Kristian Evensen [Wed, 11 Mar 2020 13:13:10 +0000 (14:13 +0100)]
system-linux: improve handling of device rename
After an interface has been renamed on a "fast" device (for example
x86_64), the interface is sometimes not handled correctly by netifd.
Looking in the logs, I see the following messages when renaming fails:
Wed Mar 11 08:52:44 2020 kern.info kernel: [68383.522038] igb 0000:03:00.0 nlw_1: renamed from eth2
Wed Mar 11 08:52:44 2020 daemon.err netifd[2739]: __device_add_user(710): Add user for device 'nlw_1', refcount=2
Wed Mar 11 08:52:44 2020 daemon.err netifd[2739]: device_claim(413): Claim Network device nlw_1, new active count: 2
Wed Mar 11 08:52:44 2020 daemon.err netifd[2739]: device_claim(432): claim Network device nlw_1 failed: -1
Instrumenting netifd further reveals that there is a race between the hotplug
"@move" event and ioctl(SIOCGIFINDEX). When the above error happens, the
ioctl-call fails with ENODEV. Looking closer at the kernel code, it seems the
hotplug-event is triggered before the renaming is completed. The easiest way to
trigger the race, is if an interface name with the old name is not handled by
netifd and an interface with the new name is. If only the old name is handled,
or both names, I was not able to provoke the race.
When the renaming is complete, a NEWLINK-message is generated. This patch
modifies the logic surrounding renaming, so that we wait for the
NEWLINK-message before marking an interface as present. The changes made are:
* We only handle move-events for interfaces we know, and we return after
device has been set as not present.
* When we receive a NEWLINK message for an interface managed by netifd,
we call device_set_present. device_set_present is guarded by the same
checks as the add hotplug-event.
After these changes, renaming works properly on both "fast" and "slow"
devices. Removing a device is also handled correctly.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Felix Fietkau [Thu, 4 Jun 2020 11:27:05 +0000 (13:27 +0200)]
interface-ip: fix build on non-linux systems
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Thu, 4 Jun 2020 11:26:46 +0000 (13:26 +0200)]
system-dummy: fix missing return
Signed-off-by: Felix Fietkau <nbd@nbd.name>
John Crispin [Mon, 25 May 2020 09:49:19 +0000 (11:49 +0200)]
netifd: wireless: add support for tracking wifi-station sections
This new section allows us to assign mac specific key/vid settings to a
station.
Signed-off-by: John Crispin <john@phrozen.org>
John Crispin [Mon, 25 May 2020 09:49:18 +0000 (11:49 +0200)]
netifd: wireless: add support for tracking wifi-vlan sections
This new section allows us to create apvlan settings for hostapd.
Signed-off-by: John Crispin <john@phrozen.org>
Pau Espin Pedrol [Sun, 17 May 2020 18:39:44 +0000 (20:39 +0200)]
vlandev: support setting ingress/egress QoS mappings
It allows setting mappings for instance this way:
"""
config device
option name 'vlan41'
option type '8021q'
option vid '41'
option ifname 'eth1'
list ingress_qos_mapping '1:2'
list ingress_qos_mapping '2:5'
list egress_qos_mapping '0:3'
"""
Signed-off-by: Pau Espin Pedrol <pespin.shar@gmail.com>
Tested-by: Pedro <pedrowrt@cas.cat>
Daniel Golle [Tue, 14 Apr 2020 11:51:47 +0000 (12:51 +0100)]
interface, system: clean up netns functionality
Use struct device pointer as parameter instead of bare ifname allows
for some simplication and again removing system_ifname_resolve()
function introduced in commit
d93126d.
Fixes:
d93126d ("interface: allow renaming interface when moving to jail netns")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 13 Apr 2020 23:36:29 +0000 (00:36 +0100)]
interface: fix jail ifdown and jails without jail_ifname
Fixes:
d93126d ("interface: allow renaming interface when moving to jail netns")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 13 Apr 2020 19:03:35 +0000 (20:03 +0100)]
interface: allow renaming interface when moving to jail netns
Introduce jail_ifname option to define the name of a Linux network
interface when moved into a jail's network namespace.
