diff options
Diffstat (limited to '')
19 files changed, 8856 insertions, 0 deletions
diff --git a/src/libsystemd/sd-netlink/netlink-genl.c b/src/libsystemd/sd-netlink/netlink-genl.c new file mode 100644 index 0000000..1dc62e8 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-genl.c @@ -0,0 +1,488 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <linux/genetlink.h> + +#include "sd-netlink.h" + +#include "alloc-util.h" +#include "netlink-genl.h" +#include "netlink-internal.h" +#include "netlink-types.h" + +typedef struct GenericNetlinkFamily { + sd_netlink *genl; + + const NLAPolicySet *policy_set; + + uint16_t id; /* a.k.a nlmsg_type */ + char *name; + uint32_t version; + uint32_t additional_header_size; + Hashmap *multicast_group_by_name; +} GenericNetlinkFamily; + +static const GenericNetlinkFamily nlctrl_static = { + .id = GENL_ID_CTRL, + .name = (char*) CTRL_GENL_NAME, + .version = 0x01, +}; + +static GenericNetlinkFamily *genl_family_free(GenericNetlinkFamily *f) { + if (!f) + return NULL; + + if (f->genl) { + if (f->id > 0) + hashmap_remove(f->genl->genl_family_by_id, UINT_TO_PTR(f->id)); + if (f->name) + hashmap_remove(f->genl->genl_family_by_name, f->name); + } + + free(f->name); + hashmap_free(f->multicast_group_by_name); + + return mfree(f); +} + +DEFINE_TRIVIAL_CLEANUP_FUNC(GenericNetlinkFamily*, genl_family_free); + +void genl_clear_family(sd_netlink *nl) { + assert(nl); + + nl->genl_family_by_name = hashmap_free_with_destructor(nl->genl_family_by_name, genl_family_free); + nl->genl_family_by_id = hashmap_free_with_destructor(nl->genl_family_by_id, genl_family_free); +} + +static int genl_family_new_unsupported( + sd_netlink *nl, + const char *family_name, + const NLAPolicySet *policy_set) { + + _cleanup_(genl_family_freep) GenericNetlinkFamily *f = NULL; + int r; + + assert(nl); + assert(family_name); + assert(policy_set); + + /* Kernel does not support the genl family? To prevent from resolving the family name again, + * let's store the family with zero id to indicate that. */ + + f = new(GenericNetlinkFamily, 1); + if (!f) + return -ENOMEM; + + *f = (GenericNetlinkFamily) { + .policy_set = policy_set, + }; + + f->name = strdup(family_name); + if (!f->name) + return -ENOMEM; + + r = hashmap_ensure_put(&nl->genl_family_by_name, &string_hash_ops, f->name, f); + if (r < 0) + return r; + + f->genl = nl; + TAKE_PTR(f); + return 0; +} + +static int genl_family_new( + sd_netlink *nl, + const char *expected_family_name, + const NLAPolicySet *policy_set, + sd_netlink_message *message, + const GenericNetlinkFamily **ret) { + + _cleanup_(genl_family_freep) GenericNetlinkFamily *f = NULL; + const char *family_name; + uint8_t cmd; + int r; + + assert(nl); + assert(expected_family_name); + assert(policy_set); + assert(message); + assert(ret); + + f = new(GenericNetlinkFamily, 1); + if (!f) + return -ENOMEM; + + *f = (GenericNetlinkFamily) { + .policy_set = policy_set, + }; + + r = sd_genl_message_get_family_name(nl, message, &family_name); + if (r < 0) + return r; + + if (!streq(family_name, CTRL_GENL_NAME)) + return -EINVAL; + + r = sd_genl_message_get_command(nl, message, &cmd); + if (r < 0) + return r; + + if (cmd != CTRL_CMD_NEWFAMILY) + return -EINVAL; + + r = sd_netlink_message_read_u16(message, CTRL_ATTR_FAMILY_ID, &f->id); + if (r < 0) + return r; + + r = sd_netlink_message_read_string_strdup(message, CTRL_ATTR_FAMILY_NAME, &f->name); + if (r < 0) + return r; + + if (!streq(f->name, expected_family_name)) + return -EINVAL; + + r = sd_netlink_message_read_u32(message, CTRL_ATTR_VERSION, &f->version); + if (r < 0) + return r; + + r = sd_netlink_message_read_u32(message, CTRL_ATTR_HDRSIZE, &f->additional_header_size); + if (r < 0) + return r; + + r = sd_netlink_message_enter_container(message, CTRL_ATTR_MCAST_GROUPS); + if (r >= 0) { + for (uint16_t i = 0; i < UINT16_MAX; i++) { + _cleanup_free_ char *group_name = NULL; + uint32_t group_id; + + r = sd_netlink_message_enter_array(message, i + 1); + if (r == -ENODATA) + break; + if (r < 0) + return r; + + r = sd_netlink_message_read_u32(message, CTRL_ATTR_MCAST_GRP_ID, &group_id); + if (r < 0) + return r; + + r = sd_netlink_message_read_string_strdup(message, CTRL_ATTR_MCAST_GRP_NAME, &group_name); + if (r < 0) + return r; + + r = sd_netlink_message_exit_container(message); + if (r < 0) + return r; + + if (group_id == 0) { + log_debug("sd-netlink: received multicast group '%s' for generic netlink family '%s' with id == 0, ignoring", + group_name, f->name); + continue; + } + + r = hashmap_ensure_put(&f->multicast_group_by_name, &string_hash_ops_free, group_name, UINT32_TO_PTR(group_id)); + if (r < 0) + return r; + + TAKE_PTR(group_name); + } + + r = sd_netlink_message_exit_container(message); + if (r < 0) + return r; + } + + r = hashmap_ensure_put(&nl->genl_family_by_id, NULL, UINT_TO_PTR(f->id), f); + if (r < 0) + return r; + + r = hashmap_ensure_put(&nl->genl_family_by_name, &string_hash_ops, f->name, f); + if (r < 0) { + hashmap_remove(nl->genl_family_by_id, UINT_TO_PTR(f->id)); + return r; + } + + f->genl = nl; + *ret = TAKE_PTR(f); + return 0; +} + +static const NLAPolicySet *genl_family_get_policy_set(const GenericNetlinkFamily *family) { + assert(family); + + if (family->policy_set) + return family->policy_set; + + return genl_get_policy_set_by_name(family->name); +} + +static int genl_message_new( + sd_netlink *nl, + const GenericNetlinkFamily *family, + uint8_t cmd, + sd_netlink_message **ret) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + const NLAPolicySet *policy_set; + int r; + + assert(nl); + assert(nl->protocol == NETLINK_GENERIC); + assert(family); + assert(ret); + + policy_set = genl_family_get_policy_set(family); + if (!policy_set) + return -EOPNOTSUPP; + + r = message_new_full(nl, family->id, policy_set, + sizeof(struct genlmsghdr) + family->additional_header_size, &m); + if (r < 0) + return r; + + *(struct genlmsghdr *) NLMSG_DATA(m->hdr) = (struct genlmsghdr) { + .cmd = cmd, + .version = family->version, + }; + + *ret = TAKE_PTR(m); + return 0; +} + +static int genl_family_get_by_name_internal( + sd_netlink *nl, + const GenericNetlinkFamily *ctrl, + const char *name, + const GenericNetlinkFamily **ret) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL; + const NLAPolicySet *policy_set; + int r; + + assert(nl); + assert(nl->protocol == NETLINK_GENERIC); + assert(ctrl); + assert(name); + assert(ret); + + policy_set = genl_get_policy_set_by_name(name); + if (!policy_set) + return -EOPNOTSUPP; + + r = genl_message_new(nl, ctrl, CTRL_CMD_GETFAMILY, &req); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(req, CTRL_ATTR_FAMILY_NAME, name); + if (r < 0) + return r; + + if (sd_netlink_call(nl, req, 0, &reply) < 0) { + (void) genl_family_new_unsupported(nl, name, policy_set); + return -EOPNOTSUPP; + } + + return genl_family_new(nl, name, policy_set, reply, ret); +} + +static int genl_family_get_by_name(sd_netlink *nl, const char *name, const GenericNetlinkFamily **ret) { + const GenericNetlinkFamily *f, *ctrl; + int r; + + assert(nl); + assert(nl->protocol == NETLINK_GENERIC); + assert(name); + assert(ret); + + f = hashmap_get(nl->genl_family_by_name, name); + if (f) { + if (f->id == 0) /* kernel does not support the family. */ + return -EOPNOTSUPP; + + *ret = f; + return 0; + } + + if (streq(name, CTRL_GENL_NAME)) + return genl_family_get_by_name_internal(nl, &nlctrl_static, CTRL_GENL_NAME, ret); + + ctrl = hashmap_get(nl->genl_family_by_name, CTRL_GENL_NAME); + if (!ctrl) { + r = genl_family_get_by_name_internal(nl, &nlctrl_static, CTRL_GENL_NAME, &ctrl); + if (r < 0) + return r; + } + + return genl_family_get_by_name_internal(nl, ctrl, name, ret); +} + +static int genl_family_get_by_id(sd_netlink *nl, uint16_t id, const GenericNetlinkFamily **ret) { + const GenericNetlinkFamily *f; + + assert(nl); + assert(nl->protocol == NETLINK_GENERIC); + assert(ret); + + f = hashmap_get(nl->genl_family_by_id, UINT_TO_PTR(id)); + if (f) { + *ret = f; + return 0; + } + + if (id == GENL_ID_CTRL) { + *ret = &nlctrl_static; + return 0; + } + + return -ENOENT; +} + +int genl_get_policy_set_and_header_size( + sd_netlink *nl, + uint16_t id, + const NLAPolicySet **ret_policy_set, + size_t *ret_header_size) { + + const GenericNetlinkFamily *f; + int r; + + assert(nl); + assert(nl->protocol == NETLINK_GENERIC); + + r = genl_family_get_by_id(nl, id, &f); + if (r < 0) + return r; + + if (ret_policy_set) { + const NLAPolicySet *p; + + p = genl_family_get_policy_set(f); + if (!p) + return -EOPNOTSUPP; + + *ret_policy_set = p; + } + if (ret_header_size) + *ret_header_size = sizeof(struct genlmsghdr) + f->additional_header_size; + return 0; +} + +int sd_genl_message_new(sd_netlink *nl, const char *family_name, uint8_t cmd, sd_netlink_message **ret) { + const GenericNetlinkFamily *family; + int r; + + assert_return(nl, -EINVAL); + assert_return(nl->protocol == NETLINK_GENERIC, -EINVAL); + assert_return(family_name, -EINVAL); + assert_return(ret, -EINVAL); + + r = genl_family_get_by_name(nl, family_name, &family); + if (r < 0) + return r; + + return genl_message_new(nl, family, cmd, ret); +} + +int