Re: [systemd-devel] [PATCH 07/11] sd-icmp6-nd: Parse ICMPv6 prefix information
On Tue, Jan 13, 2015 at 02:02:17PM +0200, Patrik Flykt wrote:
Save each new onlink IPv6 prefix and attach an expiry timer to it.
If the prefixes overlap, take the shorter prefix and write a debug
message about the event. Once the prefix is resent in a Router
Advertisement, update the timer. Add a new event for the expiring
prefix.
Add two helper functions, one for returning a prefix length given a
Router Advertisement and the other for generic prefix matching given
an IPv6 prefix and address.
---
src/libsystemd-network/sd-icmp6-nd.c | 222
+++
src/systemd/sd-icmp6-nd.h| 6 +
2 files changed, 228 insertions(+)
diff --git a/src/libsystemd-network/sd-icmp6-nd.c
b/src/libsystemd-network/sd-icmp6-nd.c
index 3501055..4848912 100644
--- a/src/libsystemd-network/sd-icmp6-nd.c
+++ b/src/libsystemd-network/sd-icmp6-nd.c
@@ -283,11 +283,227 @@ int sd_icmp6_ra_get_mtu(sd_icmp6_nd *nd, uint32_t
*mtu) {
return 0;
}
+static int icmp6_ra_prefix_timeout(sd_event_source *s, uint64_t usec,
+void *userdata) {
Indentation, here and below too.
+sd_icmp6_nd *nd = userdata;
+struct icmp6_prefix *prefix, *p;
+
+assert(nd);
+assert(nd-link);
+assert(nd-link-prefixes);
+
+LIST_FOREACH_SAFE(prefixes, prefix, p, nd-link-prefixes) {
+if (prefix-timeout_valid != s)
+continue;
+
+log_icmp6_nd(nd, Prefix expired
%02x%02x:%02x%02x:%02x%02x:%02x%02x/%d,
+prefix-addr.s6_addr[0], prefix-addr.s6_addr[1],
+prefix-addr.s6_addr[2], prefix-addr.s6_addr[3],
+prefix-addr.s6_addr[4], prefix-addr.s6_addr[5],
+prefix-addr.s6_addr[6], prefix-addr.s6_addr[7],
+prefix-len);
+
+LIST_REMOVE(prefixes, nd-link-prefixes, prefix);
+
+icmp6_nd_notify(nd,
+
ICMP6_EVENT_ROUTER_ADVERTISMENT_PREFIX_EXPIRED);
+prefix = icmp6_prefix_unref(prefix);
+
+break;
+}
+
+return 0;
+}
+
+static int icmp6_ra_prefix_set_timeout(sd_icmp6_nd *nd,
+struct icmp6_prefix *prefix, usec_t valid) {
+usec_t time_now;
+int r;
+
+assert_return(prefix, -EINVAL);
+
+r = sd_event_now(nd-event, clock_boottime_or_monotonic(),
time_now);
+if (r 0)
+return r;
+
+prefix-timeout_valid = sd_event_source_unref(prefix-timeout_valid);
+
+r = sd_event_add_time(nd-event, prefix-timeout_valid,
+clock_boottime_or_monotonic(), time_now + valid,
+USEC_PER_SEC, icmp6_ra_prefix_timeout, nd);
+if (r 0)
+goto error;
+
+r = sd_event_source_set_priority(prefix-timeout_valid,
+nd-event_priority);
+if (r 0)
+goto error;
+
+r = sd_event_source_set_description(prefix-timeout_valid,
+icmp6-prefix-timeout);
+
+error:
+if (r 0)
+prefix-timeout_valid =
+sd_event_source_unref(prefix-timeout_valid);
+
+return r;
+}
+
+static int icmp6_prefix_match(const struct in6_addr *prefix, uint8_t
prefixlen,
+const struct in6_addr *addr, uint8_t addr_prefixlen)
{
+uint8_t bytes, mask, len;
+
+assert_return(prefix, -EINVAL);
+assert_return(addr, -EINVAL);
+
+len = (prefixlen addr_prefixlen)? prefixlen: addr_prefixlen;
MIN()
+
+bytes = len / 8;
+
+if (memcmp(prefix, addr, bytes))
+return -EADDRNOTAVAIL;
+
+if (len % 8) {
I guess you can just remove the if() and say
mask = 0xff (8 - len % 8);
if (memcmp(prefix, addr, bytes) != 0 ||
(prefix-s6_addr[bytes] mask) != (addr-s6_addr[bytes] mask))
return ...;
+
+
+if ((prefix-s6_addr[bytes] mask) !=
+(addr-s6_addr[bytes] mask))
+return -EADDRNOTAVAIL;
+}
+
+return 0;
+}
+
+static int icmp6_ra_prefix_match(struct icmp6_prefix *head,
+const struct in6_addr *addr, uint8_t
addr_len,
+struct icmp6_prefix **result) {
+struct icmp6_prefix *prefix;
+
+LIST_FOREACH(prefixes, prefix, head) {
+if (icmp6_prefix_match(prefix-addr, prefix-len, addr,
+addr_len) = 0) {
+*result = prefix;
+return 0;
+}
+}
+
+return -EADDRNOTAVAIL;
+}
+
+int sd_icmp6_prefix_match(struct in6_addr
Re: [systemd-devel] [PATCH 11/11] sd_dhcp6_lease: Support DNS and NTP options
On Tue, Jan 13, 2015 at 02:02:21PM +0200, Patrik Flykt wrote:
Store arrays of found DNS and NTP IPv6 addresses and strings of DNS
search domains and NTP host names as specified in RFC 3646 and RFC
5908.
---
src/libsystemd-network/dhcp6-internal.h | 3 +
src/libsystemd-network/dhcp6-lease-internal.h | 18
src/libsystemd-network/dhcp6-option.c | 22
src/libsystemd-network/dhcp6-protocol.h | 6 ++
src/libsystemd-network/sd-dhcp6-client.c | 22
src/libsystemd-network/sd-dhcp6-lease.c | 140
++
src/systemd/sd-dhcp6-lease.h | 6 ++
7 files changed, 217 insertions(+)
diff --git a/src/libsystemd-network/dhcp6-internal.h
b/src/libsystemd-network/dhcp6-internal.h
index 4f54ad8..fd7deb9 100644
--- a/src/libsystemd-network/dhcp6-internal.h
+++ b/src/libsystemd-network/dhcp6-internal.h
@@ -68,6 +68,9 @@ int dhcp6_option_parse(uint8_t **buf, size_t *buflen,
uint16_t *optcode,
size_t *optlen, uint8_t **optvalue);
int dhcp6_option_parse_ia(uint8_t **buf, size_t *buflen, uint16_t iatype,
DHCP6IA *ia);
+int dhcp6_option_get_ip6addrs(uint8_t *optval, uint16_t optlen,
+struct in6_addr **addrs, size_t *size,
+size_t *allocated);
int dhcp6_network_bind_udp_socket(int index, struct in6_addr *address);
int dhcp6_network_send_udp_socket(int s, struct in6_addr *address,
diff --git a/src/libsystemd-network/dhcp6-lease-internal.h
b/src/libsystemd-network/dhcp6-lease-internal.h
index 109e0f4..dcc7913 100644
--- a/src/libsystemd-network/dhcp6-lease-internal.h
+++ b/src/libsystemd-network/dhcp6-lease-internal.h
@@ -40,6 +40,19 @@ struct sd_dhcp6_lease {
DHCP6IA ia;
DHCP6Address *addr_iter;
+
+struct in6_addr *dns;
+size_t dns_size;
+size_t dns_allocated;
+char *domain_list;
+size_t domain_list_size;
+size_t domain_list_allocated;
This would be confusing, since we often use size to mean allocated size.
And also it's not a list. Maybe domains, domains_count, domains_allocated?
+struct in6_addr *ntp;
+size_t ntp_size;
+size_t ntp_allocated;
+char *ntp_fqdn;
+size_t ntp_fqdn_size;
+size_t ntp_fqdn_allocated;
};
int dhcp6_lease_clear_timers(DHCP6IA *ia);
@@ -56,6 +69,11 @@ int dhcp6_lease_get_rapid_commit(sd_dhcp6_lease *lease,
bool *rapid_commit);
int dhcp6_lease_get_iaid(sd_dhcp6_lease *lease, be32_t *iaid);
+int dhcp6_lease_set_dns(sd_dhcp6_lease *lease, uint8_t *optval, size_t
optlen);
+int dhcp6_lease_set_domain_list(sd_dhcp6_lease *lease, uint8_t *optval,
+size_t optlen);
+int dhcp6_lease_set_ntp(sd_dhcp6_lease *lease, uint8_t *optval, size_t
optlen);
+
int dhcp6_lease_new(sd_dhcp6_lease **ret);
DEFINE_TRIVIAL_CLEANUP_FUNC(sd_dhcp6_lease*, sd_dhcp6_lease_unref);
diff --git a/src/libsystemd-network/dhcp6-option.c
b/src/libsystemd-network/dhcp6-option.c
index ea863f4..7a7aad4 100644
--- a/src/libsystemd-network/dhcp6-option.c
+++ b/src/libsystemd-network/dhcp6-option.c
@@ -317,3 +317,25 @@ error:
return r;
}
+
+int dhcp6_option_get_ip6addrs(uint8_t *optval, uint16_t optlen,
+struct in6_addr **addrs, size_t *size,
+size_t *allocated) {
+size_t in6_size = sizeof(**addrs);
+
+assert_return(optval, -EINVAL);
+assert_return(addrs, -EINVAL);
+assert_return(size, -EINVAL);
+
+if (optlen % in6_size)
+return -EINVAL;
+
+if (!GREEDY_REALLOC0(*addrs, *allocated, *size + optlen))
+return -ENOMEM;
Well, in this case !GREEDY_REALLOC0 seems overkill, greedy_realloc0 will be
cleaner.
+memcpy(*addrs + *size / in6_size, optval, optlen);
+
+*size += optlen;
+
+return 0;
+}
diff --git a/src/libsystemd-network/dhcp6-protocol.h
b/src/libsystemd-network/dhcp6-protocol.h
index 3e0f339..9330f23 100644
--- a/src/libsystemd-network/dhcp6-protocol.h
+++ b/src/libsystemd-network/dhcp6-protocol.h
@@ -134,6 +134,12 @@ enum {
};
enum {
+DHCP6_NTP_SUBOPTION_SRV_ADDR= 1,
+DHCP6_NTP_SUBOPTION_MC_ADDR = 2,
+DHCP6_NTP_SUBOPTION_SRV_FQDN= 3,
+};
+
+enum {
DHCP6_STATUS_SUCCESS= 0,
DHCP6_STATUS_UNSPEC_FAIL= 1,
DHCP6_STATUS_NO_ADDRS_AVAIL = 2,
diff --git a/src/libsystemd-network/sd-dhcp6-client.c
b/src/libsystemd-network/sd-dhcp6-client.c
index 940a606..ca6f316 100644
--- a/src/libsystemd-network/sd-dhcp6-client.c
+++ b/src/libsystemd-network/sd-dhcp6-client.c
@@ -804,7 +804,29 @@ static int client_parse_message(sd_dhcp6_client *client,
return r;
[systemd-devel] [PATCH] sysv-generator: only allow regular files in enumerate_sysv()
Otherwise, if the directory contains other directories we fail
at fopen in load_sysv() with EISDIR.