This is useful for containers which expect the network interface to
have a specific name (eg. 'host0' in case of systemd).
While at it, clean-up and fix bugs in jail interface up/down routines.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 13 Apr 2020 15:24:25 +0000 (16:24 +0100)]
interface: allocate and free memory for jail name
Memory returned by blogmsg_get_string() is volatile, hence use strdup()
to have a permanent copy of the returned string and free it when no
longer needed.
Fixes:
1321c1b ("add basic support for jail network namespaces")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Alin Nastac [Fri, 27 Mar 2020 10:56:09 +0000 (11:56 +0100)]
system-linux: fix PATH_MAX undeclared compilation error
Issue was introduced in commit
1321c1bd8fe921986c4eb39c3783ddd827b79543.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Rosen Penev [Wed, 25 Mar 2020 23:11:40 +0000 (16:11 -0700)]
system-linux: fix compilation with musl 1.2.0
Switched to the plain function instead of the now gone syscall.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Alin Nastac [Wed, 5 Feb 2020 13:36:33 +0000 (14:36 +0100)]
interface-ip: transfer prefix route ownership for deprecated ipv6addr to kernel
When netifd manages the prefix route directly, it will remove it
the moment prefix gets deprecated. This will make it impossible
for the target to send ICMPv6 errors back to LAN devices still
using the deprecated prefix, thus breaking the L-14 requirement
of RFC 7084.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Daniel Golle [Mon, 30 Dec 2019 12:57:47 +0000 (14:57 +0200)]
add basic support for jail network namespaces
Prepare netifd for handling procd service jails having their own
network namespace.
Intefaces having the jail attribute will only be brought inside the
jail's network namespace by procd calling the newly introduced ubus
method 'netns_updown'.
Currently proto 'static' is supported and configuration changes are
not yet being handled (ie. you'll have to restart the jailed service
for changes to take effect).
Example /etc/config/network snippet:
config device 'veth0'
option type 'veth'
option name 'vhost0'
option peer_name 'virt0'
config interface 'virt'
option type 'bridge'
list ifname 'vhost0'
option proto 'static'
option ipaddr '10.0.0.1'
option netmask '255.255.255.0'
config interface 'virt0'
option ifname 'virt0'
option proto 'static'
option ipaddr '10.0.0.2'
option netmask '255.255.255.0'
option gateway '10.0.0.1'
option dns '10.0.0.1'
option jail 'transmission'
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 31 Dec 2019 23:27:38 +0000 (01:27 +0200)]
move resolv.conf.auto to /tmp/resolv.conf.d/
Using /tmp/resolv.conf.d/ has the advantage that we can mount-bind it.
Mount-bind'ing /tmp/resolv.conf.auto directly previously caused
problems as the file is being deleted/replaced at run-time.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Jo-Philipp Wich [Wed, 4 Dec 2019 20:05:12 +0000 (21:05 +0100)]
Revert "interface: warn if ip6hint is truncated"
This reverts commit
e45b1408284c05984b38a910a1f0a07d6c761397.
Reverting the commit as the submitters Signed-off-by has been mistakingly
added without the authors consent.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Uwe Kleine-König [Wed, 20 Nov 2019 18:11:31 +0000 (19:11 +0100)]
interface: warn if ip6hint is truncated
When for example a /60 is assigned to a network the last 4 bits of the
ip6hint are unused. Emit a warning if any of these unused bits is set as
it indicates that someone didn't understand how the hint is used. (As I
did earlier today resulting in spending some time understanding the
code.)
Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
John Crispin [Fri, 25 Oct 2019 12:06:30 +0000 (14:06 +0200)]
wireless: make reconf opt-in and allow serializing configuration
Add option 'reconf' to make dynamic re-configuration opt-in.
Also add option 'serialize' to 'wifi-device' section and if set
configure interfaces of wireless devices one-by-one.
