network: allow setting VLAN protocol on bridges

Signed-off-by: Rubens Figueiredo <rubens.figueiredo@bisdn.de>
networkctl: Add support to display macvlan/macvtap mode
2025-09-23 22:04:45 +02:00 · 2020-05-14 17:59:57 +02:00 · 2020-05-14 17:35:56 +02:00 · 2020-05-14 17:35:56 +02:00 · 2020-05-14 17:29:28 +02:00 · 2020-05-14 17:11:44 +02:00
18 changed files with 131 additions and 40 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -25,6 +25,7 @@ jobs:
     with:
       oss-fuzz-project-name: 'systemd'
       dry-run: false
+       allowed-broken-targets-percentage: 0
   - name: Run Fuzzers
     uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
     with:
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@ -2628,6 +2628,13 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
        </para></listitem>
      </varlistentry>

+      <varlistentry>
+        <term><varname>$LOG_NAMESPACE</varname></term>
+
+        <listitem><para>If the <varname>LogNamespace=</varname> service setting is used, contains name of the
+        selected logging namespace.</para></listitem>
+      </varlistentry>
+
      <varlistentry>
        <term><varname>$JOURNAL_STREAM</varname></term>

--- a/man/systemd.netdev.xml
+++ b/man/systemd.netdev.xml
@ -408,6 +408,15 @@
          </para>
        </listitem>
      </varlistentry>
+      <varlistentry>
+        <term><varname>VLANProtocol=</varname></term>
+        <listitem>
+          <para>Allows setting the protocol used for VLAN filtering. Takes
+          <option>802.1q</option> or,
+          <option>802.1ad</option>, and defaults to unset and kernel's default is used.
+          </para>
+        </listitem>
+      </varlistentry>
      <varlistentry>
        <term><varname>STP=</varname></term>
        <listitem>
--- a/src/libsystemd-network/dhcp-server-internal.h
+++ b/src/libsystemd-network/dhcp-server-internal.h
@ -57,7 +57,7 @@ struct sd_dhcp_server {
        char *timezone;

        struct in_addr *ntp, *dns, *sip, *pop3_server, *smtp_server, *lpr_server;
-        unsigned n_ntp, n_dns, n_sip, n_pop3_server, n_smtp_server, n_lpr_server;
+        size_t n_ntp, n_dns, n_sip, n_pop3_server, n_smtp_server, n_lpr_server;

        OrderedHashmap *extra_options;
        OrderedHashmap *vendor_options;
--- a/src/libsystemd-network/sd-dhcp-server.c
+++ b/src/libsystemd-network/sd-dhcp-server.c
@ -33,7 +33,13 @@ static DHCPLease *dhcp_lease_free(DHCPLease *lease) {
 * the whole pool must fit into the subnet, and may not contain the first (any) nor last (broadcast) address
 * moreover, the server's own address may be in the pool, and is in that case reserved in order not to
 * accidentally hand it out */
-int sd_dhcp_server_configure_pool(sd_dhcp_server *server, struct in_addr *address, unsigned char prefixlen, uint32_t offset, uint32_t size) {
+int sd_dhcp_server_configure_pool(
+                sd_dhcp_server *server,
+                const struct in_addr *address,
+                unsigned char prefixlen,
+                uint32_t offset,
+                uint32_t size) {
+
        struct in_addr netmask_addr;
        be32_t netmask;
        uint32_t server_off, broadcast_off, size_max;
@ -1135,13 +1141,13 @@ int sd_dhcp_server_set_servers(
                sd_dhcp_server *server,
                sd_dhcp_lease_info what,
                const struct in_addr addresses[],
-                unsigned n_addresses) {
+                size_t n_addresses) {

        assert_return(server, -EINVAL);
        assert_return(addresses || n_addresses == 0, -EINVAL);

        struct in_addr **a;
-        unsigned *n_a;
+        size_t *n_a;

        switch (what) {
        case SD_DHCP_LEASE_DNS_SERVERS:
@ -1197,22 +1203,22 @@ int sd_dhcp_server_set_servers(
        return 1;
 }