---
src/sysv-generator/sysv-generator.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/sysv-generator/sysv-generator.c
b/src/sysv-generator/sysv-generator.c
index 2f24ef2..e15a16b 100644
--- a/src/sysv-generator/sysv-generator.c
+++ b/src/sysv-generator/sysv-generator.c
@@ -727,8 +727,10 @@ static int enumerate_sysv(LookupPaths lp, Hashmap
*all_services) {
_cleanup_free_ char *fpath = NULL, *name = NULL;
int r;
-if (hidden_file(de-d_name))
-continue;
+dirent_ensure_type(d, de);
+
+if (!dirent_is_file(de))
+continue;
fpath = strjoin(*path, /, de-d_name, NULL);
if (!fpath)
--
2.2.1
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [RFC] hwdb: add MOUSE_WHEEL_CLICK_ANGLE as property
On Mon, Jan 12, 2015 at 09:48:55AM +1000, Peter Hutterer wrote: Most mice have a wheel click angle of 15 degrees, i.e. 24 clicks per full wheel rotation. Some mice, like the Logitech M325 have a larger angle. To allow userspace to make use of that knowledge, add a property to the hwdb. --- libinput patches to read this are here: http://lists.freedesktop.org/archives/wayland-devel/2015-January/019340.html This is an RFC, unless we ack this for libinput there's no user for it so I'd like to get both out first for review. Please don't merge yet. alrighty, we'll go ahead with that for libinput. If anyone has any suggestions let me know, otherwise I'll push this over the next couple of days. Cheers, Peter hwdb/70-mouse.hwdb | 44 +++- 1 file changed, 31 insertions(+), 13 deletions(-) diff --git a/hwdb/70-mouse.hwdb b/hwdb/70-mouse.hwdb index 4a4603c..f1638e0 100644 --- a/hwdb/70-mouse.hwdb +++ b/hwdb/70-mouse.hwdb @@ -28,6 +28,29 @@ # mouse:usb:v17efp6019:* # mouse:*:name:Lenovo Optical USB Mouse: # +# To add local entries, create a new file +# /etc/udev/hwdb.d/71-mouse-local.hwdb +# and add your rules there. To load the new rules execute (as root): +# udevadm hwdb --update +# udevadm trigger /dev/input/eventXX +# where /dev/input/eventXX is the mouse in question. If in +# doubt, simply use /dev/input/event* to reload all input rules. +# +# If your changes are generally applicable, open a bug report on +# http://bugs.freedesktop.org/enter_bug.cgi?product=systemd +# and include your new rules, a description of the device, and the +# output of +# udevadm info /dev/input/eventXX +# (or /dev/input/event*). +# +# Allowed properties are: +#MOUSE_DPI +#MOUSE_WHEEL_CLICK_ANGLE +# +# +# MOUSE_DPI # +# +# # DPI settings are specified as #MOUSE_DPI=dpi[@frequency] # @@ -64,20 +87,15 @@ # third-party software) must not be entered into this file, use a local # hwdb instead. # -# To add local entries, create a new file -# /etc/udev/hwdb.d/71-mouse-local.hwdb -# and add your rules there. To load the new rules execute (as root): -# udevadm hwdb --update -# udevadm trigger /dev/input/eventXX -# where /dev/input/eventXX is the mouse in question. If in -# doubt, simply use /dev/input/event* to reload all input rules. +# +# MOUSE_WHEEL_CLICK_ANGLE # +# +# +# The angle in degrees per mouse wheel 'click', specified as +# MOUSE_WHEEL_CLICK_ANGLE=degrees +# +# Most mice have a 15 degree click stop (24 clicks per full rotation). # -# If your changes are generally applicable, open a bug report on -# http://bugs.freedesktop.org/enter_bug.cgi?product=systemd -# and include your new rules, a description of the device, and the -# output of -# udevadm info /dev/input/eventXX -# (or /dev/input/event*). # # Sort by by brand, type (usb, bluetooth), DPI, frequency. -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/2] doc: add cross-references between systemd.{link, netdev, network}
Applied. Thanks! Tom On Mon, Jan 12, 2015 at 8:43 PM, Jan Engelhardt jeng...@inai.de wrote: --- man/systemd.link.xml| 6 ++ man/systemd.netdev.xml | 1 + man/systemd.network.xml | 1 + 3 files changed, 8 insertions(+) diff --git a/man/systemd.link.xml b/man/systemd.link.xml index 33822e7..bb3f908 100644 --- a/man/systemd.link.xml +++ b/man/systemd.link.xml @@ -407,6 +407,12 @@ MACAddress=cb:a9:87:65:43:21/programlisting /citerefentry, citerefentry refentrytitleudevadm/refentrytitlemanvolnum8/manvolnum +/citerefentry, +citerefentry + refentrytitlesystemd.netdev/refentrytitlemanvolnum5/manvolnum +/citerefentry, +citerefentry + refentrytitlesystemd.network/refentrytitlemanvolnum5/manvolnum /citerefentry /para /refsect1 diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml index 45934f2..9e9d3e8 100644 --- a/man/systemd.netdev.xml +++ b/man/systemd.netdev.xml @@ -618,6 +618,7 @@ MACAddress=12:34:56:78:9a:bc/programlisting para citerefentryrefentrytitlesystemd/refentrytitlemanvolnum1/manvolnum/citerefentry, citerefentryrefentrytitlesystemd-networkd/refentrytitlemanvolnum8/manvolnum/citerefentry, + citerefentryrefentrytitlesystemd.link/refentrytitlemanvolnum5/manvolnum/citerefentry, citerefentryrefentrytitlesystemd.network/refentrytitlemanvolnum5/manvolnum/citerefentry /para /refsect1 diff --git a/man/systemd.network.xml b/man/systemd.network.xml index ea278c7..be8754c 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -667,6 +667,7 @@ Tunnel=vti-tun/programlisting para citerefentryrefentrytitlesystemd/refentrytitlemanvolnum1/manvolnum/citerefentry, citerefentryrefentrytitlesystemd-networkd/refentrytitlemanvolnum8/manvolnum/citerefentry, + citerefentryrefentrytitlesystemd.link/refentrytitlemanvolnum5/manvolnum/citerefentry, citerefentryrefentrytitlesystemd.netdev/refentrytitlemanvolnum5/manvolnum/citerefentry /para /refsect1 -- 2.1.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] doc: give a little rationale for /28 subnet in shipped config files
Used slightly different wording. Thanks for the suggestion. On Mon, Jan 12, 2015 at 8:43 PM, Jan Engelhardt jeng...@inai.de wrote: --- network/80-container-ve.network | 2 ++ 1 file changed, 2 insertions(+) diff --git a/network/80-container-ve.network b/network/80-container-ve.network index cb04c7c..f030d16 100644 --- a/network/80-container-ve.network +++ b/network/80-container-ve.network @@ -9,6 +9,8 @@ Name=ve-* Driver=veth +# Why /28? Well, we had to pick something, and giving a block of +# 14 addresses sounded ok-ish — not too small, not overly large. [Network] Address=0.0.0.0/28 IPv4LL=yes -- 2.1.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] networkd-218 won't set bridge l2addr to slave device
Hi Jan, On Mon, Jan 12, 2015 at 12:55 AM, Jan Engelhardt jeng...@inai.de wrote: When using the old-fashioned brctl to set up a bridge, it would give the bridge the L2 address of the first slave when the slave is added. networkd does not do that, which leads to a setup like this: 2: enp0s3: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master brg0 state UP group default qlen 1000 link/ether 08:00:27:0a:c5:b2 brd ff:ff:ff:ff:ff:ff inet6 fe80::a00:27ff:fe0a:c5b2/64 scope link valid_lft forever preferred_lft forever 3: brg0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UP group default link/ether fa:ef:64:e8:77:d2 brd ff:ff:ff:ff:ff:ff inet 169.254.69.103/16 brd 169.254.255.255 scope link brg0 valid_lft forever preferred_lft forever inet 10.10.60.129/24 brd 10.10.60.255 scope global brg0 valid_lft forever preferred_lft forever Yes, that is how it works now. The MAC address is guaranteed to always stay the same for a given bridge, and not be affected by what slaves are attached. tcpdump now tells us on ping: 66:ba:7f:2d:8b:80-ff:ff:ff:ff:ff:ff ethertype ARP (0x0806), length 44: Request who-has 10.10.60.129 tell 10.10.60.1, length 28 fa:ef:64:e8:77:d2-66:ba:7f:2d:8b:80 ethertype ARP (0x0806), length 62: Reply 10.10.60.129 is-at fa:ef:64:e8:77:d2, length 46 66:ba:7f:2d:8b:80-fa:ef:64:e8:77:d2 ethertype IPv4 (0x0800), length 100: 10.10.60.1 10.10.60.129: ICMP echo request, id 22523, seq 1, length 64 The problem is, the '129 machine never receives this, because the enp0s3 interface has a different L2addr and filters this. Setting promiscuous mode does not let it pass, probably because '129 is a VirtualBox environment. In any case, I do not think +PROMISC would be the right fix. Hm, I thought the kernel would figure out the right thing here and set PROMISC on enp0s3 if necessary. How can I reproduce this (in my test (using nspawn with --network-bridge) the bridge device is reachable from the containers just fine, which I thought would be the same as your setup, but I guess not. What do you mean by '129 being a VirtualBox environment? Is not brg0 set up by networkd, or do you mean you are running all of this inside VirtualBox (and enp0s3 is a virtual device)? Setting the L2addr of brg0 to that of enp0s3 makes ICMP echo exchangeable as expected. I think that networkd's default MACAddressPolicy= should not be random (nor persistent), but a new slave. This is not really nice, as it only really works reliably with one slave device (which is not very useful). If you have more devices, then whichever is the first to appear (which may be random) will decide the MAC address. Moreover, you are not really solving the problem, as all the ports that do not have the same MAC address as the bridge will still be unable to forward packets... Cheers, Tom ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Running system services required for certain filesystems
Steve Dickson wrote on 13/01/15 16:29: On a related note to my previous message (subject systemctl status not showing still running processes in inactive .mount unit cgroups (NFS specifically)), when mount.nfs runs to mount NFS filesystems, it shells out to /usr/sbin/start-statd which in turn calls sytemctl to start rpc.statd service. This feels ugly. Why? This is why rpc.statd does not need to be started on the client default any more. Yes but it requires the shelling out to bash script to do some modification of a pre-calculate set of transactions and dynamically adjusts the systemd jobs. It feels very un-systemd to use systemctl during the initial transaction of start jobs to modify things. I guess I'm not such a systemd purist ;-) but it feels ok to me! :-) :) Generally speaking you also have to be really, really careful doing such things as they can be called at unexpected times and result in deadlocks (protected by a timeout thankfully) due to ordering cycles. e.g. say something in early boot that has Before=rpc-statd.service is run, that somehow triggers, e.g. an automount, that in turn calls mount.nfs, which in turn calls systemctl start rpc-statd.service, then that systemctl job will block because the job it creates is waiting for the job with Before=rpc-statd.service in it to complete. I see the deadlock... in theory... but that assumes the first Before=rpc-statd.service never completes which is very unlikely. Well, what I was meaning was the the process that is Before=rpc-statd.service is actually the parent of the one that ultimately tries do the mount. Ultimately the deadlock is there, but systemd will timeout the jobs (by default after 1m 30s), so it's not a real deadlock, but it is still something that could technically happen and delay boot. But it did get me thinking about how clean remote-fs-pre.target really is. We do need to make sure rpc.statd is running before any NFS filesystems are mounted and and relying on the blunt instrument of remote-fs-pre.target seems kinda wrong. It should be more on demand e.g. when I start an nfs mount, it should be able to specify that rpc.statd service is a prerequisite. So my question is, is there a cleaner way to have dependencies like this specified for particular FS types? With the goal being that before systemd will try and mount any NFS filesystems it will make sure that nfs-lock.service (or statd.service or nfs-statd.service or whatever it's name really should be) is running? I kinda want a Requires=nfs-lock.service and After=nfs-lock.service definitions to go into all my *.mount units for any nfs filesystem, but it a way that means I don't have to actually specify this manually in my fstab. Why spread out the pain? I think the sync point we have right now mount.nfs calling start-statd works and keeps everything in one place. Shelling out to start-statd definitely isn't a sync point and as I've outlined above, calling systemctl mid-transaction is really something we should avoid. Again, I do see your point. In this particular I'm not sure there is much else we can do. Yeah, that's somewhat my own conclusion so far too sadly... :s Thanks for your input here. Domain knowledge is invaluable! That's how we *all* learn! :-) Indeed :) All the best Col -- Colin Guthrie colin(at)mageia.org http://colin.guthr.ie/ Day Job: Tribalogic Limited http://www.tribalogic.net/ Open Source: Mageia Contributor http://www.mageia.org/ PulseAudio Hacker http://www.pulseaudio.org/ Trac Hacker http://trac.edgewall.org/ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] PartOf= Question
Hello, On 01/13/2015 08:27 AM, Steve Dickson wrote: Here is what I have now in nfs-idmap.service: [Unit] Description=NFSv4 ID-name mapping service BindTo=nfs-server.service Wants=nfs-config.service After=nfs-config.service [Service] EnvironmentFile=-/run/sysconfig/nfs-utils Type=forking ExecStart=/usr/sbin/rpc.idmapd $RPCIDMAPDARGS And in nfs-server.service I have the lines: Wants= nfs-idmapd.service After= nfs-idmapd.service And still rpc.idmapd does not come down when server is stopped. Never mind... I got this working... It was a pilot error on my part :$ thanks for all the help!! steved. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 10/11] networkd-dhcp6: Assign DHCPv6 addresses and prefix lengths
On Tue, Jan 13, 2015 at 02:02:20PM +0200, Patrik Flykt wrote:
Once IPv6 addresses have been acquired, assign these to the interface
with the prefix lengths taken from the ICMPv6 Router Advertisement
handling code. The preferred and valid IPv6 address lifetimes are
handed to the kernel which will clean up them if not renewed in time.
When a prefix announced via Router Advertisements expires, find all
addresses that match that prefix and update the address to have a
prefix lenght of 128 causing the prefix to be off-link.
---
src/network/networkd-dhcp6.c | 179
+--
src/network/networkd-link.h | 10 +++
src/network/networkd.c | 1 +
3 files changed, 184 insertions(+), 6 deletions(-)
diff --git a/src/network/networkd-dhcp6.c b/src/network/networkd-dhcp6.c
index c31bd4e..5f78f93 100644
--- a/src/network/networkd-dhcp6.c
+++ b/src/network/networkd-dhcp6.c
@@ -28,7 +28,151 @@
#include sd-icmp6-nd.h
#include sd-dhcp6-client.h
+static int dhcp6_lease_information_acquired(sd_dhcp6_client *client,
+Link *link) {
+int r;
+uint32_t mtu;
+
+r = sd_icmp6_ra_get_mtu(link-icmp6_router_discovery, mtu);
+if (r = 0) {
+r = link_set_mtu(link, mtu);
+if (r 0)
+log_link_error(link, Failed to set IPv6 MTU to %
PRIu16, mtu);
+}
+
+return 0;
+}
+
+static int dhcp6_address_handler(sd_rtnl *rtnl, sd_rtnl_message *m,
+ void *userdata) {
+_cleanup_link_unref_ Link *link = userdata;
+int r;
+
+assert(link);
+
+r = sd_rtnl_message_get_errno(m);
+if (r 0 r != -EEXIST) {
+log_link_error(link, Could not set DHCPv6 address: %s,
+ strerror(-r));
+
+link_enter_failed(link);
+
+} else if (r = 0)
+link_rtnl_process_address(rtnl, m, link-manager);
+
+return 1;
+}
+
+static int dhcp6_address_update(Link *link, struct in6_addr *ip6_addr,
+uint8_t prefixlen, uint32_t
lifetime_preferred,
+uint32_t lifetime_valid) {
+int r;
+_cleanup_address_free_ Address *addr = NULL;
+
+r = address_new_dynamic(addr);
+if (r 0)
+return r;
+
+addr-family = AF_INET6;
+memcpy(addr-in_addr.in6, ip6_addr, sizeof(*ip6_addr));
+addr-prefixlen = prefixlen;
+
+addr-cinfo.ifa_prefered = lifetime_preferred;
+addr-cinfo.ifa_valid = lifetime_valid;
+
+log_link_struct(link, LOG_INFO, MESSAGE=%-*s: DHCPv6 address
%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x/%d timeout preferred %d valid %d,
+IFNAMSIZ,
+link-ifname, ADDRESS6_FMT_VAL(addr-in_addr.in6),
+addr-prefixlen, lifetime_preferred, lifetime_valid,
+NULL);
+
+r = address_update(addr, link, dhcp6_address_handler);
+if (r 0)
+log_link_warning(link, Could not assign DHCPv6 address: %s,
+strerror(-r));
+
+return r;
+}
+
+static int dhcp6_prefix_expired(Link *link) {
+int r;
+sd_dhcp6_lease *lease;
+struct in6_addr *expired_prefix, ip6_addr;
+uint8_t expired_prefixlen;
+uint32_t lifetime_preferred, lifetime_valid;
+
+r = sd_icmp6_ra_get_expired_prefix(link-icmp6_router_discovery,
+expired_prefix, expired_prefixlen);
+if (r 0)
+return r;
+
+r = sd_dhcp6_client_get_lease(link-dhcp6_client, lease);
+if (r 0)
+return r;
+
+r = sd_dhcp6_lease_reset_address_iter(lease);
+if (r 0 r != -ENOMSG)
+return r;
I was thinking about this when looking at the patch adding
sd_dhcp6_lease_reset_address_iter(),
but since I wasn't sure how it will be used, I didn't write anythign.
So this comment is really for that patch.
Maybe sd_dhcp6_lease_reset_address_iter() should always succeed,
an not return -ENOMSG. It would make it more like other reset functions
in systemd (e.g. sd_journal_restart_unique).