Both options are disabled by default.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
John Crispin [Fri, 25 Oct 2019 12:02:03 +0000 (14:02 +0200)]
wireless: add ubus method for reloading configuration
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hans Dedecker [Mon, 5 Aug 2019 20:05:36 +0000 (22:05 +0200)]
system-linux: fix resource leak
Fix cb leak in case invalid type is specified in system_if_clear_entries
Detected by Coverity in CID1431183
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sun, 21 Jul 2019 21:10:34 +0000 (23:10 +0200)]
system-linux: Coverity fixes
Fixes CID
1220430,
1432226,
1432807 and
1433508
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
André Valentin [Fri, 14 Jun 2019 11:09:45 +0000 (13:09 +0200)]
netifd: fix xfrm interface deletion and standardize netlink call
-xfrm interfaces were deleted before
-use standard parameters for xfrm interface created
Signed-off-by: André Valentin <avalentin@marcant.net>
Hans Dedecker [Thu, 13 Jun 2019 19:59:31 +0000 (21:59 +0200)]
interface-ip: fix possible null pointer dereference
Reported by Coverity in CID
1445749
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 13 Jun 2019 19:48:00 +0000 (21:48 +0200)]
system-linux: remove superfluous dev check
No need to check if dev is NULL as device is always set when
system_neigh is called
Fixes issue reported by Coverity in CID
1445818
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
André Valentin [Sat, 8 Jun 2019 11:48:09 +0000 (13:48 +0200)]
netifd: add xfrm tunnel interface support
This adds support for xfrm interfaces. These interfaces can be used since
linux 4.19 for IPsec traffic, like VTI interface.
XFRM interfaces are less complicated compared to VTI because they need no IP
tunnel endpoints.
Hans Dedecker [Mon, 27 May 2019 19:01:25 +0000 (21:01 +0200)]
iprule: fix missing ip rules after a reload (FS#2296)
Since commit
5cf79759a24e9bb2a6a3aef7c83d73efb9bf2df3 (iprule: rework
interface based rules to handle dynamic interfaces) the rule
comparison is broken and doesn't correctly recognize matching rules.
This in turn break the reloading as adding the "new" rule fails
because it already exists and it then delete the "old" rule.
The comparison is broken because it now include fields that are not
defining the rule itself, as well as some pointer to malloced strings.
To fix this we move back the offending fields in the iprule struct
before the 'flags' field and match the malloced strings separately.
Signed-off-by: Alban Bedel <albeu@free.fr>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 17 May 2019 16:27:59 +0000 (18:27 +0200)]
interface-ip: use ptp address as well to find local address target
In case of tunnel over PPP(such as gretap over l2tp): tunnel interface
use PPP's peer address as remote address, netifd script will call
proto_add_host_dependency function, then netifd will search which device
can reach to the remote address. Before the patch, netifd don't consider
the PPP interface can reach to the remote address, so netifd will select
default route to remote address, it will lead to remote address unreachable.