-int sd_dhcp_server_set_dns(sd_dhcp_server *server, const struct in_addr dns[], unsigned n) {
+int sd_dhcp_server_set_dns(sd_dhcp_server *server, const struct in_addr dns[], size_t n) {
        return sd_dhcp_server_set_servers(server, SD_DHCP_LEASE_DNS_SERVERS, dns, n);
 }
-int sd_dhcp_server_set_ntp(sd_dhcp_server *server, const struct in_addr ntp[], unsigned n) {
+int sd_dhcp_server_set_ntp(sd_dhcp_server *server, const struct in_addr ntp[], size_t n) {
        return sd_dhcp_server_set_servers(server, SD_DHCP_LEASE_NTP_SERVERS, ntp, n);
 }
-int sd_dhcp_server_set_sip(sd_dhcp_server *server, const struct in_addr sip[], unsigned n) {
+int sd_dhcp_server_set_sip(sd_dhcp_server *server, const struct in_addr sip[], size_t n) {
        return sd_dhcp_server_set_servers(server, SD_DHCP_LEASE_SIP_SERVERS, sip, n);
 }
-int sd_dhcp_server_set_pop3_server(sd_dhcp_server *server, const struct in_addr pop3[], unsigned n) {
+int sd_dhcp_server_set_pop3(sd_dhcp_server *server, const struct in_addr pop3[], size_t n) {
        return sd_dhcp_server_set_servers(server, SD_DHCP_LEASE_POP3_SERVERS, pop3, n);
 }
-int sd_dhcp_server_set_smtp_server(sd_dhcp_server *server, const struct in_addr smtp[], unsigned n) {
+int sd_dhcp_server_set_smtp(sd_dhcp_server *server, const struct in_addr smtp[], size_t n) {
        return sd_dhcp_server_set_servers(server, SD_DHCP_LEASE_SMTP_SERVERS, smtp, n);
 }
-int sd_dhcp_server_set_lpr(sd_dhcp_server *server, const struct in_addr lpr[], unsigned n) {
+int sd_dhcp_server_set_lpr(sd_dhcp_server *server, const struct in_addr lpr[], size_t n) {
        return sd_dhcp_server_set_servers(server, SD_DHCP_LEASE_LPR_SERVERS, lpr, n);
 }

--- a/src/network/netdev/bridge.c
+++ b/src/network/netdev/bridge.c
@ -126,6 +126,12 @@ static int netdev_bridge_post_create(NetDev *netdev, Link *link, sd_netlink_mess
                        return log_netdev_error_errno(netdev, r, "Could not append IFLA_BR_VLAN_FILTERING attribute: %m");
        }

+        if (b->vlan_protocol >= 0) {
+                r = sd_netlink_message_append_u16(req, IFLA_BR_VLAN_PROTOCOL, b->vlan_protocol);
+                if (r < 0)
+                        return log_netdev_error_errno(netdev, r, "Could not append IFLA_BR_VLAN_PROTOCOL attribute: %m");
+        }
+
        if (b->stp >= 0) {
                r = sd_netlink_message_append_u32(req, IFLA_BR_STP_STATE, b->stp);
                if (r < 0)
@ -346,6 +352,7 @@ static void bridge_init(NetDev *n) {
        b->mcast_querier = -1;
        b->mcast_snooping = -1;
        b->vlan_filtering = -1;
+        b->vlan_protocol = -1;
        b->stp = -1;
        b->default_pvid = VLANID_INVALID;
        b->forward_delay = USEC_INFINITY;
--- a/src/network/netdev/bridge.h
+++ b/src/network/netdev/bridge.h
@ -13,6 +13,7 @@ typedef struct Bridge {
        int mcast_querier;
        int mcast_snooping;
        int vlan_filtering;
+        int vlan_protocol;
        int stp;
        uint16_t priority;
        uint16_t group_fwd_mask;
--- a/src/network/netdev/macvlan.c
+++ b/src/network/netdev/macvlan.c
@ -4,16 +4,8 @@

 #include "conf-parser.h"
 #include "macvlan.h"
-#include "string-table.h"
+#include "macvlan-util.h"