+while (sd_dhcp6_lease_get_address(lease, ip6_addr,
+lifetime_preferred,
+lifetime_valid) = 0) {
+
+r = sd_icmp6_prefix_match(expired_prefix, expired_prefixlen,
+ip6_addr);
+if (r = 0) {
+r = dhcp6_address_update(link, ip6_addr, 128,
+lifetime_preferred,
+lifetime_valid);
+
+
Re: [systemd-devel] [PATCH 00/11] DHCPv6 address assignment
On Tue, Jan 13, 2015 at 02:02:10PM +0200, Patrik Flykt wrote: Hi, Here is a patch set covering on-link prefix detection and using the prefix length information when setting DHCPv6 addresses. To be able to have a correct prefix for the IPv6 adresses, the prefixes need to be collected in patches 03 and 04. Prefix handling and matching happens in patch 07. Patch 08 contains a test case for these. ICMPv6 Router Advertisement MTU values are collected in patch 05 with an extremely trivial test in patch 06 - basically there to just ensure some functionality exists. If the prefix information ever expires, patch 09 is there to make it possible to fetch the expired one. With the help of the revised address iteration functions in patch 02, patch 10 fetches the proper prefix length and sets the IPv6 address. The patch also attempts to upgrade the IPv6 address prefix length to 128 should the prefix ever expire, it does so but misses to decrement address lifetimes. Something to do for a next patch or two, I guess. In addition, patch 01 clears up a forgotten debug printout while patch 11 fetches DNS and NTP information. Fetching DNS and NTP information have not been tested or used yet so proceed with caution or leave patch 11 for later. I replied to individual patches with some comments. Looks good in general. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] TODO: DHCPv6 Information Request has been implemented
On Tue, Jan 13, 2015 at 03:10:35PM +0200, Patrik Flykt wrote: On Tue, 2015-01-13 at 14:32 +0200, Patrik Flykt wrote: Just a trivial TODO update, I'll push it right away. Patch applied. Patrik Yeah, there's no need to sent this to the mailing list. It is unlikely to be wrong, and even if it it, we can revert or amend. The same for 1/11 in the other series. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] make install busted in git
On Tue, Jan 13, 2015 at 03:16:52PM +0100, Jan Engelhardt wrote: On Tuesday 2015-01-13 15:07, Mike Gilbert wrote: /usr/bin/xsltproc -o man/bootup.7 --nonet --xinclude --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.authors.section.enabled 0 --stringparam man.copyright.section.enabled 0 --stringparam systemd.version 210 --path './man:./man' ./man/custom-man.xsl man/bootup.xml would always create the file man/man7/bootup.7 (libxslt-tools-1.2.28) and not man/bootup.7. floppym@naomi systemd % ls -l man/bootup.* -rw-r--r-- 1 floppym floppym 17807 Jan 11 19:59 man/bootup.xml floppym@naomi systemd % /usr/bin/xsltproc -o man/bootup.7 --nonet --xinclude --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.authors.section.enabled 0 --stringparam man.copyright.section.enabled 0 --stringparam systemd.version 210 --path './man:./man' ./man/custom-man.xsl man/bootup.xml floppym@naomi systemd % ls -l man/bootup.* -rw-r--r-- 1 floppym floppym 13378 Jan 13 09:05 man/bootup.7 Thanks for trying. So I need to proceed to looking for a bug in our libxslt package. Both Fedora and Debian have v 1.1.28. If Your 1.2.28 was not a typo, this might explain the difference. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/2] machinectl: use GNU basename, not the XPG version
On Sun, Jan 11, 2015 at 02:50:15PM -0300, Cristian Rodríguez wrote: --- src/machine/machinectl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c index 749170e..980fba1 100644 --- a/src/machine/machinectl.c +++ b/src/machine/machinectl.c @@ -32,7 +32,7 @@ #include net/if.h #include sys/mount.h #include libgen.h - +#undef basename #include sd-bus.h #include log.h #include util.h Ah, nasty. Applied. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] make install busted in git
On Tuesday 2015-01-13 15:07, Mike Gilbert wrote: /usr/bin/xsltproc -o man/bootup.7 --nonet --xinclude --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.authors.section.enabled 0 --stringparam man.copyright.section.enabled 0 --stringparam systemd.version 210 --path './man:./man' ./man/custom-man.xsl man/bootup.xml would always create the file man/man7/bootup.7 (libxslt-tools-1.2.28) and not man/bootup.7. floppym@naomi systemd % ls -l man/bootup.* -rw-r--r-- 1 floppym floppym 17807 Jan 11 19:59 man/bootup.xml floppym@naomi systemd % /usr/bin/xsltproc -o man/bootup.7 --nonet --xinclude --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.authors.section.enabled 0 --stringparam man.copyright.section.enabled 0 --stringparam systemd.version 210 --path './man:./man' ./man/custom-man.xsl man/bootup.xml floppym@naomi systemd % ls -l man/bootup.* -rw-r--r-- 1 floppym floppym 13378 Jan 13 09:05 man/bootup.7 Thanks for trying. So I need to proceed to looking for a bug in our libxslt package. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] make install busted in git
On Tue, Jan 13, 2015 at 4:48 AM, Jan Engelhardt jeng...@inai.de wrote: On Tuesday 2015-01-13 00:25, Zbigniew Jędrzejewski-Szmek wrote: On Mon, Jan 12, 2015 at 11:42:38PM +0100, Jan Engelhardt wrote: Happens with top-of-line 720e0be0f00f4a7fee808d1cf60db43970900588. == Summary == + make install DESTDIR=/home/abuild/rpmbuild/BUILDROOT/systemd-218a-0.x86_64 make --no-print-directory install-recursive Making install in . [...] XSLT man/busctl.1 [...] /usr/bin/mkdir -p '/home/abuild/rpmbuild/BUILDROOT/systemd-218a-0.x86_64/usr/share/man/man1' /usr/bin/install -c -m 644 ./man/busctl.1 [...] '/home/abuild/rpmbuild/BUILDROOT/systemd-218a-0.x86_64/usr/share/man/man1' /usr/bin/install: cannot stat './man/busctl.1': No such file or directory No idea. It works fine here (Debian/sid). /usr/bin/xsltproc -o man/bootup.7 --nonet --xinclude --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.authors.section.enabled 0 --stringparam man.copyright.section.enabled 0 --stringparam systemd.version 210 --path './man:./man' ./man/custom-man.xsl man/bootup.xml would always create the file man/man7/bootup.7 (libxslt-tools-1.2.28) and not man/bootup.7. The only reason the install-man target succeeds in systemd-210.tar.xz is because the manpages are pre-provided in the tarball (but not in git): ls -l man/*.[0-9] How do things look on your end? No problems from git here. Using your little test: floppym@naomi systemd % pwd /home/floppym/src/systemd floppym@naomi systemd % ls -l man/bootup.* -rw-r--r-- 1 floppym floppym 17807 Jan 11 19:59 man/bootup.xml floppym@naomi systemd % /usr/bin/xsltproc -o man/bootup.7 --nonet --xinclude --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.authors.section.enabled 0 --stringparam man.copyright.section.enabled 0 --stringparam systemd.version 210 --path './man:./man' ./man/custom-man.xsl man/bootup.xml floppym@naomi systemd % ls -l man/bootup.* -rw-r--r-- 1 floppym floppym 13378 Jan 13 09:05 man/bootup.7 -rw-r--r-- 1 floppym floppym 17807 Jan 11 19:59 man/bootup.xml ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Fwd: journald doesn't forward messages to syslog w/o CAP_SYS_ADMIN (LXC)
Hello all,
I'm forwarding a bug report about journal forwarding in containers
without CAP_SYS_ADMIN. I adjusted Christian's patch for current git
master and to be in git am format.
Thanks for considering,
Martin
- Forwarded message from Christian Seiler christ...@iwakd.de -
Date: Sat, 10 Jan 2015 23:42:57 +0100
From: Christian Seiler christ...@iwakd.de
To: Debian Bug Tracking System sub...@bugs.debian.org
Subject: Bug#775067: systemd: journald doesn't forward messages to syslog w/o
CAP_SYS_ADMIN (LXC)
Package: systemd
Version: 215-8
Severity: grave
Tags: upstream patch
Justification: causes non-serious data loss
Dear Maintainer,
when using LXC containers without CAP_SYS_ADMIN, journald fails to
forward any messages to syslog by default. Since the journal is not
persistent by default, no logs are stored at all, hence the
classification as 'data loss'. Also, this is a regression from Wheezy,
where a container without CAP_SYS_ADMIN and syslog did indeed store
persistent logs in /var/log/{syslog,messages,...}.
Note that there is NO other problem with systemd related to missing
CAP_SYS_ADMIN in a container (that I have found so far), provided all
required (pseudo-) file systems are mounted beforehand (which can be
done by configuration with Jessie's LXC version). I do know that
upstream claims that CAP_SYS_ADMIN-less containers are currently not
really supported, but they do intend to work towards that, and, from
what I can tell, apart from this journald problem, I have found no
issue whatsoever with a missing CAP_SYS_ADMIN (it actually works even
better than under sysvinit because it doesn't try to do some stuff
it's not supposed to do in containers that cause error messages with
sysvinit) - and since these kinds of containers were working in
Wheezy with its default init, I think this should be supported in
Jessie, too, especially if the fix is really easy, see below.
This bug is independent of the syslog implementation used, because no
syslog implementation in Jessie supports reading directly from the
journal, as far as I can tell (syslog-ng is too old, rsyslog is built
without imjournal support), so all rely on ForwardToSyslog=yes.
The reason why this problem occurs is that journald tries to fake
SCM_CREDENTIALS before sending a packet to the syslog daemon. With
CAP_SETUID and CAP_SETGID, faking uid/gid is not a problem, but to fake
the pid in struct ucred, one needs CAP_SYS_ADMIN (according to current
kernel source).
Also note that without activating debugging in journald, this problem
can not be diagnosed easily (it took me a while with strace to find the
problem).
Note, however, two things:
- journald does (and can) not guarantee that it can fake the pid,
because the process could have already exited. If you look at the
source, in case ESRCH is returned, it just fakes uid/gid and uses
its own pid
- both rsyslog and syslog-ng (haven't tried anything else yet) don't
rely on SCM_CREDENTIAL's pid anyway in their default configuration,
so at least in the default configuration there's no reason to fail
in that case.
I have created (and tested) an absolutely trivial patch that fixes this
by not only checking for ESRCH but also EPERM and then avoid faking the
pid.
I have tested this with both rsyslog and syslog-ng and it works and
both store (the same ;-)) persistent log messages in
/var/log/{messages,syslog,...}.
- End forwarded message -
--
Martin Pitt| http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
From 91134908e92a310e5d439f6275961bf6a6d88686 Mon Sep 17 00:00:00 2001
From: Christian Seiler christ...@iwakd.de
Date: Tue, 13 Jan 2015 11:53:25 +0100
Subject: [PATCH] journal: Fix syslog forwarding without CAP_SYS_ADMIN
In case CAP_SYS_ADMIN is missing (like in containers), one cannot fake pid in
struct ucred (uid/gid are fine if CAP_SETUID/CAP_SETGID are present).
Ensure that journald will try again to forward the messages to syslog without
faking the SCM_CREDENTIALS pid (which isn't guaranteed to succeed anyway, since
it also does the same thing if the process has already exited).
With this patch, journald will no longer silently discard messages
that are supposed to be sent to syslog in these situations.
https://bugs.debian.org/775067
---
src/journal/journald-syslog.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c
index 6f43fd4..5d21132 100644
--- a/src/journal/journald-syslog.c
+++ b/src/journal/journald-syslog.c
@@ -85,12 +85,12 @@ static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned
return;
}
-if (ucred errno == ESRCH) {
+if (ucred (errno == ESRCH || errno == EPERM)) {
struct ucred u;
/* Hmm, presumably the sender process vanished
- * by now, so let's fix it as good
Re: [systemd-devel] make install busted in git
On Tuesday 2015-01-13 00:25, Zbigniew Jędrzejewski-Szmek wrote: On Mon, Jan 12, 2015 at 11:42:38PM +0100, Jan Engelhardt wrote: Happens with top-of-line 720e0be0f00f4a7fee808d1cf60db43970900588. == Summary == + make install DESTDIR=/home/abuild/rpmbuild/BUILDROOT/systemd-218a-0.x86_64 make --no-print-directory install-recursive Making install in . [...] XSLT man/busctl.1 [...] /usr/bin/mkdir -p '/home/abuild/rpmbuild/BUILDROOT/systemd-218a-0.x86_64/usr/share/man/man1' /usr/bin/install -c -m 644 ./man/busctl.1 [...] '/home/abuild/rpmbuild/BUILDROOT/systemd-218a-0.x86_64/usr/share/man/man1' /usr/bin/install: cannot stat './man/busctl.1': No such file or directory No idea. It works fine here (Debian/sid). /usr/bin/xsltproc -o man/bootup.7 --nonet --xinclude --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.authors.section.enabled 0 --stringparam man.copyright.section.enabled 0 --stringparam systemd.version 210 --path './man:./man' ./man/custom-man.xsl man/bootup.xml would always create the file man/man7/bootup.7 (libxslt-tools-1.2.28) and not man/bootup.7. The only reason the install-man target succeeds in systemd-210.tar.xz is because the manpages are pre-provided in the tarball (but not in git): ls -l man/*.[0-9] How do things look on your end? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 01/11] sd-dhcp6-client: Remove unnecessary debug printout
--- src/libsystemd-network/sd-dhcp6-client.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c index 017371e..940a606 100644 --- a/src/libsystemd-network/sd-dhcp6-client.c +++ b/src/libsystemd-network/sd-dhcp6-client.c @@ -1025,7 +1025,6 @@ static int client_start(sd_dhcp6_client *client, enum DHCP6State state) assert_return(client-index 0, -EINVAL); assert_return(client-state != state, -EINVAL); -log_dhcp6_client(client, client state %d new state %d, client-state, state); client-timeout_resend_expire = sd_event_source_unref(client-timeout_resend_expire); client-timeout_resend = sd_event_source_unref(client-timeout_resend); -- 2.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 03/11] sd-icmp6-nd: Update Router Advertisement handling
As the IPv6 prefixes are needed, update the ICMPv6 Router Advertisement
code to dynamically allocate a suitably sized buffer. Iterate through
the ICMPv6 options one by one returning error if the option length is
too big to fit the buffer.
---
src/libsystemd-network/sd-icmp6-nd.c | 75 +++-
1 file changed, 65 insertions(+), 10 deletions(-)
diff --git a/src/libsystemd-network/sd-icmp6-nd.c
b/src/libsystemd-network/sd-icmp6-nd.c
index fbaf093..c9b390e 100644
--- a/src/libsystemd-network/sd-icmp6-nd.c
+++ b/src/libsystemd-network/sd-icmp6-nd.c
@@ -18,9 +18,11 @@
***/
#include netinet/icmp6.h
+#include netinet/ip6.h
#include string.h
#include stdbool.h
#include netinet/in.h
+#include sys/ioctl.h
#include socket-util.h
#include refcnt.h
@@ -38,6 +40,10 @@ enum icmp6_nd_state {
ICMP6_ROUTER_ADVERTISMENT_LISTEN= 11,
};
+#define IP6_MIN_MTU 1280
+#define ICMP6_ND_RECV_SIZE (IP6_MIN_MTU - sizeof(struct ip6_hdr))
+#define ICMP6_OPT_LEN_UNITS 8
+
struct sd_icmp6_nd {
RefCount n_ref;
@@ -179,45 +185,94 @@ int sd_icmp6_nd_new(sd_icmp6_nd **ret) {
return 0;
}
+static int icmp6_ra_parse(sd_icmp6_nd *nd, struct nd_router_advert *ra,
+ssize_t len) {
+void *opt;
+struct nd_opt_hdr *opt_hdr;
+
+assert_return(nd, -EINVAL);
+assert_return(ra, -EINVAL);
+
+len -= sizeof(*ra);
+if (len ICMP6_OPT_LEN_UNITS)
+return 0;
+
+opt = ra + 1;
+opt_hdr = opt;
+
+while (len len = opt_hdr-nd_opt_len * ICMP6_OPT_LEN_UNITS) {
+
+if (!opt_hdr-nd_opt_len)
+return -ENOMSG;
+
+switch (opt_hdr-nd_opt_type) {
+
+}
+
+len -= opt_hdr-nd_opt_len * ICMP6_OPT_LEN_UNITS;
+opt = (void *)((char *)opt +
+opt_hdr-nd_opt_len * ICMP6_OPT_LEN_UNITS);
+opt_hdr = opt;
+}
+
+return 0;
+}
+
static int icmp6_router_advertisment_recv(sd_event_source *s, int fd,
uint32_t revents, void *userdata)
{
sd_icmp6_nd *nd = userdata;
+int r, buflen;
ssize_t len;
-struct nd_router_advert ra;
+_cleanup_free_ struct nd_router_advert *ra = NULL;
int event = ICMP6_EVENT_ROUTER_ADVERTISMENT_NONE;
assert(s);
assert(nd);
assert(nd-event);
-/* only interested in Managed/Other flag */
-len = read(fd, ra, sizeof(ra));
-if ((size_t)len sizeof(ra))
+r = ioctl(fd, FIONREAD, buflen);
+if (r 0 || buflen = 0)
+buflen = ICMP6_ND_RECV_SIZE;
+
+ra = malloc0(buflen);
+if (!ra)
+return -ENOMEM;
+
+len = read(fd, ra, buflen);
+if (len 0) {
+log_icmp6_nd(nd, Could not receive message from UDP socket:
%m);
return 0;
+}
-if (ra.nd_ra_type != ND_ROUTER_ADVERT)
+if (ra-nd_ra_type != ND_ROUTER_ADVERT)
return 0;
-if (ra.nd_ra_code != 0)
+if (ra-nd_ra_code != 0)
return 0;
nd-timeout = sd_event_source_unref(nd-timeout);
nd-state = ICMP6_ROUTER_ADVERTISMENT_LISTEN;
-if (ra.nd_ra_flags_reserved ND_RA_FLAG_OTHER )
+if (ra-nd_ra_flags_reserved ND_RA_FLAG_OTHER )
event = ICMP6_EVENT_ROUTER_ADVERTISMENT_OTHER;
-if (ra.nd_ra_flags_reserved ND_RA_FLAG_MANAGED)
+if (ra-nd_ra_flags_reserved ND_RA_FLAG_MANAGED)
event = ICMP6_EVENT_ROUTER_ADVERTISMENT_MANAGED;
log_icmp6_nd(nd, Received Router Advertisement flags %s/%s,
- (ra.nd_ra_flags_reserved ND_RA_FLAG_MANAGED)? MANAGED:
+ (ra-nd_ra_flags_reserved ND_RA_FLAG_MANAGED)?
