1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367
// SPDX-License-Identifier: Apache-2.0
use serde::{Deserialize, Serialize};
use crate::{
DispatchConfig, ErrorKind, EthtoolConfig, Ieee8021XConfig,
InterfaceIdentifier, InterfaceIpv4, InterfaceIpv6, InterfaceState,
InterfaceType, LldpConfig, MergedInterface, MptcpConfig, NmstateError,
OvsDbIfaceConfig, RouteEntry, WaitIp,
};
const MINIMUM_IPV6_MTU: u64 = 1280;
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default)]
#[serde(rename_all = "kebab-case", deny_unknown_fields)]
#[non_exhaustive]
/// Information shared among all interface types
pub struct BaseInterface {
/// Interface name, when applying with `InterfaceIdentifier::MacAddress`,
/// if `profile_name` not defined, this will be used as profile name.
pub name: String,
#[serde(skip_serializing_if = "Option::is_none")]
pub profile_name: Option<String>,
#[serde(skip_serializing_if = "crate::serializer::is_option_string_empty")]
/// Interface description stored in network backend. Not available for
/// kernel only mode.
pub description: Option<String>,
#[serde(rename = "type", default = "default_iface_type")]
/// Interface type. Serialize and deserialize to/from `type`
pub iface_type: InterfaceType,
#[serde(skip_serializing_if = "crate::serializer::is_option_string_empty")]
/// The driver of the specified network device.
pub driver: Option<String>,
#[serde(default = "default_state")]
/// Interface state. Default to [InterfaceState::Up] when applying.
pub state: InterfaceState,
#[serde(default, skip_serializing_if = "Option::is_none")]
/// Define network backend matching method on choosing network interface.
/// Default to [InterfaceIdentifier::Name].
pub identifier: Option<InterfaceIdentifier>,
/// When applying with `[InterfaceIdentifier::MacAddress]`,
/// nmstate will store original desired interface name as `profile_name`
/// here and store the real interface name as `name` property.
#[serde(skip_serializing_if = "Option::is_none")]
/// For [InterfaceIdentifier::Name] (default), this property will change
/// the interface MAC address to desired one when applying.
/// For [InterfaceIdentifier::MacAddress], this property will be used
/// for searching interface on desired MAC address when applying.
/// MAC address in the format: upper case hex string separated by `:` on
/// every two characters. Case insensitive when applying.
/// Serialize and deserialize to/from `mac-address`.
pub mac_address: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
/// MAC address never change after reboots(normally stored in firmware of
/// network interface). Using the same format as `mac_address` property.
/// Ignored during apply.
pub permanent_mac_address: Option<String>,
#[serde(
skip_serializing_if = "Option::is_none",
default,
deserialize_with = "crate::deserializer::option_u64_or_string"
)]
/// Maximum transmission unit.
pub mtu: Option<u64>,
#[serde(skip_serializing_if = "Option::is_none")]
/// Minimum MTU allowed. Ignored during apply.
/// Serialize and deserialize to/from `min-mtu`.
pub min_mtu: Option<u64>,
#[serde(skip_serializing_if = "Option::is_none")]
/// Maximum MTU allowed. Ignored during apply.
/// Serialize and deserialize to/from `max-mtu`.
pub max_mtu: Option<u64>,
#[serde(skip_serializing_if = "Option::is_none")]
/// Whether system should wait certain IP stack before considering
/// network interface activated.
/// Serialize and deserialize to/from `wait-ip`.
pub wait_ip: Option<WaitIp>,
#[serde(skip_serializing_if = "Option::is_none")]
/// IPv4 information.
/// Hided if interface is not allowed to hold IP information(e.g. port of
/// bond is not allowed to hold IP information).
pub ipv4: Option<InterfaceIpv4>,
#[serde(skip_serializing_if = "Option::is_none")]
/// IPv4 information.
/// Hided if interface is not allowed to hold IP information(e.g. port of
/// bond is not allowed to hold IP information).
pub ipv6: Option<InterfaceIpv6>,
#[serde(skip_serializing_if = "Option::is_none")]
/// Interface wide MPTCP flags.
/// Nmstate will apply these flags to all valid IP addresses(both static
/// and dynamic).
pub mptcp: Option<MptcpConfig>,
#[serde(skip_serializing_if = "Option::is_none")]
/// Controller of the specified interface.
