On Mon, Apr 7, 2014 at 9:44 AM, Susant Sahani <sus...@redhat.com> wrote:
This patch enables basic ipip tunnel support.
It works with kernel module ipip
Example configuration
file: ipip.netdev
[NetDev]
Name=ipip-tun
Kind=ipip
[Tunnel]
Local=192.168.8.102
Remote=10.4.4.4
TTL=64
MTUBytes=1480
file: ipip.network
[Match]
Name=eth0
[Network]
Tunnel=ipip-tun
---
Makefile.am | 7 +-
src/libsystemd-network/network-internal.c | 33 ++++++
src/libsystemd-network/network-internal.h | 3 +
src/libsystemd/sd-rtnl/rtnl-types.c | 4 +-
src/network/networkd-link.c | 25 ++++-
src/network/networkd-manager.c | 19 ++++
src/network/networkd-netdev-gperf.gperf | 4 +
src/network/networkd-netdev.c | 175 +++++++++++++++++++++++++++++-
src/network/networkd-network-gperf.gperf | 1 +
src/network/networkd-network.c | 37 +++++++
src/network/networkd.c | 6 +
src/network/networkd.h | 27 +++++
12 files changed, 334 insertions(+), 7 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index c51f6ae..60c7016 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -4144,8 +4144,8 @@ systemd_networkd_SOURCES = \
src/network/networkd.c
systemd_networkd_LDADD = \
- libsystemd-networkd-core.la
-
+ libsystemd-networkd-core.la \
+ -lkmod
noinst_LTLIBRARIES += \
libsystemd-networkd-core.la
@@ -4189,7 +4189,8 @@ test_network_SOURCES = \
src/network/test-network.c
test_network_LDADD = \
- libsystemd-networkd-core.la
+ libsystemd-networkd-core.la \
+ -lkmod
tests += \
test-network
diff --git a/src/libsystemd-network/network-internal.c
b/src/libsystemd-network/network-internal.c
index 3686267..5b41cdb 100644
--- a/src/libsystemd-network/network-internal.c
+++ b/src/libsystemd-network/network-internal.c
@@ -326,3 +326,36 @@ int net_parse_inaddr(const char *address, unsigned char
*family, void *dst) {
return 0;
}
+
+int load_module(struct kmod_ctx *ctx, const char *mod_name) {
+ struct kmod_list *modlist = NULL, *l;
+ int r;
+
+ assert(ctx);
+ assert(mod_name);
+
+ r = kmod_module_new_from_lookup(ctx, mod_name, &modlist);
+ if (r < 0)
+ return r;
+
+ if (!modlist) {
+ log_error("Failed to find module '%s'", mod_name);
+ return -ENOENT;
+ }
+
+ kmod_list_foreach(l, modlist) {
+ struct kmod_module *mod = kmod_module_get_module(l);
+
+ r = kmod_module_probe_insert_module(mod, 0, NULL, NULL, NULL,
NULL);
+ if (r >= 0)
+ r = 0;
+ else
+ r = -1;
+
+ kmod_module_unref(mod);
+ }
+
+ kmod_module_unref_list(modlist);
+
+ return r;
+}
diff --git a/src/libsystemd-network/network-internal.h
b/src/libsystemd-network/network-internal.h
index 65cd0d7..28f53b9 100644
--- a/src/libsystemd-network/network-internal.h
+++ b/src/libsystemd-network/network-internal.h
@@ -24,6 +24,7 @@
#include <netinet/ether.h>
#include <netinet/in.h>
#include <stdbool.h>
+#include <libkmod.h>
#include "udev.h"
#include "condition-util.h"
@@ -65,3 +66,5 @@ int config_parse_ifalias(const char *unit, const char
*filename, unsigned line,
int net_parse_inaddr(const char *address, unsigned char *family, void *dst);
int net_get_unique_predictable_data(struct udev_device *device, uint8_t
result[8]);
+
+int load_module(struct kmod_ctx *ctx, const char *mod_name);
diff --git a/src/libsystemd/sd-rtnl/rtnl-types.c
b/src/libsystemd/sd-rtnl/rtnl-types.c
index 44ac5ec..96467a3 100644
--- a/src/libsystemd/sd-rtnl/rtnl-types.c
+++ b/src/libsystemd/sd-rtnl/rtnl-types.c
@@ -104,8 +104,8 @@ static const NLType
rtnl_link_info_data_bond_types[IFLA_BOND_MAX + 1] = {
static const NLType rtnl_link_info_data_iptun_types[IFLA_IPTUN_MAX + 1] = {
[IFLA_IPTUN_LINK] = { .type = NLA_U32 },