Based on a patch by xiaofan <xfan1024@live.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 16 May 2019 20:09:36 +0000 (22:09 +0200)]
treewide: pass bool as second argument of blobmsg_check_attr
blobmsg_check_attr() takes as second argument a bool; fix it where needed
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Wed, 8 May 2019 19:33:05 +0000 (21:33 +0200)]
interface-ip: fine tune IPv6 mtu warning
Failing to set the IPv6 mtu is only a real issue if the mtu to be set is
smaller than the current mtu as in that case it would break IPv6 path mtu;
adapt the logic to generate the warning accordingly
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Kevin Darbyshire-Bryant [Tue, 7 May 2019 19:37:25 +0000 (20:37 +0100)]
interface: tidy ipv6 mtu warning
Add missing space to change from:
netifd: Failed to set IPv6 mtu to 1500on interface 'wg0'
to:
netifd: Failed to set IPv6 mtu to 1500 on interface 'wg0'
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Hans Dedecker [Mon, 15 Apr 2019 21:13:51 +0000 (23:13 +0200)]
system-linux: remove debug tracing
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
meurisa [Fri, 12 Apr 2019 07:56:28 +0000 (09:56 +0200)]
interface: add neighbor config support
The neighbor or neighbor6 network section makes neighbours
configurable via UCI or proto shell handlers. It allows to
install neighbor proxy entries or static neighbor entries
The neighbor or neighbor6 section has the following types:
interface : declares the logical OpenWrt interface
ipaddr : the ip address of the neighbor
mac : the mac address of the neighbor
proxy : specifies whether the neighbor ia a proxy
entry (can be 1 or 0)
router : specifies whether the neighbor is a router
(can be 1 or 0)
Signed-off-by: Alexander Meuris <meurisalexander@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Martin Schiller [Fri, 12 Apr 2019 07:19:14 +0000 (09:19 +0200)]
interface: fix "if-down" hotplug event handling
commit
a97297d83e42 ("interface: set interface in TEARDOWN state when checking link state")
broke the if-down hotplug event handling, as the iface->state is now IFS_TEARDOWN when
calling the mark_interface_down() function from the IFPEV_DOWN event.
Fixes:
a97297d83e42 ("interface: set interface in TEARDOWN state when checking link state")
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Hans Dedecker [Mon, 1 Apr 2019 11:53:50 +0000 (13:53 +0200)]
proto-shell: return error in case setup fails
In case PROTO_CMD_SETUP cannot be handled due to an invalid state; return
-1 so the calling functions are aware the PROTO_CMD_SETUP has failed.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans dedecker [Mon, 1 Apr 2019 08:34:26 +0000 (10:34 +0200)]
interface: set interface in TEARDOWN state when checking link state
When launching PROTO_CMD_TEARDOWN in interface_check_state() the interface
was set in IFS_DOWN state. In case an interface is now brought into IFS_SETUP
state in __interface_set_up() it will launch PROTO_CMD_SETUP trying to
bring the proto shell handler in S_SETUP state which will fail as the proto
shell handler is still in the S_TEARDOWN state.
Fix this by setting the interface in IFS_TEARDOWN state when the PROTO_CMD_TEARDOWN
event is launched which will prevent the interface being brought into IFS_SETUP state
as long as it's not in the IFS_DOWN state.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Robert Marko [Wed, 13 Mar 2019 13:34:57 +0000 (14:34 +0100)]
netifd: wireless: Add support for 802.11ad
This simple patch adds 802.11ad to hwmode list so that netifd-wireless.sh does not otherwise overwrite it with the default hwmode=g
Signed-off-by: Robert Marko <robimarko@gmail.com>
Robert Marko [Thu, 14 Mar 2019 10:03:16 +0000 (11:03 +0100)]
netifd: wireless: Add support for GCMP cipher
This patch will add support for using GCMP as cipher suite.
This is not a strong cipher but is only one supported by
wil6210 driver in order to have encrypted traffic.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Hans Dedecker [Wed, 13 Mar 2019 13:56:21 +0000 (14:56 +0100)]
interface-ip: fix delegate config update on reload (FS#2087)
Update the no_delegation parameter on a config reload; in case prefixes
are present update the prefix assignments as well according to the
no_delegation status
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Alin Nastac [Thu, 31 Jan 2019 10:20:29 +0000 (11:20 +0100)]
system-linux: handle hotplug event socket ENOBUFS errors
Hotplug events are no longer handled after socket RX queue is
overrun. The issue has been fixed by:
- setting SO_RCVBUF initially to 65535
- doubling SO_RCVBUF value each time RX queue gets overrun
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Kevin Darbyshire-Bryant [Mon, 17 Dec 2018 18:26:11 +0000 (18:26 +0000)]
proto: fix logic inversion in previous commit
Rogue ! effectively disabled the ipv6 multicast check. Fix
cd089c52
Why is it always the simple changes that catch you out?
