Commit 90a0edce authored by Thomas Haller's avatar Thomas Haller

Squashed 'shared/n-acd/' changes from 9eb7bf7173..5470816839

5470816839 test: increase timeout on test-veth
d44dfa1ba7 build: update c-stdaux
26b10b6514 build: pull in submodule updates
7817fc0a95 n-acd: switch to c-stdaux
5033b2ecdd n-acd: include dependency headers
aaf2a66788 build: update README
b9448eff98 build: pull in c-stdaux
8ac364e9a3 test: raise MEMLOCK if possible
3cd197162e ci: drop root
0289a33412 test: allow running without root
67a343fe87 build: update email address
3c364ba95f build: bump version
d0f7d71fa1 build: document build configuration options
014b00cd27 build: fill in NEWS
180990288a n-acd: document API
79904585df build: update submodules
8185e6ed89 build: reduce boilerplate

git-subtree-dir: shared/n-acd
git-subtree-split: 54708168399f1662c652b5931608e5077ef462f6
parent 7e776266
......@@ -8,5 +8,5 @@ cd "./ci-build"
${CHERRY_LIB_MESONSETUP} . "${CHERRY_LIB_SRCDIR}" ${N_ACD_CONF}
${CHERRY_LIB_NINJABUILD}
sudo ${CHERRY_LIB_MESONTEST}
${CHERRY_LIB_MESONTEST}
# no valgrind tests, since bpf(2) is not supported by it
......@@ -7,3 +7,6 @@
[submodule "subprojects/c-rbtree"]
path = subprojects/c-rbtree
url = https://github.com/c-util/c-rbtree.git
[submodule "subprojects/c-stdaux"]
path = subprojects/c-stdaux
url = https://github.com/c-util/c-stdaux.git
......@@ -30,10 +30,10 @@ AUTHORS-LGPL:
along with this program; If not, see <http://www.gnu.org/licenses/>.
COPYRIGHT: (ordered alphabetically)
Copyright (C) 2015-2018 Red Hat, Inc.
Copyright (C) 2015-2019 Red Hat, Inc.
AUTHORS: (ordered alphabetically)
Beniamino Galvani <bgalvani@redhat.com>
David Herrmann <dh.herrmann@gmail.com>
David Rheinsberg <david.rheinsberg@gmail.com>
Thomas Haller <thaller@redhat.com>
Tom Gundersen <teg@jklm.no>
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "{}"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright {yyyy} {name of copyright owner}
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
This diff is collapsed.
AUTHORS-ASL
\ No newline at end of file
n-acd - IPv4 Address Conflict Detection
# n-acd - IPv4 Address Conflict Detection
CHANGES WITH 1:
## CHANGES WITH 2:
* All public destructors now include a variant that returns `void`.
This was requested for easier integration with `glib` and friends.
Similar to the `cleanup` variants, these variants are denoted by a
single-character function-name suffix. E.g., `n_acd_freev()`
* A fallback to `CLOCK_MONOTONIC` is now provided in case
`CLOCK_BOOTTIME` is not supported by the kernel. Note that this is in
no way signalled through the API, so if timers should follow the
`BOOTTIME` rather than monotonic clock, a kernel with this clock is
required.
* The `c-sundry` dependency is no longer needed.
* The `transport` configuration property is now mandatory for
`n_acd_new()`. It defaulted to `ETHERNET` before, by mistake.
* In-source documentation for the public API is now provided.
Contributions from: Beniamino Galvani, David Herrmann, David
Rheinsberg, Thomas Haller, Tom Gundersen
- Tübingen, 2019-03-20
## CHANGES WITH 1:
* Initial release of n-acd. This project implements the IPv4 Address
Conflict Detection standard as defined in RFC-5227. The state machine
......
n-acd - IPv4 Address Conflict Detection
ABOUT:
The n-acd project implements the IPv4 Address Conflict Detection
standard as defined in RFC-5227. The state machine is implemented in a
shared library and provides a stable ISO-C11 API. The implementation is
linux-only and relies heavily on the API behavior of recent linux
kernel releases.
