Tobias Klauser [Tue, 19 May 2015 11:40:24 +0000 (13:40 +0200)]
utils: update link layer protocol translations
Update the private copy of linux/if_arp.h and hook up the not yet
defined ARPHRD_* types in the llprotos translation table. Reorder the
entries such that they correspond to the order they're defined in
linux/if_arp.h. Also remove the #ifdef guards since these are
unnecessary given that the private copy of the kernel header is used.
Thomas Haller [Tue, 12 May 2015 13:04:48 +0000 (15:04 +0200)]
lib/doc: clearify return value of send_simple() functions
The return value of the *nl_send_simple() functions is
inconsistent and not according to the documentation.
nl_send_simple() is document to return the number of bytes sent.
Other *nl_send_simple() functions are documented to return 0 on
success -- for the most part.
See also commit b70174668b9867de573cf51471bc98bfe7fd2bc3 which
changed behavior of nl_rtgen_request() to be according to documenation.
Don't change behavior again, only adjust the documentation.
Arend van Spriel [Sun, 10 May 2015 10:22:17 +0000 (12:22 +0200)]
python: capi: add nla_put() function to python capi
Adding nla_put() to the capi using a typemap on the input
parameter which needs to be either a str or bytearray.
Otherwise a SWIG exception with be thrown.
Signed-off-by: Arend van Spriel <aspriel@gmail.com>
The define was left enabled during development on netlink (and genl)
python swig api. It is a bit annoying in production release so disable
the define.
Signed-off-by: Arend van Spriel <aspriel@gmail.com>
Tobias Klauser [Mon, 11 May 2015 12:49:01 +0000 (14:49 +0200)]
xfrm: fix potential NULL dereference
If xfrmnl_sel_alloc() returns NULL, the daddr and saddr members are
still accessed, leading to a potential NULL dereference. The same is the
case for xfrmnl_user_tmpl_alloc(). Fix this by returning NULL right away
if allocation fails.
utils: Add translations for NETLINK_RDMA and NETLINK_CRYPTO
Add translations for NETLINK_RDMA and NETLINK_CRYPTO to nlfamilies,
allowing to use nl_nlfamily2str() and nl_str2nlfamily() for these
families.
This makes it necessary to update the private copy of linux/netlink.h
and also includes the rename of NETLINK_INET_DIAG to NETLINK_SOCK_DIAG
in upstream commit 7f1fb60c4fc9fb29 ("inet_diag: Partly rename inet_ to
sock_") and the removal of the duplicate NLMSG_ALIGN in the
NLMSG_LENGTH() macro in upstream commit a88b9ce5ad4fc633 ("netlink:
remove duplicated NLMSG_ALIGN").
Thomas Haller [Thu, 19 Mar 2015 11:22:12 +0000 (12:22 +0100)]
utils: add code comment about capability number assignment
Also reserve a range of capabilities (0x7000 to 0x7FFF) that we won't
use upstream. Add a macro NL_CAPABILITY_IS_USER_RESERVED() to check
if the capability is in that range.
David Chappelle [Tue, 17 Mar 2015 04:40:20 +0000 (00:40 -0400)]
route: remove unnecessary include of private linux/if.h
Including linux/if.h in netlink/route/link.h causes issues
in cases where libnl is used in conjuntion with other third
party libraries that include net/if.h. Seems to be a long
checkered history of symbol collisions between these two
files. As it turns out, including linux/if.h from within
netlink/route/link.h is actually unecessary. I resurrected
a forgotten path from this thread:
Thomas Haller [Mon, 9 Mar 2015 16:16:56 +0000 (17:16 +0100)]
build: revert moving unstable symbols from libnl_3 linker section
In the past, libnl3 had only one section (libnl_3) in the
linker version script. Between 3.2.25 and 3.2.26 release,
this was cleaned up and new symbols were added to libnl_3_2_26
section. Commit d2a30fb also moved new symbols since 3.2.25
to that section.
Fedora 21 and later already uses these symbols in the previous
version (@libnl_3). Updating there would break symbol lookup.
As we have users of the unstable version from pre-3.2.26, move
those symbols back. Note that this now breaks unstable users since d2a30fb (5 weeks ago) -- which probably are much fewer affected
users.
Fixes: d2a30fbb36d668fe64f43bddfc9c53ee0362334f Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Fri, 6 Mar 2015 11:33:49 +0000 (12:33 +0100)]
lib/socket: detect protocol in nl_socket_set_fd()
With support for socket option SO_PROTOCOL we don't need the protocol
argument to nl_socket_set_fd(). Maybe we should drop the protocol argument
and just not support nl_socket_set_fd() on older systems. But instead
keep the argument and allow passing -1 to autodetect it.
If the user sets a protocol option, we check via getsockopt() that the
value is correct and error out otherwise.
