1. From 2b341db89548ebc4abcf86e41f82f46e22fb23a3 Mon Sep 17 00:00:00 2001
2. From: Graham Harrison <[email protected]>
3. Date: Tue, 31 Jan 2023 11:40:33 -0700
4. Subject: [PATCH] Enable IPv4LLStartAddress
5.  
6. Enable IPv4LLStartAddress
7. ---
8.  man/systemd.network.xml                       | 13 +++++-
9.  src/basic/in-addr-util.c                      | 14 +++++++
10.  src/basic/in-addr-util.h                      |  1 +
11.  src/libsystemd-network/sd-ipv4ll.c            | 11 +----
12.  src/libsystemd-network/test-ipv4ll-manual.c   | 26 ++++++++----
13.  src/libsystemd-network/test-ipv4ll.c          | 19 ++++++++-
14.  src/network/networkd-dhcp4.c                  | 12 ++++++
15.  src/network/networkd-ipv4ll.c                 | 42 +++++++++++++++++++
16.  src/network/networkd-ipv4ll.h                 |  1 +
17.  src/network/networkd-link.c                   |  6 +++
18.  src/network/networkd-network-gperf.gperf      |  1 +
19.  src/network/networkd-network.h                |  1 +
20.  .../fuzz-network-parser/directives.network    |  1 +
21.  13 files changed, 127 insertions(+), 21 deletions(-)
22.  
23. diff --git a/man/systemd.network.xml b/man/systemd.network.xml
24. index 3e8e5357cc..d1488a7e6e 100644
25. --- a/man/systemd.network.xml
26. +++ b/man/systemd.network.xml
27. @@ -479,6 +479,17 @@
28.          </listitem>
29.        </varlistentry>
30.  
31. +      <varlistentry>
32. +        <term><varname>IPv4LLStartAddress=</varname></term>
33. +        <listitem>
34. +          <para>Specifies the first IPv4 link-local address to try. Takes an IPv4 address for example
35. +          169.254.1.2, from the link-local address range: 169.254.0.0/16 except for 169.254.0.0/24 and
36. +          169.254.255.0/24. This setting may be useful if the device should always have the same address
37. +          as long as there is no address conflict. When unset, a random address will be automatically
38. +          selected. Defaults to unset.</para>
39. +        </listitem>
40. +      </varlistentry>
41. +
42.        <varlistentry>
43.          <term><varname>IPv4LLRoute=</varname></term>
44.          <listitem>
45. @@ -2592,7 +2603,7 @@ Token=prefixstable:2002:da8:1::</programlisting></para>
46.        <varlistentry>
47.          <term><varname>ServerAddress=</varname></term>
48.          <listitem><para>Specifies server address for the DHCP server. Takes an IPv4 address with prefix
49. -        length, for example <literal>192.168.0.1/24</literal>. This setting may be useful when the link on
50. +        length, for example 192.168.0.1/24. This setting may be useful when the link on
51.          which the DHCP server is running has multiple static addresses. When unset, one of static addresses
52.          in the link will be automatically selected. Defaults to unset.</para></listitem>
53.        </varlistentry>
54. diff --git a/src/basic/in-addr-util.c b/src/basic/in-addr-util.c
55. index a43a831991..2d81ff709d 100644
56. --- a/src/basic/in-addr-util.c
57. +++ b/src/basic/in-addr-util.c
58. @@ -48,6 +48,20 @@ bool in4_addr_is_link_local(const struct in_addr *a) {
59.          return (be32toh(a->s_addr) & UINT32_C(0xFFFF0000)) == (UINT32_C(169) << 24 | UINT32_C(254) << 16);
60.  }
61.  
62. +bool in4_addr_is_link_local_dynamic(const struct in_addr *a) {
63. +        assert(a);
64. +
65. +        if (!in4_addr_is_link_local(a))
66. +                return false;
67. +
68. +        /* 169.254.0.0/24 and 169.254.255.0/24 must not be used for the dynamic IPv4LL assignment.