-static const char* const macvlan_mode_table[_NETDEV_MACVLAN_MODE_MAX] = {
-        [NETDEV_MACVLAN_MODE_PRIVATE] = "private",
-        [NETDEV_MACVLAN_MODE_VEPA] = "vepa",
-        [NETDEV_MACVLAN_MODE_BRIDGE] = "bridge",
-        [NETDEV_MACVLAN_MODE_PASSTHRU] = "passthru",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(macvlan_mode, MacVlanMode);
 DEFINE_CONFIG_PARSE_ENUM(config_parse_macvlan_mode, macvlan_mode, MacVlanMode, "Failed to parse macvlan mode");

 static int netdev_macvlan_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *req) {
--- a/src/network/netdev/macvlan.h
+++ b/src/network/netdev/macvlan.h
@ -3,17 +3,9 @@

 typedef struct MacVlan MacVlan;

+#include "macvlan-util.h"
 #include "netdev.h"

-typedef enum MacVlanMode {
-        NETDEV_MACVLAN_MODE_PRIVATE = MACVLAN_MODE_PRIVATE,
-        NETDEV_MACVLAN_MODE_VEPA = MACVLAN_MODE_VEPA,
-        NETDEV_MACVLAN_MODE_BRIDGE = MACVLAN_MODE_BRIDGE,
-        NETDEV_MACVLAN_MODE_PASSTHRU = MACVLAN_MODE_PASSTHRU,
-        _NETDEV_MACVLAN_MODE_MAX,
-        _NETDEV_MACVLAN_MODE_INVALID = -1
-} MacVlanMode;
-
 struct MacVlan {
        NetDev meta;

@ -25,7 +17,4 @@ DEFINE_NETDEV_CAST(MACVTAP, MacVlan);
 extern const NetDevVTable macvlan_vtable;
 extern const NetDevVTable macvtap_vtable;

-const char *macvlan_mode_to_string(MacVlanMode d) _const_;
-MacVlanMode macvlan_mode_from_string(const char *d) _pure_;
-
 CONFIG_PARSER_PROTOTYPE(config_parse_macvlan_mode);
--- a/src/network/netdev/netdev-gperf.gperf
+++ b/src/network/netdev/netdev-gperf.gperf
@ -206,6 +206,7 @@ Bridge.DefaultPVID,                       config_parse_default_port_vlanid,
 Bridge.MulticastQuerier,                  config_parse_tristate,                     0,                             offsetof(Bridge, mcast_querier)
 Bridge.MulticastSnooping,                 config_parse_tristate,                     0,                             offsetof(Bridge, mcast_snooping)
 Bridge.VLANFiltering,                     config_parse_tristate,                     0,                             offsetof(Bridge, vlan_filtering)
+Bridge.VLANProtocol,                      config_parse_vlanprotocol,                 0,                             offsetof(Bridge, vlan_protocol)
 Bridge.STP,                               config_parse_tristate,                     0,                             offsetof(Bridge, stp)
 Bridge.MulticastIGMPVersion,              config_parse_uint8,                        0,                             offsetof(Bridge, igmp_version)
 VRF.TableId,                              config_parse_uint32,                       0,                             offsetof(Vrf, table) /* deprecated */
--- a/src/network/networkctl.c
+++ b/src/network/networkctl.c
@ -36,6 +36,7 @@
 #include "locale-util.h"
 #include "logs-show.h"
 #include "macro.h"
+#include "macvlan-util.h"
 #include "main-func.h"
 #include "netlink-util.h"
 #include "network-internal.h"
@ -179,6 +180,9 @@ typedef struct LinkInfo {
        uint32_t updelay;
        uint32_t downdelay;

+        /* macvlan and macvtap info */
+        uint32_t macvlan_mode;
+
        /* ethtool info */
        int autonegotiation;
        uint64_t speed;
@ -313,7 +317,8 @@ static int decode_netdev(sd_netlink_message *m, LinkInfo *info) {
        } else if (streq(received_kind, "vti6")) {
                (void) sd_netlink_message_read_in6_addr(m, IFLA_VTI_LOCAL, &info->local.in6);
                (void) sd_netlink_message_read_in6_addr(m, IFLA_VTI_REMOTE, &info->remote.in6);
-        }
+        } else if (STR_IN_SET(received_kind, "macvlan", "macvtap"))
+                (void) sd_netlink_message_read_u32(m, IFLA_MACVLAN_MODE, &info->macvlan_mode);

        strncpy(info->netdev_kind, received_kind, IFNAMSIZ);