On older kernels, the user must set the value. Otherwise
nl_socket_set_fd() will fail.
Thomas Haller [Thu, 5 Mar 2015 09:39:43 +0000 (10:39 +0100)]
lib/socket: add nl_socket_set_fd() function
This is based on the patch by sagil@infinidat.com, but heavily modified.
Add a function nl_socket_set_fd(), I renamed it from nl_connect_fd().
Now nl_connect() and nl_socket_set_fd() are implemented independently as
they share little code. But they have similar functionality:
to initialize a libnl socket and set it's file descriptor.
A user who wants libnl to setup the socket can continue to use nl_connect().
A user with special requirements should setup the socket entirely. That includes
calling socket() (with or without SOCK_CLOEXEC), bind(), setting buffer size.
For the same reason I dropped nl_create_fd(). It didn't do much more then
calling socket() -- which the user can do directly.
Sagi Lowenhardt [Tue, 17 Feb 2015 13:22:27 +0000 (15:22 +0200)]
add socket nl_connect_fd() & nl_create_fd()
- Added option to create socket (fd) without bind.
It is now possible to forward the socket fd to another child process...
...later use nl_connect_fd() to connect to socket from the child process.
- Added option to disable CLOEXEC even if defined (in socket.h)
'nl_socket_enable_cloexec' & 'nl_socket_disable_cloexec'
No change to current default behavior.
Thomas Haller [Thu, 5 Mar 2015 09:50:04 +0000 (10:50 +0100)]
lib/nl: preserve s_local if nl_connect() fails
s_local.nl_pid is used to track the generated port unless NL_OWN_PORT is set.
Ensure that getsockname() doesn't overwrite the value and possibly reset
the local port manually to release the generated port.
Thomas Haller [Thu, 5 Mar 2015 07:46:31 +0000 (08:46 +0100)]
lib/socket: remove NL_SOCK_BUFSIZE_SET socket flag
The flag was not actually used.
NL_SOCK_BUFSIZE_SET was only set by nl_socket_set_buffer_size().
Note that you can only call nl_socket_set_buffer_size() on a socket that
is already connected via nl_connect().
On first call, nl_connect() would always see NL_SOCK_BUFSIZE_SET unset, and
call nl_socket_set_buffer_size().
Since the flag was never unset, when trying to connect a socket a second
time, we would not set the buffer size again. Which was a bug.
Thomas Haller [Wed, 4 Mar 2015 14:27:14 +0000 (15:27 +0100)]
build/trivial: reorder symbols in linker version scripts and add comment
We export some symbols that are in private headers. We shouldn't do
that. Highlight them in the version script by grouping them and add
a comment.
We might want to hide these symbols later.
Some of these symbols symbols are used by libnl internal libraries.
So removing those is more complicated and only possible if we don't
required compatibility of different libnl libraries between each other
(i.e. that we require that within one installation the library versions
match).
Lubomir Rintel [Sun, 25 Jan 2015 17:11:53 +0000 (18:11 +0100)]
lib: log errors from platform
nl_syserr2nlerr() reduces a lot of platform errors to NLE_FAILURE --
"Unspecific failure" which makes it somehow hard to track down the real reason
behind a failure.
Logging them with level of 4 makes it a little less painful.
Rohan Joyce [Fri, 13 Feb 2015 10:26:01 +0000 (18:26 +0800)]
lib: add const-ness to appropriate parameters in addr, attr, data
This patch changes the signatures of some functions to allow const pointers in
places where a const qualified pointer is enough access for what the function
does (e.g. nla_get_u8). It also changes some functions that take a pointer
parameter and return a pointer derived from it to use the strchr idiom.
This is not exhaustive in terms of places where const can be added, but it's
a decent chunk that should not make the external api any more restrictive.
Thomas Haller [Sun, 4 Jan 2015 16:24:38 +0000 (17:24 +0100)]
build: explicitly list exported symbols in linker scripts
Before all symbols (global: *;) were exported, which included some
symbols that should not be exported. Update the symbol files to
exclude everything by default and name the exported symbols
explicitly.
Still the same symbols as before are exported.
for SO in ./lib/.libs/*.so ./src/lib/.libs/*.so; do
SYM="$(basename "$SO")"
SYM="${SYM%.so}.sym"
cat <<EOF | sed 's/^ *>> //' > "$SYM"
>> libnl_3 {
>> global:
>> $(nm "$SO" | sed -n 's/^[a-fA-F0-9]\+ [BDRT] \(.*\)/\t\1;/p' | LANG=C sort)
>> local:
>> $(echo -e '\t')*;
>> };
EOF
done
Thomas Haller [Thu, 27 Nov 2014 12:09:05 +0000 (13:09 +0100)]
idiag: fix idiagnl_compare() to compare all attributes
This is not important for nl_object_identical() which only considers
the required attributes. But for using nl_object_diff() or nl_object_filter(),
all attributes must be compared.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Wed, 26 Nov 2014 17:17:16 +0000 (18:17 +0100)]
route/link: return -NLE_OPNOTSUPP in rtnl_link_get_kernel() for old kernels
Older kernels without patch a3d1289126e7b14307074b76bf1677015ea5036f do
not support rtnl_getlink() by ifname. Detect this situation and fail
with -NLE_OPNOTSUPP instead of -NLE_INVAL.