sd_genl_message_get_family_name(sd_netlink *nl, sd_netlink_message *m, const char **ret) { + const GenericNetlinkFamily *family; + uint16_t nlmsg_type; + int r; + + assert_return(nl, -EINVAL); + assert_return(nl->protocol == NETLINK_GENERIC, -EINVAL); + assert_return(m, -EINVAL); + assert_return(ret, -EINVAL); + + r = sd_netlink_message_get_type(m, &nlmsg_type); + if (r < 0) + return r; + + r = genl_family_get_by_id(nl, nlmsg_type, &family); + if (r < 0) + return r; + + *ret = family->name; + return 0; +} + +int sd_genl_message_get_command(sd_netlink *nl, sd_netlink_message *m, uint8_t *ret) { + struct genlmsghdr *h; + uint16_t nlmsg_type; + size_t size; + int r; + + assert_return(nl, -EINVAL); + assert_return(nl->protocol == NETLINK_GENERIC, -EINVAL); + assert_return(m, -EINVAL); + assert_return(m->protocol == NETLINK_GENERIC, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(ret, -EINVAL); + + r = sd_netlink_message_get_type(m, &nlmsg_type); + if (r < 0) + return r; + + r = genl_get_policy_set_and_header_size(nl, nlmsg_type, NULL, &size); + if (r < 0) + return r; + + if (m->hdr->nlmsg_len < NLMSG_LENGTH(size)) + return -EBADMSG; + + h = NLMSG_DATA(m->hdr); + + *ret = h->cmd; + return 0; +} + +static int genl_family_get_multicast_group_id_by_name(const GenericNetlinkFamily *f, const char *name, uint32_t *ret) { + void *p; + + assert(f); + assert(name); + + p = hashmap_get(f->multicast_group_by_name, name); + if (!p) + return -ENOENT; + + if (ret) + *ret = PTR_TO_UINT32(p); + return 0; +} + +int sd_genl_add_match( + sd_netlink *nl, + sd_netlink_slot **ret_slot, + const char *family_name, + const char *multicast_group_name, + uint8_t command, + sd_netlink_message_handler_t callback, + sd_netlink_destroy_t destroy_callback, + void *userdata, + const char *description) { + + const GenericNetlinkFamily *f; + uint32_t multicast_group_id; + int r; + + assert_return(nl, -EINVAL); + assert_return(nl->protocol == NETLINK_GENERIC, -EINVAL); + assert_return(callback, -EINVAL); + assert_return(family_name, -EINVAL); + assert_return(multicast_group_name, -EINVAL); + + /* If command == 0, then all commands belonging to the multicast group trigger the callback. */ + + r = genl_family_get_by_name(nl, family_name, &f); + if (r < 0) + return r; + + r = genl_family_get_multicast_group_id_by_name(f, multicast_group_name, &multicast_group_id); + if (r < 0) + return r; + + return netlink_add_match_internal(nl, ret_slot, &multicast_group_id, 1, f->id, command, + callback, destroy_callback, userdata, description); +} + +int sd_genl_socket_open(sd_netlink **ret) { + return netlink_open_family(ret, NETLINK_GENERIC); +} diff --git a/src/libsystemd/sd-netlink/netlink-genl.h b/src/libsystemd/sd-netlink/netlink-genl.h new file mode 100644 index 0000000..b06be05 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-genl.h @@ -0,0 +1,8 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include "sd-netlink.h" + +#define CTRL_GENL_NAME "nlctrl" + +void genl_clear_family(sd_netlink *nl); diff --git a/src/libsystemd/sd-netlink/netlink-internal.h b/src/libsystemd/sd-netlink/netlink-internal.h new file mode 100644 index 0000000..514f225 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-internal.h @@ -0,0 +1,213 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include <linux/netlink.h> + +#include "sd-netlink.h" + +#include "list.h" +#include "netlink-types.h" +#include "prioq.h" +#include "time-util.h" + +#define NETLINK_DEFAULT_TIMEOUT_USEC ((usec_t) (25 * USEC_PER_SEC)) + +#define NETLINK_RQUEUE_MAX 64*1024 + +#define NETLINK_CONTAINER_DEPTH 32 + +struct reply_callback { + sd_netlink_message_handler_t callback; + usec_t timeout; + uint32_t serial; + unsigned prioq_idx; +}; + +struct match_callback { + sd_netlink_message_handler_t callback; + uint32_t *groups; + size_t n_groups; + uint16_t type; + uint8_t cmd; /* used by genl */ + + LIST_FIELDS(struct match_callback, match_callbacks); +}; + +typedef enum NetlinkSlotType { + NETLINK_REPLY_CALLBACK, + NETLINK_MATCH_CALLBACK, + _NETLINK_SLOT_INVALID = -EINVAL, +} NetlinkSlotType; + +struct sd_netlink_slot { + unsigned n_ref; + NetlinkSlotType type:8; + bool floating; + sd_netlink *netlink; + void *userdata; + sd_netlink_destroy_t destroy_callback; + + char *description; + + LIST_FIELDS(sd_netlink_slot, slots); + + union { + struct reply_callback reply_callback; + struct match_callback match_callback; + }; +}; + +struct sd_netlink { + unsigned n_ref; + + int fd; + + union { + struct sockaddr sa; + struct sockaddr_nl nl; + } sockaddr; + + int protocol; + + Hashmap *broadcast_group_refs; + bool broadcast_group_dont_leave:1; /* until we can rely on 4.2 */ + + sd_netlink_message **rqueue; + unsigned rqueue_size; + + sd_netlink_message **rqueue_partial; + unsigned rqueue_partial_size; + + struct nlmsghdr *rbuffer; + + bool processing:1; + + uint32_t serial; + + struct Prioq *reply_callbacks_prioq; + Hashmap *reply_callbacks; + + LIST_HEAD(struct match_callback, match_callbacks); + + LIST_HEAD(sd_netlink_slot, slots); + + pid_t original_pid; + + sd_event_source *io_event_source; + sd_event_source *time_event_source; + sd_event_source *exit_event_source; + sd_event *event; + + Hashmap *genl_family_by_name; + Hashmap *genl_family_by_id; +}; + +struct netlink_attribute { + size_t offset; /* offset from hdr to attribute */ + bool nested:1; + bool net_byteorder:1; +}; + +struct netlink_container { + const struct NLAPolicySet *policy_set; /* the policy set of the container */ + size_t offset; /* offset from hdr to the start of the container */ + struct netlink_attribute *attributes; + uint16_t max_attribute; /* the maximum attribute in container */ +}; + +struct sd_netlink_message { + unsigned n_ref; + + int protocol; + + struct nlmsghdr *hdr; + struct netlink_container containers[NETLINK_CONTAINER_DEPTH]; + unsigned n_containers; /* number of containers */ + uint32_t multicast_group; + bool sealed:1; + + sd_netlink_message *next; /* next in a chain of multi-part messages */ +}; + +int message_new_empty(sd_netlink *nl, sd_netlink_message **ret); +int message_new_full( + sd_netlink *nl, + uint16_t nlmsg_type, + const NLAPolicySet *policy_set, + size_t header_size, + sd_netlink_message **ret); +int message_new(sd_netlink *nl, sd_netlink_message **ret, uint16_t type); +int message_new_synthetic_error(sd_netlink *nl, int error, uint32_t serial, sd_netlink_message **ret); + +static inline uint32_t message_get_serial(sd_netlink_message *m) { + assert(m); + return ASSERT_PTR(m->hdr)->nlmsg_seq; +} + +void message_seal(sd_netlink_message *m); + +int netlink_open_family(sd_netlink **ret, int family); +bool netlink_pid_changed(sd_netlink *nl); +int netlink_rqueue_make_room(sd_netlink *nl); +int netlink_rqueue_partial_make_room(sd_netlink *nl); + +int socket_bind(sd_netlink *nl); +int socket_broadcast_group_ref(sd_netlink *nl, unsigned group); +int socket_broadcast_group_unref(sd_netlink *nl, unsigned group); +int socket_write_message(sd_netlink *nl, sd_netlink_message *m); +int socket_read_message(sd_netlink *nl); + +int netlink_add_match_internal( + sd_netlink *nl, + sd_netlink_slot **ret_slot, + const uint32_t *groups, + size_t n_groups, + uint16_t type, + uint8_t cmd, + sd_netlink_message_handler_t callback, + sd_netlink_destroy_t destroy_callback, + void *userdata, + const char *description); + +/* Make sure callbacks don't destroy the netlink connection */ +#define NETLINK_DONT_DESTROY(nl) \ + _cleanup_(sd_netlink_unrefp) _unused_ sd_netlink *_dont_destroy_##nl = sd_netlink_ref(nl) + +/* nfnl */ +/* TODO: to be exported later */ +int sd_nfnl_socket_open(sd_netlink **ret); +int sd_nfnl_send_batch( + sd_netlink *nfnl, + sd_netlink_message **messages, + size_t msgcount, + uint32_t **ret_serials); +int sd_nfnl_call_batch( + sd_netlink *nfnl, + sd_netlink_message **messages, + size_t n_messages, + uint64_t usec, + sd_netlink_message ***ret_messages); +int sd_nfnl_message_new( + sd_netlink *nfnl, + sd_netlink_message **ret, + int nfproto, + uint16_t subsys, + uint16_t msg_type, + uint16_t flags); +int sd_nfnl_nft_message_new_table(sd_netlink *nfnl, sd_netlink_message **ret, + int nfproto, const char *table); +int sd_nfnl_nft_message_new_basechain(sd_netlink *nfnl, sd_netlink_message **ret, + int nfproto, const char *table, const char *chain, + const char *type, uint8_t hook, int prio); +int sd_nfnl_nft_message_new_rule(sd_netlink *nfnl, sd_netlink_message **ret, + int nfproto, const char *table, const char *chain); +int sd_nfnl_nft_message_new_set(sd_netlink *nfnl, sd_netlink_message **ret, + int nfproto, const char *table, const char *set_name, + uint32_t setid, uint32_t klen); +int sd_nfnl_nft_message_new_setelems(sd_netlink *nfnl, sd_netlink_message **ret, + int add, int nfproto, const char *table, const char *set_name); +int sd_nfnl_nft_message_append_setelem(sd_netlink_message *m, + uint32_t index, + const void *key, size_t key_len, + const void *data, size_t data_len, + uint32_t flags); diff --git a/src/libsystemd/sd-netlink/netlink-message-nfnl.c b/src/libsystemd/sd-netlink/netlink-message-nfnl.c new file mode 100644 index 0000000..55287d4 