69. +         * See RFC 3927 Section 2.1:
70. +         * The IPv4 prefix 169.254/16 is registered with the IANA for this purpose. The first 256 and last
71. +         * 256 addresses in the 169.254/16 prefix are reserved for future use and MUST NOT be selected by a
72. +         * host using this dynamic configuration mechanism. */
73. +        return !IN_SET(be32toh(a->s_addr) & 0x0000FF00U, 0x0000U, 0xFF00U);
74. +}
75. +
76.  bool in6_addr_is_link_local(const struct in6_addr *a) {
77.          assert(a);
78.  
79. diff --git a/src/basic/in-addr-util.h b/src/basic/in-addr-util.h
80. index 0178391e5f..e07bcba8e5 100644
81. --- a/src/basic/in-addr-util.h
82. +++ b/src/basic/in-addr-util.h
83. @@ -43,6 +43,7 @@ static inline bool in_addr_data_is_set(const struct in_addr_data *a) {
84.  int in_addr_is_multicast(int family, const union in_addr_union *u);
85.  
86.  bool in4_addr_is_link_local(const struct in_addr *a);
87. +bool in4_addr_is_link_local_dynamic(const struct in_addr *a);
88.  bool in6_addr_is_link_local(const struct in6_addr *a);
89.  int in_addr_is_link_local(int family, const union in_addr_union *u);
90.  bool in6_addr_is_link_local_all_nodes(const struct in6_addr *a);
91. diff --git a/src/libsystemd-network/sd-ipv4ll.c b/src/libsystemd-network/sd-ipv4ll.c
92. index ff065fd1b6..e4ef56b958 100644
93. --- a/src/libsystemd-network/sd-ipv4ll.c
94. +++ b/src/libsystemd-network/sd-ipv4ll.c
95. @@ -212,21 +212,12 @@ int sd_ipv4ll_is_running(sd_ipv4ll *ll) {
96.          return sd_ipv4acd_is_running(ll->acd);
97.  }
98.  
99. -static bool ipv4ll_address_is_valid(const struct in_addr *address) {
100. -        assert(address);
101. -
102. -        if (!in4_addr_is_link_local(address))
103. -                return false;
104. -
105. -        return !IN_SET(be32toh(address->s_addr) & 0x0000FF00U, 0x0000U, 0xFF00U);
106. -}
107. -
108.  int sd_ipv4ll_set_address(sd_ipv4ll *ll, const struct in_addr *address) {
109.          int r;
110.  
111.          assert_return(ll, -EINVAL);
112.          assert_return(address, -EINVAL);
113. -        assert_return(ipv4ll_address_is_valid(address), -EINVAL);
114. +        assert_return(in4_addr_is_link_local_dynamic(address), -EINVAL);
115.  
116.          r = sd_ipv4acd_set_address(ll->acd, address);
117.          if (r < 0)
118. diff --git a/src/libsystemd-network/test-ipv4ll-manual.c b/src/libsystemd-network/test-ipv4ll-manual.c
119. index 3fea894f30..57244cb5d7 100644
120. --- a/src/libsystemd-network/test-ipv4ll-manual.c
121. +++ b/src/libsystemd-network/test-ipv4ll-manual.c
122. @@ -42,7 +42,7 @@ static void ll_handler(sd_ipv4ll *ll, int event, void *userdata) {
123.          }
124.  }
125.  
126. -static int client_run(int ifindex, const char *seed_str, const struct ether_addr *ha, sd_event *e) {
127. +static int client_run(int ifindex, const char *seed_str, const struct in_addr *start_address, const struct ether_addr *ha, sd_event *e) {
128.          sd_ipv4ll *ll;
129.  
130.          assert_se(sd_ipv4ll_new(&ll) >= 0);
131. @@ -60,6 +60,9 @@ static int client_run(int ifindex, const char *seed_str, const struct ether_addr
132.                  assert_se(sd_ipv4ll_set_address_seed(ll, seed) >= 0);
133.          }
134.  
135. +        if (start_address && in4_addr_is_set(start_address))
136. +                assert_se(sd_ipv4ll_set_address(ll, start_address) >= 0);
137. +
138.          log_info("starting IPv4LL client");
139.  
140.          assert_se(sd_ipv4ll_start(ll) >= 0);
141. @@ -71,7 +74,7 @@ static int client_run(int ifindex, const char *seed_str, const struct ether_addr
142.          return EXIT_SUCCESS;
143.  }
144.  
