nm-device.c

/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
 * Copyright (C) 2005 - 2018 Red Hat, Inc.
 * Copyright (C) 2006 - 2008 Novell, Inc.
 */

#include "src/core/nm-default-daemon.h"

#include "nm-device.h"

#include <unistd.h>
#include <sys/ioctl.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <arpa/inet.h>
#include <fcntl.h>
#include <netinet/in.h>
#include <netinet/if_ether.h>
#include <linux/if.h>
#include <linux/if_addr.h>
#include <linux/rtnetlink.h>
#include <linux/if_ether.h>
#include <linux/if_infiniband.h>

#include "libnm-std-aux/unaligned.h"
#include "libnm-glib-aux/nm-uuid.h"
#include "libnm-glib-aux/nm-dedup-multi.h"
#include "libnm-glib-aux/nm-random-utils.h"
#include "libnm-systemd-shared/nm-sd-utils-shared.h"

#include "libnm-base/nm-ethtool-base.h"
#include "libnm-core-aux-intern/nm-common-macros.h"
#include "nm-device-private.h"
#include "nm-l3cfg.h"
#include "nm-l3-config-data.h"
#include "nm-l3-ipv4ll.h"
#include "nm-l3-ipv6ll.h"
#include "NetworkManagerUtils.h"
#include "nm-manager.h"
#include "libnm-platform/nm-platform.h"
#include "libnm-platform/nm-platform-utils.h"
#include "libnm-platform/nmp-object.h"
#include "libnm-platform/nmp-rules-manager.h"
#include "ndisc/nm-ndisc.h"
#include "ndisc/nm-lndp-ndisc.h"

#include "dhcp/nm-dhcp-manager.h"
#include "dhcp/nm-dhcp-utils.h"
#include "nm-act-request.h"
#include "nm-pacrunner-manager.h"
#include "dnsmasq/nm-dnsmasq-manager.h"
#include "nm-ip-config.h"
#include "nm-dhcp-config.h"
#include "nm-rfkill-manager.h"
#include "nm-firewall-utils.h"
#include "nm-firewalld-manager.h"
#include "settings/nm-settings-connection.h"
#include "settings/nm-settings.h"
#include "nm-setting-ethtool.h"
#include "nm-setting-ovs-external-ids.h"
#include "nm-setting-user.h"
#include "nm-auth-utils.h"
#include "nm-keep-alive.h"
#include "nm-netns.h"
#include "nm-dispatcher.h"
#include "nm-config.h"
#include "c-list/src/c-list.h"
#include "dns/nm-dns-manager.h"
#include "libnm-core-intern/nm-core-internal.h"
#include "libnm-systemd-core/nm-sd.h"
#include "nm-lldp-listener.h"
#include "nm-audit-manager.h"
#include "nm-connectivity.h"
#include "nm-dbus-interface.h"
#include "nm-hostname-manager.h"

#include "nm-device-generic.h"
#include "nm-device-vlan.h"
#include "nm-device-vrf.h"
#include "nm-device-wireguard.h"

#include "nm-device-logging.h"

/*****************************************************************************/

#define DEFAULT_AUTOCONNECT TRUE

#define GRACE_PERIOD_MULTIPLIER 2U

#define CARRIER_WAIT_TIME_MS           6000
#define CARRIER_WAIT_TIME_AFTER_MTU_MS 10000

#define NM_DEVICE_AUTH_RETRIES_UNSET    -1
#define NM_DEVICE_AUTH_RETRIES_INFINITY -2
#define NM_DEVICE_AUTH_RETRIES_DEFAULT  3

/*****************************************************************************/

typedef void (*ActivationHandleFunc)(NMDevice *self);

typedef enum {
    CLEANUP_TYPE_KEEP,
    CLEANUP_TYPE_REMOVED,
    CLEANUP_TYPE_DECONFIGURE,
} CleanupType;

typedef enum _nm_packed {
    ADDR_METHOD_STATE_DISABLED,
    ADDR_METHOD_STATE_PENDING,
    ADDR_METHOD_STATE_GOOD,
    ADDR_METHOD_STATE_FAILED,
} AddrMethodState;

typedef struct {
    CList     lst_slave;
    NMDevice *slave;
    gulong    watch_id;
    bool      slave_is_enslaved;
    bool      configure;
} SlaveInfo;

typedef struct {
    NMDevice *device;
    guint     idle_add_id;
} DeleteOnDeactivateData;

typedef struct {
    NMDevice               *device;
    GCancellable           *cancellable;
    NMPlatformAsyncCallback callback;
    gpointer                callback_data;
    guint                   num_vfs;
    NMOptionBool            autoprobe;
} SriovOp;

typedef enum {
    /* The various NML3ConfigData types that we track explicitly. Note that
     * their relative order matters: higher numbers in this enum means more
     * important (and during merge overwrites other settings). */

