8 ; R8_w=0 R10=fp0 fp-184=???0???? ; we.current[0] = 0; @ sysctl-monitor.bpf.c:85 13: (73) *(u8 *)(r10 -340) = r8 ; R8_w=0 R10=fp0 fp-344=???0???? ; we.comm[0] = 0; @ sysctl-monitor.bpf.c:84 14: (73) *(u8 *)(r10 -456) = r8 ; R8_w=0 R10=fp0 fp-456=???????0 ; we.pid = bpf_get_current_pid_tgid() >> 32; @ sysctl-monitor.bpf.c:89 15: (85) call bpf_get_current_pid_tgid#14 ; R0=scalar() 16: (77) r0 >>= 32 ; R0_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) 17: (63) *(u32 *)(r10 -472) = r0 ; R0_w=scalar(id=1,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-472=????scalar(id=1,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) ; we.cgroup_id = bpf_get_current_cgroup_id(); @ sysctl-monitor.bpf.c:90 18: (85) call bpf_get_current_cgroup_id#80 ; R0_w=s libbpf: prog 'sysctl_monitor': failed to load: -13 libbpf: failed to load object 'sysctl_monitor_bpf' libbpf: failed to load BPF skeleton 'sysctl_monitor_bpf': -13 Unable to load sysctl monitor BPF program, ignoring: Permission denied. Change the type to u64 to fix it.
* | tree-wide: replace reallocarray() with GREEDY_REALLOC()Yu Watanabe2024-10-082-10/+4
| |
* | tree-wide: drop doubled empty linesYu Watanabe2024-10-075-5/+0
| |
* | network: use Network.name for bus pathYu Watanabe2024-10-071-20/+3
| | | | | | | | No functional change, just refactoring.
* | networkctl: sort ifindexes in status commandYu Watanabe2024-10-071-9/+44
| | | | | | | | | | | | | | | | | | | | Before: $ networkctl status ● Interfaces: 372, 368, 373, 375, 376, 377, 378, 379, 381, 391, 3, 1201, 1202, 1184, 1610, 9, 8, 1340, 2, 1, 1256, 7 After: $ networkctl status ● Interfaces: 1, 2, 3, 7, 8, 9, 368, 372, 373, 375, 376, 377, 378, 379, 381, 391, 1184, 1201, 1202, 1256, 1340, 1610
* | path-lookup: move NETWORK_DIRS to network-util.hMike Yuan2024-10-063-0/+3
| |
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 09:02:23 +0100