145. -static int test_ll(const char *ifname, const char *seed) {
146. +static int test_ll(const char *ifname, const char *seed, const struct in_addr *start_address) {
147.          _cleanup_(sd_event_unrefp) sd_event *e = NULL;
148.          _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
149.          _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL, *reply = NULL;
150. @@ -90,7 +93,7 @@ static int test_ll(const char *ifname, const char *seed) {
151.          assert_se(sd_rtnl_message_link_get_ifindex(reply, &ifindex) >= 0);
152.          assert_se(sd_netlink_message_read_ether_addr(reply, IFLA_ADDRESS, &ha) >= 0);
153.  
154. -        client_run(ifindex, seed, &ha, e);
155. +        client_run(ifindex, seed, start_address, &ha, e);
156.  
157.          return EXIT_SUCCESS;
158.  }
159. @@ -99,12 +102,19 @@ int main(int argc, char *argv[]) {
160.          test_setup_logging(LOG_DEBUG);
161.  
162.          if (argc == 2)
163. -                return test_ll(argv[1], NULL);
164. -        else if (argc == 3)
165. -                return test_ll(argv[1], argv[2]);
166. -        else {
167. +                return test_ll(argv[1], NULL, NULL);
168. +        else if (argc == 3) {
169. +                int r;
170. +                union in_addr_union a;
171. +
172. +                r = in_addr_from_string(AF_INET, argv[2], &a);
173. +                if (r < 0)
174. +                        return test_ll(argv[1], argv[2], NULL);
175. +                else
176. +                        return test_ll(argv[1], NULL, &a.in);
177. +        } else {
178.                  log_error("This program takes one or two arguments.\n"
179. -                          "\t %s <ifname> [<seed>]", program_invocation_short_name);
180. +                          "\t %s <ifname> [<seed>|<start_address>]", program_invocation_short_name);
181.                  return EXIT_FAILURE;
182.          }
183.  }
184. diff --git a/src/libsystemd-network/test-ipv4ll.c b/src/libsystemd-network/test-ipv4ll.c
185. index e90e73459d..17dc34333c 100644
186. --- a/src/libsystemd-network/test-ipv4ll.c
187. +++ b/src/libsystemd-network/test-ipv4ll.c
188. @@ -122,7 +122,7 @@ static void test_public_api_setters(sd_event *e) {
189.          assert_se(sd_ipv4ll_unref(ll) == NULL);
190.  }
191.  
192. -static void test_basic_request(sd_event *e) {
193. +static void test_basic_request(sd_event *e, const struct in_addr *start_address) {
194.  
195.          sd_ipv4ll *ll;
196.          struct ether_arp arp;
197. @@ -133,6 +133,8 @@ static void test_basic_request(sd_event *e) {
198.                  printf("* %s\n", __func__);
199.  
200.          assert_se(sd_ipv4ll_new(&ll) == 0);
201. +        if (in4_addr_is_set(start_address))
202. +                assert_se(sd_ipv4ll_set_address(ll, start_address) >= 0);
203.          assert_se(sd_ipv4ll_start(ll) == -EINVAL);
204.  
205.          assert_se(sd_ipv4ll_attach_event(ll, e, 0) == 0);
206. @@ -168,6 +170,13 @@ static void test_basic_request(sd_event *e) {
207.  
208.                  sd_event_run(e, UINT64_MAX);
209.                  assert_se(basic_request_handler_bind == 1);
210. +
211. +                if (in4_addr_is_set(start_address)) {
212. +                        struct in_addr address;
213. +
214. +                        assert_se(sd_ipv4ll_get_address(ll, &address) >= 0);
215. +                        assert_se(start_address->s_addr == address.s_addr);
216. +                }
217.          }
218.  
219.          sd_ipv4ll_stop(ll);
220. @@ -179,6 +188,7 @@ static void test_basic_request(sd_event *e) {
221.  }
222.  
223.  int main(int argc, char *argv[]) {
224. +        struct in_addr start_address = {};
225.          _cleanup_(sd_event_unrefp) sd_event *e = NULL;
226.  
227.          test_setup_logging(LOG_DEBUG);
228. @@ -186,7 +196,12 @@ int main(int argc, char *argv[]) {
229.          assert_se(sd_event_new(&e) >= 0);
230.  
