| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
https://github.com/thom311/libnl/pull/409
|
| |
|
|
| |
Add support for the IFLA_BR_MULTI_BOOLOPT bridge link attribute.
|
| |
|
|
|
|
|
|
| |
Add support for the following attributes for bridge links:
IFLA_BR_STP_STATE
IFLA_BR_MCAST_ROUTER
IFLA_BR_MCAST_SNOOPING
|
| |
|
|
|
|
| |
There are bridge info setter functions for nf_call_iptables,
nf_call_ip6tables and nf_call_arptables, but no corresponding getter
functions, so add them.
|
| |
|
|
|
|
|
|
|
|
| |
The amount of flags that could be stored in the ndm_flags field of ndmsg
was limited to 8, so the kernel introduced a new attribute so more flags
could be represented in netlink messages.
Add support for the extended neighbour flags.
https://github.com/thom311/libnl/pull/405
|
| |
|
|
| |
https://github.com/thom311/libnl/pull/404
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for the following bridge flags:
IFLA_BRPORT_PROXYARP
IFLA_BRPORT_PROXYARP_WIFI
IFLA_BRPORT_MCAST_FLOOD
IFLA_BRPORT_MCAST_TO_UCAST
IFLA_BRPORT_VLAN_TUNNEL
IFLA_BRPORT_BCAST_FLOOD
IFLA_BRPORT_NEIGH_SUPPRESS
IFLA_BRPORT_ISOLATED
IFLA_BRPORT_LOCKED
IFLA_BRPORT_MAB
IFLA_BRPORT_NEIGH_VLAN_SUPPRESS
https://github.com/thom311/libnl/pull/403
|
| | |
|
| |
|
|
|
|
|
|
| |
Analogue to the change for cache_include(), use the new helper for
nl_objects and initialize old to NULL since we do not use it for other
messages than XFRM_MSG_EXPIRE.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
|
|
|
| |
Use the new _nl_auto_nl_object helper for cache where appropriate. Make
sure to initialze *old to NULL in cache_include() as we do not
initialize it in the error path for unknown actions.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
|
|
| |
Now that we can compare and clone, we can implement parsing bond type
links. Add parsing for all supported types.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
|
| |
Implement comparing two bond links to know if their attributes changed.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
|
|
| |
Implement the missing rtnl_link_info_ops::io_clone(), so that cloning a
bond link will retain its data.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
|
|
| |
In preparation of parsing bond link attributes, add getters for all
supported attributes.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
|
| |
rename bn_mask to ce_mask to allow the use of attr macros.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Calling release_link_info() will call io_free() for rtnl_link::l_info
was allocated just a few lines before as a side effect of
rtnl_link_set_type().
Apart from doing needless memory churn, this will also leave the link
with l_info set to NULL if the link type does not provide a io_parse()
function.
Assuming the memory leak mentioned in bfee88b8b0a9 ("route: fix memory
leak of l_info_ops in link_msg_parser()") was a double reference taken
by calling rtnl_link_info_ops_lookup() twice, once via
rtnl_link_set_type(), and once directly, replace the lookup() /
release() lookup() with a single lookup() and then reuse the populated
rtnl_link::l_info_ops pointer.
Fixes: bfee88b8b0a9 ("route: fix memory leak of l_info_ops in link_msg_parser()")
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
https://github.com/thom311/libnl/pull/396
|
| |
|
|
|
|
|
|
|
| |
The NLA_{UINT|SINT} attributes are introduced for variable-length
integers, whose length are 32bits or 64bits.
So add appropriate functions to get or put NLA_{UINT|SINT} attributes.
Signed-off-by: Wen Gu <guwen@linux.alibaba.com>
|
| |
|
|
|
|
|
|
|
| |
The NLA_{SINT|UINT} were introduced to kernel (see [1]). So add the
corresponding enum value to attr.h.
[1] https://lore.kernel.org/r/20231018213921.2694459-3-kuba@kernel.org/
Signed-off-by: Wen Gu <guwen@linux.alibaba.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On some systems, the clock is reset, or is lost, so the value returned
by the time function can be a very small value. In that case, the
_badrandom_from_time function returns a large value close to the
maximum unsigned int value for s_seq_next. This can lead to the value
wrapping around fairly quickly.
When compiling the library with the unsigned-integer-overflow sanitizer
enabled, this causes an abort.
Detect this potential wrap around condition and avoid it.
https://github.com/thom311/libnl/pull/395
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Don't define _GNU_SOURCE on the command line. Instead, use
AC_USE_SYSTEM_EXTENSIONS which embeds it in "include/config.h".
Also, fix flex files to ensure "include/config.h" is included as first,
and that we get _GNU_SOURCE defined before including anything else. This
is achieved by include "include/nl-default.h" as %top{}.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Optimally, ./configure defines things in include/config.h. However,
that does not work well with defines that contain path names (see [1]).
Continue to use "-D" command line option. However, factor out the
definition to one place.
Also, rename from SYSCONFDIR to _NL_SYSCONFDIR_LIBNL.
