#include <string.h>
#include <stdlib.h>
#include <stdio.h>
+#include <sys/types.h>
+#include <sys/wait.h>
#include "netifd.h"
#include "device.h"
IFACE_ATTR_IFNAME,
IFACE_ATTR_PROTO,
IFACE_ATTR_AUTO,
+ IFACE_ATTR_JAIL,
+ IFACE_ATTR_JAIL_IFNAME,
IFACE_ATTR_DEFAULTROUTE,
IFACE_ATTR_PEERDNS,
IFACE_ATTR_DNS,
[IFACE_ATTR_PROTO] = { .name = "proto", .type = BLOBMSG_TYPE_STRING },
[IFACE_ATTR_IFNAME] = { .name = "ifname", .type = BLOBMSG_TYPE_STRING },
[IFACE_ATTR_AUTO] = { .name = "auto", .type = BLOBMSG_TYPE_BOOL },
+ [IFACE_ATTR_JAIL] = { .name = "jail", .type = BLOBMSG_TYPE_STRING },
+ [IFACE_ATTR_JAIL_IFNAME] = { .name = "jail_ifname", .type = BLOBMSG_TYPE_STRING },
[IFACE_ATTR_DEFAULTROUTE] = { .name = "defaultroute", .type = BLOBMSG_TYPE_BOOL },
[IFACE_ATTR_PEERDNS] = { .name = "peerdns", .type = BLOBMSG_TYPE_BOOL },
[IFACE_ATTR_METRIC] = { .name = "metric", .type = BLOBMSG_TYPE_INT32 },
};
static void
-set_config_state(struct interface *iface, enum interface_config_state s);
+interface_set_main_dev(struct interface *iface, struct device *dev);
static void
interface_event(struct interface *iface, enum interface_event ev);
iface->link_up_event = false;
iface->state = IFS_DOWN;
- if (state == IFS_UP)
+ switch (state) {
+ case IFS_UP:
+ case IFS_TEARDOWN:
interface_event(iface, IFEV_DOWN);
- else
+ break;
+ case IFS_SETUP:
interface_event(iface, IFEV_UP_FAILED);
+ break;
+ default:
+ break;
+ }
interface_ip_set_enabled(&iface->config_ip, false);
interface_ip_set_enabled(&iface->proto_ip, false);
interface_ip_flush(&iface->proto_ip);
system_flush_routes();
}
-void
+static inline void
+__set_config_state(struct interface *iface, enum interface_config_state s)
+{
+ iface->config_state = s;
+}
+
+static void
__interface_set_down(struct interface *iface, bool force)
{
enum interface_state state = iface->state;
case IFS_UP:
case IFS_SETUP:
iface->state = IFS_TEARDOWN;
+ if (iface->dynamic)
+ __set_config_state(iface, IFC_REMOVE);
+
if (state == IFS_UP)
interface_event(iface, IFEV_DOWN);
case IFS_UP:
case IFS_SETUP:
if (!iface->enabled || !link_state) {
+ iface->state = IFS_TEARDOWN;
+ if (iface->dynamic)
+ __set_config_state(iface, IFC_REMOVE);
+
interface_proto_event(iface->proto, PROTO_CMD_TEARDOWN, false);
- mark_interface_down(iface);
}
break;
case IFS_DOWN:
interface_main_dev_cb(struct device_user *dep, enum device_event ev)
{
struct interface *iface;
- bool new_state = false;
iface = container_of(dep, struct interface, main_dev);
switch (ev) {
case DEV_EVENT_ADD:
- new_state = true;
+ interface_set_available(iface, true);
+ break;
case DEV_EVENT_REMOVE:
- interface_set_available(iface, new_state);
- if (!new_state && dep->dev && dep->dev->external)
+ interface_set_available(iface, false);
+ if (dep->dev && dep->dev->external)
interface_set_main_dev(iface, NULL);
break;
case DEV_EVENT_UP:
- new_state = true;
+ interface_set_enabled(iface, true);
+ break;
case DEV_EVENT_DOWN:
- interface_set_enabled(iface, new_state);
+ interface_set_enabled(iface, false);
break;
case DEV_EVENT_LINK_UP:
- new_state = true;
+ interface_set_link_state(iface, true);
+ break;
case DEV_EVENT_LINK_DOWN:
- interface_set_link_state(iface, new_state);