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Dave Taht [Sun, 9 Dec 2018 04:52:33 +0000 (04:52 +0000)]
proto: Support class-e addressing in netifd
Signed-off-by: Dave Taht <dave.taht@gmail.com>
Acked-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Hans Dedecker [Thu, 13 Dec 2018 15:13:06 +0000 (16:13 +0100)]
system-linux: get rid of SIOCSDEVPRIVATE
Use sysfs to configure the bridge settings stp/forward_delay/priority
ageing_time/hello_time and max_age as the SIOCDEVPRIVATE bridge ioctl
has no compat ioctl support which makes it impossible to set the above
mentioned bridge paramaters if the kernel is compiled in 64 bit mode
and user_space in 32 bit mode.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 26 Nov 2018 12:55:53 +0000 (13:55 +0100)]
interface: fix return code of __interface_add()
For dynamic interfaces don't return false if vlist_find returns NULL as
the calling function will try to free iface in case of an error which has
already been freed in interface_change_config()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 26 Nov 2018 08:59:52 +0000 (09:59 +0100)]
netifd: fix resource leak on error in netifd_add_dynamic()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 26 Nov 2018 08:45:47 +0000 (09:45 +0100)]
config: fix resource leaks on error in config_parse_interface()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 26 Nov 2018 08:24:02 +0000 (09:24 +0100)]
interface: fix memory leak on error in __interface_add()
Detected by Coverity in cid
1441495
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 19 Nov 2018 08:59:05 +0000 (09:59 +0100)]
treewide: switch to C-code style comments
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 17 Nov 2018 17:41:16 +0000 (18:41 +0100)]
treewide: make some functions static
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 16 Nov 2018 15:25:41 +0000 (16:25 +0100)]
interface: fix removal of dynamic interfaces
Set config state to remove for dynamic interfaces in the following cases :
-interface is set as not available
-interface is set as down
-interface is set as having no link state
This will trigger an interface delete upon the next call of interface_handle_config_change
Before this change you could end up with lingering inactive dynamic
interfaces in case the aliased interface went down as before a dynamic
interface was only removed when set down via ubus
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sun, 11 Nov 2018 20:15:56 +0000 (21:15 +0100)]
interface: rework code to get rid of interface_set_dynamic
Integrate dynamic interface creation code into interface_alloc and
__interface_add so we can get rid of interface_set_dynamic
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Wed, 17 Oct 2018 07:35:11 +0000 (09:35 +0200)]
system-linux: enable by default ignore encaplimit for grev6 tunnels
Similar as for ip6 tunnels ignore encaplimit by default as not all ISPs
support the destination option header containing the tunnel encapsulation
limit resulting into broken connectivity
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 16 Oct 2018 14:16:49 +0000 (16:16 +0200)]
system-linux: fix a typo in gre tunnel data parsing logic
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hauke Mehrtens [Tue, 9 Oct 2018 20:57:52 +0000 (22:57 +0200)]
wireless: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 9 Oct 2018 20:57:13 +0000 (22:57 +0200)]
wireless: Add Opportunistic Wireless Encryption (OWE)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 4 Oct 2018 20:34:48 +0000 (22:34 +0200)]
wireless: Add Simultaneous Authentication of Equals (SAE)
This adds PSK3 / SAE support.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hans Dedecker [Mon, 1 Oct 2018 20:24:26 +0000 (22:24 +0200)]
iprule: coding style fixes
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 1 Oct 2018 15:52:01 +0000 (17:52 +0200)]
iprule: fix segfault (FS#1875)
Fix segfault in generic_interface_cb by checking the
IPRULE_OUT/IPRULE_IN flags before doing the strcmp for the possible
configured out/in interface(s) of the ip rule.
Also don't copy the interface layer3 device as the layer 3 device is
not yet known when IFEV_CREATE event is launched.
The layer3 device will be known when the IFEV_UP event is processed in
rule_out_cb/rule_in_cb.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Jo-Philipp Wich [Wed, 19 Sep 2018 14:55:00 +0000 (16:55 +0200)]
scripts: fix previous commit
Actually change the glob pattern as described in the previous commit.