Note that "src_lib_libnl_cli_3_la_CPPFLAGS" defined to
-DSYSCONFDIR=\"$(sysconfdir)\", without the "libnl" subdirectory. In
this case, the define was never used. The change doesn't matter.
[1] https://www.gnu.org/software/autoconf/manual/autoconf-2.63/html_node/Installation-Directory-Variables.html
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nla_len() has no valid reason to fail or return a negative number.
Callers are not allowed to call this on an invalid structure. They
usually would call nla_validate() first.
However, as it returns a signed "int", coverity assumes that in some
cases the value could be negative. That results in coverity warning like
Error: INTEGER_OVERFLOW (CWE-190):
libnl-3.9.0/lib/route/nh.c:339: tainted_data_return: Called function "nla_len(tb[NHA_GROUP])", and a possible return value may be less than zero.
libnl-3.9.0/lib/route/nh.c:339: cast_underflow: An assign of a possibly negative number to an unsigned type, which might trigger an underflow.
libnl-3.9.0/lib/route/nh.c:340: overflow: The expression "len / 8UL" is deemed underflowed because at least one of its arguments has underflowed.
libnl-3.9.0/lib/route/nh.c:340: cast_overflow: An assign that casts to a different type, which might trigger an overflow.
libnl-3.9.0/lib/route/nh.c:342: overflow_sink: "size", which might have underflowed, is passed to "rtnl_nh_grp_info(size, (struct nexthop_grp const *)data, &nh_group)".
# 340| size = len / sizeof(struct nexthop_grp);
# 341|
# 342|-> err = rtnl_nh_grp_info(size, (const struct nexthop_grp *)data,
# 343| &nh_group);
# 344| if (err < 0) {
Add an internal _nla_len() with an API that clearly cannot return
negative values. Also, add _nl_assert() which in debug builds do some
consistency checks on the argument.
https://issues.redhat.com/browse/RHEL-34299
|
| |
|
|
|
|
|
|
|
| |
RTA_VIA is a RTA_GATEWAY with added address family, so we should treat
them them equivalent for guessing the scope.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
https://github.com/thom311/libnl/pull/389
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Route priority is part of the hash key calculation, but the debug print
omitted it. This could cause seemingly identical values have different
hash values.
Fix this by also printing the route priority, and reformat according to
clang-format.
Before:
DBG<5>lib/route/route_obj.c:378 route_keygen: route 0x55fd326f7d50 key (fam 10 tos 0 table 254 addr fe80::/64) keysz 26 hash 0x18c
DBG<5>lib/route/route_obj.c:378 route_keygen: route 0x55fd326f7fa0 key (fam 10 tos 0 table 254 addr fe80::/64) keysz 26 hash 0x278
After:
DBG<5>lib/route/route_obj.c:378 route_keygen: route 0x558cfde91d50 key (fam 10 tos 0 table 254 prio 256 addr fe80::/64) keysz 26 hash 0x18c
DBG<5>lib/route/route_obj.c:378 route_keygen: route 0x558cfde91fa0 key (fam 10 tos 0 table 254 prio 1024 addr fe80::/64) keysz 26 hash 0x278
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
https://github.com/thom311/libnl/pull/388
|
| |
|
|
|
|
|
|
| |
rtnl_route_get_nexthops() returns the list of nexthops, but that is not
usable without access to the rtnh_list field.
We want to use that from tests. Move to another header (but still not
public API).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Routes may reference a nexthop (group) via the new nexthop API by its
ID, so add accessors for setting and getting it.
Referencing a nexthop is mutually exclusive to specifiying nexthops in
the route, so make sure we do not do that when creating netlink
messages (which may exist both, since netlink messages from the kernel
contain both unless 'nexthop_compat_mode' is disabled).
$ ip -6 r
2001:db8:3::/64 nhid 20 metric 1024 pref medium
nexthop via 2001:db8:1::2 dev v0 weight 1
nexthop via 2001:db8:2::2 dev v1 weight 1
Before:
$ nl-route-list
inet6 2001:db8:3::/64 table main type unicast via 2001:db8:1::2 dev v0 via 2001:db8:2::2 dev v1
After:
$ nl-route-list
inet6 2001:db8:3::/64 table main type unicast nhid 20 via 2001:db8:1::2 dev v0 via 2001:db8:2::2 dev v1
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
https://github.com/thom311/libnl/pull/386
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a route is created while the interface has no link, we get a
notification with the route and the nexthop having the flag LINKDOWN.
If the interface later gets a link, we do not get a route notification
about it, so the route and nexthop stay at LINKDOWN in the libnl cache.
If the route then gets removed again, the to be removed route will not
have the LINKDOWN flag anymore, which then can break comparison of the
nexthop(s).
So use the new nexthop identical helper to avoid this scenario.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not all attributes of a nexthop are id attributes, e.g. the flags will
contain state (LINKDOWN, DEAD) of the attached link about which the
kernel will not send route updates.
Likewise, the weight may not exist when processing an ECMP IPv6 route
update which only contains a single nexthop.
Since rtnl_nexthop isn't a first class cache object, we cannot use
nl_object_identical(), so add a separate identical helper function which
compares only fixed attributes.