MANAGED:
none,
- (ra.nd_ra_flags_reserved ND_RA_FLAG_OTHER)? OTHER:
+ (ra-nd_ra_flags_reserved ND_RA_FLAG_OTHER)? OTHER:
none);
+if (event != ICMP6_EVENT_ROUTER_ADVERTISMENT_NONE) {
+r = icmp6_ra_parse(nd, ra, len);
+if (r 0)
+return 0;
+}
+
icmp6_nd_notify(nd, event);
return 0;
--
2.1.4
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 00/11] DHCPv6 address assignment
Hi, Here is a patch set covering on-link prefix detection and using the prefix length information when setting DHCPv6 addresses. To be able to have a correct prefix for the IPv6 adresses, the prefixes need to be collected in patches 03 and 04. Prefix handling and matching happens in patch 07. Patch 08 contains a test case for these. ICMPv6 Router Advertisement MTU values are collected in patch 05 with an extremely trivial test in patch 06 - basically there to just ensure some functionality exists. If the prefix information ever expires, patch 09 is there to make it possible to fetch the expired one. With the help of the revised address iteration functions in patch 02, patch 10 fetches the proper prefix length and sets the IPv6 address. The patch also attempts to upgrade the IPv6 address prefix length to 128 should the prefix ever expire, it does so but misses to decrement address lifetimes. Something to do for a next patch or two, I guess. In addition, patch 01 clears up a forgotten debug printout while patch 11 fetches DNS and NTP information. Fetching DNS and NTP information have not been tested or used yet so proceed with caution or leave patch 11 for later. Please review, Patrik Patrik Flykt (11): sd-dhcp6-client: Remove unnecessary debug printout sd-dhcp6-lease: Revise address iteration functions sd-icmp6-nd: Update Router Advertisement handling sd-icmp6-nd: Add link and prefix structures for ICMPv6 sd-icmp6-nd: Add helper function to get the IPv6 link MTU test-icmp6-rs: Add trivial test case for a MTU that is not present sd-icmp6-nd: Parse ICMPv6 prefix information test-icmp6-nd: Add test cases for prefixes sd-icmp6-nd: Add support for fetching the latest expired prefix networkd-dhcp6: Assign DHCPv6 addresses and prefix lengths sd_dhcp6_lease: Support DNS and NTP options src/libsystemd-network/dhcp6-internal.h | 3 + src/libsystemd-network/dhcp6-lease-internal.h | 18 ++ src/libsystemd-network/dhcp6-option.c | 22 ++ src/libsystemd-network/dhcp6-protocol.h | 6 + src/libsystemd-network/sd-dhcp6-client.c | 23 +- src/libsystemd-network/sd-dhcp6-lease.c | 162 +- src/libsystemd-network/sd-icmp6-nd.c | 449 +- src/libsystemd-network/test-dhcp6-client.c| 37 +-- src/libsystemd-network/test-icmp6-rs.c| 221 - src/network/networkd-dhcp6.c | 179 +- src/network/networkd-link.h | 10 + src/network/networkd.c| 1 + src/systemd/sd-dhcp6-lease.h | 13 +- src/systemd/sd-icmp6-nd.h | 10 + 14 files changed, 1088 insertions(+), 66 deletions(-) -- 2.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 06/11] test-icmp6-rs: Add trivial test case for a MTU that is not present
---
src/libsystemd-network/test-icmp6-rs.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/libsystemd-network/test-icmp6-rs.c
b/src/libsystemd-network/test-icmp6-rs.c
index be64d33..8a42a34 100644
--- a/src/libsystemd-network/test-icmp6-rs.c
+++ b/src/libsystemd-network/test-icmp6-rs.c
@@ -30,7 +30,7 @@ static struct ether_addr mac_addr = {
.ether_addr_octet = {'A', 'B', 'C', '1', '2', '3'}
};
-static bool verbose = false;
+static bool verbose = true;
static sd_event_source *test_hangcheck;
static int test_fd[2];
@@ -93,6 +93,8 @@ static void test_rs_done(sd_icmp6_nd *nd, int event, void
*userdata) {
{ ND_RA_FLAG_OTHER, ICMP6_EVENT_ROUTER_ADVERTISMENT_OTHER },
{ ND_RA_FLAG_MANAGED, ICMP6_EVENT_ROUTER_ADVERTISMENT_MANAGED }
};
+uint32_t mtu;
+
assert_se(nd);
assert_se(event == flag_event[idx].event);
@@ -101,10 +103,14 @@ static void test_rs_done(sd_icmp6_nd *nd, int event, void
*userdata) {
if (verbose)
printf( got event %d\n, event);
-if (idx 3)
+if (idx 3) {
send_ra(flag_event[idx].flag);
-else
-sd_event_exit(e, 0);
+return;
+}
+
+assert_se(sd_icmp6_ra_get_mtu(nd, mtu) == -ENOMSG);
+
+sd_event_exit(e, 0);
}
static void test_rs(sd_event *e) {
--
2.1.4
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 10/11] networkd-dhcp6: Assign DHCPv6 addresses and prefix lengths
Once IPv6 addresses have been acquired, assign these to the interface
with the prefix lengths taken from the ICMPv6 Router Advertisement
handling code. The preferred and valid IPv6 address lifetimes are
handed to the kernel which will clean up them if not renewed in time.
When a prefix announced via Router Advertisements expires, find all
addresses that match that prefix and update the address to have a
prefix lenght of 128 causing the prefix to be off-link.
---
src/network/networkd-dhcp6.c | 179 +--
src/network/networkd-link.h | 10 +++
src/network/networkd.c | 1 +
3 files changed, 184 insertions(+), 6 deletions(-)
diff --git a/src/network/networkd-dhcp6.c b/src/network/networkd-dhcp6.c
index c31bd4e..5f78f93 100644
--- a/src/network/networkd-dhcp6.c
+++ b/src/network/networkd-dhcp6.c
@@ -28,7 +28,151 @@
#include sd-icmp6-nd.h
#include sd-dhcp6-client.h
+static int dhcp6_lease_information_acquired(sd_dhcp6_client *client,
+Link *link) {
+int r;
+uint32_t mtu;
+
+r = sd_icmp6_ra_get_mtu(link-icmp6_router_discovery, mtu);
+if (r = 0) {
+r = link_set_mtu(link, mtu);
+if (r 0)
+log_link_error(link, Failed to set IPv6 MTU to %
PRIu16, mtu);
+}
+
+return 0;
+}
+
+static int dhcp6_address_handler(sd_rtnl *rtnl, sd_rtnl_message *m,
+ void *userdata) {
+_cleanup_link_unref_ Link *link = userdata;
+int r;
+
+assert(link);
+
+r = sd_rtnl_message_get_errno(m);
+if (r 0 r != -EEXIST) {
+log_link_error(link, Could not set DHCPv6 address: %s,
+ strerror(-r));
+
+link_enter_failed(link);
+
+} else if (r = 0)
+link_rtnl_process_address(rtnl, m, link-manager);
+
+return 1;
+}
+
+static int dhcp6_address_update(Link *link, struct in6_addr *ip6_addr,
+uint8_t prefixlen, uint32_t lifetime_preferred,
+uint32_t lifetime_valid) {
+int r;
+_cleanup_address_free_ Address *addr = NULL;
+
+r = address_new_dynamic(addr);
+if (r 0)
+return r;
+
+addr-family = AF_INET6;
+memcpy(addr-in_addr.in6, ip6_addr, sizeof(*ip6_addr));
+addr-prefixlen = prefixlen;
+
+addr-cinfo.ifa_prefered = lifetime_preferred;
+addr-cinfo.ifa_valid = lifetime_valid;
+
+log_link_struct(link, LOG_INFO, MESSAGE=%-*s: DHCPv6 address
%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x/%d timeout preferred %d valid %d,
+IFNAMSIZ,
+link-ifname, ADDRESS6_FMT_VAL(addr-in_addr.in6),
+addr-prefixlen, lifetime_preferred, lifetime_valid,
+NULL);
+
+r = address_update(addr, link, dhcp6_address_handler);
+if (r 0)
+log_link_warning(link, Could not assign DHCPv6 address: %s,
+strerror(-r));
+
+return r;
+}
+
+static int dhcp6_prefix_expired(Link *link) {
+int r;
+sd_dhcp6_lease *lease;
+struct in6_addr *expired_prefix, ip6_addr;
+uint8_t expired_prefixlen;
+uint32_t lifetime_preferred, lifetime_valid;
+
+r = sd_icmp6_ra_get_expired_prefix(link-icmp6_router_discovery,
+expired_prefix, expired_prefixlen);
+if (r 0)
+return r;
+
+r = sd_dhcp6_client_get_lease(link-dhcp6_client, lease);
+if (r 0)
+return r;
+
+r = sd_dhcp6_lease_reset_address_iter(lease);
+if (r 0 r != -ENOMSG)
+return r;
+
+while (sd_dhcp6_lease_get_address(lease, ip6_addr,
+lifetime_preferred,
+lifetime_valid) = 0) {
+
+r = sd_icmp6_prefix_match(expired_prefix, expired_prefixlen,
+ip6_addr);
+if (r = 0) {
+r = dhcp6_address_update(link, ip6_addr, 128,
+lifetime_preferred,
+lifetime_valid);
+
+return r;
+}
+}
+
+return 0;
+}
+
+static int dhcp6_lease_address_acquired(sd_dhcp6_client *client, Link *link) {
+int r;
+sd_dhcp6_lease *lease;
+struct in6_addr ip6_addr;
+uint32_t lifetime_preferred, lifetime_valid;
+uint8_t prefixlen;
+
+r = sd_dhcp6_client_get_lease(client, lease);
+if (r 0)
+return r;
+
+r = sd_dhcp6_lease_reset_address_iter(lease);
+if (r 0 r != -ENOMSG)
+return r;
+
+while
[systemd-devel] [PATCH 02/11] sd-dhcp6-lease: Revise address iteration functions
Revise the address iteration functions so that one helper function
resets the iterator to the start of the address list while the
second one fetches addresses one by one.
The test case is also updated.
---
src/libsystemd-network/sd-dhcp6-lease.c| 24 +++
src/libsystemd-network/test-dhcp6-client.c | 37 +++---
src/systemd/sd-dhcp6-lease.h | 7 ++
3 files changed, 29 insertions(+), 39 deletions(-)
diff --git a/src/libsystemd-network/sd-dhcp6-lease.c
b/src/libsystemd-network/sd-dhcp6-lease.c
index 8960fac..b3ae0c0 100644
--- a/src/libsystemd-network/sd-dhcp6-lease.c
+++ b/src/libsystemd-network/sd-dhcp6-lease.c
@@ -146,10 +146,9 @@ int dhcp6_lease_get_iaid(sd_dhcp6_lease *lease, be32_t
*iaid) {
return 0;
}
-int sd_dhcp6_lease_get_next_address(sd_dhcp6_lease *lease,
-struct in6_addr *addr,
-uint32_t *lifetime_preferred,
-uint32_t *lifetime_valid) {
+int sd_dhcp6_lease_get_address(sd_dhcp6_lease *lease, struct in6_addr *addr,
+uint32_t *lifetime_preferred,
+uint32_t *lifetime_valid) {
assert_return(lease, -EINVAL);
assert_return(addr, -EINVAL);
assert_return(lifetime_preferred, -EINVAL);
@@ -169,22 +168,15 @@ int sd_dhcp6_lease_get_next_address(sd_dhcp6_lease *lease,
return 0;
}
-int sd_dhcp6_lease_get_first_address(sd_dhcp6_lease *lease,
- struct in6_addr *addr,
- uint32_t *lifetime_preferred,
- uint32_t *lifetime_valid) {
+int sd_dhcp6_lease_reset_address_iter(sd_dhcp6_lease *lease) {
assert_return(lease, -EINVAL);
-assert_return(addr, -EINVAL);
-assert_return(lifetime_preferred, -EINVAL);
-assert_return(lifetime_valid, -EINVAL);
-
-if (!lease-ia.addresses)
-return -ENOMSG;
lease-addr_iter = lease-ia.addresses;
-return sd_dhcp6_lease_get_next_address(lease, addr, lifetime_preferred,
- lifetime_valid);
+if (!lease-addr_iter)
+return -ENOMSG;
+
+return 0;
}
sd_dhcp6_lease *sd_dhcp6_lease_ref(sd_dhcp6_lease *lease) {
diff --git a/src/libsystemd-network/test-dhcp6-client.c
b/src/libsystemd-network/test-dhcp6-client.c
index 7590839..bc9a9e2 100644
--- a/src/libsystemd-network/test-dhcp6-client.c
+++ b/src/libsystemd-network/test-dhcp6-client.c
@@ -286,25 +286,26 @@ static int test_advertise_option(sd_event *e) {
assert_se(opt_clientid);
-assert_se(sd_dhcp6_lease_get_first_address(lease, addr, lt_pref,
- lt_valid) = 0);
+assert_se(sd_dhcp6_lease_reset_address_iter(lease) = 0);
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
+ lt_valid) = 0);
assert_se(!memcmp(addr, msg_advertise[42], sizeof(addr)));
assert_se(lt_pref == 150);
assert_se(lt_valid == 180);
-assert_se(sd_dhcp6_lease_get_next_address(lease, addr, lt_pref,
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
lt_valid) == -ENOMSG);
-assert_se(sd_dhcp6_lease_get_first_address(lease, addr, lt_pref,
- lt_valid) = 0);
+assert_se(sd_dhcp6_lease_reset_address_iter(lease) = 0);
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
+ lt_valid) = 0);
assert_se(!memcmp(addr, msg_advertise[42], sizeof(addr)));
-assert_se(sd_dhcp6_lease_get_next_address(lease, addr, lt_pref,
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
lt_valid) == -ENOMSG);
-assert_se(sd_dhcp6_lease_get_next_address(lease, addr, lt_pref,
- lt_valid) == -ENOMSG);
-assert_se(sd_dhcp6_lease_get_first_address(lease, addr, lt_pref,
- lt_valid) = 0);
+assert_se(sd_dhcp6_lease_reset_address_iter(lease) = 0);
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
+ lt_valid) = 0);
assert_se(!memcmp(addr, msg_advertise[42], sizeof(addr)));
-assert_se(sd_dhcp6_lease_get_next_address(lease, addr, lt_pref,
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
lt_valid) == -ENOMSG);
assert_se(dhcp6_lease_get_serverid(lease, opt, len) = 0);
@@ -439,13 +440,14 @@ static int test_client_verify_request(DHCP6Message
*request, uint8_t *option,
[systemd-devel] [PATCH 07/11] sd-icmp6-nd: Parse ICMPv6 prefix information
Save each new onlink IPv6 prefix and attach an expiry timer to it.