- [IFLA_IPTUN_LOCAL] = { .type = NLA_U32 },
- [IFLA_IPTUN_REMOTE] = { .type = NLA_U32 },
+ [IFLA_IPTUN_LOCAL] = { .type = NLA_IN_ADDR },
+ [IFLA_IPTUN_REMOTE] = { .type = NLA_IN_ADDR },
[IFLA_IPTUN_TTL] = { .type = NLA_U8 },
[IFLA_IPTUN_TOS] = { .type = NLA_U8 },
[IFLA_IPTUN_PMTUDISC] = { .type = NLA_U8 },
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index 63d253d..848eddd 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -1207,7 +1207,9 @@ static int link_enter_enslave(Link *link) {
link_save(link);
- if (!link->network->bridge && !link->network->bond &&
+ if (!link->network->bridge &&
+ !link->network->bond &&
+ !link->network->tunnel &&
hashmap_isempty(link->network->vlans) &&
hashmap_isempty(link->network->macvlans))
return link_enslaved(link);
@@ -1254,6 +1256,27 @@ static int link_enter_enslave(Link *link) {
link->enslaving ++;
}
+ if (link->network->tunnel) {
+ log_struct_link(LOG_DEBUG, link,
+ "MESSAGE=%s: enslaving by '%s'",
+ link->ifname, link->network->tunnel->name,
+ NETDEV(link->network->tunnel),
+ NULL);
+
+ r = netdev_enslave(link->network->tunnel, link,
&enslave_handler);
+ if (r < 0) {
+ log_struct_link(LOG_WARNING, link,
+ "MESSAGE=%s: could not enslave by '%s':
%s",
+ link->ifname,
link->network->tunnel->name, strerror(-r),
+ NETDEV(link->network->tunnel),
+ NULL);
+ link_enter_failed(link);
+ return r;
+ }
+
+ link->enslaving ++;
+ }
+
HASHMAP_FOREACH(vlan, link->network->vlans, i) {
log_struct_link(LOG_DEBUG, link,
"MESSAGE=%s: enslaving by '%s'",
diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c
index d903d0d..7b47380 100644
--- a/src/network/networkd-manager.c
+++ b/src/network/networkd-manager.c
@@ -20,6 +20,7 @@
***/
#include <resolv.h>
+#include <libkmod.h>
#include "path-util.h"
#include "networkd.h"
@@ -158,6 +159,8 @@ void manager_free(Manager *m) {
sd_rtnl_unref(m->rtnl);
+ kmod_unref(m->kmod_ctx);
+
free(m);
}
@@ -467,3 +470,19 @@ int manager_update_resolv_conf(Manager *m) {
return 0;
}
+
+int manager_init_kmod_ctx(Manager *m) {
+ struct kmod_ctx *ctx;
+
+ assert(m);
+
+ ctx = kmod_new(NULL, NULL);
+ if (!ctx) {
+ kmod_unref(ctx);
If ctx == NULL, then it is not necessary to unref it. Also, not sure
it is necessary to use a temporary ctx variable rather than assigning
directly to m->kmod_ctx. Worst case, that will be set to NULL (which
it already is).
+ return -ENOMEM;
+ }
+
+ m->kmod_ctx = ctx;
+
+ return 0;
+}
diff --git a/src/network/networkd-netdev-gperf.gperf
b/src/network/networkd-netdev-gperf.gperf
index ea7ba57..fad828f 100644
--- a/src/network/networkd-netdev-gperf.gperf
+++ b/src/network/networkd-netdev-gperf.gperf
@@ -24,3 +24,7 @@ NetDev.Name, config_parse_ifname,
0,
NetDev.Kind, config_parse_netdev_kind, 0,
offsetof(NetDev, kind)
VLAN.Id, config_parse_uint64, 0,
offsetof(NetDev, vlanid)
MACVLAN.Mode, config_parse_macvlan_mode, 0,
offsetof(NetDev, macvlan_mode)
+Tunnel.TTL, config_parse_int, 0,
offsetof(NetDev, tunnel_ttl)
+Tunnel.MTUBytes, config_parse_int, 0,
offsetof(NetDev, tunnel_mtu)
+Tunnel.Local, config_parse_tunnel_address, 0,
offsetof(NetDev, tunnel_local)
+Tunnel.Remote, config_parse_tunnel_address, 0,
offsetof(NetDev, tunnel_remote)
diff --git a/src/network/networkd-netdev.c b/src/network/networkd-netdev.c
index 92548d9..020c828 100644
--- a/src/network/networkd-netdev.c
+++ b/src/network/networkd-netdev.c
@@ -18,6 +18,12 @@
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+#include <netinet/ether.h>
+#include <arpa/inet.h>
+#include <net/if.h>
+#include <linux/ip.h>
+#include <linux/if_tunnel.h>
+#include <libkmod.h>