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
|
| |
|
|
|
| |
Fix the capability numbers for the next few releases already. While not
yet in use, the number is reserved and stable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the kernel sends a ECMP route update with just the deleted nexthop,
the nexthop will have no associated weight, and its flags may indicate
that it is dead:
route_update: RTM_DELROUTE
new route:
inet6 default table main type unicast <DEAD,>
scope global priority 0x400 protocol 0x9
nexthop via fe80::b226:28ff:fe62:8841 dev port4 <dead,>
old route:
inet6 default table main type unicast
scope global priority 0x400 protocol 0x9
nexthop via fe80::b226:28ff:fe62:8841 dev port4 weight 0 <>
nexthop via fe80::fa8e:a1ff:fee0:8344 dev port49 weight 0 <>
nexthop via fe80::b226:28ff:fe62:d400 dev port3 weight 0 <>
nexthop via fe80::fa8e:a1ff:fee0:8349 dev port54 weight 0 <>
Since we are comparing the nexthops strictly with all attributes, we can
never match the deleted nexthop. This causes libnl to fail to remove the
deleted nexthop from the route, and consequently send out a nop-update
and a desync of the route in the cache and in the kernel.
Fix this by ignoring NH_ATTR_FLAGS (0x1) and NH_ATTR_WEIGHT (0x2) when
comparing nexthops to properly match the deleted one.
Fixes: 29b71371e764 ("route cache: Fix handling of ipv6 multipath routes")
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
https://github.com/thom311/libnl/pull/382
|
| |
|
|
| |
No "goto errout".
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- mngr->cm_flags must be set together when assigning the socket.
Otherwise, a `goto errout` in the middle will cause a leak.
- normalize the flags variable to not contain unexpected values.
- NL_ALLOCATED_SYNC_SOCK is private API. No need to expose that to
public headers.
Fixes: 1dbdc30a6b9f ('cache: allow to allocate cache manager with custom refill socket')
|
| |
|
|
|
|
|
|
|
|
|
| |
Cache managers use two sockets: one for cache refill operation,
and another one for notifications.
In order to simulate NETLINK events by reading data from files,
we need to be able to overwrite callbacks for both sockets.
This new function allows us to set up refill socket any way we want.
It does have requirement that the refill socket be blocking.
|
| |
|
|
|
|
|
|
|
|
|
| |
rtnl_netem_set_delay_distribution()
CC lib/route/qdisc/libnl_route_3_la-netem.lo
lib/route/qdisc/netem.c: In function 'rtnl_netem_set_delay_distribution':
lib/route/qdisc/netem.c:975:39: error: 'calloc' sizes specified with 'sizeof' in the earlier argument and not in the later argument [-Werror=calloc-transposed-args]
975 | line = (char *) calloc(sizeof(char), len + 1);
| ^~~~
lib/route/qdisc/netem.c:975:39: note: earlier argument should specify number of elements, later size of each element
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When calling the callback v2 for objects that were updated, we pass the
update ("obj") instead of the updated object ("old") as new.
Presumably this wasn't intended, so pass the updated object as new.
This avoids weird updates where the new object is significantly smaller
than the old one. E.g. for IPv6 multipath route updates, old would be
the full route with all nexthops, while new would be a partial route
with only the added/removed nexthop.
Fixes: 66d032ad443a ("cache_mngr: add include callback v2")
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
https://github.com/thom311/libnl/pull/381
|
| |
|
|
|
|
| |
n needs to be uint32_t to fit left shift by 22 bits
https://github.com/thom311/libnl/pull/379
|
| |
|
|
|
|
|
|
|
|
|
| |
Otherwise, whether libnl-3.so exports nl_debug_dp depends on NL_DEBUG.
That is ugly. It also breaks the linker checking the symbol versioning
file with the "--no-undefined-version" flag.
Instead, always define it. It's small anyway.
Reported-by: lch361 <lch361@skiff.com>
See-also: https://github.com/thom311/libnl/pull/375
|
| |
|
|
|
|
|
|
|
|
| |
Conditionally defining to nothing, means that the compiler doesn't see
the print statement without NL_DEBUG. In turn, we lack checking of the
statement by the compiler.
Instead, add an "if (NL_DEBUG)" around it. Since NL_DEBUG is a constant, the
compiler will optimize out all the code of the statement, while still
checking it.
|
| |
|
|
|
|
|
|
|
|
| |
Checking conditional defines with #ifdef is error prone because we don't
get a compiler warning when the define wrongly is missing.
Instead, always define it to either 0 or 1.
The benefit is also that now we can use NL_DEBUG in C (not only in the
preprocessor).
|
| |
|
|
| |
We have those defines. Use them throughout.
|
| |
|
|
|
|
|
|
|
|
|
| |
For building all of our source files, we should include first
"config.h". This ensures that we have for example NL_DEBUG available.
Actually, "config.h" is included by "nl-default.h". In turn this means,
all our source files should first include "nl-default.h", which drags in
a set of default headers.
Fix the lex/yacc files for that.
|
| |
|
|
| |
https://github.com/thom311/libnl/pull/373
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
https://github.com/thom311/libnl/issues/370
https://github.com/thom311/libnl/pull/371
|
