Thomas Haller [Wed, 25 Jun 2014 08:11:56 +0000 (10:11 +0200)]
attr: nla_get_u64() should return 0 if the attribute does not fully contain 64 bit
Manually "inline" nla_memcpy() to nla_get_u64() and change the behavior
to return always zero (0) if the attribute does not contain at least
sizeof(uint64_t) bytes. Considering endianness, reading a truncated integer
does not seem to be useful and should result in a defined behavior
instead.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Peter Wu [Tue, 24 Jun 2014 21:13:38 +0000 (23:13 +0200)]
attr: fix compile warning in headers
strlen() returns a size_t type, but nla_put accepts an int only. This
breaks a -Werror build of applications using libnl, so avoid this
warning by explicitly casting the length to an int.
Signed-off-by: Peter Wu <peter@lekensteyn.nl> Signed-off-by: Thomas Haller <thaller@redhat.com>
Tobias Klauser [Tue, 17 Jun 2014 12:58:10 +0000 (14:58 +0200)]
cache_mngr: Fix assignment of error code in nl_cache_mngr_alloc()
In the current form, the parentheses in these two if (...) statements
lead to err being assigned the result of nl_connect(...) < 0 and
nl_socket_set_nonblocking(...) < 0 instead of the return value of these
functions. Adjust the parentheses to assign the returned error code to
err.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Tobias Klauser [Tue, 17 Jun 2014 12:58:09 +0000 (14:58 +0200)]
cache_mngr: Return proper error code if nl_socket_alloc() fails
If nl_socket_alloc() failes in nl_cache_mngr_alloc() we would currently
return 0 due to the previous assignment of the err variable, even though
the failed allocation is an error condition. Fix this by setting err to
-NLE_NOMEM if nl_socket_alloc() fails.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Tue, 10 Jun 2014 15:50:09 +0000 (17:50 +0200)]
route/link: fix dangling pointer after rtnl_link_get_ifalias(link, NULL)
Fixed bug that left a dangling pointer after clearing the ifalias
property. This happened when calling 'rtnl_link_get_ifalias(link, NULL)'
on a link that has already an ifalias set.
This can cause a crash and/or a double-free.
Error found by coverity.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Tue, 10 Jun 2014 15:53:37 +0000 (17:53 +0200)]
lib: reorder free() after printf("%p") statements
Previously coverity was complaining about a use-after-free.
This was not a real problem, because the printf statement
does not dereferenciate the pointer. Change it to avoid
the warning.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Tue, 10 Jun 2014 16:20:25 +0000 (18:20 +0200)]
route/link: pass proper type to sizeof() for calloc() in vlan_parse()
This fixes the following coverity warning:
lib/route/link/vlan.c:148:23:warning – Result of 'calloc' is converted to a pointer of type 'struct vlan_map', which is incompatible with sizeof operand type 'struct ifla_vlan_qos_mapping'
This was not a real problem, because the types are effectively
the same.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Michał Górny [Sun, 25 May 2014 10:51:32 +0000 (12:51 +0200)]
Use paths relative to srcdir in setup.py.
Currently, setup.py is created by configure in builddir while source
files (.py and .i) reside in srcdir. Adjust paths in setup.py
appropriately to make it possible to perform an out-of-source build.
This is far from perfect but it mostly works. Python files are copied
from srcdir, and swig *.i files are read from there. However, swig
output files are created in srcdir rather than builddir, and distutils
copies '..' literally when constructing '.o' paths. As a result,
'../python/foo.i' would end up being compiled to
'build/temp*/../python/foo.i'.
The alternative would be to copy '*.i' files to builddir before
proceeding with the build, either in Makefile or through creating
additional distutils command.
Michał Górny [Sun, 25 May 2014 09:49:19 +0000 (11:49 +0200)]
Explicitly create output directories for flex/yacc output.
When out-of-source build with '--disable-dependency-tracking' is
performed, the 'lib/route' and 'lib/route/cls' directories required for
flex/yacc output do not exist. As a result, the flex/yacc calls fail
with ENOENT.
Create the necessary directories explicitly via $(MKDIR_P)
in the flex/yacc rules to guarantee proper out-of-source and in-source
build.