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-message-nfnl.c @@ -0,0 +1,420 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <netinet/in.h> +#include <linux/netfilter/nfnetlink.h> +#include <linux/netfilter/nf_tables.h> +#include <linux/netfilter.h> + +#include "sd-netlink.h" + +#include "io-util.h" +#include "netlink-internal.h" +#include "netlink-types.h" +#include "netlink-util.h" + +static bool nfproto_is_valid(int nfproto) { + return IN_SET(nfproto, + NFPROTO_UNSPEC, + NFPROTO_INET, + NFPROTO_IPV4, + NFPROTO_ARP, + NFPROTO_NETDEV, + NFPROTO_BRIDGE, + NFPROTO_IPV6, + NFPROTO_DECNET); +} + +int sd_nfnl_message_new(sd_netlink *nfnl, sd_netlink_message **ret, int nfproto, uint16_t subsys, uint16_t msg_type, uint16_t flags) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + int r; + + assert_return(nfnl, -EINVAL); + assert_return(ret, -EINVAL); + assert_return(nfproto_is_valid(nfproto), -EINVAL); + assert_return(NFNL_MSG_TYPE(msg_type) == msg_type, -EINVAL); + + r = message_new(nfnl, &m, subsys << 8 | msg_type); + if (r < 0) + return r; + + m->hdr->nlmsg_flags |= flags; + + *(struct nfgenmsg*) NLMSG_DATA(m->hdr) = (struct nfgenmsg) { + .nfgen_family = nfproto, + .version = NFNETLINK_V0, + }; + + *ret = TAKE_PTR(m); + return 0; +} + +static int nfnl_message_set_res_id(sd_netlink_message *m, uint16_t res_id) { + struct nfgenmsg *nfgen; + + assert(m); + assert(m->hdr); + + nfgen = NLMSG_DATA(m->hdr); + nfgen->res_id = htobe16(res_id); + + return 0; +} + +static int nfnl_message_get_subsys(sd_netlink_message *m, uint16_t *ret) { + uint16_t t; + int r; + + assert(m); + assert(ret); + + r = sd_netlink_message_get_type(m, &t); + if (r < 0) + return r; + + *ret = NFNL_SUBSYS_ID(t); + return 0; +} + +static int nfnl_message_new_batch(sd_netlink *nfnl, sd_netlink_message **ret, uint16_t subsys, uint16_t msg_type) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + int r; + + assert_return(nfnl, -EINVAL); + assert_return(ret, -EINVAL); + assert_return(NFNL_MSG_TYPE(msg_type) == msg_type, -EINVAL); + + r = sd_nfnl_message_new(nfnl, &m, NFPROTO_UNSPEC, NFNL_SUBSYS_NONE, msg_type, 0); + if (r < 0) + return r; + + r = nfnl_message_set_res_id(m, subsys); + if (r < 0) + return r; + + *ret = TAKE_PTR(m); + return 0; +} + +int sd_nfnl_send_batch( + sd_netlink *nfnl, + sd_netlink_message **messages, + size_t n_messages, + uint32_t **ret_serials) { + + /* iovs refs batch_begin and batch_end, hence, free iovs first, then free batch_begin and batch_end. */ + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *batch_begin = NULL, *batch_end = NULL; + _cleanup_free_ struct iovec *iovs = NULL; + _cleanup_free_ uint32_t *serials = NULL; + uint16_t subsys; + ssize_t k; + size_t c = 0; + int r; + + assert_return(nfnl, -EINVAL); + assert_return(!netlink_pid_changed(nfnl), -ECHILD); + assert_return(messages, -EINVAL); + assert_return(n_messages > 0, -EINVAL); + + iovs = new(struct iovec, n_messages + 2); + if (!iovs) + return -ENOMEM; + + if (ret_serials) { + serials = new(uint32_t, n_messages); + if (!serials) + return -ENOMEM; + } + + r = nfnl_message_get_subsys(messages[0], &subsys); + if (r < 0) + return r; + + r = nfnl_message_new_batch(nfnl, &batch_begin, subsys, NFNL_MSG_BATCH_BEGIN); + if (r < 0) + return r; + + netlink_seal_message(nfnl, batch_begin); + iovs[c++] = IOVEC_MAKE(batch_begin->hdr, batch_begin->hdr->nlmsg_len); + + for (size_t i = 0; i < n_messages; i++) { + uint16_t s; + + r = nfnl_message_get_subsys(messages[i], &s); + if (r < 0) + return r; + + if (s != subsys) + return -EINVAL; + + netlink_seal_message(nfnl, messages[i]); + if (serials) + serials[i] = message_get_serial(messages[i]); + + /* It seems that the kernel accepts an arbitrary number. Let's set the lower 16 bits of the + * serial of the first message. */ + nfnl_message_set_res_id(messages[i], (uint16_t) (message_get_serial(batch_begin) & UINT16_MAX)); + + iovs[c++] = IOVEC_MAKE(messages[i]->hdr, messages[i]->hdr->nlmsg_len); + } + + r = nfnl_message_new_batch(nfnl, &batch_end, subsys, NFNL_MSG_BATCH_END); + if (r < 0) + return r; + + netlink_seal_message(nfnl, batch_end); + iovs[c++] = IOVEC_MAKE(batch_end->hdr, batch_end->hdr->nlmsg_len); + + assert(c == n_messages + 2); + k = writev(nfnl->fd, iovs, n_messages + 2); + if (k < 0) + return -errno; + + if (ret_serials) + *ret_serials = TAKE_PTR(serials); + + return 0; +} + +int sd_nfnl_call_batch( + sd_netlink *nfnl, + sd_netlink_message **messages, + size_t n_messages, + uint64_t usec, + sd_netlink_message ***ret_messages) { + + _cleanup_free_ sd_netlink_message **replies = NULL; + _cleanup_free_ uint32_t *serials = NULL; + int k, r; + + assert_return(nfnl, -EINVAL); + assert_return(!netlink_pid_changed(nfnl), -ECHILD); + assert_return(messages, -EINVAL); + assert_return(n_messages > 0, -EINVAL); + + if (ret_messages) { + replies = new0(sd_netlink_message*, n_messages); + if (!replies) + return -ENOMEM; + } + + r = sd_nfnl_send_batch(nfnl, messages, n_messages, &serials); + if (r < 0) + return r; + + for (size_t i = 0; i < n_messages; i++) { + k = sd_netlink_read(nfnl, serials[i], usec, ret_messages ? replies + i : NULL); + if (k < 0 && r >= 0) + r = k; + } + if (r < 0) + return r; + + if (ret_messages) + *ret_messages = TAKE_PTR(replies); + + return 0; +} + +int sd_nfnl_nft_message_new_basechain( + sd_netlink *nfnl, + sd_netlink_message **ret, + int nfproto, + const char *table, + const char *chain, + const char *type, + uint8_t hook, + int prio) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + int r; + + r = sd_nfnl_message_new(nfnl, &m, nfproto, NFNL_SUBSYS_NFTABLES, NFT_MSG_NEWCHAIN, NLM_F_CREATE); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_CHAIN_TABLE, table); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_CHAIN_NAME, chain); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_CHAIN_TYPE, type); + if (r < 0) + return r; + + r = sd_netlink_message_open_container(m, NFTA_CHAIN_HOOK); + if (r < 0) + return r; + + r = sd_netlink_message_append_u32(m, NFTA_HOOK_HOOKNUM, htobe32(hook)); + if (r < 0) + return r; + + r = sd_netlink_message_append_u32(m, NFTA_HOOK_PRIORITY, htobe32(prio)); + if (r < 0) + return r; + + r = sd_netlink_message_close_container(m); + if (r < 0) + return r; + + *ret = TAKE_PTR(m); + return 0; +} + +int sd_nfnl_nft_message_new_table( + sd_netlink *nfnl, + sd_netlink_message **ret, + int nfproto, + const char *table) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + int r; + + r = sd_nfnl_message_new(nfnl, &m, nfproto, NFNL_SUBSYS_NFTABLES, NFT_MSG_NEWTABLE, NLM_F_CREATE | NLM_F_EXCL); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_TABLE_NAME, table); + if (r < 0) + return r; + + *ret = TAKE_PTR(m); + return r; +} + +int sd_nfnl_nft_message_new_rule( + sd_netlink *nfnl, + sd_netlink_message **ret, + int nfproto, + const char *table, + const char *chain) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + int r; + + r = sd_nfnl_message_new(nfnl, &m, nfproto, NFNL_SUBSYS_NFTABLES, NFT_MSG_NEWRULE, NLM_F_CREATE); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_RULE_TABLE, table); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_RULE_CHAIN, chain); + if (r < 0) + return r; + + *ret = TAKE_PTR(m); + return r; +} + +int sd_nfnl_nft_message_new_set( + sd_netlink *nfnl, + sd_netlink_message **ret, + int nfproto, + const char *table, + const char *set_name, + uint32_t set_id, + uint32_t klen) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + int r; + + r = sd_nfnl_message_new(nfnl, &m, nfproto, NFNL_SUBSYS_NFTABLES, NFT_MSG_NEWSET, NLM_F_CREATE); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_SET_TABLE, table); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_SET_NAME, set_name); + if (r < 0) + return r; + + r = sd_netlink_message_append_u32(m, NFTA_SET_ID, ++set_id); + if (r < 0) + return r; + + r = sd_netlink_message_append_u32(m, NFTA_SET_KEY_LEN, htobe32(klen)); + if (r < 0) + return r; + + *ret = TAKE_PTR(m); + return r; +} + +int sd_nfnl_nft_message_new_setelems( + sd_netlink *nfnl, + sd_netlink_message **ret, + int add, /* boolean */ + int nfproto, + const char *table, + const char *set_name) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + int r; + + if (add) + r = sd_nfnl_message_new(nfnl, &m, nfproto, NFNL_SUBSYS_NFTABLES, NFT_MSG_NEWSETELEM, NLM_F_CREATE); + else + r = sd_nfnl_message_new(nfnl, &m, nfproto, NFNL_SUBSYS_NFTABLES, NFT_MSG_DELSETELEM, 0); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_SET_ELEM_LIST_TABLE, table); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(m, NFTA_SET_ELEM_LIST_SET, set_name); + if (r < 0) + return r; + + *ret = TAKE_PTR(m); + return r; +} + +int sd_nfnl_nft_message_append_setelem( + sd_netlink_message *m, + uint32_t index, + const void *key, + size_t key_len, + const void *data, + size_t data_len, + uint32_t flags) { + + int r; + + r = sd_netlink_message_open_array(m, index); + if (r < 0) + return r; + + r = sd_netlink_message_append_container_data(m, NFTA_SET_ELEM_KEY, NFTA_DATA_VALUE, key, key_len); + if (r < 0) + goto cancel; + + if (data) { + r = sd_netlink_message_append_container_data(m, NFTA_SET_ELEM_DATA, NFTA_DATA_VALUE, data, data_len); + if (r < 0) + goto cancel; + } + + if (flags != 0) { + r = sd_netlink_message_append_u32(m, NFTA_SET_ELEM_FLAGS, htobe32(flags)); + if (r < 0) + goto cancel; + } + + return sd_netlink_message_close_container(m); /* array */ + +cancel: + (void) sd_netlink_message_cancel_array(m); + return r; +} + +int sd_nfnl_socket_open(sd_netlink **ret) { + return netlink_open_family(ret, NETLINK_NETFILTER); +} diff --git a/src/libsystemd/sd-netlink/netlink-message-rtnl.c b/src/libsystemd/sd-netlink/netlink-message-rtnl.c new file mode 100644 index 0000000..109f3ee --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-message-rtnl.c @@ -0,0 +1,1205 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <netinet/in.h> +#include <linux/fib_rules.h> +#include <linux/if_addrlabel.h> +#include <linux/if_bridge.h> +#include <linux/nexthop.h> +#include <stdbool.h> +#include <unistd.h> + +#include "sd-netlink.h" + +#include "format-util.h" +#include "netlink-internal.h" +#include "netlink-types.h" +#include "netlink-util.h" +#include "socket-util.h" +#include "util.h" + +static bool rtnl_message_type_is_neigh(uint16_t type) { + return IN_SET(type, RTM_NEWNEIGH, RTM_GETNEIGH, RTM_DELNEIGH); +} + +static bool rtnl_message_type_is_route(uint16_t type) { + return IN_SET(type, RTM_NEWROUTE, RTM_GETROUTE, RTM_DELROUTE); +} + +static bool rtnl_message_type_is_nexthop(uint16_t type) { + return IN_SET(type, RTM_NEWNEXTHOP, RTM_GETNEXTHOP, RTM_DELNEXTHOP); +} + +static bool rtnl_message_type_is_link(uint16_t type) { + return IN_SET(type, + RTM_NEWLINK, RTM_SETLINK, RTM_GETLINK, RTM_DELLINK, + RTM_NEWLINKPROP, RTM_DELLINKPROP, RTM_GETLINKPROP); +} + +static bool rtnl_message_type_is_addr(uint16_t type) { + return IN_SET(type, RTM_NEWADDR, RTM_GETADDR, RTM_DELADDR); +} + +static bool rtnl_message_type_is_addrlabel(uint16_t type) { + return IN_SET(type, RTM_NEWADDRLABEL, RTM_DELADDRLABEL, RTM_GETADDRLABEL); +} + +static bool rtnl_message_type_is_routing_policy_rule(uint16_t type) { + return IN_SET(type, RTM_NEWRULE, RTM_DELRULE, RTM_GETRULE); +} + +static bool rtnl_message_type_is_traffic_control(uint16_t type) { + return IN_SET(type, + RTM_NEWQDISC, RTM_DELQDISC, RTM_GETQDISC, + RTM_NEWTCLASS, RTM_DELTCLASS, RTM_GETTCLASS); +} + +static bool rtnl_message_type_is_mdb(uint16_t type) { + return IN_SET(type, RTM_NEWMDB, RTM_DELMDB, RTM_GETMDB); +} + +int sd_rtnl_message_route_set_dst_prefixlen(sd_netlink_message *m, unsigned char prefixlen) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + if ((rtm->rtm_family == AF_INET && prefixlen > 32) || + (rtm->rtm_family == AF_INET6 && prefixlen > 128)) + return -ERANGE; + + rtm->rtm_dst_len = prefixlen; + + return 0; +} + +int sd_rtnl_message_route_set_src_prefixlen(sd_netlink_message *m, unsigned char prefixlen) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + if ((rtm->rtm_family == AF_INET && prefixlen > 32) || + (rtm->rtm_family == AF_INET6 && prefixlen > 128)) + return -ERANGE; + + rtm->rtm_src_len = prefixlen; + + return 0; +} + +int sd_rtnl_message_route_set_scope(sd_netlink_message *m, unsigned char scope) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + rtm->rtm_scope = scope; + + return 0; +} + +int sd_rtnl_message_route_set_flags(sd_netlink_message *m, unsigned flags) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + rtm->rtm_flags = flags; + + return 0; +} + +int sd_rtnl_message_route_get_flags(sd_netlink_message *m, unsigned *flags) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(flags, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *flags = rtm->rtm_flags; + + return 0; +} + +int sd_rtnl_message_route_set_table(sd_netlink_message *m, unsigned char table) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + rtm->rtm_table = table; + + return 0; +} + +int sd_rtnl_message_route_get_family(sd_netlink_message *m, int *family) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(family, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *family = rtm->rtm_family; + + return 0; +} + +int sd_rtnl_message_route_get_type(sd_netlink_message *m, unsigned char *type) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(type, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *type = rtm->rtm_type; + + return 0; +} + +int sd_rtnl_message_route_set_type(sd_netlink_message *m, unsigned char type) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + rtm->rtm_type = type; + + return 0; +} + +int sd_rtnl_message_route_get_protocol(sd_netlink_message *m, unsigned char *protocol) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(protocol, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *protocol = rtm->rtm_protocol; + + return 0; +} + +int sd_rtnl_message_route_get_scope(sd_netlink_message *m, unsigned char *scope) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(scope, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *scope = rtm->rtm_scope; + + return 0; +} + +int sd_rtnl_message_route_get_tos(sd_netlink_message *m, uint8_t *tos) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(tos, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *tos = rtm->rtm_tos; + + return 0; +} + +int sd_rtnl_message_route_get_table(sd_netlink_message *m, unsigned char *table) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(table, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *table = rtm->rtm_table; + + return 0; +} + +int sd_rtnl_message_route_get_dst_prefixlen(sd_netlink_message *m, unsigned char *dst_len) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(dst_len, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *dst_len = rtm->rtm_dst_len; + + return 0; +} + +int sd_rtnl_message_route_get_src_prefixlen(sd_netlink_message *m, unsigned char *src_len) { + struct rtmsg *rtm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_route(m->hdr->nlmsg_type), -EINVAL); + assert_return(src_len, -EINVAL); + + rtm = NLMSG_DATA(m->hdr); + + *src_len = rtm->rtm_src_len; + + return 0; +} + +int sd_rtnl_message_new_route(sd_netlink *rtnl, sd_netlink_message **ret, + uint16_t nlmsg_type, int rtm_family, + unsigned char rtm_protocol) { + struct rtmsg *rtm; + int r; + + assert_return(rtnl_message_type_is_route(nlmsg_type), -EINVAL); + assert_return((nlmsg_type == RTM_GETROUTE && rtm_family == AF_UNSPEC) || + IN_SET(rtm_family, AF_INET, AF_INET6), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (nlmsg_type == RTM_NEWROUTE) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_APPEND; + + rtm = NLMSG_DATA((*ret)->hdr); + + rtm->rtm_family = rtm_family; + rtm->rtm_protocol = rtm_protocol; + + return 0; +} + +int sd_rtnl_message_new_nexthop(sd_netlink *rtnl, sd_netlink_message **ret, + uint16_t nlmsg_type, int nh_family, + unsigned char nh_protocol) { + struct nhmsg *nhm; + int r; + + assert_return(rtnl_message_type_is_nexthop(nlmsg_type), -EINVAL); + switch (nlmsg_type) { + case RTM_DELNEXTHOP: + assert_return(nh_family == AF_UNSPEC, -EINVAL); + _fallthrough_; + case RTM_GETNEXTHOP: + assert_return(nh_protocol == RTPROT_UNSPEC, -EINVAL); + break; + case RTM_NEWNEXTHOP: + assert_return(IN_SET(nh_family, AF_UNSPEC, AF_INET, AF_INET6), -EINVAL); + break; + default: + assert_not_reached(); + } + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (nlmsg_type == RTM_NEWNEXTHOP) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_APPEND; + + nhm = NLMSG_DATA((*ret)->hdr); + + nhm->nh_family = nh_family; + nhm->nh_scope = RT_SCOPE_UNIVERSE; + nhm->nh_protocol = nh_protocol; + + return 0; +} + +int sd_rtnl_message_nexthop_set_flags(sd_netlink_message *m, uint8_t flags) { + struct nhmsg *nhm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(m->hdr->nlmsg_type == RTM_NEWNEXTHOP, -EINVAL); + + nhm = NLMSG_DATA(m->hdr); + nhm->nh_flags = flags; + + return 0; +} + +int sd_rtnl_message_nexthop_get_flags(sd_netlink_message *m, uint8_t *ret) { + struct nhmsg *nhm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_nexthop(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + nhm = NLMSG_DATA(m->hdr); + *ret = nhm->nh_flags; + + return 0; +} + +int sd_rtnl_message_nexthop_get_family(sd_netlink_message *m, uint8_t *family) { + struct nhmsg *nhm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_nexthop(m->hdr->nlmsg_type), -EINVAL); + assert_return(family, -EINVAL); + + nhm = NLMSG_DATA(m->hdr); + *family = nhm->nh_family; + + return 0; +} + +int sd_rtnl_message_nexthop_get_protocol(sd_netlink_message *m, uint8_t *protocol) { + struct nhmsg *nhm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_nexthop(m->hdr->nlmsg_type), -EINVAL); + assert_return(protocol, -EINVAL); + + nhm = NLMSG_DATA(m->hdr); + *protocol = nhm->nh_protocol; + + return 0; +} + +int sd_rtnl_message_neigh_set_flags(sd_netlink_message *m, uint8_t flags) { + struct ndmsg *ndm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_neigh(m->hdr->nlmsg_type), -EINVAL); + + ndm = NLMSG_DATA(m->hdr); + ndm->ndm_flags = flags; + + return 0; +} + +int sd_rtnl_message_neigh_set_state(sd_netlink_message *m, uint16_t state) { + struct ndmsg *ndm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_neigh(m->hdr->nlmsg_type), -EINVAL); + + ndm = NLMSG_DATA(m->hdr); + ndm->ndm_state = state; + + return 0; +} + +int sd_rtnl_message_neigh_get_flags(sd_netlink_message *m, uint8_t *flags) { + struct ndmsg *ndm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_neigh(m->hdr->nlmsg_type), -EINVAL); + + ndm = NLMSG_DATA(m->hdr); + *flags = ndm->ndm_flags; + + return 0; +} + +int sd_rtnl_message_neigh_get_state(sd_netlink_message *m, uint16_t *state) { + struct ndmsg *ndm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_neigh(m->hdr->nlmsg_type), -EINVAL); + + ndm = NLMSG_DATA(m->hdr); + *state = ndm->ndm_state; + + return 0; +} + +int sd_rtnl_message_neigh_get_family(sd_netlink_message *m, int *family) { + struct ndmsg *ndm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_neigh(m->hdr->nlmsg_type), -EINVAL); + assert_return(family, -EINVAL); + + ndm = NLMSG_DATA(m->hdr); + + *family = ndm->ndm_family; + + return 0; +} + +int sd_rtnl_message_neigh_get_ifindex(sd_netlink_message *m, int *index) { + struct ndmsg *ndm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_neigh(m->hdr->nlmsg_type), -EINVAL); + assert_return(index, -EINVAL); + + ndm = NLMSG_DATA(m->hdr); + + *index = ndm->ndm_ifindex; + + return 0; +} + +int sd_rtnl_message_new_neigh( + sd_netlink *rtnl, + sd_netlink_message **ret, + uint16_t nlmsg_type, + int index, + int ndm_family) { + + struct ndmsg *ndm; + int r; + + assert_return(rtnl_message_type_is_neigh(nlmsg_type), -EINVAL); + assert_return(IN_SET(ndm_family, AF_UNSPEC, AF_INET, AF_INET6, AF_BRIDGE), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (nlmsg_type == RTM_NEWNEIGH) { + if (ndm_family == AF_BRIDGE) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_APPEND; + else + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_REPLACE; + } + + ndm = NLMSG_DATA((*ret)->hdr); + + ndm->ndm_family = ndm_family; + ndm->ndm_ifindex = index; + + return 0; +} + +int sd_rtnl_message_link_set_flags(sd_netlink_message *m, unsigned flags, unsigned change) { + struct ifinfomsg *ifi; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_link(m->hdr->nlmsg_type), -EINVAL); + assert_return(change != 0, -EINVAL); + + ifi = NLMSG_DATA(m->hdr); + + ifi->ifi_flags = flags; + ifi->ifi_change = change; + + return 0; +} + +int sd_rtnl_message_link_set_type(sd_netlink_message *m, unsigned type) { + struct ifinfomsg *ifi; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_link(m->hdr->nlmsg_type), -EINVAL); + + ifi = NLMSG_DATA(m->hdr); + + ifi->ifi_type = type; + + return 0; +} + +int sd_rtnl_message_link_set_family(sd_netlink_message *m, unsigned family) { + struct ifinfomsg *ifi; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_link(m->hdr->nlmsg_type), -EINVAL); + + ifi = NLMSG_DATA(m->hdr); + + ifi->ifi_family = family; + + return 0; +} + +int sd_rtnl_message_new_link(sd_netlink *rtnl, sd_netlink_message **ret, + uint16_t nlmsg_type, int index) { + struct ifinfomsg *ifi; + int r; + + assert_return(rtnl_message_type_is_link(nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (nlmsg_type == RTM_NEWLINK) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; + else if (nlmsg_type == RTM_NEWLINKPROP) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL | NLM_F_APPEND; + + ifi = NLMSG_DATA((*ret)->hdr); + + ifi->ifi_family = AF_UNSPEC; + ifi->ifi_index = index; + + return 0; +} + +int sd_rtnl_message_addr_set_prefixlen(sd_netlink_message *m, unsigned char prefixlen) { + struct ifaddrmsg *ifa; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addr(m->hdr->nlmsg_type), -EINVAL); + + ifa = NLMSG_DATA(m->hdr); + + if ((ifa->ifa_family == AF_INET && prefixlen > 32) || + (ifa->ifa_family == AF_INET6 && prefixlen > 128)) + return -ERANGE; + + ifa->ifa_prefixlen = prefixlen; + + return 0; +} + +int sd_rtnl_message_addr_set_flags(sd_netlink_message *m, unsigned char flags) { + struct ifaddrmsg *ifa; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addr(m->hdr->nlmsg_type), -EINVAL); + + ifa = NLMSG_DATA(m->hdr); + + ifa->ifa_flags = flags; + + return 0; +} + +int sd_rtnl_message_addr_set_scope(sd_netlink_message *m, unsigned char scope) { + struct ifaddrmsg *ifa; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addr(m->hdr->nlmsg_type), -EINVAL); + + ifa = NLMSG_DATA(m->hdr); + + ifa->ifa_scope = scope; + + return 0; +} + +int sd_rtnl_message_addr_get_family(sd_netlink_message *m, int *ret_family) { + struct ifaddrmsg *ifa; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addr(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret_family, -EINVAL); + + ifa = NLMSG_DATA(m->hdr); + + *ret_family = ifa->ifa_family; + + return 0; +} + +int sd_rtnl_message_addr_get_prefixlen(sd_netlink_message *m, unsigned char *ret_prefixlen) { + struct ifaddrmsg *ifa; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addr(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret_prefixlen, -EINVAL); + + ifa = NLMSG_DATA(m->hdr); + + *ret_prefixlen = ifa->ifa_prefixlen; + + return 0; +} + +int sd_rtnl_message_addr_get_scope(sd_netlink_message *m, unsigned char *ret_scope) { + struct ifaddrmsg *ifa; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addr(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret_scope, -EINVAL); + + ifa = NLMSG_DATA(m->hdr); + + *ret_scope = ifa->ifa_scope; + + return 0; +} + +int sd_rtnl_message_addr_get_flags(sd_netlink_message *m, unsigned char *ret_flags) { + struct ifaddrmsg *ifa; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addr(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret_flags, -EINVAL); + + ifa = NLMSG_DATA(m->hdr); + + *ret_flags = ifa->ifa_flags; + + return 0; +} + +int sd_rtnl_message_addr_get_ifindex(sd_netlink_message *m, int *ret_ifindex) { + struct ifaddrmsg *ifa; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addr(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret_ifindex, -EINVAL); + + ifa = NLMSG_DATA(m->hdr); + + *ret_ifindex = ifa->ifa_index; + + return 0; +} + +int sd_rtnl_message_new_addr( + sd_netlink *rtnl, + sd_netlink_message **ret, + uint16_t nlmsg_type, + int index, + int family) { + + struct ifaddrmsg *ifa; + int r; + + assert_return(rtnl_message_type_is_addr(nlmsg_type), -EINVAL); + assert_return((nlmsg_type == RTM_GETADDR && index == 0) || + index > 0, -EINVAL); + assert_return((nlmsg_type == RTM_GETADDR && family == AF_UNSPEC) || + IN_SET(family, AF_INET, AF_INET6), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + ifa = NLMSG_DATA((*ret)->hdr); + + ifa->ifa_index = index; + ifa->ifa_family = family; + + return 0; +} + +int sd_rtnl_message_new_addr_update( + sd_netlink *rtnl, + sd_netlink_message **ret, + int index, + int family) { + int r; + + r = sd_rtnl_message_new_addr(rtnl, ret, RTM_NEWADDR, index, family); + if (r < 0) + return r; + + (*ret)->hdr->nlmsg_flags |= NLM_F_REPLACE; + + return 0; +} + +int sd_rtnl_message_link_get_ifindex(sd_netlink_message *m, int *ifindex) { + struct ifinfomsg *ifi; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_link(m->hdr->nlmsg_type), -EINVAL); + assert_return(ifindex, -EINVAL); + + ifi = NLMSG_DATA(m->hdr); + + *ifindex = ifi->ifi_index; + + return 0; +} + +int sd_rtnl_message_link_get_flags(sd_netlink_message *m, unsigned *flags) { + struct ifinfomsg *ifi; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_link(m->hdr->nlmsg_type), -EINVAL); + assert_return(flags, -EINVAL); + + ifi = NLMSG_DATA(m->hdr); + + *flags = ifi->ifi_flags; + + return 0; +} + +int sd_rtnl_message_link_get_type(sd_netlink_message *m, unsigned short *type) { + struct ifinfomsg *ifi; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_link(m->hdr->nlmsg_type), -EINVAL); + assert_return(type, -EINVAL); + + ifi = NLMSG_DATA(m->hdr); + + *type = ifi->ifi_type; + + return 0; +} + +int sd_rtnl_message_get_family(sd_netlink_message *m, int *family) { + assert_return(m, -EINVAL); + assert_return(family, -EINVAL); + + assert(m->hdr); + + if (rtnl_message_type_is_link(m->hdr->nlmsg_type)) { + struct ifinfomsg *ifi; + + ifi = NLMSG_DATA(m->hdr); + + *family = ifi->ifi_family; + + return 0; + } else if (rtnl_message_type_is_route(m->hdr->nlmsg_type)) { + struct rtmsg *rtm; + + rtm = NLMSG_DATA(m->hdr); + + *family = rtm->rtm_family; + + return 0; + } else if (rtnl_message_type_is_neigh(m->hdr->nlmsg_type)) { + struct ndmsg *ndm; + + ndm = NLMSG_DATA(m->hdr); + + *family = ndm->ndm_family; + + return 0; + } else if (rtnl_message_type_is_addr(m->hdr->nlmsg_type)) { + struct ifaddrmsg *ifa; + + ifa = NLMSG_DATA(m->hdr); + + *family = ifa->ifa_family; + + return 0; + } else if (rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type)) { + struct rtmsg *rtm; + + rtm = NLMSG_DATA(m->hdr); + + *family = rtm->rtm_family; + + return 0; + } else if (rtnl_message_type_is_nexthop(m->hdr->nlmsg_type)) { + struct nhmsg *nhm; + + nhm = NLMSG_DATA(m->hdr); + + *family = nhm->nh_family; + + return 0; + } + + return -EOPNOTSUPP; +} + +int sd_rtnl_message_new_addrlabel( + sd_netlink *rtnl, + sd_netlink_message **ret, + uint16_t nlmsg_type, + int ifindex, + int ifal_family) { + + struct ifaddrlblmsg *addrlabel; + int r; + + assert_return(rtnl_message_type_is_addrlabel(nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (nlmsg_type == RTM_NEWADDRLABEL) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; + + addrlabel = NLMSG_DATA((*ret)->hdr); + + addrlabel->ifal_family = ifal_family; + addrlabel->ifal_index = ifindex; + + return 0; +} + +int sd_rtnl_message_addrlabel_set_prefixlen(sd_netlink_message *m, unsigned char prefixlen) { + struct ifaddrlblmsg *addrlabel; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addrlabel(m->hdr->nlmsg_type), -EINVAL); + + addrlabel = NLMSG_DATA(m->hdr); + + if (prefixlen > 128) + return -ERANGE; + + addrlabel->ifal_prefixlen = prefixlen; + + return 0; +} + +int sd_rtnl_message_addrlabel_get_prefixlen(sd_netlink_message *m, unsigned char *prefixlen) { + struct ifaddrlblmsg *addrlabel; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_addrlabel(m->hdr->nlmsg_type), -EINVAL); + + addrlabel = NLMSG_DATA(m->hdr); + + *prefixlen = addrlabel->ifal_prefixlen; + + return 0; +} + +int sd_rtnl_message_new_routing_policy_rule( + sd_netlink *rtnl, + sd_netlink_message **ret, + uint16_t nlmsg_type, + int ifal_family) { + + struct fib_rule_hdr *frh; + int r; + + assert_return(rtnl_message_type_is_routing_policy_rule(nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (nlmsg_type == RTM_NEWRULE) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; + + frh = NLMSG_DATA((*ret)->hdr); + frh->family = ifal_family; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_set_tos(sd_netlink_message *m, uint8_t tos) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + frh->tos = tos; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_get_tos(sd_netlink_message *m, uint8_t *tos) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + *tos = frh->tos; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_set_table(sd_netlink_message *m, uint8_t table) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + frh->table = table; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_get_table(sd_netlink_message *m, uint8_t *table) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + *table = frh->table; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_set_flags(sd_netlink_message *m, uint32_t flags) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + frh->flags = flags; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_get_flags(sd_netlink_message *m, uint32_t *flags) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + *flags = frh->flags; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_set_fib_type(sd_netlink_message *m, uint8_t type) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + frh->action = type; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_get_fib_type(sd_netlink_message *m, uint8_t *type) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + *type = frh->action; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_set_fib_dst_prefixlen(sd_netlink_message *m, uint8_t len) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + frh->dst_len = len; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_get_fib_dst_prefixlen(sd_netlink_message *m, uint8_t *len) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + *len = frh->dst_len; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_set_fib_src_prefixlen(sd_netlink_message *m, uint8_t len) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + frh->src_len = len; + + return 0; +} + +int sd_rtnl_message_routing_policy_rule_get_fib_src_prefixlen(sd_netlink_message *m, uint8_t *len) { + struct fib_rule_hdr *frh; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_routing_policy_rule(m->hdr->nlmsg_type), -EINVAL); + + frh = NLMSG_DATA(m->hdr); + + *len = frh->src_len; + + return 0; +} + +int sd_rtnl_message_new_traffic_control( + sd_netlink *rtnl, + sd_netlink_message **ret, + uint16_t nlmsg_type, + int ifindex, + uint32_t handle, + uint32_t parent) { + + struct tcmsg *tcm; + int r; + + assert_return(rtnl_message_type_is_traffic_control(nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (IN_SET(nlmsg_type, RTM_NEWQDISC, RTM_NEWTCLASS)) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; + + tcm = NLMSG_DATA((*ret)->hdr); + tcm->tcm_ifindex = ifindex; + tcm->tcm_handle = handle; + tcm->tcm_parent = parent; + + return 0; +} + +int sd_rtnl_message_traffic_control_get_ifindex(sd_netlink_message *m, int *ret) { + struct tcmsg *tcm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_traffic_control(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + tcm = NLMSG_DATA(m->hdr); + *ret = tcm->tcm_ifindex; + + return 0; +} + +int sd_rtnl_message_traffic_control_get_handle(sd_netlink_message *m, uint32_t *ret) { + struct tcmsg *tcm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_traffic_control(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + tcm = NLMSG_DATA(m->hdr); + *ret = tcm->tcm_handle; + + return 0; +} + +int sd_rtnl_message_traffic_control_get_parent(sd_netlink_message *m, uint32_t *ret) { + struct tcmsg *tcm; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(rtnl_message_type_is_traffic_control(m->hdr->nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + tcm = NLMSG_DATA(m->hdr); + *ret = tcm->tcm_parent; + + return 0; +} + +int sd_rtnl_message_new_mdb( + sd_netlink *rtnl, + sd_netlink_message **ret, + uint16_t nlmsg_type, + int mdb_ifindex) { + + struct br_port_msg *bpm; + int r; + + assert_return(rtnl_message_type_is_mdb(nlmsg_type), -EINVAL); + assert_return(ret, -EINVAL); + + r = message_new(rtnl, ret, nlmsg_type); + if (r < 0) + return r; + + if (nlmsg_type == RTM_NEWMDB) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; + + bpm = NLMSG_DATA((*ret)->hdr); + bpm->family = AF_BRIDGE; + bpm->ifindex = mdb_ifindex; + + return 0; +} diff --git a/src/libsystemd/sd-netlink/netlink-message.c b/src/libsystemd/sd-netlink/netlink-message.c new file mode 100644 index 0000000..000a50e --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-message.c @@ -0,0 +1,1421 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <netinet/in.h> +#include <stdbool.h> +#include <unistd.h> + +#include "sd-netlink.h" + +#include "alloc-util.h" +#include "format-util.h" +#include "memory-util.h" +#include "netlink-internal.h" +#include "netlink-types.h" +#include "netlink-util.h" +#include "socket-util.h" +#include "strv.h" + +#define GET_CONTAINER(m, i) ((struct rtattr*)((uint8_t*)(m)->hdr + (m)->containers[i].offset)) + +#define RTA_TYPE(rta) ((rta)->rta_type & NLA_TYPE_MASK) +#define RTA_FLAGS(rta) ((rta)->rta_type & ~NLA_TYPE_MASK) + +int message_new_empty(sd_netlink *nl, sd_netlink_message **ret) { + sd_netlink_message *m; + + assert(nl); + assert(ret); + + /* Note that 'nl' is currently unused, if we start using it internally we must take care to + * avoid problems due to mutual references between buses and their queued messages. See sd-bus. */ + + m = new(sd_netlink_message, 1); + if (!m) + return -ENOMEM; + + *m = (sd_netlink_message) { + .n_ref = 1, + .protocol = nl->protocol, + .sealed = false, + }; + + *ret = m; + return 0; +} + +int message_new_full( + sd_netlink *nl, + uint16_t nlmsg_type, + const NLAPolicySet *policy_set, + size_t header_size, + sd_netlink_message **ret) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + size_t size; + int r; + + assert(nl); + assert(policy_set); + assert(ret); + + size = NLMSG_SPACE(header_size); + assert(size >= sizeof(struct nlmsghdr)); + + r = message_new_empty(nl, &m); + if (r < 0) + return r; + + m->containers[0].policy_set = policy_set; + + m->hdr = malloc0(size); + if (!m->hdr) + return -ENOMEM; + + m->hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK; + m->hdr->nlmsg_len = size; + m->hdr->nlmsg_type = nlmsg_type; + + *ret = TAKE_PTR(m); + return 0; +} + +int message_new(sd_netlink *nl, sd_netlink_message **ret, uint16_t nlmsg_type) { + const NLAPolicySet *policy_set; + size_t size; + int r; + + assert_return(nl, -EINVAL); + assert_return(ret, -EINVAL); + + r = netlink_get_policy_set_and_header_size(nl, nlmsg_type, &policy_set, &size); + if (r < 0) + return r; + + return message_new_full(nl, nlmsg_type, policy_set, size, ret); +} + +int message_new_synthetic_error(sd_netlink *nl, int error, uint32_t serial, sd_netlink_message **ret) { + struct nlmsgerr *err; + int r; + + assert(error <= 0); + + r = message_new(nl, ret, NLMSG_ERROR); + if (r < 0) + return r; + + message_seal(*ret); + (*ret)->hdr->nlmsg_seq = serial; + + err = NLMSG_DATA((*ret)->hdr); + err->error = error; + + return 0; +} + +int sd_netlink_message_set_request_dump(sd_netlink_message *m, int dump) { + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + assert_return(m->protocol != NETLINK_ROUTE || + IN_SET(m->hdr->nlmsg_type, + RTM_GETLINK, RTM_GETLINKPROP, RTM_GETADDR, RTM_GETROUTE, RTM_GETNEIGH, + RTM_GETRULE, RTM_GETADDRLABEL, RTM_GETNEXTHOP, RTM_GETQDISC, RTM_GETTCLASS), + -EINVAL); + + SET_FLAG(m->hdr->nlmsg_flags, NLM_F_DUMP, dump); + + return 0; +} + +DEFINE_TRIVIAL_REF_FUNC(sd_netlink_message, sd_netlink_message); + +sd_netlink_message* sd_netlink_message_unref(sd_netlink_message *m) { + while (m && --m->n_ref == 0) { + unsigned i; + + free(m->hdr); + + for (i = 0; i <= m->n_containers; i++) + free(m->containers[i].attributes); + + sd_netlink_message *t = m; + m = m->next; + free(t); + } + + return NULL; +} + +int sd_netlink_message_get_type(sd_netlink_message *m, uint16_t *ret) { + assert_return(m, -EINVAL); + assert_return(ret, -EINVAL); + + *ret = m->hdr->nlmsg_type; + + return 0; +} + +int sd_netlink_message_set_flags(sd_netlink_message *m, uint16_t flags) { + assert_return(m, -EINVAL); + assert_return(flags != 0, -EINVAL); + + m->hdr->nlmsg_flags = flags; + + return 0; +} + +int sd_netlink_message_is_broadcast(sd_netlink_message *m) { + assert_return(m, -EINVAL); + + return m->multicast_group != 0; +} + +/* If successful the updated message will be correctly aligned, if unsuccessful the old message is untouched. */ +static int add_rtattr(sd_netlink_message *m, uint16_t attr_type, const void *data, size_t data_length) { + size_t message_length; + struct nlmsghdr *new_hdr; + struct rtattr *rta; + int offset; + + assert(m); + assert(m->hdr); + assert(!m->sealed); + assert(NLMSG_ALIGN(m->hdr->nlmsg_len) == m->hdr->nlmsg_len); + assert(!data || data_length > 0); + + /* get the new message size (with padding at the end) */ + message_length = m->hdr->nlmsg_len + RTA_SPACE(data_length); + + /* buffer should be smaller than both one page or 8K to be accepted by the kernel */ + if (message_length > MIN(page_size(), 8192UL)) + return -ENOBUFS; + + /* realloc to fit the new attribute */ + new_hdr = realloc(m->hdr, message_length); + if (!new_hdr) + return -ENOMEM; + m->hdr = new_hdr; + + /* get pointer to the attribute we are about to add */ + rta = (struct rtattr *) ((uint8_t *) m->hdr + m->hdr->nlmsg_len); + + rtattr_append_attribute_internal(rta, attr_type, data, data_length); + + /* if we are inside containers, extend them */ + for (unsigned i = 0; i < m->n_containers; i++) + GET_CONTAINER(m, i)->rta_len += RTA_SPACE(data_length); + + /* update message size */ + offset = m->hdr->nlmsg_len; + m->hdr->nlmsg_len = message_length; + + /* return old message size */ + return offset; +} + +static int message_attribute_has_type(sd_netlink_message *m, size_t *ret_size, uint16_t attr_type, NLAType type) { + const NLAPolicy *policy; + + assert(m); + + policy = policy_set_get_policy(m->containers[m->n_containers].policy_set, attr_type); + if (!policy) + return -EOPNOTSUPP; + + if (policy_get_type(policy) != type) + return -EINVAL; + + if (ret_size) + *ret_size = policy_get_size(policy); + return 0; +} + +int sd_netlink_message_append_string(sd_netlink_message *m, uint16_t attr_type, const char *data) { + size_t length, size; + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(data, -EINVAL); + + r = message_attribute_has_type(m, &size, attr_type, NETLINK_TYPE_STRING); + if (r < 0) + return r; + + if (size) { + length = strnlen(data, size+1); + if (length > size) + return -EINVAL; + } else + length = strlen(data); + + r = add_rtattr(m, attr_type, data, length + 1); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_strv(sd_netlink_message *m, uint16_t attr_type, const char* const *data) { + size_t length, size; + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(data, -EINVAL); + + r = message_attribute_has_type(m, &size, attr_type, NETLINK_TYPE_STRING); + if (r < 0) + return r; + + STRV_FOREACH(p, data) { + if (size) { + length = strnlen(*p, size+1); + if (length > size) + return -EINVAL; + } else + length = strlen(*p); + + r = add_rtattr(m, attr_type, *p, length + 1); + if (r < 0) + return r; + } + + return 0; +} + +int sd_netlink_message_append_flag(sd_netlink_message *m, uint16_t attr_type) { + size_t size; + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, &size, attr_type, NETLINK_TYPE_FLAG); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, NULL, 0); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_u8(sd_netlink_message *m, uint16_t attr_type, uint8_t data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_U8); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, &data, sizeof(uint8_t)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_u16(sd_netlink_message *m, uint16_t attr_type, uint16_t data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_U16); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, &data, sizeof(uint16_t)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_u32(sd_netlink_message *m, uint16_t attr_type, uint32_t data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_U32); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, &data, sizeof(uint32_t)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_u64(sd_netlink_message *m, uint16_t attr_type, uint64_t data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_U64); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, &data, sizeof(uint64_t)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_s8(sd_netlink_message *m, uint16_t attr_type, int8_t data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_S8); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, &data, sizeof(int8_t)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_s16(sd_netlink_message *m, uint16_t attr_type, int16_t data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_S16); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, &data, sizeof(int16_t)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_s32(sd_netlink_message *m, uint16_t attr_type, int32_t data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_S32); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, &data, sizeof(int32_t)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_s64(sd_netlink_message *m, uint16_t attr_type, int64_t data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_S64); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, &data, sizeof(int64_t)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_data(sd_netlink_message *m, uint16_t attr_type, const void *data, size_t len) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = add_rtattr(m, attr_type, data, len); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_container_data( + sd_netlink_message *m, + uint16_t container_type, + uint16_t attr_type, + const void *data, + size_t len) { + + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + + r = sd_netlink_message_open_container(m, container_type); + if (r < 0) + return r; + + r = sd_netlink_message_append_data(m, attr_type, data, len); + if (r < 0) + return r; + + return sd_netlink_message_close_container(m); +} + +int netlink_message_append_in_addr_union(sd_netlink_message *m, uint16_t attr_type, int family, const union in_addr_union *data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(data, -EINVAL); + assert_return(IN_SET(family, AF_INET, AF_INET6), -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_IN_ADDR); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, data, FAMILY_ADDRESS_SIZE(family)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_in_addr(sd_netlink_message *m, uint16_t attr_type, const struct in_addr *data) { + return netlink_message_append_in_addr_union(m, attr_type, AF_INET, (const union in_addr_union *) data); +} + +int sd_netlink_message_append_in6_addr(sd_netlink_message *m, uint16_t attr_type, const struct in6_addr *data) { + return netlink_message_append_in_addr_union(m, attr_type, AF_INET6, (const union in_addr_union *) data); +} + +int netlink_message_append_sockaddr_union(sd_netlink_message *m, uint16_t attr_type, const union sockaddr_union *data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(data, -EINVAL); + assert_return(IN_SET(data->sa.sa_family, AF_INET, AF_INET6), -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_SOCKADDR); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, data, data->sa.sa_family == AF_INET ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_sockaddr_in(sd_netlink_message *m, uint16_t attr_type, const struct sockaddr_in *data) { + return netlink_message_append_sockaddr_union(m, attr_type, (const union sockaddr_union *) data); +} + +int sd_netlink_message_append_sockaddr_in6(sd_netlink_message *m, uint16_t attr_type, const struct sockaddr_in6 *data) { + return netlink_message_append_sockaddr_union(m, attr_type, (const union sockaddr_union *) data); +} + +int sd_netlink_message_append_ether_addr(sd_netlink_message *m, uint16_t attr_type, const struct ether_addr *data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(data, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_ETHER_ADDR); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, data, ETH_ALEN); + if (r < 0) + return r; + + return 0; +} + +int netlink_message_append_hw_addr(sd_netlink_message *m, uint16_t attr_type, const struct hw_addr_data *data) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(data, -EINVAL); + assert_return(data->length > 0, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_ETHER_ADDR); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, data->bytes, data->length); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_append_cache_info(sd_netlink_message *m, uint16_t attr_type, const struct ifa_cacheinfo *info) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(info, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_CACHE_INFO); + if (r < 0) + return