+static void
+interface_update_host_route(struct vlist_tree *tree,
+ struct vlist_node *node_new,
+ struct vlist_node *node_old)
+{
+ struct interface *iface;
+ struct device *dev;
+ struct device_route *route_old, *route_new;
+
+ iface = container_of(tree, struct interface, host_routes);
+ dev = iface->l3_dev.dev;
+
+ route_old = container_of(node_old, struct device_route, node);
+ route_new = container_of(node_new, struct device_route, node);
+
+ if (node_old) {
+ system_del_route(dev, route_old);
+ free(route_old);
+ }
+
+ if (node_new) {
+ if (system_add_route(dev, route_new))
+ route_new->failed = true;
+ }
+}
+
+static void
+random_ifaceid(struct in6_addr *addr)
+{
+ static bool initialized = false;
+ struct timeval t;
+
+ if (!initialized) {
+ long int seed = 0;
+ gettimeofday(&t, NULL);
+ seed = t.tv_sec ^ t.tv_usec ^ getpid();
+ srand48(seed);
+ initialized = true;
+ }
+ addr->s6_addr32[2] = (uint32_t)mrand48();
+ addr->s6_addr32[3] = (uint32_t)mrand48();
+}
+
+static void
+eui64_ifaceid(struct interface *iface, struct in6_addr *addr)
+{
+ /* get mac address */
+ uint8_t *macaddr = iface->l3_dev.dev->settings.macaddr;
+ uint8_t *ifaceid = addr->s6_addr + 8;
+ memcpy(ifaceid,macaddr,3);
+ memcpy(ifaceid + 5,macaddr + 3, 3);
+ ifaceid[3] = 0xff;
+ ifaceid[4] = 0xfe;
+ ifaceid[0] ^= 0x02;
+}
+
+static void
+generate_ifaceid(struct interface *iface, struct in6_addr *addr)
+{
+ /* generate new iface id */
+ switch (iface->assignment_iface_id_selection) {
+ case IFID_FIXED:
+ /* fixed */
+ /* copy host part from assignment_fixed_iface_id */
+ memcpy(addr->s6_addr + 8, iface->assignment_fixed_iface_id.s6_addr + 8, 8);
+ break;
+ case IFID_RANDOM:
+ /* randomize last 64 bits */
+ random_ifaceid(addr);
+ break;
+ case IFID_EUI64:
+ /* eui64 */
+ eui64_ifaceid(iface, addr);
+ break;
+ }
+}
+
+static void
+interface_set_prefix_address(struct device_prefix_assignment *assignment,
+ const struct device_prefix *prefix, struct interface *iface, bool add)
+{
+ const struct interface *uplink = prefix->iface;
+ if (!iface->l3_dev.dev)
+ return;
+
+ struct device *l3_downlink = iface->l3_dev.dev;
+
+ struct device_addr addr;
+ struct device_route route;
+ memset(&addr, 0, sizeof(addr));
+ memset(&route, 0, sizeof(route));
+
+ if (IN6_IS_ADDR_UNSPECIFIED(&assignment->addr)) {
+ addr.addr.in6 = prefix->addr;
+ addr.addr.in6.s6_addr32[1] |= htonl(assignment->assigned);
+ generate_ifaceid(iface, &addr.addr.in6);
+ assignment->addr = addr.addr.in6;
+ }
+ else
+ addr.addr.in6 = assignment->addr;
+
+ addr.mask = assignment->length;
+ addr.flags = DEVADDR_INET6 | DEVADDR_OFFLINK;
+ addr.preferred_until = prefix->preferred_until;
+ addr.valid_until = prefix->valid_until;
+
+ route.flags = DEVADDR_INET6;
+ route.mask = addr.mask < 64 ? 64 : addr.mask;
+ route.addr = addr.addr;
+ clear_if_addr(&route.addr, route.mask);
+ interface_set_route_info(iface, &route);
+
+ if (!add && assignment->enabled) {
+ time_t now = system_get_rtime();
+ addr.preferred_until = now;
+ if (!addr.valid_until || addr.valid_until - now > 7200)
+ addr.valid_until = now + 7200;
+