DETAILS:
https://nettools.github.io/n-acd
BUG REPORTS:
https://github.com/nettools/n-acd/issues
GIT:
git@github.com:nettools/n-acd.git
https://github.com/nettools/n-acd.git
GITWEB:
https://github.com/nettools/n-acd
MAILINGLIST:
https://groups.google.com/forum/#!forum/nettools-devel
LICENSE:
Apache Software License 2.0
Lesser General Public License 2.1+
See AUTHORS for details.
REQUIREMENTS:
The requirements for n-acd are:
Linux kernel >= 3.19
libc (e.g., glibc >= 2.16)
At build-time, the following software is required:
meson >= 0.41
pkg-config >= 0.29
INSTALL:
The meson build-system is used for this project. Contact upstream
documentation for detailed help. In most situations the following
commands are sufficient to build and install from source:
$ mkdir build
$ cd build
$ meson setup ..
$ ninja
$ meson test
# ninja install
For custom configuration options see meson_options.txt.
n-acd
=====
IPv4 Address Conflict Detection
The n-acd project implements the IPv4 Address Conflict Detection standard as
defined in RFC-5227. The state machine is implemented in a shared library and
provides a stable ISO-C11 API. The implementation is linux-only and relies
heavily on the API behavior of recent linux kernel releases.
### Project
* **Website**: <https://nettools.github.io/n-acd>
* **Bug Tracker**: <https://github.com/nettools/n-acd/issues>
* **Mailing-List**: <https://groups.google.com/forum/#!forum/nettools-devel>
### Requirements
The requirements for this project are:
* `Linux kernel >= 3.19`
* `libc` (e.g., `glibc >= 2.16`)
At build-time, the following software is required:
* `meson >= 0.41`
* `pkg-config >= 0.29`
### Build
The meson build-system is used for this project. Contact upstream
documentation for detailed help. In most situations the following
commands are sufficient to build and install from source:
```sh
mkdir build
cd build
meson setup ..
ninja
meson test
ninja install
```
The following configuration options are available:
* `ebpf`: This boolean controls whether `ebpf` features are used to improve
the package filtering performance. If disabled, classic bpf will be
used. This feature requires a rather recent kernel (>=3.19).
Default is: true
### Repository:
- **web**: <https://github.com/nettools/n-acd>
- **https**: `https://github.com/nettools/n-acd.git`
- **ssh**: `git@github.com:nettools/n-acd.git`
### License:
- **Apache-2.0** OR **LGPL-2.1-or-later**
- See AUTHORS file for details.
project(
'n-acd',
'c',
version: '1',
version: '2',
license: 'Apache',
default_options: [
'c_std=c11',
......@@ -15,10 +15,12 @@ mod_pkgconfig = import('pkgconfig')
sub_clist = subproject('c-list')
sub_crbtree = subproject('c-rbtree')
sub_csiphash = subproject('c-siphash')
sub_cstdaux = subproject('c-stdaux')
dep_clist = sub_clist.get_variable('libclist_dep')
dep_crbtree = sub_crbtree.get_variable('libcrbtree_dep')
dep_csiphash = sub_csiphash.get_variable('libcsiphash_dep')
dep_cstdaux = sub_cstdaux.get_variable('libcstdaux_dep')
use_ebpf = get_option('ebpf')
......
......@@ -8,6 +8,7 @@ libnacd_deps = [
dep_clist,
dep_crbtree,
dep_csiphash,
dep_cstdaux,
]
libnacd_sources = [
......
......@@ -7,6 +7,7 @@
* See n-acd-bpf.c for documentation.
*/
#include <c-stdaux.h>
#include <stddef.h>
#include "n-acd-private.h"
......
......@@ -12,6 +12,7 @@
* that have already been removed.
*/
#include <c-stdaux.h>
#include <errno.h>
#include <inttypes.h>
#include <linux/bpf.h>
......