If the prefixes overlap, take the shorter prefix and write a debug
message about the event. Once the prefix is resent in a Router
Advertisement, update the timer. Add a new event for the expiring
prefix.
Add two helper functions, one for returning a prefix length given a
Router Advertisement and the other for generic prefix matching given
an IPv6 prefix and address.
---
src/libsystemd-network/sd-icmp6-nd.c | 222 +++
src/systemd/sd-icmp6-nd.h| 6 +
2 files changed, 228 insertions(+)
diff --git a/src/libsystemd-network/sd-icmp6-nd.c
b/src/libsystemd-network/sd-icmp6-nd.c
index 3501055..4848912 100644
--- a/src/libsystemd-network/sd-icmp6-nd.c
+++ b/src/libsystemd-network/sd-icmp6-nd.c
@@ -283,11 +283,227 @@ int sd_icmp6_ra_get_mtu(sd_icmp6_nd *nd, uint32_t *mtu) {
return 0;
}
+static int icmp6_ra_prefix_timeout(sd_event_source *s, uint64_t usec,
+void *userdata) {
+sd_icmp6_nd *nd = userdata;
+struct icmp6_prefix *prefix, *p;
+
+assert(nd);
+assert(nd-link);
+assert(nd-link-prefixes);
+
+LIST_FOREACH_SAFE(prefixes, prefix, p, nd-link-prefixes) {
+if (prefix-timeout_valid != s)
+continue;
+
+log_icmp6_nd(nd, Prefix expired
%02x%02x:%02x%02x:%02x%02x:%02x%02x/%d,
+prefix-addr.s6_addr[0], prefix-addr.s6_addr[1],
+prefix-addr.s6_addr[2], prefix-addr.s6_addr[3],
+prefix-addr.s6_addr[4], prefix-addr.s6_addr[5],
+prefix-addr.s6_addr[6], prefix-addr.s6_addr[7],
+prefix-len);
+
+LIST_REMOVE(prefixes, nd-link-prefixes, prefix);
+
+icmp6_nd_notify(nd,
+
ICMP6_EVENT_ROUTER_ADVERTISMENT_PREFIX_EXPIRED);
+prefix = icmp6_prefix_unref(prefix);
+
+break;
+}
+
+return 0;
+}
+
+static int icmp6_ra_prefix_set_timeout(sd_icmp6_nd *nd,
+struct icmp6_prefix *prefix, usec_t valid) {
+usec_t time_now;
+int r;
+
+assert_return(prefix, -EINVAL);
+
+r = sd_event_now(nd-event, clock_boottime_or_monotonic(), time_now);
+if (r 0)
+return r;
+
+prefix-timeout_valid = sd_event_source_unref(prefix-timeout_valid);
+
+r = sd_event_add_time(nd-event, prefix-timeout_valid,
+clock_boottime_or_monotonic(), time_now + valid,
+USEC_PER_SEC, icmp6_ra_prefix_timeout, nd);
+if (r 0)
+goto error;
+
+r = sd_event_source_set_priority(prefix-timeout_valid,
+nd-event_priority);
+if (r 0)
+goto error;
+
+r = sd_event_source_set_description(prefix-timeout_valid,
+icmp6-prefix-timeout);
+
+error:
+if (r 0)
+prefix-timeout_valid =
+sd_event_source_unref(prefix-timeout_valid);
+
+return r;
+}
+
+static int icmp6_prefix_match(const struct in6_addr *prefix, uint8_t prefixlen,
+const struct in6_addr *addr, uint8_t addr_prefixlen) {
+uint8_t bytes, mask, len;
+
+assert_return(prefix, -EINVAL);
+assert_return(addr, -EINVAL);
+
+len = (prefixlen addr_prefixlen)? prefixlen: addr_prefixlen;
+
+bytes = len / 8;
+
+if (memcmp(prefix, addr, bytes))
+return -EADDRNOTAVAIL;
+
+if (len % 8) {
+mask = 0xff (8 - len % 8);
+
+if ((prefix-s6_addr[bytes] mask) !=
+(addr-s6_addr[bytes] mask))
+return -EADDRNOTAVAIL;
+}
+
+return 0;
+}
+
+static int icmp6_ra_prefix_match(struct icmp6_prefix *head,
+const struct in6_addr *addr, uint8_t addr_len,
+struct icmp6_prefix **result) {
+struct icmp6_prefix *prefix;
+
+LIST_FOREACH(prefixes, prefix, head) {
+if (icmp6_prefix_match(prefix-addr, prefix-len, addr,
+addr_len) = 0) {
+*result = prefix;
+return 0;
+}
+}
+
+return -EADDRNOTAVAIL;
+}
+
+int sd_icmp6_prefix_match(struct in6_addr *prefix, uint8_t prefixlen,
+struct in6_addr *addr) {
+return icmp6_prefix_match(prefix, prefixlen, addr,
+sizeof(addr-s6_addr) * 8);
+}
+
+int sd_icmp6_ra_get_prefixlen(sd_icmp6_nd *nd, const struct in6_addr *addr,
+uint8_t *prefixlen) {
+int r;
+struct icmp6_prefix *prefix;
+
+assert_return(nd, -EINVAL);
[systemd-devel] [PATCH 04/11] sd-icmp6-nd: Add link and prefix structures for ICMPv6
Each ICMPv6 structure has an interface index and will therefore be
associated with an IPv6 link containing a list of of prefixes.
---
src/libsystemd-network/sd-icmp6-nd.c | 99
1 file changed, 99 insertions(+)
diff --git a/src/libsystemd-network/sd-icmp6-nd.c
b/src/libsystemd-network/sd-icmp6-nd.c
index c9b390e..35d5f5f 100644
--- a/src/libsystemd-network/sd-icmp6-nd.c
+++ b/src/libsystemd-network/sd-icmp6-nd.c
@@ -44,6 +44,23 @@ enum icmp6_nd_state {
#define ICMP6_ND_RECV_SIZE (IP6_MIN_MTU - sizeof(struct ip6_hdr))
#define ICMP6_OPT_LEN_UNITS 8
+struct icmp6_prefix {
+RefCount n_ref;
+
+LIST_FIELDS(struct icmp6_prefix, prefixes);
+
+uint8_t len;
+sd_event_source *timeout_valid;
+struct in6_addr addr;
+};
+
+struct icmp6_link {
+RefCount n_ref;
+
+uint32_t mtu;
+LIST_HEAD(struct icmp6_prefix, prefixes);
+};
+
struct sd_icmp6_nd {
RefCount n_ref;
@@ -52,6 +69,7 @@ struct sd_icmp6_nd {
int event_priority;
int index;
struct ether_addr mac_addr;
+struct icmp6_link *link;
int fd;
sd_event_source *recv;
sd_event_source *timeout;
@@ -62,6 +80,72 @@ struct sd_icmp6_nd {
#define log_icmp6_nd(p, fmt, ...) log_internal(LOG_DEBUG, 0, __FILE__,
__LINE__, __func__, ICMPv6 CLIENT: fmt, ##__VA_ARGS__)
+static struct icmp6_prefix *icmp6_prefix_unref(struct icmp6_prefix *prefix) {
+if (prefix REFCNT_DEC(prefix-n_ref) = 0) {
+prefix-timeout_valid =
+sd_event_source_unref(prefix-timeout_valid);
+
+free(prefix);
+}
+
+return NULL;
+}
+
+static int icmp6_prefix_new(struct icmp6_prefix **ret) {
+_cleanup_free_ struct icmp6_prefix *prefix = NULL;
+
+assert(ret);
+
+prefix = new0(struct icmp6_prefix, 1);
+if (!prefix)
+return -ENOMEM;
+
+prefix-n_ref = REFCNT_INIT;
+LIST_INIT(prefixes, prefix);
+
+*ret = prefix;
+prefix = NULL;
+
+return 0;
+}
+
+static struct icmp6_link *icmp6_link_unref(struct icmp6_link *link) {
+if (link REFCNT_DEC(link-n_ref) = 0) {
+struct icmp6_prefix *prefix, *p;
+
+LIST_FOREACH_SAFE(prefixes, prefix, p, link-prefixes) {
+LIST_REMOVE(prefixes, link-prefixes, prefix);
+
+prefix = icmp6_prefix_unref(prefix);
+}
+free(link);
+}
+
+return NULL;
+}
+
+DEFINE_TRIVIAL_CLEANUP_FUNC(struct icmp6_link*, icmp6_link_unref);
+#define _cleanup_icmp6_link_free_ _cleanup_(icmp6_link_unrefp)
+
+static int icmp6_link_new(struct icmp6_link **ret) {
+_cleanup_free_ struct icmp6_link *link = NULL;
+
+assert(ret);
+
+link = new0(struct icmp6_link, 1);
+if (!link)
+return -ENOMEM;
+
+link-n_ref = REFCNT_INIT;
+
+LIST_HEAD_INIT(link-prefixes);
+
+*ret = link;
+link = NULL;
+
+return 0;
+}
+
static void icmp6_nd_notify(sd_icmp6_nd *nd, int event)
{
if (nd-callback)
@@ -156,6 +240,8 @@ sd_icmp6_nd *sd_icmp6_nd_unref(sd_icmp6_nd *nd) {
icmp6_nd_init(nd);
sd_icmp6_nd_detach_event(nd);
+nd-link = icmp6_link_unref(nd-link);
+
free(nd);
}
@@ -191,6 +277,7 @@ static int icmp6_ra_parse(sd_icmp6_nd *nd, struct
nd_router_advert *ra,
struct nd_opt_hdr *opt_hdr;
assert_return(nd, -EINVAL);
+assert_return(nd-link, -EINVAL);
assert_return(ra, -EINVAL);
len -= sizeof(*ra);
@@ -225,6 +312,7 @@ static int icmp6_router_advertisment_recv(sd_event_source
*s, int fd,
int r, buflen;
ssize_t len;
_cleanup_free_ struct nd_router_advert *ra = NULL;
+_cleanup_icmp6_link_free_ struct icmp6_link *link = NULL;
int event = ICMP6_EVENT_ROUTER_ADVERTISMENT_NONE;
assert(s);
@@ -251,6 +339,17 @@ static int icmp6_router_advertisment_recv(sd_event_source
*s, int fd,
if (ra-nd_ra_code != 0)
return 0;
+if (!nd-link) {
+r = icmp6_link_new(link);
+if (r 0) {
+log_icmp6_nd(nd, Could not allocate ICMP6 link
struct: %m);
+return 0;
+}
+
+nd-link = link;
+link = NULL;
+}
+
nd-timeout = sd_event_source_unref(nd-timeout);
nd-state = ICMP6_ROUTER_ADVERTISMENT_LISTEN;
--
2.1.4
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 09/11] sd-icmp6-nd: Add support for fetching the latest expired prefix
Keep the expired prefix for the duration of the prefix expiration event
and remove it afterwards.
---
src/libsystemd-network/sd-icmp6-nd.c | 23 +++
src/systemd/sd-icmp6-nd.h| 2 ++
2 files changed, 25 insertions(+)
diff --git a/src/libsystemd-network/sd-icmp6-nd.c
b/src/libsystemd-network/sd-icmp6-nd.c
index 4848912..ad9bbdb 100644
--- a/src/libsystemd-network/sd-icmp6-nd.c
+++ b/src/libsystemd-network/sd-icmp6-nd.c
@@ -58,6 +58,7 @@ struct icmp6_link {
RefCount n_ref;
uint32_t mtu;
+struct icmp6_prefix *expired_prefix;
LIST_HEAD(struct icmp6_prefix, prefixes);
};
@@ -305,8 +306,11 @@ static int icmp6_ra_prefix_timeout(sd_event_source *s,
uint64_t usec,
LIST_REMOVE(prefixes, nd-link-prefixes, prefix);
+nd-link-expired_prefix = prefix;
icmp6_nd_notify(nd,
ICMP6_EVENT_ROUTER_ADVERTISMENT_PREFIX_EXPIRED);
+nd-link-expired_prefix = NULL;
+
prefix = icmp6_prefix_unref(prefix);
break;
@@ -419,6 +423,25 @@ int sd_icmp6_ra_get_prefixlen(sd_icmp6_nd *nd, const
struct in6_addr *addr,
return 0;
}
+int sd_icmp6_ra_get_expired_prefix(sd_icmp6_nd *nd, struct in6_addr **addr,
+uint8_t *prefixlen)
+{
+assert_return(nd, -EINVAL);
+assert_return(addr, -EINVAL);
+assert_return(prefixlen, -EINVAL);
+
+if (!nd-link)
+return -EADDRNOTAVAIL;
+
+if (!nd-link-expired_prefix)
+return -EADDRNOTAVAIL;
+
+*addr = nd-link-expired_prefix-addr;
+*prefixlen = nd-link-expired_prefix-len;
+
+return 0;
+}
+
static int icmp6_ra_prefix_update(sd_icmp6_nd *nd, ssize_t len,
const struct nd_opt_prefix_info *prefix_opt) {
int r;
diff --git a/src/systemd/sd-icmp6-nd.h b/src/systemd/sd-icmp6-nd.h
index 9139c06..acb4107 100644
--- a/src/systemd/sd-icmp6-nd.h
+++ b/src/systemd/sd-icmp6-nd.h
@@ -58,6 +58,8 @@ int sd_icmp6_prefix_match(struct in6_addr *prefix, uint8_t
prefixlen,
int sd_icmp6_ra_get_mtu(sd_icmp6_nd *nd, uint32_t *mtu);
int sd_icmp6_ra_get_prefixlen(sd_icmp6_nd *nd, const struct in6_addr *addr,
uint8_t *prefixlen);
+int sd_icmp6_ra_get_expired_prefix(sd_icmp6_nd *nd, struct in6_addr **addr,
+uint8_t *prefixlen);
int sd_icmp6_nd_stop(sd_icmp6_nd *nd);
int sd_icmp6_router_solicitation_start(sd_icmp6_nd *nd);
--
2.1.4
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 08/11] test-icmp6-nd: Add test cases for prefixes
Add test cases that feeds an Router Advertisement to the ICMPv6 code
and verify that the correct prefix lengths are returned given an IPv6
address.
Enhance the prefix verification test by adding a shorter prefix and
check that the intended prefix lengths are now updated.
