Merge pull request #32413 from yuwata/network-radv-validator

network/radv: several cleanups for validating configs
systemd · Apr 22, 2024 · 8d1d8df · 8d1d8df
2 parents 6bd675a + a05381d
commit 8d1d8df
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 68 deletions.
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
@@ -308,8 +308,6 @@ int network_verify(Network *network) {
         if (r < 0)
                 return r;
         network_drop_invalid_address_labels(network);
-        network_drop_invalid_prefixes(network);
-        network_drop_invalid_route_prefixes(network);
         network_drop_invalid_routing_policy_rules(network);
         network_drop_invalid_qdisc(network);
         network_drop_invalid_tclass(network);

diff --git a/src/network/networkd-radv.c b/src/network/networkd-radv.c
@@ -7,6 +7,7 @@
 #include <arpa/inet.h>
 
 #include "dns-domain.h"
+#include "ndisc-router-internal.h"
 #include "networkd-address-generation.h"
 #include "networkd-address.h"
 #include "networkd-dhcp-prefix-delegation.h"
@@ -22,36 +23,6 @@
 #include "string-table.h"
 #include "strv.h"
 
-void network_adjust_radv(Network *network) {
-        assert(network);
-
-        /* After this function is called, network->router_prefix_delegation can be treated as a boolean. */
-
-        if (network->dhcp_pd < 0)
-                /* For backward compatibility. */
-                network->dhcp_pd = FLAGS_SET(network->router_prefix_delegation, RADV_PREFIX_DELEGATION_DHCP6);
-
-        if (!FLAGS_SET(network->link_local, ADDRESS_FAMILY_IPV6)) {
-                if (network->router_prefix_delegation != RADV_PREFIX_DELEGATION_NONE)
-                        log_warning("%s: IPv6PrefixDelegation= is enabled but IPv6 link-local addressing is disabled. "
-                                    "Disabling IPv6PrefixDelegation=.", network->filename);
-
-                network->router_prefix_delegation = RADV_PREFIX_DELEGATION_NONE;
-        }
-
-        if (network->router_prefix_delegation == RADV_PREFIX_DELEGATION_NONE) {
-                network->n_router_dns = 0;
-                network->router_dns = mfree(network->router_dns);
-                network->router_search_domains = ordered_set_free(network->router_search_domains);
-        }
-
-        if (!FLAGS_SET(network->router_prefix_delegation, RADV_PREFIX_DELEGATION_STATIC)) {
-                network->prefixes_by_section = hashmap_free_with_destructor(network->prefixes_by_section, prefix_free);
-                network->route_prefixes_by_section = hashmap_free_with_destructor(network->route_prefixes_by_section, route_prefix_free);
-                network->pref64_prefixes_by_section = hashmap_free_with_destructor(network->pref64_prefixes_by_section, pref64_prefix_free);
-        }
-}
-
 bool link_radv_enabled(Link *link) {
         assert(link);
 
@@ -571,21 +542,17 @@ static int radv_configure(Link *link) {
         if (r < 0)
                 return r;
 
-        if (link->network->router_lifetime_usec > 0) {
-                r = sd_radv_set_preference(link->radv, link->network->router_preference);
-                if (r < 0)
-                        return r;
-        }
+        r = sd_radv_set_preference(link->radv, link->network->router_preference);
+        if (r < 0)
+                return r;
 
         r = sd_radv_set_reachable_time(link->radv, link->network->router_reachable_usec);
         if (r < 0)
                 return r;
 
-        if (link->network->router_retransmit_usec > 0) {
-                r = sd_radv_set_retransmit(link->radv, link->network->router_retransmit_usec);
-                if (r < 0)
-                        return r;
-        }
+        r = sd_radv_set_retransmit(link->radv, link->network->router_retransmit_usec);
+        if (r < 0)
+                return r;
 
         HASHMAP_FOREACH(p, link->network->prefixes_by_section) {
                 r = radv_set_prefix(link, p);
@@ -841,16 +808,6 @@ static int prefix_section_verify(Prefix *p) {
         return 0;
 }
 
-void network_drop_invalid_prefixes(Network *network) {
-        Prefix *p;
-
-        assert(network);
-
-        HASHMAP_FOREACH(p, network->prefixes_by_section)
-                if (prefix_section_verify(p) < 0)
-                        prefix_free(p);
-}
-
 static int route_prefix_section_verify(RoutePrefix *p) {
         if (section_is_invalid(p->section))
                 return -EINVAL;
@@ -864,24 +821,64 @@ static int route_prefix_section_verify(RoutePrefix *p) {
         return 0;
 }
 