Fixes:
3c8ac1c ("netifd: fix wpa mixed mode matching")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Rick Farina (Zero_Chaos) [Wed, 19 Sep 2018 14:43:42 +0000 (10:43 -0400)]
netifd: fix wpa mixed mode matching
Change wpa mixed mode matching to not accidently catch wep+mixed.
All documented cases have the character between {wpa,psk} and mixed as a
'-' but no need to break things which were working, so preserve the *
case.
Reported-by: "Rick Farina (Zero_Chaos)" <zerochaos@gentoo.org>
[Allow "psk-mixed" to be prefixed, to align with the *psk2* and *psk* cases,
slightly reword subject and commit message.]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Hans Dedecker [Mon, 17 Sep 2018 19:41:16 +0000 (21:41 +0200)]
system-linux: enable by default ignore encaplimit for ip6 tunnels
Enable ignore encaplimit by default for ip6 tunnels as not all ISPs support
the destination option header containing the tunnel encapsulation limit
resulting into broken map/ds-lite connectivity.
Setting the ignore encaplimit flag by default is a more sane setting as it
avoids user configuation of the encaplimit uci option for ds-lite/map tunnels
in case of broken connectivity.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Florian Fainelli [Wed, 12 Sep 2018 00:14:19 +0000 (17:14 -0700)]
CMakeList: Check that compiler supports -Wimplicit-fallthrough
This is a GCC >= 7 feature, not all compilers support it.
Fixes:
908a9f4f1027 ("CMakeLists.txt: add -Wimplicit-fallthrough to the compiler flags")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Hans Dedecker [Mon, 20 Aug 2018 12:28:00 +0000 (14:28 +0200)]
interface: let interface_set_down() return void
Let interface_set_down() return void as no usefull error code
is returned by __interface_set_down()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 20 Aug 2018 12:21:06 +0000 (14:21 +0200)]
interface: make __interface_set_down() static
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 20 Aug 2018 11:53:17 +0000 (13:53 +0200)]
interface: extend interface error messages in interface_set_up()
Don't return an error code in interface_set_up as it's ignored anyway by the
calling functions; but rather add more interface error messages so the actual
problem is visible for the user by doing ifstatus <interface>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 17 Aug 2018 13:55:00 +0000 (15:55 +0200)]
interface: ensure NO_DEVICE error is always reported
Remove interface available checks in the functions interface_start_pending
and interface_handle_config_change so the NO_DEVICE error is reported in
ifstatus <interface> making it clear to the user the configured device in
ifname is not found
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sun, 12 Aug 2018 20:08:22 +0000 (22:08 +0200)]
device: gracefully handle device names exceeding IFNAMESIZ
Instead of truncating the device name when it exceeds IFNAMSIZ length;
let device_set_ifname return an error code and do not add the device
to the device list.
This avoids possible issues with device names becoming identical due the
truncation and as a result unexpected behavior.
Further let the different device types gracefully handle the error code
returned by device_init
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sun, 5 Aug 2018 12:46:22 +0000 (14:46 +0200)]
interface-ip: always override downstream IPv6 mtu
Always override the downstream IPv6 mtu in case it differs with the IPv6 mtu
of the upstream link. This allows to increase the downstream IPv6 mtu in
case RA messages are received on the upstream link having a mtu attribute
higher than the downstream IPv6 mtu.
