From 55dab2ed837c17236b7df12decaffbc4388d1dff Mon Sep 17 00:00:00 2001 From: Tom Gundersen Date: Mon, 24 Feb 2014 01:09:21 +0100 Subject: sd-dhcp-client: respect TP_STATUS_CSUMNOTREADY If an UDP packet has not passed through a hardware device, its checksum may not have been computed. This is exposed through the TP_STATUS_CSUMNOTREADY sockopt. When using raw sockets, skip checksum validation when TP_STATUS_CSUMNOTREADY is set. This is necessary for dhcp to work directly over a veth tunnel, e.g. as done in systemd-nspawn. --- src/libsystemd-dhcp/dhcp-internal.h | 2 +- src/libsystemd-dhcp/dhcp-network.c | 5 ++++- src/libsystemd-dhcp/dhcp-packet.c | 4 ++-- src/libsystemd-dhcp/sd-dhcp-client.c | 33 +++++++++++++++++++++++++++++---- 4 files changed, 36 insertions(+), 8 deletions(-) (limited to 'src') diff --git a/src/libsystemd-dhcp/dhcp-internal.h b/src/libsystemd-dhcp/dhcp-internal.h index 7b2e35cac6..ce83b81631 100644 --- a/src/libsystemd-dhcp/dhcp-internal.h +++ b/src/libsystemd-dhcp/dhcp-internal.h @@ -50,6 +50,6 @@ int dhcp_message_init(DHCPMessage *message, uint8_t op, uint32_t xid, uint8_t ty void dhcp_packet_append_ip_headers(DHCPPacket *packet, uint16_t len); -int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len); +int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum); #define log_dhcp_client(client, fmt, ...) log_meta(LOG_DEBUG, __FILE__, __LINE__, __func__, "DHCP CLIENT: " fmt, ##__VA_ARGS__) diff --git a/src/libsystemd-dhcp/dhcp-network.c b/src/libsystemd-dhcp/dhcp-network.c index 6c9d4ef999..934e8bf13e 100644 --- a/src/libsystemd-dhcp/dhcp-network.c +++ b/src/libsystemd-dhcp/dhcp-network.c @@ -32,7 +32,7 @@ int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link) { - int s; + int s, one = 1; assert(index > 0); assert(link); @@ -48,6 +48,9 @@ int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link) link->ll.sll_halen = ETH_ALEN; memset(link->ll.sll_addr, 0xff, ETH_ALEN); + if (setsockopt (s, SOL_PACKET, PACKET_AUXDATA, &one, sizeof(one)) < 0) + return -errno; + if (bind(s, &link->sa, sizeof(link->ll)) < 0) { close_nointr_nofail(s); return -errno; diff --git a/src/libsystemd-dhcp/dhcp-packet.c b/src/libsystemd-dhcp/dhcp-packet.c index 1937de4252..8388e56222 100644 --- a/src/libsystemd-dhcp/dhcp-packet.c +++ b/src/libsystemd-dhcp/dhcp-packet.c @@ -113,7 +113,7 @@ void dhcp_packet_append_ip_headers(DHCPPacket *packet, uint16_t len) { packet->ip.check = dhcp_checksum(&packet->ip, DHCP_IP_SIZE); } -int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len) { +int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum) { size_t hdrlen; assert(packet); @@ -168,7 +168,7 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len) { return -EINVAL; } - if (packet->udp.check) { + if (checksum && packet->udp.check) { packet->ip.check = packet->udp.len; packet->ip.ttl = 0; diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c index ee6e89eacb..0c82260dfd 100644 --- a/src/libsystemd-dhcp/sd-dhcp-client.c +++ b/src/libsystemd-dhcp/sd-dhcp-client.c @@ -886,8 +886,18 @@ static int client_receive_message_raw(sd_event_source *s, int fd, uint32_t revents, void *userdata) { sd_dhcp_client *client = userdata; _cleanup_free_ DHCPPacket *packet = NULL; - int buflen = 0, len, r; usec_t time_now; + uint8_t cmsgbuf[CMSG_LEN(sizeof(struct tpacket_auxdata))]; + struct iovec iov = {}; + struct msghdr msg = { + .msg_iov = &iov, + .msg_iovlen = 1, + .msg_control = cmsgbuf, + .msg_controllen = sizeof(cmsgbuf), + }; + struct cmsghdr *cmsg; + bool checksum = true; + int buflen = 0, len, r; assert(s); assert(client); @@ -901,11 +911,26 @@ static int client_receive_message_raw(sd_event_source *s, int fd, if (!packet) return -ENOMEM; - len = read(fd, packet, buflen); - if (len < 0) + iov.iov_base = packet; + iov.iov_len = buflen; + + len = recvmsg(fd, &msg, 0); + if (len < 0) { + log_dhcp_client(client, "could not receive message from raw " + "socket: %s", strerror(errno)); return 0; + } + + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { + if (cmsg->cmsg_level == SOL_PACKET && cmsg->cmsg_type == PACKET_AUXDATA) { + struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg); + + checksum = !(aux->tp_status & TP_STATUS_CSUMNOTREADY); + break; + } + } - r = dhcp_packet_verify_headers(packet, len); + r = dhcp_packet_verify_headers(packet, len, checksum); if (r < 0) return 0; -- cgit v1.2.3-54-g00ecf