+ if (prefix->iface) {
+ if (prefix->iface->ip6table)
+ set_ip_source_policy(false, true, IPRULE_PRIORITY_NW, &addr.addr,
+ addr.mask, prefix->iface->ip6table, iface, NULL, true);
+
+ set_ip_source_policy(false, true, IPRULE_PRIORITY_REJECT, &addr.addr,
+ addr.mask, 0, iface, "unreachable", true);
+ }
+
+ system_del_route(l3_downlink, &route);
+ system_add_address(l3_downlink, &addr);
+
+ assignment->enabled = false;
+ } else if (add && (iface->state == IFS_UP || iface->state == IFS_SETUP) &&
+ !system_add_address(l3_downlink, &addr)) {
+
+ if (prefix->iface && !assignment->enabled) {
+ set_ip_source_policy(true, true, IPRULE_PRIORITY_REJECT, &addr.addr,
+ addr.mask, 0, iface, "unreachable", true);
+
+ if (prefix->iface->ip6table)
+ set_ip_source_policy(true, true, IPRULE_PRIORITY_NW, &addr.addr,
+ addr.mask, prefix->iface->ip6table, iface, NULL, true);
+ }
+
+ route.metric = iface->metric;
+ system_add_route(l3_downlink, &route);
+
+ if (uplink && uplink->l3_dev.dev && !(l3_downlink->settings.flags & DEV_OPT_MTU6)) {
+ int mtu = system_update_ipv6_mtu(uplink->l3_dev.dev, 0);
+ int mtu_old = system_update_ipv6_mtu(l3_downlink, 0);
+
+ if (mtu > 0 && mtu_old > mtu)
+ system_update_ipv6_mtu(l3_downlink, mtu);
+ }
+
+ assignment->enabled = true;
+ }
+}
+
+static bool interface_prefix_assign(struct list_head *list,
+ struct device_prefix_assignment *assign)
+{
+ int32_t current = 0, asize = (1 << (64 - assign->length)) - 1;
+ struct device_prefix_assignment *c;
+ list_for_each_entry(c, list, head) {
+ if (assign->assigned != -1) {
+ if (assign->assigned >= current && assign->assigned + asize < c->assigned) {
+ list_add_tail(&assign->head, &c->head);
+ return true;
+ }
+ } else if (assign->assigned == -1) {
+ current = (current + asize) & (~asize);
+ if (current + asize < c->assigned) {
+ assign->assigned = current;
+ list_add_tail(&assign->head, &c->head);
+ return true;
+ }
+ }
+ current = (c->assigned + (1 << (64 - c->length)));
+ }
+ return false;
+}
+
+static void interface_update_prefix_assignments(struct device_prefix *prefix, bool setup)
+{
+ struct device_prefix_assignment *c;
+ struct interface *iface;
+
+ // Delete all assignments
+ while (!list_empty(&prefix->assignments)) {
+ c = list_first_entry(&prefix->assignments,
+ struct device_prefix_assignment, head);
+ if ((iface = vlist_find(&interfaces, c->name, iface, node)))
+ interface_set_prefix_address(c, prefix, iface, false);
+ list_del(&c->head);
+ free(c);
+ }
+
+ if (!setup)
+ return;
+
+ // End-of-assignment sentinel
+ c = malloc(sizeof(*c) + 1);
+ if (!c)
+ return;
+
+ c->assigned = 1 << (64 - prefix->length);
+ c->length = 64;
+ c->name[0] = 0;
+ c->addr = in6addr_any;
+ list_add(&c->head, &prefix->assignments);
+
+ // Excluded prefix
+ if (prefix->excl_length > 0) {
+ const char name[] = "!excluded";
+ c = malloc(sizeof(*c) + sizeof(name));
+ if (c) {
+ c->assigned = ntohl(prefix->excl_addr.s6_addr32[1]) &
+ ((1 << (64 - prefix->length)) - 1);
+ c->length = prefix->excl_length;
+ c->addr = in6addr_any;
+ memcpy(c->name, name, sizeof(name));
+ list_add(&c->head, &prefix->assignments);