---
src/libsystemd-network/test-icmp6-rs.c | 207 +++--
1 file changed, 200 insertions(+), 7 deletions(-)
diff --git a/src/libsystemd-network/test-icmp6-rs.c
b/src/libsystemd-network/test-icmp6-rs.c
index 8a42a34..85e0239 100644
--- a/src/libsystemd-network/test-icmp6-rs.c
+++ b/src/libsystemd-network/test-icmp6-rs.c
@@ -34,6 +34,9 @@ static bool verbose = true;
static sd_event_source *test_hangcheck;
static int test_fd[2];
+typedef int (*send_ra_t)(uint8_t flags);
+static send_ra_t send_ra_function;
+
static int test_rs_hangcheck(sd_event_source *s, uint64_t usec,
void *userdata) {
assert_se(false);
@@ -50,6 +53,191 @@ int dhcp_network_icmp6_bind_router_solicitation(int index) {
return test_fd[0];
}
+static int send_ra_short_prefix(uint8_t flags) {
+uint8_t advertisement[] = {
+0x86, 0x00, 0xbe, 0xd7, 0x40, 0xc0, 0x00, 0xb4,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+
+0x03, 0x04, 0x34, 0xc0, 0x00, 0x00, 0x01, 0xf4,
+0x00, 0x00, 0x01, 0xb8, 0x00, 0x00, 0x00, 0x00,
+0x20, 0x01, 0x0d, 0xb8, 0xde, 0xad, 0xbe, 0xef,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+};
+
+assert_se(write(test_fd[1], advertisement, sizeof(advertisement)) ==
+ sizeof(advertisement));
+
+return 0;
+}
+
+static void test_short_prefix_cb(sd_icmp6_nd *nd, int event, void *userdata) {
+sd_event *e = userdata;
+struct {
+struct in6_addr addr;
+uint8_t prefixlen;
+bool success;
+} addrs[] = {
+{ { { { 0x20, 0x01, 0x0d, 0xb8, 0xde, 0xad, 0xbe, 0xef,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } } },
+ 52, true },
+{ { { { 0x20, 0x01, 0x0d, 0xb8, 0xde, 0xad, 0x0d, 0xad,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } } },
+ 64, false },
+{ { { { 0x20, 0x01, 0x0d, 0xb8, 0x0b, 0x16, 0xd0, 0x0d,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } } },
+ 60, true },
+{ { { { 0x20, 0x01, 0x0d, 0xb8, 0x00, 0x9d, 0xab, 0xcd,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } } },
+ 64, true },
+{ { { { 0x20, 0x01, 0x0d, 0xb8, 0xde, 0xad, 0xbe, 0xed,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } } },
+ 52, true },
+};
+uint8_t prefixlen;
+unsigned int i;
+
+for (i = 0; i ELEMENTSOF(addrs); i++) {
+printf( %s prefix %02x%02x:%02x%02x:%02x%02x:%02x%02x,
+__FUNCTION__,
+addrs[i].addr.s6_addr[0], addrs[i].addr.s6_addr[1],
+addrs[i].addr.s6_addr[2], addrs[i].addr.s6_addr[3],
+addrs[i].addr.s6_addr[4], addrs[i].addr.s6_addr[5],
+addrs[i].addr.s6_addr[6], addrs[i].addr.s6_addr[7]);
+
+if (addrs[i].success) {
+assert_se(sd_icmp6_ra_get_prefixlen(nd, addrs[i].addr,
+prefixlen) =
0);
+assert_se(addrs[i].prefixlen == prefixlen);
+printf(/%d onlink\n, prefixlen);
+} else {
+assert_se(sd_icmp6_ra_get_prefixlen(nd, addrs[i].addr,
+prefixlen) ==
-EADDRNOTAVAIL);
+printf(/128 offlink\n);
+}
+}
+
+sd_event_exit(e, 0);
+}
+
+static int send_ra_prefixes(uint8_t flags) {
+uint8_t advertisement[] = {
+0x86, 0x00, 0xbe, 0xd7, 0x40, 0xc0, 0x00, 0xb4,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+0x03, 0x04, 0x3f, 0xc0, 0x00, 0x00, 0x01, 0xf4,
+0x00, 0x00, 0x01, 0xb8, 0x00, 0x00, 0x00, 0x00,
+0x20, 0x01, 0x0d, 0xb8, 0xde, 0xad, 0xbe, 0xef,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+0x03, 0x04, 0x40, 0x00, 0x00, 0x00, 0x02, 0x58,
+0x00, 0x00, 0x02, 0x1c, 0x00, 0x00, 0x00, 0x00,
+0x20, 0x01, 0x0d, 0xb8, 0xde, 0xad, 0x0d, 0xad,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+0x03, 0x04, 0x3c, 0x80, 0x00, 0x00, 0x03, 0x84,
+0x00, 0x00, 0x03, 0x20, 0x00, 0x00, 0x00, 0x00,
+0x20, 0x01, 0x0d, 0xb8, 0x0b, 0x16, 0xd0,
[systemd-devel] [PATCH 11/11] sd_dhcp6_lease: Support DNS and NTP options
Store arrays of found DNS and NTP IPv6 addresses and strings of DNS
search domains and NTP host names as specified in RFC 3646 and RFC
5908.
---
src/libsystemd-network/dhcp6-internal.h | 3 +
src/libsystemd-network/dhcp6-lease-internal.h | 18
src/libsystemd-network/dhcp6-option.c | 22
src/libsystemd-network/dhcp6-protocol.h | 6 ++
src/libsystemd-network/sd-dhcp6-client.c | 22
src/libsystemd-network/sd-dhcp6-lease.c | 140 ++
src/systemd/sd-dhcp6-lease.h | 6 ++
7 files changed, 217 insertions(+)
diff --git a/src/libsystemd-network/dhcp6-internal.h
b/src/libsystemd-network/dhcp6-internal.h
index 4f54ad8..fd7deb9 100644
--- a/src/libsystemd-network/dhcp6-internal.h
+++ b/src/libsystemd-network/dhcp6-internal.h
@@ -68,6 +68,9 @@ int dhcp6_option_parse(uint8_t **buf, size_t *buflen,
uint16_t *optcode,
size_t *optlen, uint8_t **optvalue);
int dhcp6_option_parse_ia(uint8_t **buf, size_t *buflen, uint16_t iatype,
DHCP6IA *ia);
+int dhcp6_option_get_ip6addrs(uint8_t *optval, uint16_t optlen,
+struct in6_addr **addrs, size_t *size,
+size_t *allocated);
int dhcp6_network_bind_udp_socket(int index, struct in6_addr *address);
int dhcp6_network_send_udp_socket(int s, struct in6_addr *address,
diff --git a/src/libsystemd-network/dhcp6-lease-internal.h
b/src/libsystemd-network/dhcp6-lease-internal.h
index 109e0f4..dcc7913 100644
--- a/src/libsystemd-network/dhcp6-lease-internal.h
+++ b/src/libsystemd-network/dhcp6-lease-internal.h
@@ -40,6 +40,19 @@ struct sd_dhcp6_lease {
DHCP6IA ia;
DHCP6Address *addr_iter;
+
+struct in6_addr *dns;
+size_t dns_size;
+size_t dns_allocated;
+char *domain_list;
+size_t domain_list_size;
+size_t domain_list_allocated;
+struct in6_addr *ntp;
+size_t ntp_size;
+size_t ntp_allocated;
+char *ntp_fqdn;
+size_t ntp_fqdn_size;
+size_t ntp_fqdn_allocated;
};
int dhcp6_lease_clear_timers(DHCP6IA *ia);
@@ -56,6 +69,11 @@ int dhcp6_lease_get_rapid_commit(sd_dhcp6_lease *lease, bool
*rapid_commit);
int dhcp6_lease_get_iaid(sd_dhcp6_lease *lease, be32_t *iaid);
+int dhcp6_lease_set_dns(sd_dhcp6_lease *lease, uint8_t *optval, size_t optlen);
+int dhcp6_lease_set_domain_list(sd_dhcp6_lease *lease, uint8_t *optval,
+size_t optlen);
+int dhcp6_lease_set_ntp(sd_dhcp6_lease *lease, uint8_t *optval, size_t optlen);
+
int dhcp6_lease_new(sd_dhcp6_lease **ret);
DEFINE_TRIVIAL_CLEANUP_FUNC(sd_dhcp6_lease*, sd_dhcp6_lease_unref);
diff --git a/src/libsystemd-network/dhcp6-option.c
b/src/libsystemd-network/dhcp6-option.c
index ea863f4..7a7aad4 100644
--- a/src/libsystemd-network/dhcp6-option.c
+++ b/src/libsystemd-network/dhcp6-option.c
@@ -317,3 +317,25 @@ error:
return r;
}
+
+int dhcp6_option_get_ip6addrs(uint8_t *optval, uint16_t optlen,
+struct in6_addr **addrs, size_t *size,
+size_t *allocated) {
+size_t in6_size = sizeof(**addrs);
+
+assert_return(optval, -EINVAL);
+assert_return(addrs, -EINVAL);
+assert_return(size, -EINVAL);
+
+if (optlen % in6_size)
+return -EINVAL;
+
+if (!GREEDY_REALLOC0(*addrs, *allocated, *size + optlen))
+return -ENOMEM;
+
+memcpy(*addrs + *size / in6_size, optval, optlen);
+
+*size += optlen;
+
+return 0;
+}
diff --git a/src/libsystemd-network/dhcp6-protocol.h
b/src/libsystemd-network/dhcp6-protocol.h
index 3e0f339..9330f23 100644
--- a/src/libsystemd-network/dhcp6-protocol.h
+++ b/src/libsystemd-network/dhcp6-protocol.h
@@ -134,6 +134,12 @@ enum {
};
enum {
+DHCP6_NTP_SUBOPTION_SRV_ADDR= 1,
+DHCP6_NTP_SUBOPTION_MC_ADDR = 2,
+DHCP6_NTP_SUBOPTION_SRV_FQDN= 3,
+};
+
+enum {
DHCP6_STATUS_SUCCESS= 0,
DHCP6_STATUS_UNSPEC_FAIL= 1,
DHCP6_STATUS_NO_ADDRS_AVAIL = 2,
diff --git a/src/libsystemd-network/sd-dhcp6-client.c
b/src/libsystemd-network/sd-dhcp6-client.c
index 940a606..ca6f316 100644
--- a/src/libsystemd-network/sd-dhcp6-client.c
+++ b/src/libsystemd-network/sd-dhcp6-client.c
@@ -804,7 +804,29 @@ static int client_parse_message(sd_dhcp6_client *client,
return r;
break;
+
+case DHCP6_OPTION_DNS_SERVERS:
+r = dhcp6_lease_set_dns(lease, optval, optlen);
+if (r 0)
+return r;
+
+break;
+
+case DHCP6_OPTION_DOMAIN_LIST:
+r = dhcp6_lease_set_domain_list(lease, optval, optlen);
+if (r
[systemd-devel] [PATCH 05/11] sd-icmp6-nd: Add helper function to get the IPv6 link MTU
Update MTU according to the latest value received.
---
src/libsystemd-network/sd-icmp6-nd.c | 30 ++
src/systemd/sd-icmp6-nd.h| 2 ++
2 files changed, 32 insertions(+)
diff --git a/src/libsystemd-network/sd-icmp6-nd.c
b/src/libsystemd-network/sd-icmp6-nd.c
index 35d5f5f..3501055 100644
--- a/src/libsystemd-network/sd-icmp6-nd.c
+++ b/src/libsystemd-network/sd-icmp6-nd.c
@@ -271,10 +271,24 @@ int sd_icmp6_nd_new(sd_icmp6_nd **ret) {
return 0;
}
+int sd_icmp6_ra_get_mtu(sd_icmp6_nd *nd, uint32_t *mtu) {
+assert_return(nd, -EINVAL);
+assert_return(mtu, -EINVAL);
+
+if (!nd-link || !nd-link-mtu)
+return -ENOMSG;
+
+*mtu = nd-link-mtu;
+
+return 0;
+}
+
static int icmp6_ra_parse(sd_icmp6_nd *nd, struct nd_router_advert *ra,
ssize_t len) {
void *opt;
struct nd_opt_hdr *opt_hdr;
+struct nd_opt_mtu *opt_mtu;
+uint32_t mtu;
assert_return(nd, -EINVAL);
assert_return(nd-link, -EINVAL);
@@ -293,6 +307,22 @@ static int icmp6_ra_parse(sd_icmp6_nd *nd, struct
nd_router_advert *ra,
return -ENOMSG;
switch (opt_hdr-nd_opt_type) {
+case ND_OPT_MTU:
+opt_mtu = opt;
+
+mtu = be32toh(opt_mtu-nd_opt_mtu_mtu);
+
+if (!nd-link-mtu || mtu nd-link-mtu) {
+if (mtu IP6_MIN_MTU)
+nd-link-mtu = IP6_MIN_MTU;
+else
+nd-link-mtu = mtu;
+
+log_icmp6_nd(nd, Link MTU %d advertised %d,
+nd-link-mtu, mtu);
+}
+
+break;
}
diff --git a/src/systemd/sd-icmp6-nd.h b/src/systemd/sd-icmp6-nd.h
index 73f91aa..73ebccf 100644
--- a/src/systemd/sd-icmp6-nd.h
+++ b/src/systemd/sd-icmp6-nd.h
@@ -51,6 +51,8 @@ sd_icmp6_nd *sd_icmp6_nd_ref(sd_icmp6_nd *nd);
sd_icmp6_nd *sd_icmp6_nd_unref(sd_icmp6_nd *nd);
int sd_icmp6_nd_new(sd_icmp6_nd **ret);
+int sd_icmp6_ra_get_mtu(sd_icmp6_nd *nd, uint32_t *mtu);
+
int sd_icmp6_nd_stop(sd_icmp6_nd *nd);
int sd_icmp6_router_solicitation_start(sd_icmp6_nd *nd);
--
2.1.4
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] TODO: DHCPv6 Information Request has been implemented
On Tue, 2015-01-13 at 14:32 +0200, Patrik Flykt wrote: Just a trivial TODO update, I'll push it right away. Patch applied. Patrik ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] PartOf= Question
On 01/12/2015 05:20 PM, Colin Guthrie wrote: Hi Steve, I think I maybe (coincidentally) partly answered some of this question (or at least outlined the problem) in my other reply on a different thread made just a moment ago. I must a have missed it... I should watch this list closer than I do. Steve Dickson wrote on 12/01/15 19:58: Hello, The nfs-server service starts both the rpc-mountd service and the rpc-idmapd service when the server is started. But only brings down the rpc-mountd service when the NFS server is stopped. I want nfs-server service to bring both services when the server is stopped. Do you mean nfs-mountd/idmapd.service here? That's the name I see in git, but perhaps you've renamed them locally to match their binary names? (I'm forever mixing up the rpc- vs. nfs- prefixes too FWIW!) Yes... nfs-mountd and nfs-idmapd where the services I was talking about Question: Are idmapd and mountd *only* required for the server? I thought that idmapd was at least needed for the client too (but this could easily be a problem with my understanding, so feel free to correct me). Well if /usr/sbin/nfsidmap and /etc/request-key.d/id_resolver.conf exists then the kernel keyrings are used to store the idmappings. The kernel makes the upcall to nfsidmap via id_resolver.conf. The caveat here is its hard coded in the kernel to always try the nfsidmap upcall first; If that fails then an upcall to rpc.idmapd is tried. So it makes sense to ensue the nfsidmap upcall exists (aka not making two upcalls for every id binding). I'll assume I'm wrong for the sake of argument as you seem to what this behaviour! :) Looking at the difference between rpc-mountd and rpc-idmapd services, I noted the rpc-mountd service had: PartOf=nfs-server.service PartOf=nfs-utils.service I would strongly discourage the use of multiple PartOf= directives. Note that as the man page describes PartOf is a one-way propagation. That is if nfs-server is stopped, started or restarted it will propagate to rpc-mountd. But likewise is nfs-utils is stopped, started or restarted it too will propagate, but this might then go out of sync with nfs-server. In these units, as nfs-mountd is required by nfs-server.service, if nfs-utils is restarted, then (I think this is correct) nfs-server will have to go down because it's requirement is no longer true (during the window when nfs-mountd.service restarting), but there is nothing that will then start nfs-server again after things are back up. So by having two PartOf= directives here, issuing systemctl restart nfs-utils when nfs-server is started, will result in nfs-server being stopped. Now in this particular case, nfs-server is not really a daemon so things will physically work, but the state will be really confusing to a sysadmin! This makes senses... If rpc-mountd and rpc-idmap are essentially bound to nfs-server.service state, then I would remove both PartOf= lines and simply add a BindsTo=nfs-server.service line. Forget nfs-utils.service (which I think should be generally done anyway). This binds both units state to that of nfs-server.service. If it's started, they will start, if it is stopped, they will stop. If they are individually stopped, so will nfs-server (it Requires= them). They should thus continue to not have any [Install] section. PartOf is looser than BindTo. It was introduced to allow targets to be restarted and have all their units restart automatically (often this would be templated units), but to also allow the individual units that are part of that target to be restarted individually without affecting other units in the same target. Got it.. Perhaps this is actually what you want here (e.g. to be able to restart idmap on it's own without having this propagate to the nfs-server.service too? If so, I believe you should use Wants= in nfs-server.service rather than Requires= as that way the individual units can be restarted without actually affecting the state of the nfs-server itself, but you do have to ensure they are enabled in some other way (as Wants= will not pull them in automatically). I have a Wants=nfs-idmapd.service in nfs-server.service so I think that is good to go... Here is what I have now in nfs-idmap.service: [Unit] Description=NFSv4 ID-name mapping service BindTo=nfs-server.service Wants=nfs-config.service After=nfs-config.service [Service] EnvironmentFile=-/run/sysconfig/nfs-utils Type=forking ExecStart=/usr/sbin/rpc.idmapd $RPCIDMAPDARGS And in nfs-server.service I have the lines: Wants= nfs-idmapd.service After= nfs-idmapd.service And still rpc.idmapd does not come down when server is stopped. I suspect it's required by something else perhaps? Does it's pid change (i.e. is it restarted)? No. The pid stays the same on restarts. Or dod you just modify the units on disk but forget to run systemctl daemon-reload to reread them? After
[systemd-devel] [PATCH] TODO: DHCPv6 Information Request has been implemented
--- Hi, Just a trivial TODO update, I'll push it right away. Cheers, Patrik TODO | 1 - 1 file changed, 1 deletion(-) diff --git a/TODO b/TODO index 1d497b2..3c2c2c9 100644 --- a/TODO +++ b/TODO @@ -792,7 +792,6 @@ Features: - write more test cases - implement and do duplicate address detection, see rfc 4862, 5.4. - implement reconfigure support, see 5.3., 15.11. and 22.20. - - implement information request, see 1.2. and 18.1.5. - implement support for temporary adressess (IA_TA) - implement dhcpv6 authentication - investigate the usefulness of Confirm messages; i.e. are there any -- 2.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] Grammar changes to catalog
