175406Sache/* SPDX-License-Identifier: BSD-2-Clause */ 275406Sache/* 375406Sache * dhcpcd - DHCP client daemon 475406Sache * Copyright (c) 2006-2023 Roy Marples <roy@marples.name> 575406Sache * All rights reserved 675406Sache 775406Sache * Redistribution and use in source and binary forms, with or without 875406Sache * modification, are permitted provided that the following conditions 975406Sache * are met: 1075406Sache * 1. Redistributions of source code must retain the above copyright 1175406Sache * notice, this list of conditions and the following disclaimer. 1275406Sache * 2. Redistributions in binary form must reproduce the above copyright 1375406Sache * notice, this list of conditions and the following disclaimer in the 1475406Sache * documentation and/or other materials provided with the distribution. 1575406Sache * 1675406Sache * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1775406Sache * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1875406Sache * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1975406Sache * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2075406Sache * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2175406Sache * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2275406Sache * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2375406Sache * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2475406Sache * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2575406Sache * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2675406Sache * SUCH DAMAGE. 2775406Sache */ 2875406Sache 2975406Sache#include <arpa/inet.h> 3075406Sache 3175406Sache#include <assert.h> 3275406Sache#include <errno.h> 33119610Sache#include <stdbool.h> 34119610Sache#include <stdio.h> 35119610Sache#include <stdlib.h> 36119610Sache#include <string.h> 3775406Sache#include <unistd.h> 38119610Sache 39119610Sache#define ELOOP_QUEUE IPV4LL 40119610Sache#include "config.h" 4175406Sache#include "arp.h" 42119610Sache#include "common.h" 43119610Sache#include "dhcp.h" 44119610Sache#include "eloop.h" 4575406Sache#include "if.h" 4675406Sache#include "if-options.h" 4775406Sache#include "ipv4.h" 4875406Sache#include "ipv4ll.h" 4975406Sache#include "logerr.h" 5075406Sache#include "sa.h" 5175406Sache#include "script.h" 5275406Sache 5375406Sachestatic const struct in_addr inaddr_llmask = { 5475406Sache .s_addr = HTONL(LINKLOCAL_MASK) 5575406Sache}; 5675406Sachestatic const struct in_addr inaddr_llbcast = { 5775406Sache .s_addr = HTONL(LINKLOCAL_BCAST) 5875406Sache}; 5975406Sache 6075406Sachestatic void 6175406Sacheipv4ll_pickaddr(struct interface *ifp) 6275406Sache{ 6375406Sache struct in_addr addr = { .s_addr = 0 }; 6475406Sache struct ipv4ll_state *state; 6575406Sache 6675406Sache state = IPV4LL_STATE(ifp); 6775406Sache setstate(state->randomstate); 6875406Sache 6975406Sache do { 7075406Sache long r; 7175406Sache 7275406Sacheagain: 7375406Sache /* RFC 3927 Section 2.1 states that the first 256 and 7475406Sache * last 256 addresses are reserved for future use. 7575406Sache * See ipv4ll_start for why we don't use arc4random. */ 7675406Sache /* coverity[dont_call] */ 7775406Sache r = random(); 7875406Sache addr.s_addr = ntohl(LINKLOCAL_ADDR | 7975406Sache ((uint32_t)(r % 0xFD00) + 0x0100)); 8075406Sache 8175406Sache /* No point using a failed address */ 8275406Sache if (IN_ARE_ADDR_EQUAL(&addr, &state->pickedaddr)) 8375406Sache goto again; 8475406Sache /* Ensure we don't have the address on another interface */ 8575406Sache } while (ipv4_findaddr(ifp->ctx, &addr) != NULL); 8675406Sache 8775406Sache /* Restore the original random state */ 8875406Sache setstate(ifp->ctx->randomstate); 8975406Sache state->pickedaddr = addr; 9075406Sache} 9175406Sache 9275406Sacheint 9375406Sacheipv4ll_subnetroute(rb_tree_t *routes, struct interface *ifp) 9475406Sache{ 9575406Sache struct ipv4ll_state *state; 9675406Sache struct rt *rt; 9775406Sache struct in_addr in; 9875406Sache 9975406Sache assert(ifp != NULL); 10075406Sache if ((state = IPV4LL_STATE(ifp)) == NULL || 10175406Sache state->addr == NULL) 10275406Sache return 0; 10375406Sache 10475406Sache if ((rt = rt_new(ifp)) == NULL) 10575406Sache return -1; 10675406Sache 10775406Sache in.s_addr = state->addr->addr.s_addr & state->addr->mask.s_addr; 10875406Sache sa_in_init(&rt->rt_dest, &in); 10975406Sache in.s_addr = state->addr->mask.s_addr; 11075406Sache sa_in_init(&rt->rt_netmask, &in); 11175406Sache in.s_addr = INADDR_ANY; 11275406Sache sa_in_init(&rt->rt_gateway, &in); 11375406Sache sa_in_init(&rt->rt_ifa, &state->addr->addr); 114 rt->rt_dflags |= RTDF_IPV4LL; 115 return rt_proto_add(routes, rt) ? 1 : 0; 116} 117 118int 119ipv4ll_defaultroute(rb_tree_t *routes, struct interface *ifp) 120{ 121 struct ipv4ll_state *state; 122 struct rt *rt; 123 struct in_addr in; 124 125 assert(ifp != NULL); 126 if ((state = IPV4LL_STATE(ifp)) == NULL || 127 state->addr == NULL) 128 return 0; 129 130 if ((rt = rt_new(ifp)) == NULL) 131 return -1; 132 133 in.s_addr = INADDR_ANY; 134 sa_in_init(&rt->rt_dest, &in); 135 sa_in_init(&rt->rt_netmask, &in); 136 sa_in_init(&rt->rt_gateway, &in); 137 sa_in_init(&rt->rt_ifa, &state->addr->addr); 138 rt->rt_dflags |= RTDF_IPV4LL; 139#ifdef HAVE_ROUTE_METRIC 140 rt->rt_metric += RTMETRIC_IPV4LL; 141#endif 142 return rt_proto_add(routes, rt) ? 1 : 0; 143} 144 145ssize_t 146ipv4ll_env(FILE *fp, const char *prefix, const struct interface *ifp) 147{ 148 const struct ipv4ll_state *state; 149 const char *pf = prefix == NULL ? "" : "_"; 150 struct in_addr netnum; 151 152 assert(ifp != NULL); 153 if ((state = IPV4LL_CSTATE(ifp)) == NULL || state->addr == NULL) 154 return 0; 155 156 /* Emulate a DHCP environment */ 157 if (efprintf(fp, "%s%sip_address=%s", 158 prefix, pf, inet_ntoa(state->addr->addr)) == -1) 159 return -1; 160 if (efprintf(fp, "%s%ssubnet_mask=%s", 161 prefix, pf, inet_ntoa(state->addr->mask)) == -1) 162 return -1; 163 if (efprintf(fp, "%s%ssubnet_cidr=%d", 164 prefix, pf, inet_ntocidr(state->addr->mask)) == -1) 165 return -1; 166 if (efprintf(fp, "%s%sbroadcast_address=%s", 167 prefix, pf, inet_ntoa(state->addr->brd)) == -1) 168 return -1; 169 netnum.s_addr = state->addr->addr.s_addr & state->addr->mask.s_addr; 170 if (efprintf(fp, "%s%snetwork_number=%s", 171 prefix, pf, inet_ntoa(netnum)) == -1) 172 return -1; 173 return 5; 174} 175 176static void 177ipv4ll_announced_arp(struct arp_state *astate) 178{ 179 struct ipv4ll_state *state = IPV4LL_STATE(astate->iface); 180 181 state->conflicts = 0; 182#ifdef KERNEL_RFC5227 183 arp_free(astate); 184#endif 185} 186 187#ifndef KERNEL_RFC5227 188/* This is the callback by ARP freeing */ 189static void 190ipv4ll_free_arp(struct arp_state *astate) 191{ 192 struct ipv4ll_state *state; 193 194 state = IPV4LL_STATE(astate->iface); 195 if (state != NULL && state->arp == astate) 196 state->arp = NULL; 197} 198 199/* This is us freeing any ARP state */ 200static void 201ipv4ll_freearp(struct interface *ifp) 202{ 203 struct ipv4ll_state *state; 204 205 state = IPV4LL_STATE(ifp); 206 if (state == NULL || state->arp == NULL) 207 return; 208 209 eloop_timeout_delete(ifp->ctx->eloop, NULL, state->arp); 210 arp_free(state->arp); 211 state->arp = NULL; 212} 213#else 214#define ipv4ll_freearp(ifp) 215#endif 216 217static void 218ipv4ll_not_found(struct interface *ifp) 219{ 220 struct ipv4ll_state *state; 221 struct ipv4_addr *ia; 222 struct arp_state *astate; 223 224 state = IPV4LL_STATE(ifp); 225 ia = ipv4_iffindaddr(ifp, &state->pickedaddr, &inaddr_llmask); 226#ifdef IN_IFF_NOTREADY 227 if (ia == NULL || ia->addr_flags & IN_IFF_NOTREADY) 228#endif 229 loginfox("%s: using IPv4LL address %s", 230 ifp->name, inet_ntoa(state->pickedaddr)); 231 if (!(ifp->options->options & DHCPCD_CONFIGURE)) 232 goto run; 233 if (ia == NULL) { 234 if (ifp->ctx->options & DHCPCD_TEST) 235 goto test; 236 ia = ipv4_addaddr(ifp, &state->pickedaddr, 237 &inaddr_llmask, &inaddr_llbcast, 238 DHCP_INFINITE_LIFETIME, DHCP_INFINITE_LIFETIME); 239 } 240 if (ia == NULL) 241 return; 242#ifdef IN_IFF_NOTREADY 243 if (ia->addr_flags & IN_IFF_NOTREADY) 244 return; 245 logdebugx("%s: DAD completed for %s", ifp->name, ia->saddr); 246#endif 247 248test: 249 state->addr = ia; 250 state->down = false; 251 if (ifp->ctx->options & DHCPCD_TEST) { 252 script_runreason(ifp, "TEST"); 253 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 254 return; 255 } 256 rt_build(ifp->ctx, AF_INET); 257run: 258 astate = arp_announceaddr(ifp->ctx, &ia->addr); 259 if (astate != NULL) 260 astate->announced_cb = ipv4ll_announced_arp; 261 script_runreason(ifp, "IPV4LL"); 262 dhcpcd_daemonise(ifp->ctx); 263} 264 265static void 266ipv4ll_found(struct interface *ifp) 267{ 268 struct ipv4ll_state *state = IPV4LL_STATE(ifp); 269 270 ipv4ll_freearp(ifp); 271 if (++state->conflicts == MAX_CONFLICTS) 272 logerrx("%s: failed to acquire an IPv4LL address", 273 ifp->name); 274 ipv4ll_pickaddr(ifp); 275 eloop_timeout_add_sec(ifp->ctx->eloop, 276 state->conflicts >= MAX_CONFLICTS ? 277 RATE_LIMIT_INTERVAL : PROBE_WAIT, 278 ipv4ll_start, ifp); 279} 280 281static void 282ipv4ll_defend_failed(struct interface *ifp) 283{ 284 struct ipv4ll_state *state = IPV4LL_STATE(ifp); 285 286 ipv4ll_freearp(ifp); 287 if (ifp->options->options & DHCPCD_CONFIGURE) 288 ipv4_deladdr(state->addr, 1); 289 state->addr = NULL; 290 rt_build(ifp->ctx, AF_INET); 291 script_runreason(ifp, "IPV4LL"); 292 ipv4ll_pickaddr(ifp); 293 ipv4ll_start(ifp); 294} 295 296#ifndef KERNEL_RFC5227 297static void 298ipv4ll_not_found_arp(struct arp_state *astate) 299{ 300 301 ipv4ll_not_found(astate->iface); 302} 303 304static void 305ipv4ll_found_arp(struct arp_state *astate, __unused