Susant Sahani [Wed, 7 May 2014 10:35:53 +0000 (16:05 +0530)]
vlan: add support for IFLA_VLAN_PROTOCOL
This patch adds support for IFLA_VLAN_PROTOCOL
Signed-off-by: Susant Sahani <susant@redhat.com> Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: minor fixes (whitespace, documentation, and a typo)] Signed-off-by: Thomas Haller <thaller@redhat.com>
Cong Wang [Wed, 7 May 2014 17:22:50 +0000 (10:22 -0700)]
tunnel: add a copy of include/linux/if_tunnel.h
This should fix the following compile error:
route/link/ipip.c:52: error: ‘IFLA_IPTUN_MAX’ undeclared here (not in a function)
route/link/ipip.c:53: error: ‘IFLA_IPTUN_LINK’ undeclared here (not in a function)
route/link/ipip.c:53: error: array index in initializer not of integer type
route/link/ipip.c:53: error: (near initialization for ‘ipip_policy’)
route/link/ipip.c:53: error: field name not in record or union initializer
route/link/ipip.c:53: error: (near initialization for ‘ipip_policy’)
...
Reported-by: Vinson Lee <vlee@twitter.com> Cc: Susant Sahani <susant@redhat.com> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Wed, 9 Apr 2014 10:08:53 +0000 (12:08 +0200)]
lib/socket: randomize the generated local port
Instead of always trying the same order of ports when
looking for an unused port, randomize the order (naively).
As libnl-1 uses the same function, it is likely that two applications
that are using both libraries generate the same ports. By chosing a
different order how to select the local port, the chances are smaller
for this to happen (however, it cannot avoid it entirely. The user
and/or libnl3 still has to cope with the situation, that somebody
else might already use the port).
Thomas Haller [Wed, 9 Apr 2014 10:08:52 +0000 (12:08 +0200)]
lib/socket: retry generate local port in nl_connect on ADDRINUSE
It can easily happen that the generated local netlink port is alrady in
use. In that case bind will fail with ADDRINUSE.
Users of libnl3 could workaround this, by managing the local ports
themselves, but sometimes these users are libraries too and they also
don't know which ports might be used by other components.
This patch changes that nl_socket_alloc() no longer initilizes the local
port id immediately. Instead it will be initialized when the user calls
nl_socket_get_local_port() the first time and thereby shows interest in
the value.
If bind() fails with ADDRINUSE, check if the user ever cared about the
local port, i.e. whether the local port is still unset. If it is still
unset, assume that libnl should choose a suitable port and retry until
an unused port can be found.
Thomas Haller [Wed, 9 Apr 2014 10:08:51 +0000 (12:08 +0200)]
lib/socket: don't fail if no more local ports can be assigned in nl_socket_alloc
By failing inside of nl_socket_alloc(), the user can not even work around
when running out of local ports. This patch changes that if there are no more
local ports, we set the port to UINT32_MAX. This is a consistent behavior
to calling nl_socket_set_local_port(sk, 0).
In general, since nl_socket_set_local_port() does not restict the generated
ports in any way we cannot assume to have a valid port. So the check in
the constructor was harmful and users who ever encountered it (because they
created 1024 libnl3 sockets) could not even work around it.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Hangbin Liu [Wed, 16 Apr 2014 02:16:34 +0000 (10:16 +0800)]
gitignore: ignore ctags file
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
[thaller@redhat.com: change to ignore /tags only on top-level] Signed-off-by: Thomas Haller <thaller@redhat.com>
Rich Fought [Thu, 27 Feb 2014 00:02:13 +0000 (16:02 -0800)]
netfilter/ct: expand CT parameters that can be used in add/delete operations
This expands functionality for manipulating conntracks over netlink by
adding other attributes to nfnl_ct_build_message(). Added a command link
program to add conntracks.
https://github.com/thom311/libnl/pull/55
[thaller@redhat.com: cleaned up whitespace from original patch] Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Cong Wang [Wed, 2 Apr 2014 01:03:32 +0000 (18:03 -0700)]
veth: use nl_object_clone() to deep copy rtnl_link object
Currently we use memcpy() to copy the peer rtnl_link for veth device,
this is wrong, we should do deep copy by calling nl_object_clone()
recursively. We should be careful and need to make sure we only call
it once.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Thu, 3 Apr 2014 16:09:51 +0000 (18:09 +0200)]
route/addr: only sent IFA_FLAGS when needed to workaround picky older kernels
Older kernels don't accept receiving unknown netlink attributes.