    L3_CONFIG_DATA_TYPE_MANUALIP,

    L3_CONFIG_DATA_TYPE_LL_4,
    L3_CONFIG_DATA_TYPE_LL_6,

#define L3_CONFIG_DATA_TYPE_LL_X(IS_IPv4) \
    ((IS_IPv4) ? L3_CONFIG_DATA_TYPE_LL_4 : L3_CONFIG_DATA_TYPE_LL_6)

    L3_CONFIG_DATA_TYPE_AC_6,
    L3_CONFIG_DATA_TYPE_PD_6,

    L3_CONFIG_DATA_TYPE_DHCP_4,
    L3_CONFIG_DATA_TYPE_DHCP_6,

#define L3_CONFIG_DATA_TYPE_DHCP_X(IS_IPv4) \
    ((IS_IPv4) ? L3_CONFIG_DATA_TYPE_DHCP_4 : L3_CONFIG_DATA_TYPE_DHCP_6)

    L3_CONFIG_DATA_TYPE_SHARED_4,
    L3_CONFIG_DATA_TYPE_DEVIP_UNSPEC,
    L3_CONFIG_DATA_TYPE_DEVIP_4,
    L3_CONFIG_DATA_TYPE_DEVIP_6,

#define L3_CONFIG_DATA_TYPE_DEVIP(addr_family)     \
    ({                                             \
        L3ConfigDataType _t;                       \
                                                   \
        switch (addr_family) {                     \
        case AF_INET:                              \
            _t = L3_CONFIG_DATA_TYPE_DEVIP_4;      \
            break;                                 \
        case AF_INET6:                             \
            _t = L3_CONFIG_DATA_TYPE_DEVIP_6;      \
            break;                                 \
        default:                                   \
            nm_assert_not_reached();               \
            /* fall-through */                     \
        case AF_UNSPEC:                            \
            _t = L3_CONFIG_DATA_TYPE_DEVIP_UNSPEC; \
            break;                                 \
        }                                          \
                                                   \
        _t;                                        \
    })

    _L3_CONFIG_DATA_TYPE_NUM,
    _L3_CONFIG_DATA_TYPE_NONE,
    _L3_CONFIG_DATA_TYPE_ACD_ONLY,
} L3ConfigDataType;

G_STATIC_ASSERT(NM_L3CFG_CONFIG_PRIORITY_IPV4LL == L3_CONFIG_DATA_TYPE_LL_4);

typedef enum {
    HW_ADDR_TYPE_UNSET = 0,
    HW_ADDR_TYPE_PERMANENT,
    HW_ADDR_TYPE_EXPLICIT,
    HW_ADDR_TYPE_GENERATED,
} HwAddrType;

typedef enum {
    FIREWALL_STATE_UNMANAGED = 0,
    FIREWALL_STATE_INITIALIZED,
    FIREWALL_STATE_WAIT_STAGE_3,
    FIREWALL_STATE_WAIT_IP_CONFIG,
} FirewallState;

typedef struct {
    NMIPConfig *ip_config;
} L3IPData;

typedef struct {
    GSource *check_async_source;
    GSource *req_timeout_source;
    union {
        const NMDeviceIPState state;
        NMDeviceIPState       state_;
    };
    bool wait_for_carrier : 1;
    bool wait_for_ports : 1;
    bool is_disabled : 1;
    bool is_ignore : 1;
    bool do_reapply : 1;
} IPStateData;

typedef struct {
    NMDhcpClient   *client;
    NMDhcpConfig   *config;
    gulong          notify_sigid;
    NMDeviceIPState state;
    union {
        struct {
        } v4;
        struct {
            guint            needed_prefixes;
            NMNDiscDHCPLevel mode;
        } v6;
    };
} IPDhcpStateData;

typedef struct {
    NMDeviceIPState     state;
    NMDeviceStateReason failed_reason;
} IPDevStateData;

typedef struct {
    NMDeviceIPState state;
    union {
        struct {
            NMDnsMasqManager      *dnsmasq_manager;
            NMNetnsSharedIPHandle *shared_ip_handle;
            NMFirewallConfig      *firewall_config;
            gulong                 dnsmasq_state_id;
            const NML3ConfigData  *l3cd;
        } v4;
        struct {
        } v6;
    };
} IPSharedStateData;