+ }
+ }
+
+ bool assigned_any = false;
+ struct list_head assign_later = LIST_HEAD_INIT(assign_later);
+ vlist_for_each_element(&interfaces, iface, node) {
+ if (iface->assignment_length < 48 ||
+ iface->assignment_length > 64)
+ continue;
+
+ // Test whether there is a matching class
+ if (!list_empty(&iface->assignment_classes)) {
+ bool found = false;
+
+ struct interface_assignment_class *c;
+ list_for_each_entry(c, &iface->assignment_classes, head) {
+ if (!strcmp(c->name, prefix->pclass)) {
+ found = true;
+ break;
+ }
+ }
+
+ if (!found)
+ continue;
+ }
+
+ size_t namelen = strlen(iface->name) + 1;
+ c = malloc(sizeof(*c) + namelen);
+ if (!c)
+ continue;
+
+ c->length = iface->assignment_length;
+ c->assigned = iface->assignment_hint;
+ c->addr = in6addr_any;
+ c->enabled = false;
+ memcpy(c->name, iface->name, namelen);
+
+ // First process all custom assignments, put all others in later-list
+ if (c->assigned == -1 || !interface_prefix_assign(&prefix->assignments, c)) {
+ if (c->assigned != -1) {
+ c->assigned = -1;
+ netifd_log_message(L_WARNING, "Failed to assign requested subprefix "
+ "of size %hhu for %s, trying other\n", c->length, c->name);
+ }
+
+ struct list_head *next = &assign_later;
+ struct device_prefix_assignment *n;
+ list_for_each_entry(n, &assign_later, head) {
+ if (n->length < c->length) {
+ next = &n->head;
+ break;
+ }
+ }
+ list_add_tail(&c->head, next);
+ }
+
+ if (c->assigned != -1)
+ assigned_any = true;
+ }
+
+ // Then try to assign all other + failed custom assignments
+ while (!list_empty(&assign_later)) {
+ c = list_first_entry(&assign_later, struct device_prefix_assignment, head);
+ list_del(&c->head);
+
+ bool assigned = false;
+ do {
+ assigned = interface_prefix_assign(&prefix->assignments, c);
+ } while (!assigned && ++c->length <= 64);
+
+ if (!assigned) {
+ netifd_log_message(L_WARNING, "Failed to assign subprefix "
+ "of size %hhu for %s\n", c->length, c->name);
+ free(c);
+ } else {
+ assigned_any = true;
+ }
+ }
+
+ list_for_each_entry(c, &prefix->assignments, head)
+ if ((iface = vlist_find(&interfaces, c->name, iface, node)))
+ interface_set_prefix_address(c, prefix, iface, true);
+
+ if (!assigned_any)
+ netifd_log_message(L_WARNING, "You have delegated IPv6-prefixes but haven't assigned them "
+ "to any interface. Did you forget to set option ip6assign on your lan-interfaces?");
+}
+
+
+void interface_refresh_assignments(bool hint)
+{
+ static bool refresh = false;
+ if (!hint && refresh) {
+ struct device_prefix *p;
+ list_for_each_entry(p, &prefixes, head)
+ interface_update_prefix_assignments(p, true);
+ }
+ refresh = hint;
+}
+
+
+static void
+interface_update_prefix(struct vlist_tree *tree,
+ struct vlist_node *node_new,
+ struct vlist_node *node_old)
+{
+ struct device_prefix *prefix_old, *prefix_new;
+ prefix_old = container_of(node_old, struct device_prefix, node);
+ prefix_new = container_of(node_new, struct device_prefix, node);
+
+ struct interface_ip_settings *ip = container_of(tree, struct interface_ip_settings, prefix);
+ if (tree && (!node_new || !node_old))