231.          test_public_api_setters(e);
232. -        test_basic_request(e);
233. +        test_basic_request(e, &start_address);
234. +
235. +        basic_request_handler_bind = 0;
236. +        basic_request_handler_stop = 0;
237. +        start_address.s_addr = htobe32(169U << 24 | 254U << 16 | 1U << 8 | 2U);
238. +        test_basic_request(e, &start_address);
239.  
240.          return 0;
241.  }
242. diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
243. index cb9c428ae9..9320b346d4 100644
244. --- a/src/network/networkd-dhcp4.c
245. +++ b/src/network/networkd-dhcp4.c
246. @@ -1128,6 +1128,12 @@ static int dhcp4_handler(sd_dhcp_client *client, int event, void *userdata) {
247.                          if (link->ipv4ll) {
248.                                  log_link_debug(link, "DHCP client is stopped. Acquiring IPv4 link-local address");
249.  
250. +                                if (in4_addr_is_set(&link->network->ipv4ll_start_address)) {
251. +                                        r = sd_ipv4ll_set_address(link->ipv4ll, &link->network->ipv4ll_start_address);
252. +                                        if (r < 0)
253. +                                                return log_link_warning_errno(link, r, "Could not set IPv4 link-local start address: %m");;
254. +                                }
255. +
256.                                  r = sd_ipv4ll_start(link->ipv4ll);
257.                                  if (r < 0)
258.                                          return log_link_warning_errno(link, r, "Could not acquire IPv4 link-local address: %m");
259. @@ -1211,6 +1217,12 @@ static int dhcp4_handler(sd_dhcp_client *client, int event, void *userdata) {
260.                          if (link->ipv4ll && !sd_ipv4ll_is_running(link->ipv4ll)) {
261.                                  log_link_debug(link, "Problems acquiring DHCP lease, acquiring IPv4 link-local address");
262.  
263. +                                if (in4_addr_is_set(&link->network->ipv4ll_start_address)) {
264. +                                        r = sd_ipv4ll_set_address(link->ipv4ll, &link->network->ipv4ll_start_address);
265. +                                        if (r < 0)
266. +                                                return log_link_warning_errno(link, r, "Could not set IPv4 link-local start address: %m");;
267. +                                }
268. +
269.                                  r = sd_ipv4ll_start(link->ipv4ll);
270.                                  if (r < 0)
271.                                          return log_link_warning_errno(link, r, "Could not acquire IPv4 link-local address: %m");
272. diff --git a/src/network/networkd-ipv4ll.c b/src/network/networkd-ipv4ll.c
273. index d05182fde7..21ce6eac68 100644
274. --- a/src/network/networkd-ipv4ll.c
275. +++ b/src/network/networkd-ipv4ll.c
276. @@ -263,3 +263,45 @@ int config_parse_ipv4ll(
277.  
278.          return 0;
279.  }
280. +
281. +int config_parse_ipv4ll_address(
282. +                const char* unit,
283. +                const char *filename,
284. +                unsigned line,
285. +                const char *section,
286. +                unsigned section_line,
287. +                const char *lvalue,
288. +                int ltype,
289. +                const char *rvalue,
290. +                void *data,
291. +                void *userdata) {
292. +
293. +        union in_addr_union a;
294. +        struct in_addr *ipv4ll_address = data;
295. +        int r;
296. +
297. +        assert(filename);
298. +        assert(lvalue);
299. +        assert(rvalue);
300. +
301. +        if (isempty(rvalue)) {
302. +                *ipv4ll_address = (struct in_addr) {};
303. +                return 0;
304. +        }
305. +
306. +        r = in_addr_from_string(AF_INET, rvalue, &a);
307. +        if (r < 0) {
308. +                log_syntax(unit, LOG_WARNING, filename, line, r,
309. +                           "Failed to parse %s=, ignoring assignment: %s", lvalue, rvalue);
310. +                return 0;
311. +        }
312. +        if (!in4_addr_is_link_local_dynamic(&a.in)) {
313. +                log_syntax(unit, LOG_WARNING, filename, line, 0,
314. +                          "Specified address cannot be used as an IPv4 link local address, ignoring assignment: %s",
315. +                           rvalue);
316. +                return 0;
317. +        }
318. +
319. +        *ipv4ll_address = a.in;
320. +        return 0;
321. +}
322. \ No newline at end of file
323. diff --git a/src/network/networkd-ipv4ll.h b/src/network/networkd-ipv4ll.h
324. index 82acc2ec70..f5c6928535 100644
325. --- a/src/network/networkd-ipv4ll.h
326. +++ b/src/network/networkd-ipv4ll.h
327. @@ -11,3 +11,4 @@ int ipv4ll_configure(Link *link);
328.  int ipv4ll_update_mac(Link *link);
329.  