typedef struct {
    NMDeviceIPState state;
    union {
        struct {
            NML3IPv4LL             *ipv4ll;
            NML3IPv4LLRegistration *ipv4ll_registation;
            GSource                *timeout_source;
        } v4;
        struct {
            NML3IPv6LL     *ipv6ll;
            GSource        *retry_source;
            NML3IPv6LLState llstate;
            struct in6_addr lladdr;
        } v6;
    };
} IPLLStateData;

struct _NMDeviceConnectivityHandle {
    CList                        concheck_lst;
    NMDevice                    *self;
    NMDeviceConnectivityCallback callback;
    gpointer                     user_data;
    NMConnectivityCheckHandle   *c_handle;
    guint64                      seq;
    bool                         is_periodic : 1;
    bool                         is_periodic_bump : 1;
    bool                         is_periodic_bump_on_complete : 1;
    int                          addr_family;
};

typedef struct {
    int                     ifindex;
    NMEthtoolFeatureStates *features;
    NMOptionBool            requested[_NM_ETHTOOL_ID_FEATURE_NUM];
    NMEthtoolCoalesceState *coalesce;
    NMEthtoolRingState     *ring;
    NMEthtoolPauseState    *pause;
} EthtoolState;

typedef enum {
    RESOLVER_WAIT_ADDRESS = 0,
    RESOLVER_IN_PROGRESS,
    RESOLVER_DONE,
} ResolverState;

typedef struct {
    ResolverState state;
    GInetAddress *address;
    GCancellable *cancellable;
    char         *hostname;
    NMDevice     *device;
    guint         timeout_id; /* Used when waiting for the address */
    int           addr_family;
} HostnameResolver;

/*****************************************************************************/

enum {
    STATE_CHANGED,
    AUTOCONNECT_ALLOWED,
    L3CD_CHANGED,
    IP6_PREFIX_DELEGATED,
    IP6_SUBNET_NEEDED,
    REMOVED,
    RECHECK_AUTO_ACTIVATE,
    RECHECK_ASSUME,
    DNS_LOOKUP_DONE,
    PLATFORM_ADDRESS_CHANGED,
    LAST_SIGNAL,
};
static guint signals[LAST_SIGNAL] = {0};

NM_GOBJECT_PROPERTIES_DEFINE(NMDevice,
                             PROP_UDI,
                             PROP_PATH,
                             PROP_IFACE,
                             PROP_IP_IFACE,
                             PROP_DRIVER,
                             PROP_DRIVER_VERSION,
                             PROP_FIRMWARE_VERSION,
                             PROP_CAPABILITIES,
                             PROP_CARRIER,
                             PROP_MTU,
                             PROP_IP4_ADDRESS,
                             PROP_IP4_CONFIG,
                             PROP_DHCP4_CONFIG,

#define PROP_DHCPX_CONFIG(IS_IPv4) ((IS_IPv4) ? PROP_DHCP4_CONFIG : PROP_DHCP6_CONFIG)

                             PROP_IP6_CONFIG,
                             PROP_DHCP6_CONFIG,
                             PROP_STATE,
                             PROP_STATE_REASON,
                             PROP_ACTIVE_CONNECTION,
                             PROP_DEVICE_TYPE,
                             PROP_LINK_TYPE,
                             PROP_MANAGED,
                             PROP_AUTOCONNECT,
                             PROP_FIRMWARE_MISSING,
                             PROP_NM_PLUGIN_MISSING,
                             PROP_TYPE_DESC,
                             PROP_RFKILL_TYPE,
                             PROP_IFINDEX,
                             PROP_AVAILABLE_CONNECTIONS,
                             PROP_PHYSICAL_PORT_ID,
                             PROP_MASTER,
                             PROP_PARENT,
                             PROP_HW_ADDRESS,
                             PROP_PERM_HW_ADDRESS,
                             PROP_HAS_PENDING_ACTION,
                             PROP_METERED,
                             PROP_LLDP_NEIGHBORS,
                             PROP_REAL,
                             PROP_SLAVES,
                             PROP_STATISTICS_REFRESH_RATE_MS,
                             PROP_STATISTICS_TX_BYTES,
                             PROP_STATISTICS_RX_BYTES,
                             PROP_IP4_CONNECTIVITY,
                             PROP_IP6_CONNECTIVITY,
                             PROP_INTERFACE_FLAGS,
                             PROP_PORTS, );

typedef struct _NMDevicePrivate {
    guint device_link_changed_id;
    guint device_ip_link_changed_id;