+ interface_set_link_state(iface, false);
break;
case DEV_EVENT_TOPO_CHANGE:
interface_proto_event(iface->proto, PROTO_CMD_RENEW, false);
if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING)
continue;
- if (!blobmsg_check_attr(cur, NULL))
+ if (!blobmsg_check_attr(cur, false))
continue;
struct interface_assignment_class *c = malloc(sizeof(*c) + blobmsg_data_len(cur));
struct interface_assignment_class *c;
list_for_each_entry(c, &new->assignment_classes, head) {
- // Compare list entries one-by-one to see if there was a change
- if (list_empty(&old->assignment_classes)) // The new list is longer
+ /* Compare list entries one-by-one to see if there was a change */
+ if (list_empty(&old->assignment_classes)) /* The new list is longer */
changed = true;
if (changed)
struct interface_assignment_class *c_old = list_first_entry(&old->assignment_classes,
struct interface_assignment_class, head);
- if (strcmp(c_old->name, c->name)) // An entry didn't match
+ if (strcmp(c_old->name, c->name)) /* An entry didn't match */
break;
list_del(&c_old->head);
free(c_old);
}
- // The old list was longer than the new one or the last entry didn't match
+ /* The old list was longer than the new one or the last entry didn't match */
if (!list_empty(&old->assignment_classes)) {
interface_clear_assignment_classes(old);
changed = true;
free(iface->config);
netifd_ubus_remove_interface(iface);
avl_delete(&interfaces.avl, &iface->node.avl);
+ if (iface->jail)
+ free(iface->jail);
+ if (iface->jail_ifname)
+ free(iface->jail_ifname);
+
free(iface);
}
interface_do_free(iface);
return;
}
- if (iface->autostart && iface->available)
+ if (iface->autostart)
interface_set_up(iface);
- else if (iface->dynamic)
- set_config_state(iface, IFC_REMOVE);
}
static void
return;
}
- interface_write_resolv_conf();
+ interface_write_resolv_conf(iface->jail);
}
void interface_set_proto_state(struct interface *iface, struct interface_proto_state *state)
}
struct interface *
-interface_alloc(const char *name, struct blob_attr *config)
+interface_alloc(const char *name, struct blob_attr *config, bool dynamic)
{
struct interface *iface;
struct blob_attr *tb[IFACE_ATTR_MAX];
iface->autostart = blobmsg_get_bool_default(tb[IFACE_ATTR_AUTO], true);
iface->force_link = blobmsg_get_bool_default(tb[IFACE_ATTR_FORCE_LINK], force_link);
+ iface->dynamic = dynamic;
iface->proto_ip.no_defaultroute =
!blobmsg_get_bool_default(tb[IFACE_ATTR_DEFAULTROUTE], true);
iface->proto_ip.no_dns =
iface->proto_ip.no_delegation = !blobmsg_get_bool_default(tb[IFACE_ATTR_DELEGATE], true);
iface->config_autostart = iface->autostart;
- return iface;
-}
+ iface->jail = NULL;
-void interface_set_dynamic(struct interface *iface)
-{
- iface->dynamic = true;
- iface->autostart = true;
- iface->node.version = -1; // Don't delete on reload
+ if ((cur = tb[IFACE_ATTR_JAIL])) {
+ iface->jail = strdup(blobmsg_get_string(cur));
+ iface->autostart = false;
+ }
+
+ iface->jail_ifname = NULL;
+ if ((cur = tb[IFACE_ATTR_JAIL_IFNAME]))
+ iface->jail_ifname = strdup(blobmsg_get_string(cur));
+
+ return iface;
}
static bool __interface_add(struct interface *iface, struct blob_attr *config, bool alias)
{