const struct arp_msg *amsg) 306{ 307 308 ipv4ll_found(astate->iface); 309} 310 311static void 312ipv4ll_defend_failed_arp(struct arp_state *astate) 313{ 314 315 ipv4ll_defend_failed(astate->iface); 316} 317#endif 318 319void 320ipv4ll_start(void *arg) 321{ 322 struct interface *ifp = arg; 323 struct ipv4ll_state *state; 324 struct ipv4_addr *ia; 325 bool repick; 326#ifndef KERNEL_RFC5227 327 struct arp_state *astate; 328#endif 329 330 if ((state = IPV4LL_STATE(ifp)) == NULL) { 331 ifp->if_data[IF_DATA_IPV4LL] = calloc(1, sizeof(*state)); 332 if ((state = IPV4LL_STATE(ifp)) == NULL) { 333 logerr(__func__); 334 return; 335 } 336 } 337 338 if (state->running) 339 return; 340 state->running = true; 341 342 /* RFC 3927 Section 2.1 states that the random number generator 343 * SHOULD be seeded with a value derived from persistent information 344 * such as the IEEE 802 MAC address so that it usually picks 345 * the same address without persistent storage. */ 346 if (!state->seeded) { 347 unsigned int seed; 348 char *orig; 349 350 if (sizeof(seed) > ifp->hwlen) { 351 seed = 0; 352 memcpy(&seed, ifp->hwaddr, ifp->hwlen); 353 } else 354 memcpy(&seed, ifp->hwaddr + ifp->hwlen - sizeof(seed), 355 sizeof(seed)); 356 /* coverity[dont_call] */ 357 orig = initstate(seed, 358 state->randomstate, sizeof(state->randomstate)); 359 360 /* Save the original state. */ 361 if (ifp->ctx->randomstate == NULL) 362 ifp->ctx->randomstate = orig; 363 364 /* Set back the original state until we need the seeded one. */ 365 setstate(ifp->ctx->randomstate); 366 state->seeded = true; 367 } 368 369 /* Find the previosuly used address. */ 370 if (state->pickedaddr.s_addr != INADDR_ANY) 371 ia = ipv4_iffindaddr(ifp, &state->pickedaddr, NULL); 372 else 373 ia = NULL; 374 375 /* Find an existing IPv4LL address and ensure we can work with it. */ 376 if (ia == NULL) 377 ia = ipv4_iffindlladdr(ifp); 378 379 repick = false; 380#ifdef IN_IFF_DUPLICATED 381 if (ia != NULL && ia->addr_flags & IN_IFF_DUPLICATED) { 382 state->pickedaddr = ia->addr; /* So it's not picked again. */ 383 repick = true; 384 if (ifp->options->options & DHCPCD_CONFIGURE) 385 ipv4_deladdr(ia, 0); 386 ia = NULL; 387 } 388#endif 389 390 state->addr = ia; 391 state->down = true; 392 if (ia != NULL) { 393 state->pickedaddr = ia->addr; 394#ifdef IN_IFF_TENTATIVE 395 if (ia->addr_flags & (IN_IFF_TENTATIVE | IN_IFF_DETACHED)) { 396 loginfox("%s: waiting for DAD to complete on %s", 397 ifp->name, inet_ntoa(ia->addr)); 398 return; 399 } 400#endif 401#ifdef IN_IFF_DUPLICATED 402 loginfox("%s: using IPv4LL address %s", ifp->name, ia->saddr); 403#endif 404 } else { 405 loginfox("%s: probing for an IPv4LL address", ifp->name); 406 if (repick || state->pickedaddr.s_addr == INADDR_ANY) 407 ipv4ll_pickaddr(ifp); 408 } 409 410#ifdef KERNEL_RFC5227 411 ipv4ll_not_found(ifp); 412#else 413 ipv4ll_freearp(ifp); 414 state->arp = astate = arp_new(ifp, &state->pickedaddr); 415 if (state->arp == NULL) 416 return; 417 418 astate->found_cb = ipv4ll_found_arp; 419 astate->not_found_cb = ipv4ll_not_found_arp; 420 astate->announced_cb = ipv4ll_announced_arp; 421 astate->defend_failed_cb = ipv4ll_defend_failed_arp; 422 astate->free_cb = ipv4ll_free_arp; 423 