This changes behavior in returning a different error code for this
case.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Wed, 26 Nov 2014 17:13:37 +0000 (18:13 +0100)]
nl: add function nl_pickup_keep_syserr()
nl_pickup() converts error codes from netlink into
nl error codes using nl_syserr2nlerr(). The latter function
mangles different error codes to the same nl error code.
Add a new function, that returns both the nl error code
and the original error code.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Tue, 25 Nov 2014 10:35:03 +0000 (11:35 +0100)]
idiag: fix idiagnl_exts2str()
idiagnl_exts2str() is used to print req->idiag_ext,
which is the extention types combined as flags, such as
( (1 << (INET_DIAG_TOS - 1)) | (1 << (INET_DIAG_MEMINFO - 1)) ).
This function was wrong from the beginning because the string lookup
array had indexes such as 'INET_DIAG_TOS', instead of '(1 << (INET_DIAG_TOS - 1)'.
Fix also idiagnl_attrs2str() which now converts an extension
type (e.g. INET_DIAG_TOS) to a string. Still this function is
deprecated, as the function name is not clear and it is not
used or very useful.
Fixes: 22eb2569a595be98ae09fc4192860c1d2c3aa54c Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Mon, 24 Nov 2014 16:14:57 +0000 (17:14 +0100)]
idiag: add a oo_compare() function for idiag_msg objects
Having a oo_keygen() function only makes sense together with a
oo_compare() function because after hashing, you still have to compare
the objects for equality (in case of hash collission).
Fixes: 9c066b9271493ce3efff0b9d7b6e424990bba3f2 Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Mon, 24 Nov 2014 16:14:50 +0000 (17:14 +0100)]
idiag: deprecate IDIAG_SS_* socket states
These values mirror TCP_* socket states from 'netinit/tcp.h'.
There is no good reason to expose a copy of those values.
User space should use the original values (if they care).
The only value that is actually useful is IDIAGNL_SS_ALL.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Haller [Mon, 24 Nov 2014 16:14:48 +0000 (17:14 +0100)]
idiag: deprecate IDIAG_ATTR_* enumeration
IDIAG_ATTR_* were a copy of the INET_DIAG_* extension kernel
flags. Redefining them is wrong, user space should continue
to use the values provided via the kernel headers.
Also they were misused as change flags (ce_mask), which they are not.
Deprecate the IDIAG_ATTR_* flags and redefine them to what the
originally are: INET_DIAG_*.
Also deprecated idiagnl_attrs2str() because there is already
idiagnl_exts2str(). idiagnl_attrs2str() in the sense of libnl change
flags (ce_mask) makes no sense.
Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Cong Wang [Mon, 27 Oct 2014 16:50:17 +0000 (09:50 -0700)]
idiag: add a copy of linux/sock_diag.h
When we test idiag on 3.4 kernel, we always get ERANGE.
This is because libnl has its own copy for SK_MEMINFO_*,
which is actually newer than 3.4, where SK_MEMINFO_VARS
is larger than kernel's.
We add a copy from latest kernel, so on older kernel
libnl should still compile. Note, for kernel < 3.6
we don't have SK_MEMINFO_BACKLOG, we have to relax
the minlen.
Cong Wang [Thu, 20 Nov 2014 20:26:01 +0000 (12:26 -0800)]
idiag: provide a hash function for idiag objects
Without ->oo_keygen, libnl will use linear search
for cache objects. This is extremely slow for idiag
when we have a lot of TCP connections. Provide a
hash function for idiag so that libnl will be able
to lookup a hashtable.
Cc: Thomas Graf <tgraf@suug.ch> Cc: Thomas Haller <thaller@redhat.com> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
The cache pickup does a check for duplicates for some time now.
However, the pickup in nl_cache_refill() explicitely clears the
cache, so the pickup doesn't need to actually do the dupe check,
as uniqueness is already guaranteed be Netlink subsystem.
And avoiding the dup check is beneficitial for performance
reasons, as the current algorithm is O(n^2).
Thomas Haller [Mon, 18 Aug 2014 13:24:30 +0000 (15:24 +0200)]
link: fix memory leaks due to repeated calls to .io_alloc()
All the io_alloc() implementation unconditionally allocated
new memory, thus leaking memory if called more then once.