    NMDeviceState       state;
    NMDeviceStateReason state_reason;
    struct {
        guint id;

        /* The @state/@reason is only valid, when @id is set. */
        NMDeviceState       state;
        NMDeviceStateReason reason;
    } queued_state;

    struct {
        const char **arr;
        guint        len;
        guint        alloc;
    } pending_actions;

    NMDBusTrackObjPath parent_device;

    char *udi;
    char *path;

    union {
        const char *const iface;
        char             *iface_;
    };
    union {
        const char *const ip_iface;
        char             *ip_iface_;
    };

    union {
        NML3Cfg *const l3cfg;
        NML3Cfg       *l3cfg_;
    };

    union {
        struct {
            L3IPData l3ipdata_6;
            L3IPData l3ipdata_4;
        };
        L3IPData l3ipdata_x[2];
    };

    NML3CfgCommitTypeHandle *l3cfg_commit_type;

    union {
        const int ifindex;
        int       ifindex_;
    };

    union {
        const int ip_ifindex;
        int       ip_ifindex_;
    };

    union {
        const NML3ConfigData *d;
    } l3cds[_L3_CONFIG_DATA_TYPE_NUM];

    int parent_ifindex;

    int auth_retries;

    union {
        struct {
            HostnameResolver *hostname_resolver_6;
            HostnameResolver *hostname_resolver_4;
        };
        HostnameResolver *hostname_resolver_x[2];
    };

    union {
        const guint8 hw_addr_len; /* read-only */
        guint8       hw_addr_len_;
    };

    HwAddrType hw_addr_type : 5;

    bool real : 1;

    NMDeviceType         type;
    char                *type_desc;
    NMLinkType           link_type;
    NMDeviceCapabilities capabilities;
    char                *driver;
    char                *driver_version;
    char                *firmware_version;
    RfKillType           rfkill_type;
    bool                 firmware_missing : 1;
    bool                 nm_plugin_missing : 1;
    bool
        hw_addr_perm_fake : 1; /* whether the permanent HW address could not be read and is a fake */

    guint8 in_state_changed : 4;

    NMUtilsStableType current_stable_id_type : 3;

    bool nm_owned : 1; /* whether the device is a device owned and created by NM */

    bool  assume_state_guess_assume : 1;
    char *assume_state_connection_uuid;

    guint64 udi_id;

    GHashTable *available_connections;
    char       *hw_addr;
    char       *hw_addr_perm;
    char       *hw_addr_initial;
    char       *physical_port_id;
    guint       dev_id;

    NMUnmanagedFlags unmanaged_mask;
    NMUnmanagedFlags unmanaged_flags;
    DeleteOnDeactivateData
        *delete_on_deactivate_data; /* data for scheduled cleanup when deleting link (g_idle_add) */

    GCancellable *deactivating_cancellable;

    NMActRequest      *queued_act_request;
    bool               queued_act_request_is_waiting_for_carrier : 1;
    NMDBusTrackObjPath act_request;

    GSource             *activation_idle_source;
    ActivationHandleFunc activation_func;

    guint recheck_assume_id;

    struct {
        guint               call_id;
        NMDeviceStateReason available_reason;
        NMDeviceStateReason unavailable_reason;
    } recheck_available;

    struct {
        NMDispatcherCallId *call_id;
        NMDeviceState       post_state;
        NMDeviceStateReason post_state_reason;
    } dispatcher;

    /* Link stuff */
    guint             link_connected_id;
    guint             link_disconnected_id;
    guint             carrier_defer_id;
    guint             carrier_wait_id;
    gulong            config_changed_id;
    gulong            ifindex_changed_id;
    guint32           mtu;
    guint32           ip6_mtu; /* FIXME(l3cfg) */
    guint32           mtu_initial;
    guint32           ip6_mtu_initial;
    NMDeviceMtuSource mtu_source;

    guint32 v4_route_table;
    guint32 v6_route_table;