......@@ -2,6 +2,7 @@
#include <c-list.h>
#include <c-rbtree.h>
#include <c-stdaux.h>
#include <errno.h>
#include <inttypes.h>
#include <netinet/if_ether.h>
......@@ -13,9 +14,6 @@
typedef struct NAcdEventNode NAcdEventNode;
#define _cleanup_(_x) __attribute__((__cleanup__(_x)))
#define _public_ __attribute__((__visibility__("default")))
/* This augments the error-codes with internal ones that are never exposed. */
enum {
_N_ACD_INTERNAL = _N_ACD_E_N,
......@@ -150,23 +148,7 @@ int n_acd_bpf_compile(int *progfdp, int mapfd, struct ether_addr *mac);
/* inline helpers */
static inline int n_acd_errno(void) {
/*
* Compilers continuously warn about uninitialized variables since they
* cannot deduce that `return -errno;` will always be negative. This
* small wrapper makes sure compilers figure that out. Use it as
* replacement for `errno` read access. Yes, it generates worse code,
* but only marginally and only affects slow-paths.
*/
return abs(errno) ? : EIO;
}
static inline void n_acd_event_node_freep(NAcdEventNode **node) {
if (*node)
n_acd_event_node_free(*node);
}
static inline void n_acd_closep(int *fdp) {
if (*fdp >= 0)
close(*fdp);
}
/*
* IPv4 Address Conflict Detection
*
* This file implements the probe object. A probe is basically the
* state-machine of a single ACD run. It takes an address to probe for, checks
* for conflicts and then defends it once configured.
*/
#include <assert.h>
#include <c-rbtree.h>
#include <c-stdaux.h>
#include <endian.h>
#include <errno.h>
#include <inttypes.h>
......@@ -19,8 +24,8 @@
#include "n-acd-private.h"
/*
* These parameters and timing intervals specified in RFC-5227. The original
* values are:
* These parameters and timing intervals are specified in RFC-5227. The
* original values are:
*
* PROBE_NUM 3
* PROBE_WAIT 1s
......@@ -66,10 +71,19 @@
#define N_ACD_RFC_DEFEND_INTERVAL_NSEC (UINT64_C(10000000000)) /* 10s */
/**
* XXX
* n_acd_probe_config_new() - create probe configuration
* @configp: output argument for new probe configuration
*
* This creates a new probe configuration. It will be returned in @configp to
* the caller, which upon return fully owns the object.
*
* A probe configuration collects parameters for probes. It never validates the
* input, but this is left to the consumer of the configuration to do.
*
* Return: 0 on success, negative error code on failure.
*/
_public_ int n_acd_probe_config_new(NAcdProbeConfig **configp) {
_cleanup_(n_acd_probe_config_freep) NAcdProbeConfig *config = NULL;
_c_public_ int n_acd_probe_config_new(NAcdProbeConfig **configp) {
_c_cleanup_(n_acd_probe_config_freep) NAcdProbeConfig *config = NULL;
config = malloc(sizeof(*config));
if (!config)
......@@ -83,9 +97,15 @@ _public_ int n_acd_probe_config_new(NAcdProbeConfig **configp) {
}
/**
* XXX
* n_acd_probe_config_free() - destroy probe configuration
* @config: configuration to operate on, or NULL
*
* This destroys the probe configuration and all associated objects. If @config
* is NULL, this is a no-op.
*
* Return: NULL is returned.
*/
_public_ NAcdProbeConfig *n_acd_probe_config_free(NAcdProbeConfig *config) {
_c_public_ NAcdProbeConfig *n_acd_probe_config_free(NAcdProbeConfig *config) {
if (!config)
return NULL;
......@@ -95,16 +115,45 @@ _public_ NAcdProbeConfig *n_acd_probe_config_free(NAcdProbeConfig *config) {
}
/**
* XXX
* n_acd_probe_config_set_ip() - set ip property
* @config: configuration to operate on
* @ip: ip to set
*
* This sets the IP property to the value `ip`. The address is copied into the
* configuration object. No validation is performed.