See attached patch. Regards,From 8c77af83fe18dbb0d2230cbfc619a7e0a66f5183 Mon Sep 17 00:00:00 2001 From: Chris Atkinson c...@pipeline.com Date: Tue, 13 Jan 2015 10:06:25 -0500 Subject: [PATCH] Grammar changes to catalog --- catalog/systemd.catalog | 22 +++--- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/catalog/systemd.catalog b/catalog/systemd.catalog index 3c2fe64..4488c83 100644 --- a/catalog/systemd.catalog +++ b/catalog/systemd.catalog @@ -23,15 +23,15 @@ # For an explanation why we do all this, see https://xkcd.com/1024/ -- f77379a8490b408bbe5f6940505a777b -Subject: The Journal has been started +Subject: The journal has been started Defined-By: systemd Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -The system journal process has been starting up, opened the journal +The system journal process has started up, opened the journal files for writing and is now ready to process requests. -- d93fb3c9c24d451a97cea615ce59c00b -Subject: The Journal has been stopped +Subject: The journal has been stopped Defined-By: systemd Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel @@ -50,8 +50,8 @@ from the service have been dropped. Note that only messages from the service in question have been dropped, other services' messages are unaffected. -The limits when messages are dropped may be configured with -RateLimitInterval= and RateLimitBurst= in +The limits controlling when messages are dropped may be configured +with RateLimitInterval= and RateLimitBurst= in /etc/systemd/journald.conf. See journald.conf(5) for details. -- e9bf28e6e834481bb6f48f548ad13606 @@ -96,7 +96,7 @@ A new session with the ID @SESSION_ID@ has been created for the user @USER_ID@. The leading process of the session is @LEADER@. -- 3354939424b4456d9802ca8333ed424a -Subject: A session @SESSION_ID@ has been terminated +Subject: Session @SESSION_ID@ has been terminated Defined-By: systemd Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat @@ -112,7 +112,7 @@ Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat A new seat @SEAT_ID@ has been configured and is now available. -- e7852bfe46784ed0accde04bc864c2d5 -Subject: A seat @SEAT_ID@ has now been removed +Subject: Seat @SEAT_ID@ has now been removed Defined-By: systemd Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat @@ -178,7 +178,7 @@ Systemd shutdown has been initiated. The shutdown has now begun and all system services are terminated and all file systems unmounted. -- 7d4958e842da4a758f6c1cdc7b36dcc5 -Subject: Unit @UNIT@ has begun with start-up +Subject: Unit @UNIT@ has begun start-up Defined-By: systemd Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel @@ -217,11 +217,11 @@ Unit @UNIT@ has failed. The result is @RESULT@. -- d34d037fff1847e6ae669a370e694725 -Subject: Unit @UNIT@ has begun with reloading its configuration +Subject: Unit @UNIT@ has begun reloading its configuration Defined-By: systemd Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -Unit @UNIT@ has begun with reloading its configuration +Unit @UNIT@ has begun reloading its configuration -- 7b05ebc668384222baa8881179cfda54 Subject: Unit @UNIT@ has finished reloading its configuration @@ -239,7 +239,7 @@ Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel The process @EXECUTABLE@ could not be executed and failed. -The error number returned while executing this process is @ERRNO@. +The error number returned by this process is @ERRNO@. -- 0027229ca0644181a76c4e92458afa2e Subject: One or more messages could not be forwarded to syslog -- 2.2.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] os-release: Add PRIVACY_POLICY_URL
--- man/os-release.xml | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/man/os-release.xml b/man/os-release.xml index b4cbeba..4fa41e7 100644 --- a/man/os-release.xml +++ b/man/os-release.xml @@ -277,6 +277,7 @@ termvarnameHOME_URL=/varname/term termvarnameSUPPORT_URL=/varname/term termvarnameBUG_REPORT_URL=/varname/term + termvarnamePRIVACY_POLICY_URL=/varname/term listitemparaLinks to resources on the Internet related the operating @@ -296,15 +297,19 @@ page for the operating system, if there is any. This is primarily intended for operating systems that -rely on community QA. These settings +rely on community QA. +varnamePRIVACY_POLICY_URL=/varname +should refer to the main privacy policy +page for the operation system, if there +is any. These settings are optional, and providing only some of these settings is common. These URLs are intended to be exposed in About this system UIs behind links with captions such as About this Operating System, Obtain Support, -and Report a Bug. The values should -be in ulink +Report a Bug, or Privacy Policy. The +values should be in ulink url=https://tools.ietf.org/html/rfc3986;RFC3986 format/ulink, and should be literalhttp:/literal or -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Running system services required for certain filesystems
On 01/12/2015 05:40 PM, Colin Guthrie wrote: Steve Dickson wrote on 12/01/15 20:31: Hello On 01/12/2015 05:37 AM, Colin Guthrie wrote: Hi, On a related note to my previous message (subject systemctl status not showing still running processes in inactive .mount unit cgroups (NFS specifically)), when mount.nfs runs to mount NFS filesystems, it shells out to /usr/sbin/start-statd which in turn calls sytemctl to start rpc.statd service. This feels ugly. Why? This is why rpc.statd does not need to be started on the client default any more. Yes but it requires the shelling out to bash script to do some modification of a pre-calculate set of transactions and dynamically adjusts the systemd jobs. It feels very un-systemd to use systemctl during the initial transaction of start jobs to modify things. I guess I'm not such a systemd purist ;-) but it feels ok to me! :-) Generally speaking you also have to be really, really careful doing such things as they can be called at unexpected times and result in deadlocks (protected by a timeout thankfully) due to ordering cycles. e.g. say something in early boot that has Before=rpc-statd.service is run, that somehow triggers, e.g. an automount, that in turn calls mount.nfs, which in turn calls systemctl start rpc-statd.service, then that systemctl job will block because the job it creates is waiting for the job with Before=rpc-statd.service in it to complete. I see the deadlock... in theory... but that assumes the first Before=rpc-statd.service never completes which is very unlikely. So calling systemctl during the initial transaction is really something to strongly discourage IMO. Ideally all information would be available after all the generators are run to calculate the initial transaction right at the beginning without any of dynamic modification in the middle. We have a sync point for this in the form of remote-fs-pre.target, but for some reason upstream nfs-utils people still deem that /usr/sbin/start-statd is a required component. I'm not seeing how remote-fs-pre.target is a sync point. Its only used by the nfs-client.target... Well, it's original intention was as as a sync point, but it doesn't seem to be getting used that way now (and there are some good reasons which I'll cover in a reply to Andrei). OK. But it did get me thinking about how clean remote-fs-pre.target really is. We do need to make sure rpc.statd is running before any NFS filesystems are mounted and and relying on the blunt instrument of remote-fs-pre.target seems kinda wrong. It should be more on demand e.g. when I start an nfs mount, it should be able to specify that rpc.statd service is a prerequisite. So my question is, is there a cleaner way to have dependencies like this specified for particular FS types? With the goal being that before systemd will try and mount any NFS filesystems it will make sure that nfs-lock.service (or statd.service or nfs-statd.service or whatever it's name really should be) is running? I kinda want a Requires=nfs-lock.service and After=nfs-lock.service definitions to go into all my *.mount units for any nfs filesystem, but it a way that means I don't have to actually specify this manually in my fstab. Why spread out the pain? I think the sync point we have right now mount.nfs calling start-statd works and keeps everything in one place. Shelling out to start-statd definitely isn't a sync point and as I've outlined above, calling systemctl mid-transaction is really something we should avoid. Again, I do see your point. In this particular I'm not sure there is much else we can do. I do like that it solves the case of calling mount /mountpoint command manually as a sysadmin and it will start the necessary service but I still thing it's ugly if called via systemctl start /mountpoint - we should be able to handle this kind of dep without such shelling out. Something like a pseudo service - systemd-fstype@nfs.service with Type=oneshot+RemainAfterExit=true+Exec=/usr/bin/true that is run by systemd before it does it mounting to act as a sync point (thus allowing nfs-lock.service to just put RequiredBy=systemd-fstype@nfs.service+Before=systemd-fstype@nfs.service and all is well) - there shouldn't really be a strong need for any actual changes to systemd-fstype@.service (or any systemd-fstype@nfs.service.d dropins) here, as it can all be specified the other way around in nfs-lock.service. WOW.. Granted I'm no systemd expert... what did you say?? :-) My apologies but I'm unable to parse the above paragraph at all! In the end, I'm all for making things go smoother but I've never been a fan of fixing something that's not broken... To be fair, I could probably word it better, and (being totally fair) I'm suggesting a similar abuse of a .service unit that the current nfs-utils.service does (which we really shouldn't do!) But ultimately, what the above would
Re: [systemd-devel] Wierd Segfault in sd_rtnl_message_unref (libnss_myhostname.so.2 by sshd )
Hi Svenne,
On Mon, Jan 12, 2015 at 10:08 PM, Svenne Krap svenne.li...@krap.dk wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi.
On Arch X64 using 218-1 (first packaging of 218) I have run into the
following wierd problem.
When trying to connect to a ssh server running dualstack (both ipv4 and
ipv6) by ipv6, ssh segfaults when I have loaded the full ipv4 bgp
routing table (~500k+ routes). IPv4 connections works for some reason,
and Ipv6 recovers if I kill the routing daemon (bird).
The stack trace of the core-file starts with
Stack trace of thread 515:
#0 0x7f48334a3dd5 _int_free (libc.so.6)
#1 0x7f4834a1e62a sd_rtnl_message_unref (libnss_myhostname.so.2)
#2 0x7f4834a1e657 sd_rtnl_message_unref (libnss_myhostname.so.2)
And continues with that line (#1 and #2) until frame 63.
I have looked in src/libsystemd/sd-rtnl/rtnl-message.c and have two
observations (my C is very rusty so feel free to correct me).
Line 589, shouldn't the line
if (m REFCNT_DEC(m-n_ref) = 0) {
be
if (m REFCNT_DEC(m-n_ref) = 0) {
(I.e. greater-than-equal instead of less-than-equal)
As Zbigniew explained, this is actually correct, but misleading. I
fixed it to use equality now, which should hopefully make it clearer.
Any chance you could run this through valgrind to get a bit more info
about what's going wrong?
Also, perhaps a test of whether m-next is equal to m on line 597
Hm, well, if there is a loop in the message list we are in trouble,
but checking just for two messages pointing at each other is not
enough, as the loop could be bigger. That said, such a loop can only
happen if there is a real bug in our code, so I don't think we should
be checking for that all the time.
Thanks for the report!
Tom
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] os-release: Add PRIVACY_POLICY_URL
On Tue, Jan 13, 2015 at 05:20:24PM +0100, Bastien Nocera wrote: +rely on community QA. +varnamePRIVACY_POLICY_URL=/varname +should refer to the main privacy policy +page for the operation system, if there +is any. These settings Uhm, privacy policy for an operating system? Do you have any example URLs? -- Tomasz Torcz 72-| 80-| xmpp: zdzich...@chrome.pl 72-| 80-| ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 0/3] Miscellaneous systemd changes
Here are a few systemd changes that were suggested by the systemd folks: * Bind the nfs-idmap service to the nfs server. * Correctly bind nfs-mountd service to the nfs server. * Used approved way to check if systemd is install and running Steve Dickson (3): systemd: Bind rpc.idmapd to the nfs-server service systemd: Bind the nfs-mountd service to the nfs-server service start-statd: Use the canonical to check if systemd is running. systemd/nfs-idmapd.service | 2 +- systemd/nfs-mountd.service | 3 +-- utils/statd/start-statd| 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 2/3] systemd: Bind the nfs-mountd service to the nfs-server service
Use BindTo, instead of PartOf, to bind the nfs-mountd service to the nfs-server service. Its a much tighter bind than PartOf. The Partof=nfs-utils.service was not needed. One side effect of this tighter bond is when rpc.mountd is stop, that will also bring the nfs server down, due to the Requires=nfs-mountd.service in the nfs-server service Signed-off-by: Steve Dickson ste...@redhat.com --- systemd/nfs-mountd.service | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/systemd/nfs-mountd.service b/systemd/nfs-mountd.service index 7ccc0f7..c16af57 100644 --- a/systemd/nfs-mountd.service +++ b/systemd/nfs-mountd.service @@ -3,8 +3,7 @@ Description=NFS Mount Daemon Requires=proc-fs-nfsd.mount After=proc-fs-nfsd.mount After=network.target -PartOf=nfs-server.service -PartOf=nfs-utils.service +BindTo=nfs-server.service Wants=nfs-config.service After=nfs-config.service -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 3/3] start-statd: Use the canonical to check if systemd is running.
Use the approved way, define in http://www.freedesktop.org/software/systemd/man/sd_booted.html to check if systemd is installed and running Signed-off-by: Steve Dickson ste...@redhat.com --- utils/statd/start-statd | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/statd/start-statd b/utils/statd/start-statd index ec9383b..b32b3a5 100755 --- a/utils/statd/start-statd +++ b/utils/statd/start-statd @@ -7,7 +7,7 @@ PATH=/sbin:/usr/sbin:/bin:/usr/bin # First try systemd if it's installed. -if systemctl --help /dev/null 21; then +if test -d /run/systemd/system; then # Quit only if the call worked. systemctl start rpc-statd.service exit fi -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 02/11] sd-dhcp6-lease: Revise address iteration functions
On Tue, Jan 13, 2015 at 02:02:12PM +0200, Patrik Flykt wrote:
Revise the address iteration functions so that one helper function
resets the iterator to the start of the address list while the
second one fetches addresses one by one.