Fix io_alloc() implementations not to allocate new memory
if not needed.
This happens for example in link_msg_parser() which first
calls rtnl_link_set_type():
#0 macvlan_alloc (link=0x609d50) at route/link/macvlan.c:56
#1 0x00007ffff7b99a78 in rtnl_link_set_type (link=link@entry=0x609d50, type=type@entry=0x609a94 "macvlan") at route/link.c:2233
#2 0x00007ffff7b99c28 in link_msg_parser (ops=<optimized out>, who=<optimized out>, n=<optimized out>, pp=0x7fffffffd870) at route/link.c:547
#3 0x00007ffff7dea109 in nl_cache_parse (ops=0x7ffff7dd8600 <rtnl_link_ops>, who=0x603338, nlh=0x6098a0, params=0x7fffffffd870) at cache.c:914
#4 0x00007ffff7dea15b in update_msg_parser (msg=<optimized out>, arg=<optimized out>) at cache.c:668
#5 0x00007ffff7def7bf in nl_cb_call (msg=<optimized out>, type=<optimized out>, cb=<optimized out>) at ../include/netlink-private/netlink.h:142
#6 recvmsgs (cb=0x6057a0, sk=0x6034c0) at nl.c:952
#7 nl_recvmsgs_report (sk=sk@entry=0x6034c0, cb=cb@entry=0x6057a0) at nl.c:1003
#8 0x00007ffff7defb79 in nl_recvmsgs (sk=sk@entry=0x6034c0, cb=cb@entry=0x6057a0) at nl.c:1027
#9 0x00007ffff7de9668 in __cache_pickup (sk=0x6034c0, cache=0x603510, param=param@entry=0x7fffffffd870) at cache.c:701
#10 0x00007ffff7dea08d in nl_cache_pickup (sk=<optimized out>, cache=<optimized out>) at cache.c:753
#11 0x0000000000400d56 in main ()
and later ops->io_parse():
#0 macvlan_alloc (link=0x609d50) at route/link/macvlan.c:56
#1 0x00007ffff7baae9d in macvlan_parse (link=0x609d50, data=<optimized out>, xstats=<optimized out>) at route/link/macvlan.c:79
#2 0x00007ffff7b99c80 in link_msg_parser (ops=<optimized out>, who=<optimized out>, n=<optimized out>, pp=0x7fffffffd870) at route/link.c:567
#3 0x00007ffff7dea109 in nl_cache_parse (ops=0x7ffff7dd8600 <rtnl_link_ops>, who=0x603338, nlh=0x6098a0, params=0x7fffffffd870) at cache.c:914
#4 0x00007ffff7dea15b in update_msg_parser (msg=<optimized out>, arg=<optimized out>) at cache.c:668
#5 0x00007ffff7def7bf in nl_cb_call (msg=<optimized out>, type=<optimized out>, cb=<optimized out>) at ../include/netlink-private/netlink.h:142
#6 recvmsgs (cb=0x6057a0, sk=0x6034c0) at nl.c:952
#7 nl_recvmsgs_report (sk=sk@entry=0x6034c0, cb=cb@entry=0x6057a0) at nl.c:1003
#8 0x00007ffff7defb79 in nl_recvmsgs (sk=sk@entry=0x6034c0, cb=cb@entry=0x6057a0) at nl.c:1027
#9 0x00007ffff7de9668 in __cache_pickup (sk=0x6034c0, cache=0x603510, param=param@entry=0x7fffffffd870) at cache.c:701
#10 0x00007ffff7dea08d in nl_cache_pickup (sk=<optimized out>, cache=<optimized out>) at cache.c:753
#11 0x0000000000400d56 in main ()
Thomas Haller [Wed, 24 Sep 2014 05:49:34 +0000 (07:49 +0200)]
build: move copy of linux headers to private directory
libnl3 contains a private copy of some kernel header files.
Normally, users are expected to install libnl and specify
-I$PREFIX/include/libnl3 as include path. As the private kernel
header files are not installed, this works fine.
However, it can be convenient to build against the libnl source
directory, without installing libnl. In this case, the private kernel
header files shaddow the system provided ones. This is undesired.
Move these files to a different directory to avoid this clash.
Nicolas PLANEL [Tue, 26 Aug 2014 15:43:49 +0000 (11:43 -0400)]
cls: check data before memcpy() it
[thaller@redhat.com: I modified the condition "if (data && len)"
in the original patch to just check "len > 0".
Note that all call sites of meta_alloc() make sure to pass a
valid data pointer with a non-zero length (anything else would
be a bug). But indeed, calling memcpy with invalid src pointer
is undefined behavior, even if len is zero.]
projects / libnl / log