@ -1731,6 +1736,13 @@ static int link_status_one(
                        if (r < 0)
                                return table_log_add_error(r);
                }
+        } else if (STRPTR_IN_SET(info->netdev_kind, "macvlan", "macvtap")) {
+                r = table_add_many(table,
+                                   TABLE_EMPTY,
+                                   TABLE_STRING, "Mode:",
+                                   TABLE_STRING, macvlan_mode_to_string(info->macvlan_mode));
+                if (r < 0)
+                        return table_log_add_error(r);
        }

        if (info->has_wlan_link_info) {
--- a/src/shared/conf-parser.c
+++ b/src/shared/conf-parser.c
@ -1187,3 +1187,35 @@ int config_parse_permille(const char* unit,

        return 0;
 }
+
+int config_parse_vlanprotocol(const char* unit,
+                              const char *filename,
+                              unsigned line,
+                              const char *section,
+                              unsigned section_line,
+                              const char *lvalue,
+                              int ltype,
+                              const char *rvalue,
+                              void *data,
+                              void *userdata) {
+        int *vlan_protocol = data;
+        assert(filename);
+        assert(lvalue);
+
+        if (isempty(rvalue)) {
+                *vlan_protocol = -1;
+                return 0;
+        }
+
+        if (STR_IN_SET(rvalue, "802.1ad", "802.1AD"))
+                *vlan_protocol = ETH_P_8021AD;
+        else if (STR_IN_SET(rvalue, "802.1q", "802.1Q"))
+                *vlan_protocol = ETH_P_8021Q;
+        else {
+                log_syntax(unit, LOG_ERR, filename, line, 0,
+                           "Failed to parse VLAN protocol value, ignoring: %s", rvalue);
+                return 0;
+        }
+
+        return 0;
+}
--- a/src/shared/conf-parser.h
+++ b/src/shared/conf-parser.h
@ -142,6 +142,7 @@ CONFIG_PARSER_PROTOTYPE(config_parse_ifnames);
 CONFIG_PARSER_PROTOTYPE(config_parse_ip_port);
 CONFIG_PARSER_PROTOTYPE(config_parse_mtu);
 CONFIG_PARSER_PROTOTYPE(config_parse_rlimit);
+CONFIG_PARSER_PROTOTYPE(config_parse_vlanprotocol);

 typedef enum Disabled {
        DISABLED_CONFIGURATION,
--- a/src/shared/macvlan-util.c
+++ b/src/shared/macvlan-util.c
@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#include "conf-parser.h"
+#include "macvlan-util.h"
+#include "string-table.h"
+
+static const char* const macvlan_mode_table[_NETDEV_MACVLAN_MODE_MAX] = {
+        [NETDEV_MACVLAN_MODE_PRIVATE] = "private",
+        [NETDEV_MACVLAN_MODE_VEPA] = "vepa",
+        [NETDEV_MACVLAN_MODE_BRIDGE] = "bridge",
+        [NETDEV_MACVLAN_MODE_PASSTHRU] = "passthru",
+};
+
+DEFINE_STRING_TABLE_LOOKUP(macvlan_mode, MacVlanMode);
--- a/src/shared/macvlan-util.h
+++ b/src/shared/macvlan-util.h
@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+#pragma once
+
+#include <linux/if_link.h>
+
+typedef enum MacVlanMode {
+        NETDEV_MACVLAN_MODE_PRIVATE = MACVLAN_MODE_PRIVATE,
+        NETDEV_MACVLAN_MODE_VEPA = MACVLAN_MODE_VEPA,
+        NETDEV_MACVLAN_MODE_BRIDGE = MACVLAN_MODE_BRIDGE,
+        NETDEV_MACVLAN_MODE_PASSTHRU = MACVLAN_MODE_PASSTHRU,
+        _NETDEV_MACVLAN_MODE_MAX,
+        _NETDEV_MACVLAN_MODE_INVALID = -1
+} MacVlanMode;
+
+const char *macvlan_mode_to_string(MacVlanMode d) _const_;
+MacVlanMode macvlan_mode_from_string(const char *d) _pure_;
--- a/src/shared/meson.build
+++ b/src/shared/meson.build
@ -149,6 +149,8 @@ shared_sources = files('''
        machine-image.h
        machine-pool.c
        machine-pool.h
+        macvlan-util.c
+        macvlan-util.h
        main-func.h
        module-util.h
        mount-util.c
--- a/src/systemd/sd-dhcp-server.h
+++ b/src/systemd/sd-dhcp-server.h
@ -45,7 +45,7 @@ int sd_dhcp_server_is_running(sd_dhcp_server *server);
 int sd_dhcp_server_start(sd_dhcp_server *server);
 int sd_dhcp_server_stop(sd_dhcp_server *server);