The test case is also updated.
---
src/libsystemd-network/sd-dhcp6-lease.c| 24 +++
src/libsystemd-network/test-dhcp6-client.c | 37
+++---
src/systemd/sd-dhcp6-lease.h | 7 ++
3 files changed, 29 insertions(+), 39 deletions(-)
diff --git a/src/libsystemd-network/sd-dhcp6-lease.c
b/src/libsystemd-network/sd-dhcp6-lease.c
index 8960fac..b3ae0c0 100644
--- a/src/libsystemd-network/sd-dhcp6-lease.c
+++ b/src/libsystemd-network/sd-dhcp6-lease.c
@@ -146,10 +146,9 @@ int dhcp6_lease_get_iaid(sd_dhcp6_lease *lease, be32_t
*iaid) {
return 0;
}
-int sd_dhcp6_lease_get_next_address(sd_dhcp6_lease *lease,
-struct in6_addr *addr,
-uint32_t *lifetime_preferred,
-uint32_t *lifetime_valid) {
+int sd_dhcp6_lease_get_address(sd_dhcp6_lease *lease, struct in6_addr *addr,
+uint32_t *lifetime_preferred,
+uint32_t *lifetime_valid) {
Something strange happens with indentantion :)
assert_return(lease, -EINVAL);
assert_return(addr, -EINVAL);
assert_return(lifetime_preferred, -EINVAL);
@@ -169,22 +168,15 @@ int sd_dhcp6_lease_get_next_address(sd_dhcp6_lease
*lease,
return 0;
}
-int sd_dhcp6_lease_get_first_address(sd_dhcp6_lease *lease,
- struct in6_addr *addr,
- uint32_t *lifetime_preferred,
- uint32_t *lifetime_valid) {
+int sd_dhcp6_lease_reset_address_iter(sd_dhcp6_lease *lease) {
assert_return(lease, -EINVAL);
-assert_return(addr, -EINVAL);
-assert_return(lifetime_preferred, -EINVAL);
-assert_return(lifetime_valid, -EINVAL);
-
-if (!lease-ia.addresses)
-return -ENOMSG;
lease-addr_iter = lease-ia.addresses;
-return sd_dhcp6_lease_get_next_address(lease, addr,
lifetime_preferred,
- lifetime_valid);
+if (!lease-addr_iter)
+return -ENOMSG;
+
+return 0;
}
sd_dhcp6_lease *sd_dhcp6_lease_ref(sd_dhcp6_lease *lease) {
diff --git a/src/libsystemd-network/test-dhcp6-client.c
b/src/libsystemd-network/test-dhcp6-client.c
index 7590839..bc9a9e2 100644
--- a/src/libsystemd-network/test-dhcp6-client.c
+++ b/src/libsystemd-network/test-dhcp6-client.c
@@ -286,25 +286,26 @@ static int test_advertise_option(sd_event *e) {
assert_se(opt_clientid);
-assert_se(sd_dhcp6_lease_get_first_address(lease, addr, lt_pref,
- lt_valid) = 0);
+assert_se(sd_dhcp6_lease_reset_address_iter(lease) = 0);
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
+ lt_valid) = 0);
assert_se(!memcmp(addr, msg_advertise[42], sizeof(addr)));
assert_se(lt_pref == 150);
assert_se(lt_valid == 180);
-assert_se(sd_dhcp6_lease_get_next_address(lease, addr, lt_pref,
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
lt_valid) == -ENOMSG);
-assert_se(sd_dhcp6_lease_get_first_address(lease, addr, lt_pref,
- lt_valid) = 0);
+assert_se(sd_dhcp6_lease_reset_address_iter(lease) = 0);
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
+ lt_valid) = 0);
assert_se(!memcmp(addr, msg_advertise[42], sizeof(addr)));
-assert_se(sd_dhcp6_lease_get_next_address(lease, addr, lt_pref,
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
lt_valid) == -ENOMSG);
-assert_se(sd_dhcp6_lease_get_next_address(lease, addr, lt_pref,
- lt_valid) == -ENOMSG);
-assert_se(sd_dhcp6_lease_get_first_address(lease, addr, lt_pref,
- lt_valid) = 0);
+assert_se(sd_dhcp6_lease_reset_address_iter(lease) = 0);
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
+ lt_valid) = 0);
assert_se(!memcmp(addr, msg_advertise[42], sizeof(addr)));
-assert_se(sd_dhcp6_lease_get_next_address(lease, addr, lt_pref,
+assert_se(sd_dhcp6_lease_get_address(lease, addr, lt_pref,
Re: [systemd-devel] [PATCH 03/11] sd-icmp6-nd: Update Router Advertisement handling
On Tue, Jan 13, 2015 at 02:02:13PM +0200, Patrik Flykt wrote:
As the IPv6 prefixes are needed, update the ICMPv6 Router Advertisement
code to dynamically allocate a suitably sized buffer. Iterate through
the ICMPv6 options one by one returning error if the option length is
too big to fit the buffer.
---
src/libsystemd-network/sd-icmp6-nd.c | 75
+++-
1 file changed, 65 insertions(+), 10 deletions(-)
diff --git a/src/libsystemd-network/sd-icmp6-nd.c
b/src/libsystemd-network/sd-icmp6-nd.c
index fbaf093..c9b390e 100644
--- a/src/libsystemd-network/sd-icmp6-nd.c
+++ b/src/libsystemd-network/sd-icmp6-nd.c
@@ -18,9 +18,11 @@
***/
#include netinet/icmp6.h
+#include netinet/ip6.h
#include string.h
#include stdbool.h
#include netinet/in.h
+#include sys/ioctl.h
#include socket-util.h
#include refcnt.h
@@ -38,6 +40,10 @@ enum icmp6_nd_state {
ICMP6_ROUTER_ADVERTISMENT_LISTEN= 11,
};
+#define IP6_MIN_MTU 1280
+#define ICMP6_ND_RECV_SIZE (IP6_MIN_MTU - sizeof(struct ip6_hdr))
+#define ICMP6_OPT_LEN_UNITS 8
+
struct sd_icmp6_nd {
RefCount n_ref;
@@ -179,45 +185,94 @@ int sd_icmp6_nd_new(sd_icmp6_nd **ret) {
return 0;
}
+static int icmp6_ra_parse(sd_icmp6_nd *nd, struct nd_router_advert *ra,
+ssize_t len) {
+void *opt;
+struct nd_opt_hdr *opt_hdr;
+
+assert_return(nd, -EINVAL);
+assert_return(ra, -EINVAL);
+
+len -= sizeof(*ra);
+if (len ICMP6_OPT_LEN_UNITS)
+return 0;
+
+opt = ra + 1;
+opt_hdr = opt;
+
+while (len len = opt_hdr-nd_opt_len * ICMP6_OPT_LEN_UNITS) {
Isn't the first part of the check implied by the second?
Also, if len is ever 0, would this imply that a buffer overlow happened?
Maybe assert(len = 0);
+
+if (!opt_hdr-nd_opt_len)
+return -ENOMSG;
We usually use == 0 for comparison of integers to 0. Makes it easier to
distinguish from booleans.
+switch (opt_hdr-nd_opt_type) {
+
+}
+
+len -= opt_hdr-nd_opt_len * ICMP6_OPT_LEN_UNITS;
+opt = (void *)((char *)opt +
+opt_hdr-nd_opt_len * ICMP6_OPT_LEN_UNITS);
+opt_hdr = opt;
+}
Maybe add a check for trailing garbage and log_warning() or lower priority?
+
+return 0;
+}
+
static int icmp6_router_advertisment_recv(sd_event_source *s, int fd,
uint32_t revents, void *userdata)
{
sd_icmp6_nd *nd = userdata;
+int r, buflen;
ssize_t len;
-struct nd_router_advert ra;
+_cleanup_free_ struct nd_router_advert *ra = NULL;
int event = ICMP6_EVENT_ROUTER_ADVERTISMENT_NONE;
assert(s);
assert(nd);
assert(nd-event);
-/* only interested in Managed/Other flag */
-len = read(fd, ra, sizeof(ra));
-if ((size_t)len sizeof(ra))
+r = ioctl(fd, FIONREAD, buflen);
+if (r 0 || buflen = 0)
+buflen = ICMP6_ND_RECV_SIZE;
buflen might be used unitialized here.
+
+ra = malloc0(buflen);
Normal malloc should suffice.
+if (!ra)
+return -ENOMEM;
+
+len = read(fd, ra, buflen);
+if (len 0) {
+log_icmp6_nd(nd, Could not receive message from UDP socket:
%m);
return 0;
+}
-if (ra.nd_ra_type != ND_ROUTER_ADVERT)
+if (ra-nd_ra_type != ND_ROUTER_ADVERT)
return 0;
-if (ra.nd_ra_code != 0)
+if (ra-nd_ra_code != 0)
return 0;
nd-timeout = sd_event_source_unref(nd-timeout);
nd-state = ICMP6_ROUTER_ADVERTISMENT_LISTEN;
-if (ra.nd_ra_flags_reserved ND_RA_FLAG_OTHER )
+if (ra-nd_ra_flags_reserved ND_RA_FLAG_OTHER )
event = ICMP6_EVENT_ROUTER_ADVERTISMENT_OTHER;
-if (ra.nd_ra_flags_reserved ND_RA_FLAG_MANAGED)
+if (ra-nd_ra_flags_reserved ND_RA_FLAG_MANAGED)
event = ICMP6_EVENT_ROUTER_ADVERTISMENT_MANAGED;
log_icmp6_nd(nd, Received Router Advertisement flags %s/%s,
- (ra.nd_ra_flags_reserved ND_RA_FLAG_MANAGED)?
MANAGED:
+ (ra-nd_ra_flags_reserved ND_RA_FLAG_MANAGED)?
MANAGED:
none,
Maybe remove the parentheses, and forgo line-wrapping. This sould be clearer
that way.
- (ra.nd_ra_flags_reserved ND_RA_FLAG_OTHER)? OTHER:
+ (ra-nd_ra_flags_reserved ND_RA_FLAG_OTHER)? OTHER:
none);
+if (event != ICMP6_EVENT_ROUTER_ADVERTISMENT_NONE) {
+r = icmp6_ra_parse(nd, ra, len);
+if (r 0)
+
Re: [systemd-devel] [PATCH 05/11] sd-icmp6-nd: Add helper function to get the IPv6 link MTU
On Tue, Jan 13, 2015 at 02:02:15PM +0200, Patrik Flykt wrote:
Update MTU according to the latest value received.
---
src/libsystemd-network/sd-icmp6-nd.c | 30 ++
src/systemd/sd-icmp6-nd.h| 2 ++
2 files changed, 32 insertions(+)
diff --git a/src/libsystemd-network/sd-icmp6-nd.c
b/src/libsystemd-network/sd-icmp6-nd.c
index 35d5f5f..3501055 100644
--- a/src/libsystemd-network/sd-icmp6-nd.c
+++ b/src/libsystemd-network/sd-icmp6-nd.c
@@ -271,10 +271,24 @@ int sd_icmp6_nd_new(sd_icmp6_nd **ret) {
return 0;
}
+int sd_icmp6_ra_get_mtu(sd_icmp6_nd *nd, uint32_t *mtu) {
+assert_return(nd, -EINVAL);
+assert_return(mtu, -EINVAL);
+
+if (!nd-link || !nd-link-mtu)
+return -ENOMSG;
+
+*mtu = nd-link-mtu;
+
+return 0;
+}
+
static int icmp6_ra_parse(sd_icmp6_nd *nd, struct nd_router_advert *ra,
ssize_t len) {
void *opt;
struct nd_opt_hdr *opt_hdr;
+struct nd_opt_mtu *opt_mtu;
+uint32_t mtu;
assert_return(nd, -EINVAL);
assert_return(nd-link, -EINVAL);
@@ -293,6 +307,22 @@ static int icmp6_ra_parse(sd_icmp6_nd *nd, struct
nd_router_advert *ra,
return -ENOMSG;
switch (opt_hdr-nd_opt_type) {
+case ND_OPT_MTU:
Would be nicer to define
struct nd_opt_mtu *opt_mtu;
here.
+opt_mtu = opt;
+
+mtu = be32toh(opt_mtu-nd_opt_mtu_mtu);
+
+if (!nd-link-mtu || mtu nd-link-mtu) {
+if (mtu IP6_MIN_MTU)
+nd-link-mtu = IP6_MIN_MTU;
+else
+nd-link-mtu = mtu;
nd-link-mtu = MAX(mtu, IP6_MIN_MTU)?
+
+log_icmp6_nd(nd, Link MTU %d advertised %d,
+nd-link-mtu, mtu);
There's strange indentation and the debug message is pretty cryptic.
+}
+
+break;
}
diff --git a/src/systemd/sd-icmp6-nd.h b/src/systemd/sd-icmp6-nd.h
index 73f91aa..73ebccf 100644
--- a/src/systemd/sd-icmp6-nd.h
+++ b/src/systemd/sd-icmp6-nd.h
@@ -51,6 +51,8 @@ sd_icmp6_nd *sd_icmp6_nd_ref(sd_icmp6_nd *nd);
sd_icmp6_nd *sd_icmp6_nd_unref(sd_icmp6_nd *nd);
int sd_icmp6_nd_new(sd_icmp6_nd **ret);
+int sd_icmp6_ra_get_mtu(sd_icmp6_nd *nd, uint32_t *mtu);
+
int sd_icmp6_nd_stop(sd_icmp6_nd *nd);
int sd_icmp6_router_solicitation_start(sd_icmp6_nd *nd);
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 06/11] test-icmp6-rs: Add trivial test case for a MTU that is not present
On Tue, Jan 13, 2015 at 02:02:16PM +0200, Patrik Flykt wrote:
---
src/libsystemd-network/test-icmp6-rs.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/libsystemd-network/test-icmp6-rs.c
b/src/libsystemd-network/test-icmp6-rs.c
index be64d33..8a42a34 100644
--- a/src/libsystemd-network/test-icmp6-rs.c
+++ b/src/libsystemd-network/test-icmp6-rs.c
@@ -30,7 +30,7 @@ static struct ether_addr mac_addr = {
.ether_addr_octet = {'A', 'B', 'C', '1', '2', '3'}
};
-static bool verbose = false;
+static bool verbose = true;
Is this indended? If yes, the maybe remove the switch altogether?
static sd_event_source *test_hangcheck;
static int test_fd[2];
@@ -93,6 +93,8 @@ static void test_rs_done(sd_icmp6_nd *nd, int event, void
*userdata) {
{ ND_RA_FLAG_OTHER, ICMP6_EVENT_ROUTER_ADVERTISMENT_OTHER },
{ ND_RA_FLAG_MANAGED,
ICMP6_EVENT_ROUTER_ADVERTISMENT_MANAGED }
};
+uint32_t mtu;
+
assert_se(nd);
assert_se(event == flag_event[idx].event);
@@ -101,10 +103,14 @@ static void test_rs_done(sd_icmp6_nd *nd, int event,
void *userdata) {
if (verbose)
printf( got event %d\n, event);
-if (idx 3)
+if (idx 3) {
send_ra(flag_event[idx].flag);
-else
-sd_event_exit(e, 0);
+return;
+}
+
+assert_se(sd_icmp6_ra_get_mtu(nd, mtu) == -ENOMSG);
+
+sd_event_exit(e, 0);
}
Zbyszek
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