struct blob_attr *tb[IFACE_ATTR_MAX];
struct blob_attr *cur;
+ char *name = NULL;
blobmsg_parse(iface_attrs, IFACE_ATTR_MAX, tb,
blob_data(config), blob_len(config));
iface->ifname = blobmsg_data(cur);
}
+ if (iface->dynamic) {
+ name = strdup(iface->name);
+
+ if (!name)
+ return false;
+ }
+
iface->config = config;
vlist_add(&interfaces, &iface->node, iface->name);
+
+ if (name) {
+ iface = vlist_find(&interfaces, name, iface, node);
+ free(name);
+
+ /* Don't delete dynamic interface on reload */
+ if (iface)
+ iface->node.version = -1;
+ }
+
return true;
}
-void
+bool
interface_add(struct interface *iface, struct blob_attr *config)
{
- __interface_add(iface, config, false);
+ return __interface_add(iface, config, false);
}
bool
}
}
-void
+static void
interface_set_main_dev(struct interface *iface, struct device *dev)
{
bool claimed = iface->l3_dev.claimed;
interface_set_l3_dev(iface, dev);
}
-int
+static int
interface_remove_link(struct interface *iface, struct device *dev)
{
struct device *mdev = iface->main_dev.dev;
return ret;
}
-int
+void
interface_set_up(struct interface *iface)
{
int ret;
+ const char *error = NULL;
iface->autostart = true;
if (iface->state != IFS_DOWN)
- return 0;
+ return;
interface_clear_errors(iface);
- if (!iface->available) {
- interface_add_error(iface, "interface", "NO_DEVICE", NULL, 0);
- return -1;
- }
-
- if (iface->main_dev.dev) {
- ret = device_claim(&iface->main_dev);
- if (!ret)
- interface_check_state(iface);
- }
- else
- ret = __interface_set_up(iface);
+ if (iface->available) {
+ if (iface->main_dev.dev) {
+ ret = device_claim(&iface->main_dev);
+ if (!ret)
+ interface_check_state(iface);
+ else
+ error = "DEVICE_CLAIM_FAILED";
+ } else {
+ ret = __interface_set_up(iface);
+ if (ret)
+ error = "SETUP_FAILED";
+ }
+ } else
+ error = "NO_DEVICE";
- return ret;
+ if (error)
+ interface_add_error(iface, "interface", error, NULL, 0);
}
-int
+void
interface_set_down(struct interface *iface)
{
if (!iface) {
iface->autostart = false;
__interface_set_down(iface, false);
}
-
- return 0;
}
int
struct interface *iface;
vlist_for_each_element(&interfaces, iface, node) {
- if (iface->available && iface->autostart)
+ if (iface->autostart)
interface_set_up(iface);
}
}
+void
+interface_start_jail(const char *jail, const pid_t netns_pid)
+{
+ struct interface *iface;
+ int netns_fd;
+ int wstatus;
+ pid_t pr = 0;
+
+ netns_fd = system_netns_open(netns_pid);
+ if (netns_fd < 0)
+ return;
+
+ vlist_for_each_element(&interfaces, iface, node) {
+ if (!iface->jail || strcmp(iface->jail, jail))
+ continue;
+
+ system_link_netns_move(iface->main_dev.dev, netns_fd, iface->jail_ifname);
+ }
+
+ close(netns_fd);
+
+ pr = fork();
+ if (pr) {
+ waitpid(pr, &wstatus, WUNTRACED | WCONTINUED);
+ return;
+ }
+
+ /* child process */
+ netns_fd = system_netns_open(netns_pid);
+ if (netns_fd < 0)
+ return;
+
+ system_netns_set(netns_fd);
+ system_init();
+ vlist_for_each_element(&interfaces, iface, node) {
+ if (!iface->jail || strcmp(iface->jail, jail))
+ continue;
+
+ /*
+ * The interface has already been renamed and is inside target
+ * namespace, hence overwrite ifname with jail_ifname for
+ * interface_set_up().