-void network_drop_invalid_route_prefixes(Network *network) {
-        RoutePrefix *p;
-
+void network_adjust_radv(Network *network) {
         assert(network);
 
-        HASHMAP_FOREACH(p, network->route_prefixes_by_section)
-                if (route_prefix_section_verify(p) < 0)
-                        route_prefix_free(p);
-}
+        /* After this function is called, network->router_prefix_delegation can be treated as a boolean. */
 
-void network_drop_invalid_pref64_prefixes(Network *network) {
-        pref64Prefix *p;
+        if (network->dhcp_pd < 0)
+                /* For backward compatibility. */
+                network->dhcp_pd = FLAGS_SET(network->router_prefix_delegation, RADV_PREFIX_DELEGATION_DHCP6);
 
-        assert(network);
+        if (!FLAGS_SET(network->link_local, ADDRESS_FAMILY_IPV6)) {
+                if (network->router_prefix_delegation != RADV_PREFIX_DELEGATION_NONE)
+                        log_warning("%s: IPv6PrefixDelegation= is enabled but IPv6 link-local addressing is disabled. "
+                                    "Disabling IPv6PrefixDelegation=.", network->filename);
+
+                network->router_prefix_delegation = RADV_PREFIX_DELEGATION_NONE;
+        }
+
+        if (network->router_prefix_delegation == RADV_PREFIX_DELEGATION_NONE) {
+                network->n_router_dns = 0;
+                network->router_dns = mfree(network->router_dns);
+                network->router_search_domains = ordered_set_free(network->router_search_domains);
+        }
+
+        if (!FLAGS_SET(network->router_prefix_delegation, RADV_PREFIX_DELEGATION_STATIC)) {
+                network->prefixes_by_section = hashmap_free_with_destructor(network->prefixes_by_section, prefix_free);
+                network->route_prefixes_by_section = hashmap_free_with_destructor(network->route_prefixes_by_section, route_prefix_free);
+                network->pref64_prefixes_by_section = hashmap_free_with_destructor(network->pref64_prefixes_by_section, pref64_prefix_free);
+        }
+
+        if (!network->router_prefix_delegation)
+                return;
+
+        /* Below, let's verify router settings, if enabled. */
+
+        if (network->router_lifetime_usec == 0 && network->router_preference != SD_NDISC_PREFERENCE_MEDIUM)
+                /* RFC 4191, Section 2.2,
+                 * If the Router Lifetime is zero, the preference value MUST be set to (00) by the sender.
+                 *
+                 * Note, radv_send_router() gracefully handle that. So, it is not necessary to refuse, but
+                 * let's warn about that. */
+                log_notice("%s: RouterPreference=%s specified with RouterLifetimeSec=0, ignoring RouterPreference= setting.",
+                           network->filename, ndisc_router_preference_to_string(network->router_preference));
+
+        Prefix *prefix;
+        HASHMAP_FOREACH(prefix, network->prefixes_by_section)
+                if (prefix_section_verify(prefix) < 0)
+                        prefix_free(prefix);
+
+
+        RoutePrefix *route;
+        HASHMAP_FOREACH(route, network->route_prefixes_by_section)
+                if (route_prefix_section_verify(route) < 0)
+                        route_prefix_free(route);
 
-        HASHMAP_FOREACH(p, network->pref64_prefixes_by_section)
-                 if (section_is_invalid(p->section))
-                         pref64_prefix_free(p);
+        pref64Prefix *pref64;
+        HASHMAP_FOREACH(pref64, network->pref64_prefixes_by_section)
+                 if (section_is_invalid(pref64->section))
+                         pref64_prefix_free(pref64);
 }
 
 int config_parse_prefix(

diff --git a/src/network/networkd-radv.h b/src/network/networkd-radv.h
@@ -65,9 +65,6 @@ Prefix *prefix_free(Prefix *prefix);
 RoutePrefix *route_prefix_free(RoutePrefix *prefix);
 pref64Prefix *pref64_prefix_free(pref64Prefix *prefix);
 
-void network_drop_invalid_prefixes(Network *network);
-void network_drop_invalid_route_prefixes(Network *network);
-void network_drop_invalid_pref64_prefixes(Network *network);
 void network_adjust_radv(Network *network);
 
 int link_request_radv_addresses(Link *link);