/// Only valid for applying, `None` means no change, empty string means
/// detach from current controller, please be advise, an error will trigger
/// if this property conflict with ports list of bridge/bond/etc.
/// Been always set to `None` by [crate::NetworkState::retrieve()].
pub controller: Option<String>,
#[serde(
skip_serializing_if = "Option::is_none",
default,
deserialize_with = "crate::deserializer::option_bool_or_string"
)]
/// Whether kernel should skip check on package targeting MAC address and
/// accept all packages, also known as promiscuous mode.
/// Serialize and deserialize to/from `accpet-all-mac-addresses`.
pub accept_all_mac_addresses: Option<bool>,
#[serde(skip_serializing_if = "Option::is_none")]
/// Copy the MAC address from specified interface.
/// Ignored during serializing.
/// Deserialize from `copy-mac-from`.
pub copy_mac_from: Option<String>,
#[serde(skip_serializing_if = "Option::is_none", rename = "ovs-db")]
/// Interface specific OpenvSwitch database configurations.
pub ovsdb: Option<OvsDbIfaceConfig>,
#[serde(skip_serializing_if = "Option::is_none", rename = "802.1x")]
/// IEEE 802.1X authentication configurations.
/// Serialize and deserialize to/from `802.1x`.
pub ieee8021x: Option<Ieee8021XConfig>,
#[serde(skip_serializing_if = "Option::is_none")]
/// Link Layer Discovery Protocol configurations.
pub lldp: Option<LldpConfig>,
#[serde(skip_serializing_if = "Option::is_none")]
/// Ethtool configurations
pub ethtool: Option<EthtoolConfig>,
/// Dispatch script configurations
#[serde(skip_serializing_if = "Option::is_none")]
pub dispatch: Option<DispatchConfig>,
#[serde(skip)]
pub controller_type: Option<InterfaceType>,
// The interface lowest up_priority will be activated first.
// The up_priority should be its controller's up_priority
// plus one.
// The 0 means top controller or no controller.
#[serde(skip)]
pub(crate) up_priority: u32,
#[serde(skip)]
pub(crate) routes: Option<Vec<RouteEntry>>,
#[serde(flatten)]
pub _other: serde_json::Map<String, serde_json::Value>,
}
impl BaseInterface {
// Besides normal HashMap merging:
// * the IP stacks need extra care
// * `copy_mac_from` is skip_serializing
// * `permanent_mac_address` is skip_serializing
pub(crate) fn special_merge(&mut self, desired: &Self, current: &Self) {
if let Some(ipv4) = self.ipv4.as_mut() {
if let (Some(d), Some(c)) =
(desired.ipv4.as_ref(), current.ipv4.as_ref())
{
ipv4.special_merge(d, c);
}
}
if let Some(ipv6) = self.ipv6.as_mut() {
if let (Some(d), Some(c)) =
(desired.ipv6.as_ref(), current.ipv6.as_ref())
{
ipv6.special_merge(d, c);
}
}
if self.permanent_mac_address.is_none() {
self.permanent_mac_address
.clone_from(¤t.permanent_mac_address);
}
self.copy_mac_from.clone_from(&desired.copy_mac_from);
}
fn has_controller(&self) -> bool {
if let Some(ctrl) = self.controller.as_deref() {
!ctrl.is_empty()
} else {
false
}
}
/// Whether this interface can hold IP information or not.