arp_probe(astate); 424#endif 425} 426 427void 428ipv4ll_drop(struct interface *ifp) 429{ 430 struct ipv4ll_state *state; 431 bool dropped = false; 432 struct ipv4_state *istate; 433 434 assert(ifp != NULL); 435 436 ipv4ll_freearp(ifp); 437 438 if ((ifp->options->options & DHCPCD_NODROP) == DHCPCD_NODROP) 439 return; 440 441 state = IPV4LL_STATE(ifp); 442 if (state) { 443 state->running = false; 444 if (state->addr != NULL) { 445 if (ifp->options->options & DHCPCD_CONFIGURE) 446 ipv4_deladdr(state->addr, 1); 447 state->addr = NULL; 448 dropped = true; 449 } 450 } 451 452 /* Free any other link local addresses that might exist. */ 453 if ((istate = IPV4_STATE(ifp)) != NULL) { 454 struct ipv4_addr *ia, *ian; 455 456 TAILQ_FOREACH_SAFE(ia, &istate->addrs, next, ian) { 457 if (IN_LINKLOCAL(ntohl(ia->addr.s_addr))) { 458 if (ifp->options->options & DHCPCD_CONFIGURE) 459 ipv4_deladdr(ia, 0); 460 dropped = true; 461 } 462 } 463 } 464 465 if (dropped) { 466 rt_build(ifp->ctx, AF_INET); 467 script_runreason(ifp, "IPV4LL"); 468 } 469} 470 471void 472ipv4ll_reset(struct interface *ifp) 473{ 474 struct ipv4ll_state *state = IPV4LL_STATE(ifp); 475 476 if (state == NULL) 477 return; 478 ipv4ll_freearp(ifp); 479 state->pickedaddr.s_addr = INADDR_ANY; 480 state->seeded = false; 481} 482 483void 484ipv4ll_free(struct interface *ifp) 485{ 486 487 assert(ifp != NULL); 488 489 ipv4ll_freearp(ifp); 490 free(IPV4LL_STATE(ifp)); 491 ifp->if_data[IF_DATA_IPV4LL] = NULL; 492} 493 494/* This may cause issues in BSD systems, where running as a single dhcpcd 495 * daemon would solve this issue easily. */ 496#ifdef HAVE_ROUTE_METRIC 497int 498ipv4ll_recvrt(__unused int cmd, const struct rt *rt) 499{ 500 struct dhcpcd_ctx *ctx; 501 struct interface *ifp; 502 503 /* Only interested in default route changes. */ 504 if (sa_is_unspecified(&rt->rt_dest)) 505 return 0; 506 507 /* If any interface is running IPv4LL, rebuild our routing table. */ 508 ctx = rt->rt_ifp->ctx; 509 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 510 if (IPV4LL_STATE_RUNNING(ifp)) { 511 rt_build(ctx, AF_INET); 512 break; 513 } 514 } 515 516 return 0; 517} 518#endif 519 520struct ipv4_addr * 521ipv4ll_handleifa(int cmd, struct ipv4_addr *ia, pid_t pid) 522{ 523 struct interface *ifp; 524 struct ipv4ll_state *state; 525 526 ifp = ia->iface; 527 state = IPV4LL_STATE(ifp); 528 if (state == NULL) 529 return ia; 530 531 if (cmd == RTM_DELADDR && 532 state->addr != NULL && 533 IN_ARE_ADDR_EQUAL(&state->addr->addr, &ia->addr)) 534 { 535 loginfox("%s: pid %d deleted IP address %s", 536 ifp->name, pid, ia->saddr); 537 ipv4ll_defend_failed(ifp); 538 return ia; 539 } 540 541#ifdef IN_IFF_DUPLICATED 542 if (cmd != RTM_NEWADDR) 543 return ia; 544 if (!IN_ARE_ADDR_EQUAL(&state->pickedaddr, &ia->addr)) 545 return ia; 546 if (!(ia->addr_flags & IN_IFF_NOTUSEABLE)) 547 ipv4ll_not_found(ifp); 548 else if (ia->addr_flags & IN_IFF_DUPLICATED) { 549 logerrx("%s: DAD detected %s", ifp->name, ia->saddr); 550 ipv4ll_freearp(ifp); 551 if (ifp->options->options & DHCPCD_CONFIGURE) 552 ipv4_deladdr(ia, 1); 553 state->addr = NULL; 554 rt_build(ifp->ctx, AF_INET); 555 ipv4ll_found(ifp); 556 return NULL; 557 } 558#endif 559 560 return ia; 561} 562