#include "networkd.h"
#include "network-internal.h"
@@ -33,6 +39,9 @@ static const char* const netdev_kind_table[_NETDEV_KIND_MAX]
= {
[NETDEV_KIND_BOND] = "bond",
[NETDEV_KIND_VLAN] = "vlan",
[NETDEV_KIND_MACVLAN] = "macvlan",
+ [NETDEV_KIND_IPIP] = "ipip",
+ [NETDEV_KIND_GRE] = "gre",
+ [NETDEV_KIND_SIT] = "sit",
};
DEFINE_STRING_TABLE_LOOKUP(netdev_kind, NetDevKind);
@@ -242,6 +251,165 @@ static int netdev_create_handler(sd_rtnl *rtnl,
sd_rtnl_message *m, void *userda
return 1;
}
+int config_parse_tunnel_address(const char *unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+ NetDev *n = userdata;
Pass in the address structure directly, then you don't need to match
on the local variable below, and you also don't have to hardcode
anything to do with netdev :)
+ else
+ r = net_parse_inaddr(rvalue, &family,
&n->tunnel_remote.s_addr);
+
+ if (r < 0) {
+ log_syntax(unit, LOG_ERR, filename, line, EINVAL,
+ "Tunnel address is invalid, ignoring assignment:
%s", rvalue);
+ return 0;
+ }
+
+ return 0;
+}
+
+int netdev_create_tunnel(Link *link) {
+ _cleanup_rtnl_message_unref_ sd_rtnl_message *m = NULL;
+ NetDev *netdev;
+ int r;
+
+ assert(link);
+ assert(link->network);
+ assert(link->network->tunnel);
+
+ netdev = link->network->tunnel;
+
+ assert(netdev);
+ assert(netdev->name);
+ assert(netdev->manager);
+ assert(netdev->manager->rtnl);
+ assert(netdev->manager->kmod_ctx);
+
+ if(netdev->kind == NETDEV_KIND_IPIP ||
+ netdev->kind == NETDEV_KIND_GRE ||
+ netdev->kind == NETDEV_KIND_SIT) {
+ r = load_module(netdev->manager->kmod_ctx,
netdev_kind_to_string(netdev->kind));
+ if (r < 0) {
+ log_error_netdev(netdev, "Could not load Kernel module .
Ignoring");
+ return 0;
+ }
+ }
+
+ r = sd_rtnl_message_new_link(netdev->manager->rtnl, &m, RTM_NEWLINK,
0);
+ if (r < 0) {
+ log_error_netdev(netdev,
+ "Could not allocate RTM_NEWLINK message: %s",
+ strerror(-r));
+ return r;
+ }
+
+ r = sd_rtnl_message_append_string(m, IFLA_IFNAME, netdev->name);
+ if (r < 0) {
+ log_error_netdev(netdev,
+ "Could not append IFLA_IFNAME, attribute: %s",
+ strerror(-r));
+ return r;
+ }
+
+ if(netdev->tunnel_mtu) {
+ r = sd_rtnl_message_append_u32(m, IFLA_MTU,
netdev->tunnel_mtu);
+ if (r < 0) {
+ log_error_netdev(netdev,
+ "Could not append IFLA_MTU attribute:
%s",
+ strerror(-r));
+ return r;
+ }
+ }
+
+ r = sd_rtnl_message_open_container(m, IFLA_LINKINFO);
+ if (r < 0) {
+ log_error_netdev(netdev,
+ "Could not append IFLA_LINKINFO attribute:
%s",
+ strerror(-r));
+ return r;
+ }
+
+ r = sd_rtnl_message_open_container_union(m, IFLA_INFO_DATA,
+
netdev_kind_to_string(netdev->kind));
+ if (r < 0) {
+ log_error_netdev(netdev,
+ "Could not append IFLA_INFO_DATA attribute:
%s",
+ strerror(-r));
+ return r;
+ }
+
+ r = sd_rtnl_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex);
+ if (r < 0) {
+ log_error_netdev(netdev,
+ "Could not append IFLA_IPTUN_LINK attribute:
%s",
+ strerror(-r));
+ return r;
+ }
+
+ r= sd_rtnl_message_append_in_addr(m, IFLA_IPTUN_LOCAL, (const struct
in_addr *)
If you need to cast something is almost certainly wrong :) Simply pass
in the address structure rather than s_addr (as above), and it will
work without casting (the effect is obviously the same, but better to
take advantage of the type-checking if we can).
+ &netdev->tunnel_local.s_addr);
+ if (r < 0) {
+ log_error_netdev(netdev,
+ "Could not append IFLA_IPTUN_LOCAL attribute:
%s",
+ strerror(-r));
+ return r;
+ }
+
+ r= sd_rtnl_message_append_in_addr(m, IFLA_IPTUN_REMOTE, (const struct
in_addr *)
+ &netdev->tunnel_remote.s_addr);
As above.