At the same be verbose when failing to set the IPv6 mtu on the downstream link.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
John Crispin [Mon, 30 Jul 2018 21:52:06 +0000 (23:52 +0200)]
fix compile error
netifd-2018-07-30-
75ee7905/interface-ip.c:724:11: error: unused variable 'macaddr' [-Werror=unused-variable]
Signed-off-by: John Crispin <john@phrozen.org>
Hans Dedecker [Mon, 30 Jul 2018 19:19:47 +0000 (21:19 +0200)]
interface-ip: fix eui64 ifaceid generation (FS#1668)
Use the mac address stored in the device_settings struct to generate the
eui64 ifaceid as the interface layer3 device does not contain a mac address
for non bridge interfaces
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
John Crispin [Mon, 16 Jul 2018 08:32:08 +0000 (10:32 +0200)]
netifd: make sure the vlan ifname fits into the buffer
Signed-off-by: John Crispin <john@phrozen.org>
Felix Fietkau [Wed, 25 Jul 2018 08:44:27 +0000 (10:44 +0200)]
iprule: remove bogus assert calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 25 Jul 2018 08:43:41 +0000 (10:43 +0200)]
iprule: fix broken in_dev/out_dev checks
Since they are both char arrays, they can never be NULL
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Hans Dedecker [Mon, 16 Jul 2018 21:03:25 +0000 (23:03 +0200)]
vlan: use alloca to get rid of IFNAMSIZE in vlan_dev_set_name()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 16 Jul 2018 12:31:47 +0000 (14:31 +0200)]
ubus: display correct prefix size for IPv6 prefix address
Make sure the displayed prefix size is identical to the kernel installed
prefix size for local IPv6 prefix addresses
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Alexander Couzens [Thu, 5 Jul 2018 01:13:03 +0000 (03:13 +0200)]
CMakeLists.txt: add -Wimplicit-fallthrough to the compiler flags
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Alexander Couzens [Thu, 5 Jul 2018 01:12:26 +0000 (03:12 +0200)]
proto-shell.c: add a explicit "fall through" comment to make the compiler happy
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Alexander Couzens [Fri, 29 Jun 2018 02:30:13 +0000 (04:30 +0200)]
replace fall throughs in switch/cases where possible with simple code changes
fall throughs are usually error-prone, especially when someone else extend
it.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Alexander Couzens [Fri, 29 Jun 2018 21:15:28 +0000 (23:15 +0200)]
iprule: rework interface based rules to handle dynamic interfaces
Previous netifd would only apply `ip rule`s while config phase.
If the iprule is depending on an interface (iif or oif), the rule
will fail if the interface is not up.
Allow iprules to track interfaces and their devices by using
the interface events.
Fixes: FS#1571
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Alexander Couzens [Fri, 29 Jun 2018 03:23:14 +0000 (05:23 +0200)]
Introduce new interface event "create" (IFEV_CREATE)
"create" will be called before the proto handlers initialised.
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Felix Fietkau [Wed, 4 Jul 2018 19:15:58 +0000 (21:15 +0200)]
system-linux: fix build error on older kernels
Add an #ifdef guard around 56000base* definitions, which don't exist on
Linux 3.18
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 4 Jul 2018 17:48:03 +0000 (19:48 +0200)]
system-linux: adjust bridge isolate mode for upstream attribute naming
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Hans Dedecker [Tue, 3 Jul 2018 13:49:18 +0000 (15:49 +0200)]
system-linux: extend link mode speed definitions
Add all available link mode speed definitions as defined in ethtool.h
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Joe Holden [Wed, 27 Jun 2018 21:14:33 +0000 (22:14 +0100)]
system-linux: add autoneg and link-partner output
This adds an array that contains the link modes advertised by the other device and also
indicates whether auto negotiation is true or false.
link-partner may or may not be populated depending on hardware, driver and/or settings.
Signed-off-by: Joe Holden <jwh@zorins.co.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 29 May 2018 20:40:00 +0000 (22:40 +0200)]
system-linux: make encaplimit configurable for ip6 tunnels (FS#1501)
Make encapsulation limit of IP6 tunnels configurable for the ds-lite/map
proto shell handlers as not all ISPs support the destination option header
containing the tunnel encapsulation limit value as reported in FS#1501.
The IP6 tunnel specific setting encaplimit is parsed as a nested json
data object; setting it to ignore disables the insertion of the
destination option header while a value from 0 till 255 sets the
tunnel encapsulation limit accordingly in the destination option header.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 26 Apr 2018 20:40:24 +0000 (22:40 +0200)]
nterface-ip: remove superfluous iface check in interface_ip_set_enabled()
No need to check iface pointer in interface_ip_set_enabled as the
interface is always set by the function __interface_ip_init().