    /* when carrier goes away, we give a grace period of _get_carrier_wait_ms()
     * until taking action.
     *
     * When changing MTU, the device might take longer then that. So, whenever
     * NM changes the MTU it sets @carrier_wait_until_ms to CARRIER_WAIT_TIME_AFTER_MTU_MS
     * in the future. This is used to extend the grace period in this particular case. */
    gint64 carrier_wait_until_ms;

    union {
        struct {
            NML3ConfigMergeFlags l3config_merge_flags_6;
            NML3ConfigMergeFlags l3config_merge_flags_4;
        };
        NML3ConfigMergeFlags l3config_merge_flags_x[2];
    };

    union {
        const NMDeviceSysIfaceState sys_iface_state;
        NMDeviceSysIfaceState       sys_iface_state_;
    };

    bool carrier : 1;
    bool ignore_carrier : 1;

    bool up : 1; /* IFF_UP */

    bool v4_route_table_initialized : 1;
    bool v6_route_table_initialized : 1;

    bool l3config_merge_flags_has : 1;

    bool v4_route_table_all_sync_before : 1;
    bool v6_route_table_all_sync_before : 1;

    NMDeviceAutoconnectBlockedFlags autoconnect_blocked_flags : 5;

    bool is_enslaved : 1;

    bool device_link_changed_down : 1;

    bool concheck_rp_filter_checked : 1;

    bool tc_committed : 1;

    NMDeviceStageState stage1_sriov_state : 3;

    char *current_stable_id;

    NMPacrunnerConfId *pacrunner_conf_id;

    struct {
        union {
            const NMDeviceIPState state;
            NMDeviceIPState       state_;
        };
    } ip_data;

    union {
        struct {
            IPStateData ip_data_6;
            IPStateData ip_data_4;
        };
        IPStateData ip_data_x[2];
    };

    struct {
        GSource *carrier_timeout;
        union {
            struct {
                NMDeviceIPState state_6;
                NMDeviceIPState state_4;
            };
            NMDeviceIPState state_x[2];
        };
        bool carrier_timeout_expired;
    } ipmanual_data;

    union {
        struct {
            IPDhcpStateData ipdhcp_data_6;
            IPDhcpStateData ipdhcp_data_4;
        };
        IPDhcpStateData ipdhcp_data_x[2];
    };

    struct {
        NMNDisc              *ndisc;
        GSource              *ndisc_grace_source;
        gulong                ndisc_changed_id;
        gulong                ndisc_timeout_id;
        NMDeviceIPState       state;
        const NML3ConfigData *l3cd;
    } ipac6_data;

    union {
        struct {
            IPLLStateData ipll_data_6;
            IPLLStateData ipll_data_4;
        };
        IPLLStateData ipll_data_x[2];
    };

    union {
        struct {
            IPSharedStateData ipshared_data_6;
            IPSharedStateData ipshared_data_4;
        };
        IPSharedStateData ipshared_data_x[2];
    };

    union {
        struct {
            IPDevStateData ipdev_data_6;
            IPDevStateData ipdev_data_4;
        };
        IPDevStateData ipdev_data_x[2];
    };

    IPDevStateData ipdev_data_unspec;

    struct {
        /* If we set the addrgenmode6, this records the previously set value. */
        guint8 previous_mode_val;

        /* whether @previous_mode_val is set. */
        bool previous_mode_has : 1;
    } addrgenmode6_data;

    struct {
        NMLogDomain log_domain;
        guint       timeout;
        guint       watch;
        GPid        pid;
        char       *binary;
        char       *address;
        guint       deadline;
    } gw_ping;

    /* Firewall */
    FirewallState             fw_state : 4;
    NMFirewalldManager       *fw_mgr;
    NMFirewalldManagerCallId *fw_call;

    GHashTable *ip6_saved_properties;

    EthtoolState *ethtool_state;

    /* master interface for bridge/bond/team slave */
    NMDevice *master;
    gulong    master_ready_id;
    int       master_ifindex;

    /* slave management */
    CList slaves; /* list of SlaveInfo */

    NMMetered metered;

    NMSettings *settings;
    NMManager  *manager;

    NMNetns *netns;

    NMLldpListener *lldp_listener;

    NMConnectivity *concheck_mgr;
    CList           concheck_lst_head;
    struct {
        /* if periodic checks are enabled, this is the source id for the next check. */
        guint p_cur_id;

        /* the currently configured max periodic interval. */
        guint p_max_interval;

        /* the current interval. If we are probing, the interval might be lower
         * then the configured max interval. */
        guint p_cur_interval;

        /* the timestamp, when we last scheduled the timer p_cur_id with current interval
         * p_cur_interval. */
        gint64 p_cur_basetime_ns;