330.  CONFIG_PARSER_PROTOTYPE(config_parse_ipv4ll);
331. +CONFIG_PARSER_PROTOTYPE(config_parse_ipv4ll_address);
332. diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
333. index b62a154828..beb911fae5 100644
334. --- a/src/network/networkd-link.c
335. +++ b/src/network/networkd-link.c
336. @@ -675,6 +675,12 @@ static int link_acquire_dynamic_ipv4_conf(Link *link) {
337.                  log_link_debug(link, "Acquiring DHCPv4 lease.");
338.  
339.          } else if (link->ipv4ll) {
340. +                if (in4_addr_is_set(&link->network->ipv4ll_start_address)) {
341. +                        r = sd_ipv4ll_set_address(link->ipv4ll, &link->network->ipv4ll_start_address);
342. +                        if (r < 0)
343. +                                return log_link_warning_errno(link, r, "Could not set IPv4 link-local start address: %m");
344. +                }
345. +
346.                  r = sd_ipv4ll_start(link->ipv4ll);
347.                  if (r < 0)
348.                          return log_link_warning_errno(link, r, "Could not acquire IPv4 link-local address: %m");
349. diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf
350. index 4c3bf97311..58b42b9f07 100644
351. --- a/src/network/networkd-network-gperf.gperf
352. +++ b/src/network/networkd-network-gperf.gperf
353. @@ -104,6 +104,7 @@ Network.DHCPServer,                          config_parse_bool,
354.  Network.LinkLocalAddressing,                 config_parse_link_local_address_family,                   0,                             offsetof(Network, link_local)
355.  Network.IPv6LinkLocalAddressGenerationMode,  config_parse_ipv6_link_local_address_gen_mode,            0,                             offsetof(Network, ipv6ll_address_gen_mode)
356.  Network.IPv6StableSecretAddress,             config_parse_in_addr_non_null,                            AF_INET6,                      offsetof(Network, ipv6ll_stable_secret)
357. +Network.IPv4LLStartAddress,                  config_parse_ipv4ll_address,                              0,                             offsetof(Network, ipv4ll_start_address)
358.  Network.IPv4LLRoute,                         config_parse_bool,                                        0,                             offsetof(Network, ipv4ll_route)
359.  Network.DefaultRouteOnDevice,                config_parse_bool,                                        0,                             offsetof(Network, default_route_on_device)
360.  Network.LLDP,                                config_parse_lldp_mode,                                   0,                             offsetof(Network, lldp_mode)
361. diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h
362. index f7eb37aced..732b7ef502 100644
363. --- a/src/network/networkd-network.h
364. +++ b/src/network/networkd-network.h
365. @@ -213,6 +213,7 @@ struct Network {
366.          AddressFamily link_local;
367.          IPv6LinkLocalAddressGenMode ipv6ll_address_gen_mode;
368.          struct in6_addr ipv6ll_stable_secret;
369. +        struct in_addr ipv4ll_start_address;
370.          bool ipv4ll_route;
371.  
372.          /* IPv6 RA support */
373. diff --git a/test/fuzz/fuzz-network-parser/directives.network b/test/fuzz/fuzz-network-parser/directives.network
374. index 48f9ad6fba..f149a72cf3 100644
375. --- a/test/fuzz/fuzz-network-parser/directives.network
376. +++ b/test/fuzz/fuzz-network-parser/directives.network
377. @@ -233,6 +233,7 @@ VXLAN=
378.  L2TP=
379.  MACsec=
380.  LinkLocalAddressing=
381. +IPv4LLStartAddress=
382.  IPv6LinkLocalAddressGenerationMode=
383.  IPv6StableSecretAddress=
384.  ConfigureWithoutCarrier=
385.