pub fn can_have_ip(&self) -> bool {
(!self.has_controller())
|| self.iface_type == InterfaceType::OvsInterface
|| self.controller_type == Some(InterfaceType::Vrf)
}
pub(crate) fn is_up_priority_valid(&self) -> bool {
if self.has_controller() {
self.up_priority != 0
} else {
true
}
}
/// Create empty [BaseInterface] with state set to [InterfaceState::Up]
pub fn new() -> Self {
Self {
state: InterfaceState::Up,
..Default::default()
}
}
pub(crate) fn clone_name_type_only(&self) -> Self {
Self {
name: self.name.clone(),
iface_type: self.iface_type.clone(),
state: InterfaceState::Up,
..Default::default()
}
}
pub(crate) fn hide_secrets(&mut self) {
if let Some(conf) = self.ieee8021x.as_mut() {
conf.hide_secrets();
}
}
pub(crate) fn is_ipv4_enabled(&self) -> bool {
self.ipv4.as_ref().map(|i| i.enabled) == Some(true)
}
pub(crate) fn is_ipv6_enabled(&self) -> bool {
self.ipv6.as_ref().map(|i| i.enabled) == Some(true)
}
pub(crate) fn sanitize(
&mut self,
is_desired: bool,
) -> Result<(), NmstateError> {
if let Some(mac) = self.mac_address.as_mut() {
mac.make_ascii_uppercase();
}
// These are not for apply or verify
self.permanent_mac_address = None;
self.max_mtu = None;
self.min_mtu = None;
self.copy_mac_from = None;
self.driver = None;
if let Some(ipv4_conf) = self.ipv4.as_mut() {
ipv4_conf.sanitize(is_desired)?;
}
if let Some(ipv6_conf) = self.ipv6.as_mut() {
ipv6_conf.sanitize(is_desired)?;
if ipv6_conf.enabled {
if let Some(mtu) = self.mtu {
if mtu < MINIMUM_IPV6_MTU {
return Err(NmstateError::new(
ErrorKind::InvalidArgument,
format!(
"MTU should be >= {MINIMUM_IPV6_MTU} \
when IPv6 is enabled on interface {}, \
but got mtu: {mtu}",
self.name.as_str()
),
));
}
}
}
}
if let Some(lldp_conf) = self.lldp.as_mut() {
lldp_conf.sanitize();
}
if !self.can_have_ip() {
self.wait_ip = None;
}
if is_desired
&& self.iface_type.is_userspace()
&& self.dispatch.is_some()
{
return Err(NmstateError::new(
ErrorKind::InvalidArgument,
format!(
"User space interface {}/{} is not allow to hold \
dispatch configurations",
self.name.as_str(),
self.iface_type,
),
));
}
// Remove permanent_mac_address in desired state as it is query only
if is_desired {
self.permanent_mac_address = None;
}
Ok(())
}
}
fn default_state() -> InterfaceState {
InterfaceState::Up
}
fn default_iface_type() -> InterfaceType {
InterfaceType::Unknown
}
impl MergedInterface {
pub(crate) fn post_inter_ifaces_process_base_iface(
&mut self,
) -> Result<(), NmstateError> {
self.post_inter_ifaces_process_ip()?;
self.post_inter_ifaces_process_mptcp()?;
self.post_inter_ifaces_process_ethtool();
self.validate_mtu()?;
self.validate_can_have_ip()?;
Ok(())
}
fn validate_mtu(&self) -> Result<(), NmstateError> {
if let (Some(desired), Some(current)) = (
self.desired.as_ref().map(|i| i.base_iface()),
self.current.as_ref().map(|i| i.base_iface()),
) {
if let (Some(desire_mtu), Some(min_mtu), Some(max_mtu)) =
(desired.mtu, current.min_mtu, current.max_mtu)
{
if desire_mtu > max_mtu {
return Err(NmstateError::new(
ErrorKind::InvalidArgument,
format!(
"Desired MTU {} for interface {} \
is bigger than maximum allowed MTU {}",
desire_mtu, desired.name, max_mtu
),
));
} else if desire_mtu < min_mtu {
return Err(NmstateError::new(
ErrorKind::InvalidArgument,
format!(
"Desired MTU {} for interface {} \
is smaller than minimum allowed MTU {}",
desire_mtu, desired.name, min_mtu
),
));
}
}
}
Ok(())
}
fn validate_can_have_ip(&mut self) -> Result<(), NmstateError> {
if self.is_desired() && self.merged.is_up() {
if let Some(apply_iface) = self.for_apply.as_ref() {
let base_iface = apply_iface.base_iface();
if !base_iface.can_have_ip()
&& (base_iface.ipv4.as_ref().map(|ipv4| ipv4.enabled)
== Some(true)
|| base_iface.ipv6.as_ref().map(|ipv6| ipv6.enabled)
== Some(true))
{
return Err(NmstateError::new(
ErrorKind::InvalidArgument,
format!(
"Interface {} cannot have IP enabled as it is \
attached to a controller where IP is not allowed",
base_iface.name.as_str()
),
));
}
}
}
Ok(())
}
}