        NMConnectivityState state;
    } concheck_x[2];

    guint   check_delete_unrealized_id;
    guint32 interface_flags;

    struct {
        SriovOp *pending; /* SR-IOV operation currently running */
        SriovOp *next;    /* next SR-IOV operation scheduled */
    } sriov;
    guint sriov_reset_pending;

    struct {
        GSource *timeout_source;
        guint    refresh_rate_ms;
        guint64  tx_bytes;
        guint64  rx_bytes;
    } stats;

    bool mtu_force_set_done : 1;

    bool needs_ip6_subnet : 1;

    NMOptionBool promisc_reset;

    GVariant *ports_variant; /* Array of port devices D-Bus path */
    char     *prop_ip_iface; /* IP interface D-Bus property */
} NMDevicePrivate;

G_DEFINE_ABSTRACT_TYPE(NMDevice, nm_device, NM_TYPE_DBUS_OBJECT)

#define NM_DEVICE_GET_PRIVATE(self) _NM_GET_PRIVATE_PTR(self, NMDevice, NM_IS_DEVICE)

/*****************************************************************************/

static const NMDBusInterfaceInfoExtended interface_info_device;
static const GDBusSignalInfo             signal_info_state_changed;

static void _dev_l3_cfg_commit(NMDevice *self, gboolean do_sync);

static void _dev_l3_cfg_commit_type_reset(NMDevice *self);

static gboolean nm_device_master_add_slave(NMDevice *self, NMDevice *slave, gboolean configure);
static void     nm_device_slave_notify_enslave(NMDevice *self, gboolean success);
static void     nm_device_slave_notify_release(NMDevice *self, NMDeviceStateReason reason);

static void _dev_ipll6_start(NMDevice *self);

static void _dev_ipac6_start_continue(NMDevice *self);
static void _dev_ipac6_ndisc_set_router_config(NMDevice *self);

static guint32 _dev_default_route_metric_penalty_get(NMDevice *self, int addr_family);

static guint32 _prop_get_ipv4_dad_timeout(NMDevice *self);

static void   _carrier_wait_check_queued_act_request(NMDevice *self);
static gint64 _get_carrier_wait_ms(NMDevice *self);

static GBytes *_prop_get_ipv6_dhcp_duid(NMDevice     *self,
                                        NMConnection *connection,
                                        GBytes       *hwaddr,
                                        gboolean     *out_enforce);

static const char *_activation_func_to_string(ActivationHandleFunc func);

static void
_set_state_full(NMDevice *self, NMDeviceState state, NMDeviceStateReason reason, gboolean quitting);
static void queued_state_clear(NMDevice *device);
static void ip_check_ping_watch_cb(GPid pid, int status, gpointer user_data);
static void nm_device_start_ip_check(NMDevice *self);
static void realize_start_setup(NMDevice             *self,
                                const NMPlatformLink *plink,
                                gboolean              assume_state_guess_assume,
                                const char           *assume_state_connection_uuid,
                                gboolean              set_nm_owned,
                                NMUnmanFlagOp         unmanaged_user_explicit,
                                gboolean              force_platform_init);
static void _set_mtu(NMDevice *self, guint32 mtu);
static void _commit_mtu(NMDevice *self);
static void _cancel_activation(NMDevice *self);

static void _dev_ipll4_notify_event(NMDevice *self);

static void _dev_ip_state_check(NMDevice *self, int addr_family);

static void _dev_ipmanual_check_ready(NMDevice *self);

static void
_dev_ipdhcpx_cleanup(NMDevice *self, int addr_family, gboolean reset_dhcp_config, gboolean release);

static void _dev_ip_state_check_async(NMDevice *self, int addr_family);

static void _dev_ipdhcpx_set_state(NMDevice *self, int addr_family, NMDeviceIPState state);

static void _dev_ipdhcpx_restart(NMDevice *self, int addr_family, gboolean release);

static void _dev_ipdhcpx_handle_accept(NMDevice *self, int addr_family, const NML3ConfigData *l3cd);

static gboolean
_dev_ipac6_grace_period_start(NMDevice *self, guint32 timeout_sec, gboolean force_restart);

static void _dev_ipac6_start(NMDevice *self);

static void _dev_ipac6_set_state(NMDevice *self, NMDeviceIPState state);

static void _dev_unamanged_check_external_down(NMDevice *self, gboolean only_if_unmanaged);

static void _dev_ipshared4_start(NMDevice *self);
static void _dev_ipshared4_spawn_dnsmasq(NMDevice *self);

static void _dev_ipshared6_start(NMDevice *self);

static void
_cleanup_ip_pre(NMDevice *self, int addr_family, CleanupType cleanup_type, gboolean from_reapply);

static void concheck_update_state(NMDevice           *self,
                                  int                 addr_family,
                                  NMConnectivityState state,
                                  gboolean            is_periodic);

static void sriov_op_cb(GError *error, gpointer user_data);

static void device_ifindex_changed_cb(NMManager *manager, NMDevice *device_changed, NMDevice *self);
static gboolean device_link_changed(gpointer user_data);
static gboolean _get_maybe_ipv6_disabled(NMDevice *self);