+ ip->iface->updated |= IUF_PREFIX;
+
+ struct device_route route;
+ memset(&route, 0, sizeof(route));
+ route.flags = DEVADDR_INET6;
+ route.metric = INT32_MAX;
+ route.mask = (node_new) ? prefix_new->length : prefix_old->length;
+ route.addr.in6 = (node_new) ? prefix_new->addr : prefix_old->addr;
+
+
+ struct device_prefix_assignment *c;
+ struct interface *iface;
+
+ if (node_old && node_new) {
+ // Move assignments and refresh addresses to update valid times
+ list_splice(&prefix_old->assignments, &prefix_new->assignments);
+
+ list_for_each_entry(c, &prefix_new->assignments, head)
+ if ((iface = vlist_find(&interfaces, c->name, iface, node)))
+ interface_set_prefix_address(c, prefix_new, iface, true);
+ } else if (node_new) {
+ // Set null-route to avoid routing loops
+ system_add_route(NULL, &route);
+
+ if (!prefix_new->iface || !prefix_new->iface->proto_ip.no_delegation)
+ interface_update_prefix_assignments(prefix_new, true);
+ } else if (node_old) {
+ // Remove null-route
+ interface_update_prefix_assignments(prefix_old, false);
+ system_del_route(NULL, &route);
+ }
+
+ if (node_old) {
+ if (prefix_old->head.next)
+ list_del(&prefix_old->head);
+ free(prefix_old);
+ }
+
+ if (node_new && (!prefix_new->iface || !prefix_new->iface->proto_ip.no_delegation))
+ list_add(&prefix_new->head, &prefixes);
+
+}
+
+struct device_prefix*
+interface_ip_add_device_prefix(struct interface *iface, struct in6_addr *addr,
+ uint8_t length, time_t valid_until, time_t preferred_until,
+ struct in6_addr *excl_addr, uint8_t excl_length, const char *pclass)
+{
+ if (!pclass)
+ pclass = (iface) ? iface->name : "local";
+
+ struct device_prefix *prefix = calloc(1, sizeof(*prefix) + strlen(pclass) + 1);
+ if (!prefix)
+ return NULL;
+
+ prefix->length = length;
+ prefix->addr = *addr;
+ prefix->preferred_until = preferred_until;
+ prefix->valid_until = valid_until;
+ prefix->iface = iface;
+ INIT_LIST_HEAD(&prefix->assignments);
+
+ if (excl_addr) {
+ prefix->excl_addr = *excl_addr;
+ prefix->excl_length = excl_length;
+ }
+
+ strcpy(prefix->pclass, pclass);
+
+ if (iface)
+ vlist_add(&iface->proto_ip.prefix, &prefix->node, &prefix->addr);
+ else
+ interface_update_prefix(NULL, &prefix->node, NULL);
+
+ return prefix;
+}
+
+void
+interface_ip_set_ula_prefix(const char *prefix)
+{
+ char buf[INET6_ADDRSTRLEN + 4] = {0}, *saveptr;
+ if (prefix)
+ strncpy(buf, prefix, sizeof(buf) - 1);
+ char *prefixaddr = strtok_r(buf, "/", &saveptr);
+
+ struct in6_addr addr;
+ if (!prefixaddr || inet_pton(AF_INET6, prefixaddr, &addr) < 1) {
+ if (ula_prefix) {
+ interface_update_prefix(NULL, NULL, &ula_prefix->node);
+ ula_prefix = NULL;
+ }
+ return;
+ }
+
+ int length;
+ char *prefixlen = strtok_r(NULL, ",", &saveptr);
+ if (!prefixlen || (length = atoi(prefixlen)) < 1 || length > 64)
+ return;
+
+ if (!ula_prefix || !IN6_ARE_ADDR_EQUAL(&addr, &ula_prefix->addr) ||
+ ula_prefix->length != length) {
+ if (ula_prefix)
+ interface_update_prefix(NULL, NULL, &ula_prefix->node);
+
+ ula_prefix = interface_ip_add_device_prefix(NULL, &addr, length,
+ 0, 0, NULL, 0, NULL);
+ }
+}
+