-int sd_dhcp_server_configure_pool(sd_dhcp_server *server, struct in_addr *address, unsigned char prefixlen, uint32_t offset, uint32_t size);
+int sd_dhcp_server_configure_pool(sd_dhcp_server *server, const struct in_addr *address, unsigned char prefixlen, uint32_t offset, uint32_t size);

 int sd_dhcp_server_set_timezone(sd_dhcp_server *server, const char *timezone);
 int sd_dhcp_server_set_emit_router(sd_dhcp_server *server, int enabled);
@ -54,14 +54,14 @@ int sd_dhcp_server_set_servers(
                sd_dhcp_server *server,
                sd_dhcp_lease_info what,
                const struct in_addr addresses[],
-                unsigned n_addresses);
+                size_t n_addresses);

-int sd_dhcp_server_set_lpr(sd_dhcp_server *server, const struct in_addr lpr[], unsigned n);
-int sd_dhcp_server_set_dns(sd_dhcp_server *server, const struct in_addr dns[], unsigned n);
-int sd_dhcp_server_set_ntp(sd_dhcp_server *server, const struct in_addr ntp[], unsigned n);
-int sd_dhcp_server_set_sip(sd_dhcp_server *server, const struct in_addr sip[], unsigned n);
-int sd_dhcp_server_set_pop3_server(sd_dhcp_server *server, const struct in_addr pop3_server[], unsigned n);
-int sd_dhcp_server_set_smtp_server(sd_dhcp_server *server, const struct in_addr smtp_server[], unsigned n);
+int sd_dhcp_server_set_lpr(sd_dhcp_server *server, const struct in_addr lpr[], size_t n);
+int sd_dhcp_server_set_dns(sd_dhcp_server *server, const struct in_addr dns[], size_t n);
+int sd_dhcp_server_set_ntp(sd_dhcp_server *server, const struct in_addr ntp[], size_t n);
+int sd_dhcp_server_set_sip(sd_dhcp_server *server, const struct in_addr sip[], size_t n);
+int sd_dhcp_server_set_pop3(sd_dhcp_server *server, const struct in_addr pop3_server[], size_t n);
+int sd_dhcp_server_set_smtp(sd_dhcp_server *server, const struct in_addr smtp_server[], size_t n);

 int sd_dhcp_server_add_option(sd_dhcp_server *server, sd_dhcp_option *v);
 int sd_dhcp_server_add_vendor_option(sd_dhcp_server *server, sd_dhcp_option *v);
--- a/test/fuzz/fuzz-netdev-parser/directives.netdev
+++ b/test/fuzz/fuzz-netdev-parser/directives.netdev
@ -45,6 +45,7 @@ AgeingTimeSec=
 Priority=
 GroupForwardMask=
 VLANFiltering=
+VLANProtocol=
 MulticastIGMPVersion=
 [VRF]
 TableId=
Author	SHA1	Message	Date
Rubens Figueiredo	4df4df5b56	network: allow setting VLAN protocol on bridges Signed-off-by: Rubens Figueiredo <rubens.figueiredo@bisdn.de>	2020-05-14 17:59:57 +02:00
Susant Sahani	cf217a0922	networkctl: Add support to display macvlan/macvtap mode	2020-05-14 17:35:56 +02:00
Susant Sahani	d51674806a	network: Introduce macvlan util	2020-05-14 17:35:56 +02:00
Lennart Poettering	6551cf2d61	man: document $LOG_NAMESPACE	2020-05-14 17:29:28 +02:00
Lennart Poettering	90810f7a37	sd-dhcp-server: some function prototype fix-ups Let's use size_t for numbers of entries in memory. Let's use const wherever appropriate. Drop `_server` suffix from function name where we don't have it for similar other cases.	2020-05-14 17:11:44 +02:00
Evgeny Vereshchagin	4b129fba30	cifuzz: set allowed-broken-targets-percentage to 0	2020-05-14 10:33:54 +02:00