Reported by Coverity in CID
1330437
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sun, 22 Apr 2018 20:23:49 +0000 (22:23 +0200)]
system-linux: fix strncpy bounds
Fix strncpy bounds as reported by Coverity in CID
1434988,
1328977,
1328953,
1328952,
1328951,
1328950,
1328949 and
1328944.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Daniel Golle [Fri, 20 Apr 2018 05:27:16 +0000 (07:27 +0200)]
wireless: include noscan option in common wdev vars
'noscan' can be passed down to wpa_supplicant to enforce channel
settings in mesh mode. Allow hostapd.sh to take care of it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hans Dedecker [Mon, 16 Apr 2018 11:02:28 +0000 (13:02 +0200)]
system-linux: check ioctl return value in system_vlan()
Detected by Coverity in CID
1433754
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 14 Apr 2018 19:15:42 +0000 (21:15 +0200)]
system-linux: check ioctl return value in system_if_flags()
Detected by Coverity in CID
1433760
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 14 Apr 2018 19:05:25 +0000 (21:05 +0200)]
system-linux: fix segfault on alloc failure in system_if_check()
Detected by Coverity in CID
1433686
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 14 Apr 2018 18:58:42 +0000 (20:58 +0200)]
system-linux: fix segfault on error in system_add_ip6_tunnel()
Detected by Coverity in CID
1430884
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 12 Apr 2018 20:46:35 +0000 (22:46 +0200)]
handler: fix resource leak on error in netifd_init_script_handlers()
Detected by Coverity in CID
1412486
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 12 Apr 2018 20:36:38 +0000 (22:36 +0200)]
system-linux: remove unnecessary open call in system_if_dump_info()
Detected by coverity in CID
1329735
Hans Dedecker [Thu, 12 Apr 2018 20:14:52 +0000 (22:14 +0200)]
system-linux: fix memory leak on error in system_add_vxlan()
Detected by coverity in CID
1412449
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 12 Apr 2018 20:08:18 +0000 (22:08 +0200)]
interface-ip: fix memory leak on error in interface_update_prefix_assignments()
Detected by coverity in CID 141267
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Martin Schiller [Tue, 10 Apr 2018 04:21:39 +0000 (06:21 +0200)]
interface: fix "ifup-failed" hotplug event handling
The ifup-failed event should only be triggered when the former
interface state is IFS_SETUP.
Otherwise, there will also be an ifup-failed event in the
IFS_TEARDOWN stateif you do an manual ifdown <IFC>.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Hans Dedecker [Sun, 1 Apr 2018 10:21:38 +0000 (12:21 +0200)]
interface-ip: fix memory leak in interface_ip_add_target_route()
Commit
9c8d781 introduced a memory leak in interface_ip_add_target_route
in case interface_ip_find_addr_target returns true for a given address
by not freeing the previously allocated route.
While at it rework the logic so a host route is only allocated when it's
really required.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Felix Fietkau [Tue, 27 Mar 2018 09:28:54 +0000 (11:28 +0200)]
netifd: return the interface for locally addressable host dependencies (FS#1452)
Fixes an issue where interfaces with host dependencies that resolve to a
local subnet stay down.
Fixes:
1f5a29c3de6e ("ip: do not add local routes for host dependencies")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Tue, 13 Mar 2018 12:05:28 +0000 (13:05 +0100)]
interface-ip: fix route selection for host dependencies
In order to find the best match, allow overriding the last found entry
if route->mask for the new entry is bigger than the one from the previous
entry.
Patch submitted by 'Mikael' in FS#1358
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Tue, 13 Mar 2018 11:52:43 +0000 (12:52 +0100)]
device: add support for setting the isolate options for bridge ports
Signed-off-by: Felix Fietkau <nbd@nbd.name>
projects / oweals / netifd.git / log