/*****************************************************************************/

#define _NMLOG_addr_family(level, prefix, addr_family, fmt, ...)                             \
    G_STMT_START                                                                             \
    {                                                                                        \
        const int _addr_family2 = (addr_family);                                             \
                                                                                             \
        _NMLOG(level,                                                                        \
               (_addr_family2 == AF_UNSPEC ? LOGD_IP : LOGD_IPX(NM_IS_IPv4(_addr_family2))), \
               "" prefix "%s: " fmt,                                                         \
               nm_utils_addr_family_to_str(_addr_family2),                                   \
               ##__VA_ARGS__);                                                               \
    }                                                                                        \
    G_STMT_END

#define _NMLOG_ip(level, ...) _NMLOG_addr_family(level, "ip", __VA_ARGS__)
#define _LOGT_ip(...)         _NMLOG_ip(LOGL_TRACE, __VA_ARGS__)
#define _LOGD_ip(...)         _NMLOG_ip(LOGL_DEBUG, __VA_ARGS__)
#define _LOGI_ip(...)         _NMLOG_ip(LOGL_INFO, __VA_ARGS__)
#define _LOGW_ip(...)         _NMLOG_ip(LOGL_WARN, __VA_ARGS__)

#define _NMLOG_ipll(level, ...) _NMLOG_addr_family(level, "ip:ll", __VA_ARGS__)
#define _LOGT_ipll(...)         _NMLOG_ipll(LOGL_TRACE, __VA_ARGS__)
#define _LOGD_ipll(...)         _NMLOG_ipll(LOGL_DEBUG, __VA_ARGS__)
#define _LOGI_ipll(...)         _NMLOG_ipll(LOGL_INFO, __VA_ARGS__)
#define _LOGW_ipll(...)         _NMLOG_ipll(LOGL_WARN, __VA_ARGS__)

#define _NMLOG_ipdev(level, ...) _NMLOG_addr_family(level, "ip:dev", __VA_ARGS__)
#define _LOGT_ipdev(...)         _NMLOG_ipdev(LOGL_TRACE, __VA_ARGS__)
#define _LOGD_ipdev(...)         _NMLOG_ipdev(LOGL_DEBUG, __VA_ARGS__)
#define _LOGI_ipdev(...)         _NMLOG_ipdev(LOGL_INFO, __VA_ARGS__)
#define _LOGW_ipdev(...)         _NMLOG_ipdev(LOGL_WARN, __VA_ARGS__)

#define _NMLOG_ipdhcp(level, ...) _NMLOG_addr_family(level, "ip:dhcp", __VA_ARGS__)
#define _LOGT_ipdhcp(...)         _NMLOG_ipdhcp(LOGL_TRACE, __VA_ARGS__)
#define _LOGD_ipdhcp(...)         _NMLOG_ipdhcp(LOGL_DEBUG, __VA_ARGS__)
#define _LOGI_ipdhcp(...)         _NMLOG_ipdhcp(LOGL_INFO, __VA_ARGS__)
#define _LOGW_ipdhcp(...)         _NMLOG_ipdhcp(LOGL_WARN, __VA_ARGS__)

#define _NMLOG_ipshared(level, ...) _NMLOG_addr_family(level, "ip:shared", __VA_ARGS__)
#define _LOGT_ipshared(...)         _NMLOG_ipshared(LOGL_TRACE, __VA_ARGS__)
#define _LOGD_ipshared(...)         _NMLOG_ipshared(LOGL_DEBUG, __VA_ARGS__)
#define _LOGI_ipshared(...)         _NMLOG_ipshared(LOGL_INFO, __VA_ARGS__)
#define _LOGW_ipshared(...)         _NMLOG_ipshared(LOGL_WARN, __VA_ARGS__)