*
* The IP property selects the IP address that a probe checks for. It is the
* caller's responsibility to guarantee the address is valid and can be used.
*/
_public_ void n_acd_probe_config_set_ip(NAcdProbeConfig *config, struct in_addr ip) {
_c_public_ void n_acd_probe_config_set_ip(NAcdProbeConfig *config, struct in_addr ip) {
config->ip = ip;
}
/**
* XXX
* n_acd_probe_config_set_timeout() - set timeout property
* @config: configuration to operate on
* @msecs: timeout to set, in milliseconds
*
* This sets the timeout to use for a conflict detection probe. The
* specification default is provided as `N_ACD_TIMEOUT_RFC5227` and corresponds
* to 9 seconds.
*
* If set to 0, conflict detection is skipped and the address is immediately
* advertised and defended.
*
* Depending on the transport used, the API user should select a suitable
* timeout. Since `ACD` only operates on the link layer, timeouts in the
* hundreds of milliseconds range should be more than enough for any modern
* network. Note that increasing this value directly affects the time it takes
* to connect to a network, since an address should not be used unless conflict
* detection finishes.
*
* Using the specification default is **discouraged**. It is way too slow and
* not appropriate for modern networks.
*
* Default value is `N_ACD_TIMEOUT_RFC5227`.
*/
_public_ void n_acd_probe_config_set_timeout(NAcdProbeConfig *config, uint64_t msecs) {
_c_public_ void n_acd_probe_config_set_timeout(NAcdProbeConfig *config, uint64_t msecs) {
config->timeout_msecs = msecs;
}
......@@ -214,14 +263,14 @@ static void n_acd_probe_unlink(NAcdProbe *probe) {
*/
if (n_acd_probe_is_unique(probe)) {
r = n_acd_bpf_map_remove(probe->acd->fd_bpf_map, &probe->ip);
assert(r >= 0);
c_assert(r >= 0);
--probe->acd->n_bpf_map;
}
c_rbnode_unlink(&probe->ip_node);
}
int n_acd_probe_new(NAcdProbe **probep, NAcd *acd, NAcdProbeConfig *config) {
_cleanup_(n_acd_probe_freep) NAcdProbe *probe = NULL;
_c_cleanup_(n_acd_probe_freep) NAcdProbe *probe = NULL;
int r;
if (!config->ip.s_addr)
......@@ -285,9 +334,20 @@ int n_acd_probe_new(NAcdProbe **probep, NAcd *acd, NAcdProbeConfig *config) {
}
/**
* XXX
* n_acd_probe_free() - destroy a probe
* @probe: probe to operate on, or NULL
*
* This destroys the probe specified by @probe. All operations are immediately
* ceded and all associated objects are released.
*
* If @probe is NULL, this is a no-op.
*
* This function will flush all events associated with @probe from the event
* queue. That is, no events will be returned for this @probe anymore.
*
* Return: NULL is returned.
*/
_public_ NAcdProbe *n_acd_probe_free(NAcdProbe *probe) {
_c_public_ NAcdProbe *n_acd_probe_free(NAcdProbe *probe) {
NAcdEventNode *node, *t_node;
if (!probe)
......@@ -305,7 +365,7 @@ _public_ NAcdProbe *n_acd_probe_free(NAcdProbe *probe) {
}
int n_acd_probe_raise(NAcdProbe *probe, NAcdEventNode **nodep, unsigned int event) {
_cleanup_(n_acd_event_node_freep) NAcdEventNode *node = NULL;
_c_cleanup_(n_acd_event_node_freep) NAcdEventNode *node = NULL;
int r;
r = n_acd_raise(probe->acd, &node, event);
......@@ -326,8 +386,8 @@ int n_acd_probe_raise(NAcdProbe *probe, NAcdEventNode **nodep, unsigned int even
node->event.conflict.probe = probe;
break;
default:
assert(0);
return -EIO;
c_assert(0);
return -ENOTRECOVERABLE;