+ * We are inside a fork which got it's own copy of the interfaces
+ * list, so we can mess with it :)
+ */
+ if (iface->jail_ifname)
+ iface->ifname = iface->jail_ifname;
+
+ interface_do_reload(iface);
+ interface_set_up(iface);
+ }
+
+ close(netns_fd);
+ _exit(0);
+}
+
+void
+interface_stop_jail(const char *jail, const pid_t netns_pid)
+{
+ struct interface *iface;
+ int netns_fd, root_netns;
+ int wstatus;
+ pid_t parent_pid = getpid();
+ pid_t pr = 0;
+ const char *orig_ifname;
+
+ pr = fork();
+ if (pr) {
+ waitpid(pr, &wstatus, WUNTRACED | WCONTINUED);
+ return;
+ }
+
+ /* child process */
+ root_netns = system_netns_open(parent_pid);
+ if (root_netns < 0)
+ return;
+
+ netns_fd = system_netns_open(netns_pid);
+ if (netns_fd < 0)
+ return;
+
+ system_netns_set(netns_fd);
+ system_init();
+ vlist_for_each_element(&interfaces, iface, node) {
+ if (!iface->jail || strcmp(iface->jail, jail))
+ continue;
+
+ orig_ifname = iface->ifname;
+ if (iface->jail_ifname)
+ iface->ifname = iface->jail_ifname;
+
+ interface_do_reload(iface);
+ interface_set_down(iface);
+ system_link_netns_move(iface->main_dev.dev, root_netns, orig_ifname);
+ }
+
+ close(root_netns);
+ close(netns_fd);
+ _exit(0);
+}
+
static void
set_config_state(struct interface *iface, enum interface_config_state s)
{
- iface->config_state = s;
+ __set_config_state(iface, s);
if (iface->state == IFS_DOWN)
interface_handle_config_change(iface);
else
interface_change_config(struct interface *if_old, struct interface *if_new)
{
struct blob_attr *old_config = if_old->config;
- bool reload = false, reload_ip = false;
+ bool reload = false, reload_ip = false, update_prefix_delegation = false;
#define FIELD_CHANGED_STR(field) \
((!!if_old->field != !!if_new->field) || \
if_old->device_config = if_new->device_config;
if_old->config_autostart = if_new->config_autostart;
+ if (if_old->jail)
+ free(if_old->jail);
+
+ if_old->jail = if_new->jail;
+ if (if_old->jail)
+ if_old->autostart = false;
+
+ if (if_old->jail_ifname)
+ free(if_old->jail_ifname);
+
+ if_old->jail_ifname = if_new->jail_ifname;
+
if_old->ifname = if_new->ifname;
if_old->parent_ifname = if_new->parent_ifname;
+ if_old->dynamic = if_new->dynamic;
if_old->proto_handler = if_new->proto_handler;
if_old->force_link = if_new->force_link;
if_old->dns_metric = if_new->dns_metric;
+ if (if_old->proto_ip.no_delegation != if_new->proto_ip.no_delegation) {
+ if_old->proto_ip.no_delegation = if_new->proto_ip.no_delegation;
+ update_prefix_delegation = true;
+ }
+
if_old->proto_ip.no_dns = if_new->proto_ip.no_dns;
interface_replace_dns(&if_old->config_ip, &if_new->config_ip);
interface_ip_set_enabled(&if_old->config_ip, config_ip_enabled);
}
- interface_write_resolv_conf();
+ if (update_prefix_delegation)
+ interface_update_prefix_delegation(&if_old->proto_ip);
+
+ interface_write_resolv_conf(if_old->jail);
if (if_old->main_dev.dev)
interface_check_state(if_old);
set_config_state(if_old, IFC_REMOVE);
} else if (node_new) {
D(INTERFACE, "Create interface '%s'\n", if_new->name);
+ interface_event(if_new, IFEV_CREATE);
proto_init_interface(if_new, if_new->config);
interface_claim_device(if_new);
netifd_ubus_add_interface(if_new);