See net/core/rtnetlink.c, rtnetlink_rcv_msg(). This was fixed by kernel
commit 661d2967b3f1b34eeaa7e212e7b9bbe8ee072b59.
As a workaround, only set the additional attributes, when the user
provided flags that makes this necessary and useful.
Based-on-patch-by: Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
The header file added new values for IPSTATS_MIB_* and ICMP6_MIB_*, but
more importantly, the kernel broke user space API by reordering enum values in
IPSTATS_MIB_*. Add a workaround when parsing IFLA_PROTINFO trying to
be compatible with both older and newer kernels.
Note that this workaround might fail for some specific kernel versions by
assuming the old enum value mapping, although the kernel version already
contains the API change. In this case rtnl_link_get_stat() mixes up
values.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Thu, 20 Mar 2014 18:18:43 +0000 (19:18 +0100)]
route: detect missing cfgid in rtnl_link_inet_get_conf()
If the netlink message for IFLA_INET_CONF contains less then
IPV4_DEVCONF_MAX entires, the last entries in i_conf are unset.
Modify rtnl_link_inet_get_conf() to return -EINVAL when accessing
an unset cfgid.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Thu, 20 Mar 2014 18:18:42 +0000 (19:18 +0100)]
route: don't enforce minlen in inet6_parse_protinfo() (IFLA_PROTINFO) and inet_parse_af() (IFLA_AF_SPEC)
Older kernel version might have fewer values defined, so they would send
netlink messages that got rejected. Only check that at least one value
got sent.
This is especially grave as libnl uses an internal copy of the
kernel header files. Thus not only it is bound to the installed kernel
headers but to the libnl internal header copies that might easily be out
of sync with the kernel.
Cong Wang [Thu, 20 Mar 2014 17:24:12 +0000 (10:24 -0700)]
u32: add const to rtnl_u32_add_key_in*_addr()
Cc: Thomas Haller <thaller@redhat.com> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Cong Wang [Thu, 20 Mar 2014 17:45:45 +0000 (10:45 -0700)]
link: document sk == NULL case for rtnl_link_alloc_cache()
When sk == NULL, rtnl_link_alloc_cache() returns 0 but the cache
is still empty. We should document this behavior, otherwise it is confusing.
Cc: Thomas Haller <thaller@redhat.com> Cc: Thomas Graf <tgraf@suug.ch> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
This capability indicates that libnl does no longer overwrites
the route scope in rtnl_route_build_msg(), as fixed by commit 85ec9c7ad80c60f4f619472f2bb9d9595da93b26.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Cong Wang [Wed, 12 Mar 2014 23:42:39 +0000 (16:42 -0700)]
fill prio and protocol attr bits when parsing cls message
Otherwise, the filter we get from a cls cache can't be used
for removal.
Cc: Thomas Haller <thaller@redhat.com> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Thu, 13 Feb 2014 20:31:37 +0000 (21:31 +0100)]
route: rtnl_route_build_msg() should not overwrite the route scope
rtnl_route_build_msg() should allow the user to set the route scope
explicitly to RT_SCOPE_NOWHERE.
This is useful for IPv4 routes, because when deleting a route,
the kernel requires the scope to match, unless the scope is set to
RT_SCOPE_NOWHERE. Thus by setting the scope to RT_SCOPE_NOWHERE,
the user can delete a route, even without knowing its scope.
rtnl_route_build_msg() should only try to guess the scope, if it was
not explicitly specified.
Signed-off-by: Thomas Haller <thaller@redhat.com> Acked-by: Thomas Graf <tgraf@suug.ch>
Cong Wang [Wed, 15 Jan 2014 01:37:42 +0000 (17:37 -0800)]
act: remove rtnl_act_alloc_cache()
It is complicated to cache tc actions, they are different
from tc qdisc's and filters by design. So, it is simple
if we just don't cache them.
This patch only removes the tc action cache allocation API.
We still need to bypass the libnl cache layer from scratch,
but that would not break ABI any more, therefore we can do
it later.
Cc: Thomas Graf <tgraf@suug.ch> Cc: Thomas Haller <thaller@redhat.com> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Mon, 16 Dec 2013 20:19:14 +0000 (21:19 +0100)]
build: fix build failure when using different build dir (make distcheck)
`make distcheck` builds outside the source directory using
`../configure --srcdir=..`. This was broken because libnl.sym was
expected in the $(top_srcdir) instead of $(top_builddir).