#define _NMLOG_ipac6(level, ...) _NMLOG_addr_family(level, "ip:ac6", AF_UNSPEC, __VA_ARGS__)
#define _LOGT_ipac6(...)         _NMLOG_ipac6(LOGL_TRACE, __VA_ARGS__)
#define _LOGD_ipac6(...)         _NMLOG_ipac6(LOGL_DEBUG, __VA_ARGS__)
#define _LOGI_ipac6(...)         _NMLOG_ipac6(LOGL_INFO, __VA_ARGS__)
#define _LOGW_ipac6(...)         _NMLOG_ipac6(LOGL_WARN, __VA_ARGS__)

#define _NMLOG_ipmanual(level, ...) _NMLOG_addr_family(level, "ip:manual", __VA_ARGS__)
#define _LOGT_ipmanual(...)         _NMLOG_ipmanual(LOGL_TRACE, __VA_ARGS__)
#define _LOGD_ipmanual(...)         _NMLOG_ipmanual(LOGL_DEBUG, __VA_ARGS__)
#define _LOGI_ipmanual(...)         _NMLOG_ipmanual(LOGL_INFO, __VA_ARGS__)
#define _LOGW_ipmanual(...)         _NMLOG_ipmanual(LOGL_WARN, __VA_ARGS__)

/*****************************************************************************/

#define _CACHED_BOOL(cached_value, cmd)                  \
    ({                                                   \
        NMTernary *const _cached_value = (cached_value); \
                                                         \
        nm_assert(_cached_value);                        \
        nm_assert_is_ternary(*_cached_value);            \
                                                         \
        if (*_cached_value == NM_TERNARY_DEFAULT)        \
            *_cached_value = !!(cmd);                    \
                                                         \
        !!(*_cached_value);                              \
    })

/*****************************************************************************/

static void
_hostname_resolver_free(HostnameResolver *resolver)
{
    if (!resolver)
        return;

    nm_clear_g_source(&resolver->timeout_id);
    nm_clear_g_cancellable(&resolver->cancellable);
    nm_g_object_unref(resolver->address);
    g_free(resolver->hostname);
    nm_g_slice_free(resolver);
}

/*****************************************************************************/

/**
 * Update the "ip_iface" property when something changes (device
 * state, ifindex) and emit a notify signal if needed. Note that
 * the property must be NULL for devices without an ifindex and
 * when the device is not activated. This behavior is part of the
 * API and should not be changed.
 */
static void
update_prop_ip_iface(NMDevice *self)
{
    NMDevicePrivate *priv     = NM_DEVICE_GET_PRIVATE(self);
    const char      *ip_iface = NULL;
    gs_free char    *to_free  = NULL;

    if (nm_device_get_ip_ifindex(self) > 0
        && (priv->state == NM_DEVICE_STATE_UNMANAGED
            || (priv->state >= NM_DEVICE_STATE_IP_CHECK
                && priv->state <= NM_DEVICE_STATE_DEACTIVATING))) {
        ip_iface = nm_utils_str_utf8safe_escape(nm_device_get_ip_iface(self),
                                                NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL,
                                                &to_free);
    }

    if (!nm_streq0(priv->prop_ip_iface, ip_iface)) {
        g_free(priv->prop_ip_iface);
        priv->prop_ip_iface = to_free ? g_steal_pointer(&to_free) : g_strdup(ip_iface);
        _notify(self, PROP_IP_IFACE);
    }
}

/*****************************************************************************/

static NMSettingIP6ConfigPrivacy
_ip6_privacy_clamp(NMSettingIP6ConfigPrivacy use_tempaddr)
{
    switch (use_tempaddr) {
    case NM_SETTING_IP6_CONFIG_PRIVACY_DISABLED:
    case NM_SETTING_IP6_CONFIG_PRIVACY_PREFER_TEMP_ADDR:
    case NM_SETTING_IP6_CONFIG_PRIVACY_PREFER_PUBLIC_ADDR:
        return use_tempaddr;
    default:
        return NM_SETTING_IP6_CONFIG_PRIVACY_UNKNOWN;
    }
}

/*****************************************************************************/

static const char *
_prop_get_connection_stable_id(NMDevice          *self,
                               NMConnection      *connection,
                               NMUtilsStableType *out_stable_type)
{
    NMDevicePrivate *priv;

    nm_assert(NM_IS_DEVICE(self));
    nm_assert(NM_IS_CONNECTION(connection));
    nm_assert(out_stable_type);

    priv = NM_DEVICE_GET_PRIVATE(self);

    /* we cache the generated stable ID for the time of an activation.
     *
     * The reason is, that we don't want the stable-id to change as long
     * as the device is active.