The FreeBSD epair(4) interface type can be thought of as a virtual patch cable.
The epair interfaces come in pairs, with network traffic being passed between the 2 pairs.
The basic intent is to provide connectivity between two virtual network stack instances.
This interface type does not typically require an IP address, as it is passing traffic
between other virtual networks/interfaces which obtain their own IP address.
Therefore, add this interface type to the list that will be ignored by dhcpcd.
Basically only for NetBSD, DragonFlyBSD, kqueue or epoll platforms.
All others will use poll(2) and return EINVAL if nfds > RLIMIT_NOFILES.
Trying to work out our nfs limit relies on already listening to
all FD's which may not be the case and was problematic.
Luckily all platforms aside from Solaris have new file creation
sandboxed away aside from accept(2) so this should still be safe.
As we may not find an address right away.
While here, tidy up and comment code about deriving the address
when none is specified for inform and static setups.
Include relevant headers for the definition of SIOCGETVLAN. This fixes
DHCPv6 Prefix Delegation where a prefix is delegated to several VLAN
interfaces on the same physical interface.
This can occur if the RA reduces the prefix times in accordance
with it's own lifetimes for example.
dhcpcd only checks if the RA contents have changed to trigger a
new INFORM.
As such, only log about new INFORMs.
Fixes#46.
When rt_add() decides that it must delete+add a route in order to change
the routing table entry, a wrong RB tree lookup result can throw it off
the rails. In the case observed, a static /64 prefix was deleted from
vlan1 while dhcpcd intended to delete its reject route bound to lo0.
Given two routes in the table, the loopback reject route installed by
dhcpd for my /48 prefix, and a cloning route for a /64 prefix on vlan1:
2001:db8::/48 ::1 UGR 0 0 32768 56 lo0
2001:db8::/64 2001:db8::1 UCn 1 2 - 4 vlan1
When searching the OS routing table dhcpcd attempts to tell routes apart
based only on the masked destination address. In the above case the masked
destinations look identical. The only difference is the length of the netmask.
The function rt_cmp_dest() didn't detect this and returned the /64 route
while dhcpcd was in fact searching for the /48 route.
This patch fixes the lookup by running rt_cmp_netmask() if the masked
destination comparison via sa_cmp() leaves us with a tie. With this change
dhcpcd deletes the /48 route as intended, and leaves the /64 route alone.
I had to move the rt_cmp_dest() function down since it needs to use the
static helper function rt_cmp_netmask(), which happened to be defined
just below rt_cmp_dest().
Why am I using an overlapping static prefix? The answer is that my ISP
assigns a static /48 prefix but won't route IPv6 unless my router sends
a DHCPv6 request when it connects via PPPoE. I configure static IPv6 subnets
on LAN interfaces and have configured dhcpcd to obtain a /48 prefix lease
without setting addresses on any internal interfaces.
My dhcpcd.conf contains:
ipv6only
noipv6rs
duid
persistent
option rapid_commit
require dhcp_server_identifier
script ""
allowinterfaces pppoe0
interface pppoe0
ia_pd 1 /2001:db8::/48
This problem was found on OpenBSD, in case that matters for reproduction
of the issue.
Fix the following build failure:
privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
# error "Platform does not support seccomp filter yet"
^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
^~~~~~~~~~~~~~~~~~
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Rather than relying on close(2) being called.
Whilst a bit less performant with many open/close, there is also
no guarantee that close(2) will actually be called as
shutdown(2) could be used instead.
Fix the following build failure:
privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
# error "Platform does not support seccomp filter yet"
^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
^~~~~~~~~~~~~~~~~~
It should be noted that AUDIT_ARCH_{ARCOMPACT,ARCV2} is only defined
since kernel 5.2 and
67f2a8a293
Detection of arc compact and arc v2 have been "copy/pasted" from
afab56958f
Fixes:
- http://autobuild.buildroot.org/results/d29083700a80dd647621eed06faeeae03f0587d3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fix the following build failure:
privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
# error "Platform does not support seccomp filter yet"
^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
^~~~~~~~~~~~~~~~~~
It should be noted that AUDIT_ARCH_OPENRISC is defined since kernel 3.7:
e2bebb4ae6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fix the following build failure:
privsep-linux.c:203: warning: "AUDIT_ARCH_SPARC64" redefined
203 | # define AUDIT_ARCH_SPARC64
|
In file included from privsep-linux.c:35:
/srv/storage/autobuild/run/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/linux/audit.h:392: note: this is the location of the previous definition
392 | #define AUDIT_ARCH_SPARC64 (EM_SPARCV9|__AUDIT_ARCH_64BIT)
|
In file included from privsep-linux.c:36:
privsep-linux.c:215:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
215 | BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
| ^~~~~~~~~~~~~~~~~~
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fix the following build failure:
privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
# error "Platform does not support seccomp filter yet"
^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
^~~~~~~~~~~~~~~~~~
It should be noted that AUDIT_ARCH_{SH,SHEL,SH64,SHEL64} are defined at
least since kernel 3.7 and
607ca46e97
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