r; + + r = add_rtattr(m, attr_type, info, sizeof(struct ifa_cacheinfo)); + if (r < 0) + return r; + + return 0; +} + +int sd_netlink_message_open_container(sd_netlink_message *m, uint16_t attr_type) { + size_t size; + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + /* m->containers[m->n_containers + 1] is accessed both in read and write. Prevent access out of bound */ + assert_return(m->n_containers < (NETLINK_CONTAINER_DEPTH - 1), -ERANGE); + + r = message_attribute_has_type(m, &size, attr_type, NETLINK_TYPE_NESTED); + if (r < 0) { + const NLAPolicySetUnion *policy_set_union; + int family; + + r = message_attribute_has_type(m, &size, attr_type, NETLINK_TYPE_NESTED_UNION_BY_FAMILY); + if (r < 0) + return r; + + r = sd_rtnl_message_get_family(m, &family); + if (r < 0) + return r; + + policy_set_union = policy_set_get_policy_set_union( + m->containers[m->n_containers].policy_set, + attr_type); + if (!policy_set_union) + return -EOPNOTSUPP; + + m->containers[m->n_containers + 1].policy_set = + policy_set_union_get_policy_set_by_family( + policy_set_union, + family); + } else + m->containers[m->n_containers + 1].policy_set = + policy_set_get_policy_set( + m->containers[m->n_containers].policy_set, + attr_type); + if (!m->containers[m->n_containers + 1].policy_set) + return -EOPNOTSUPP; + + r = add_rtattr(m, attr_type | NLA_F_NESTED, NULL, size); + if (r < 0) + return r; + + m->containers[m->n_containers++].offset = r; + + return 0; +} + +int sd_netlink_message_open_container_union(sd_netlink_message *m, uint16_t attr_type, const char *key) { + const NLAPolicySetUnion *policy_set_union; + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(m->n_containers < (NETLINK_CONTAINER_DEPTH - 1), -ERANGE); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_NESTED_UNION_BY_STRING); + if (r < 0) + return r; + + policy_set_union = policy_set_get_policy_set_union( + m->containers[m->n_containers].policy_set, + attr_type); + if (!policy_set_union) + return -EOPNOTSUPP; + + m->containers[m->n_containers + 1].policy_set = + policy_set_union_get_policy_set_by_string( + policy_set_union, + key); + if (!m->containers[m->n_containers + 1].policy_set) + return -EOPNOTSUPP; + + r = sd_netlink_message_append_string(m, policy_set_union_get_match_attribute(policy_set_union), key); + if (r < 0) + return r; + + /* do we ever need non-null size */ + r = add_rtattr(m, attr_type | NLA_F_NESTED, NULL, 0); + if (r < 0) + return r; + + m->containers[m->n_containers++].offset = r; + + return 0; +} + +int sd_netlink_message_close_container(sd_netlink_message *m) { + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(m->n_containers > 0, -EINVAL); + + m->containers[m->n_containers].policy_set = NULL; + m->containers[m->n_containers].offset = 0; + m->n_containers--; + + return 0; +} + +int sd_netlink_message_open_array(sd_netlink_message *m, uint16_t attr_type) { + int r; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(m->n_containers < (NETLINK_CONTAINER_DEPTH - 1), -ERANGE); + + r = add_rtattr(m, attr_type | NLA_F_NESTED, NULL, 0); + if (r < 0) + return r; + + m->containers[m->n_containers].offset = r; + m->n_containers++; + m->containers[m->n_containers].policy_set = m->containers[m->n_containers - 1].policy_set; + + return 0; +} + +int sd_netlink_message_cancel_array(sd_netlink_message *m) { + uint32_t rta_len; + + assert_return(m, -EINVAL); + assert_return(!m->sealed, -EPERM); + assert_return(m->n_containers > 1, -EINVAL); + + rta_len = GET_CONTAINER(m, (m->n_containers - 1))->rta_len; + + for (unsigned i = 0; i < m->n_containers; i++) + GET_CONTAINER(m, i)->rta_len -= rta_len; + + m->hdr->nlmsg_len -= rta_len; + + m->n_containers--; + m->containers[m->n_containers].policy_set = NULL; + + return 0; +} + +static int netlink_message_read_internal( + sd_netlink_message *m, + uint16_t attr_type, + void **ret_data, + bool *ret_net_byteorder) { + + struct netlink_attribute *attribute; + struct rtattr *rta; + + assert_return(m, -EINVAL); + assert_return(m->sealed, -EPERM); + + assert(m->n_containers < NETLINK_CONTAINER_DEPTH); + + if (!m->containers[m->n_containers].attributes) + return -ENODATA; + + if (attr_type > m->containers[m->n_containers].max_attribute) + return -ENODATA; + + attribute = &m->containers[m->n_containers].attributes[attr_type]; + + if (attribute->offset == 0) + return -ENODATA; + + rta = (struct rtattr*)((uint8_t *) m->hdr + attribute->offset); + + if (ret_data) + *ret_data = RTA_DATA(rta); + + if (ret_net_byteorder) + *ret_net_byteorder = attribute->net_byteorder; + + return RTA_PAYLOAD(rta); +} + +int sd_netlink_message_read(sd_netlink_message *m, uint16_t attr_type, size_t size, void *data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if ((size_t) r > size) + return -ENOBUFS; + + if (data) + memcpy(data, attr_data, r); + + return r; +} + +int sd_netlink_message_read_data(sd_netlink_message *m, uint16_t attr_type, size_t *ret_size, void **ret_data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if (ret_data) { + void *data; + + data = memdup(attr_data, r); + if (!data) + return -ENOMEM; + + *ret_data = data; + } + + if (ret_size) + *ret_size = r; + + return r; +} + +int sd_netlink_message_read_data_suffix0(sd_netlink_message *m, uint16_t attr_type, size_t *ret_size, void **ret_data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if (ret_data) { + void *data; + + data = memdup_suffix0(attr_data, r); + if (!data) + return -ENOMEM; + + *ret_data = data; + } + + if (ret_size) + *ret_size = r; + + return r; +} + +int sd_netlink_message_read_string_strdup(sd_netlink_message *m, uint16_t attr_type, char **data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_STRING); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if (data) { + char *str; + + str = strndup(attr_data, r); + if (!str) + return -ENOMEM; + + *data = str; + } + + return 0; +} + +int sd_netlink_message_read_string(sd_netlink_message *m, uint16_t attr_type, const char **data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_STRING); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if (strnlen(attr_data, r) >= (size_t) r) + return -EIO; + + if (data) + *data = (const char *) attr_data; + + return 0; +} + +int sd_netlink_message_read_u8(sd_netlink_message *m, uint16_t attr_type, uint8_t *data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_U8); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if ((size_t) r < sizeof(uint8_t)) + return -EIO; + + if (data) + *data = *(uint8_t *) attr_data; + + return 0; +} + +int sd_netlink_message_read_u16(sd_netlink_message *m, uint16_t attr_type, uint16_t *data) { + void *attr_data; + bool net_byteorder; + int r; + + assert_return(m, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_U16); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, &net_byteorder); + if (r < 0) + return r; + + if ((size_t) r < sizeof(uint16_t)) + return -EIO; + + if (data) { + if (net_byteorder) + *data = be16toh(*(uint16_t *) attr_data); + else + *data = *(uint16_t *) attr_data; + } + + return 0; +} + +int sd_netlink_message_read_u32(sd_netlink_message *m, uint16_t attr_type, uint32_t *data) { + void *attr_data; + bool net_byteorder; + int r; + + assert_return(m, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_U32); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, &net_byteorder); + if (r < 0) + return r; + + if ((size_t) r < sizeof(uint32_t)) + return -EIO; + + if (data) { + if (net_byteorder) + *data = be32toh(*(uint32_t *) attr_data); + else + *data = *(uint32_t *) attr_data; + } + + return 0; +} + +int sd_netlink_message_read_ether_addr(sd_netlink_message *m, uint16_t attr_type, struct ether_addr *data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_ETHER_ADDR); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if ((size_t) r < sizeof(struct ether_addr)) + return -EIO; + + if (data) + memcpy(data, attr_data, sizeof(struct ether_addr)); + + return 0; +} + +int netlink_message_read_hw_addr(sd_netlink_message *m, uint16_t attr_type, struct hw_addr_data *data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_ETHER_ADDR); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if (r > HW_ADDR_MAX_SIZE) + return -EIO; + + if (data) { + memcpy(data->bytes, attr_data, r); + data->length = r; + } + + return 0; +} + +int sd_netlink_message_read_cache_info(sd_netlink_message *m, uint16_t attr_type, struct ifa_cacheinfo *info) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_CACHE_INFO); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if ((size_t) r < sizeof(struct ifa_cacheinfo)) + return -EIO; + + if (info) + memcpy(info, attr_data, sizeof(struct ifa_cacheinfo)); + + return 0; +} + +int netlink_message_read_in_addr_union(sd_netlink_message *m, uint16_t attr_type, int family, union in_addr_union *data) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + assert_return(IN_SET(family, AF_INET, AF_INET6), -EINVAL); + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_IN_ADDR); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r < 0) + return r; + + if ((size_t) r < FAMILY_ADDRESS_SIZE(family)) + return -EIO; + + if (data) + memcpy(data, attr_data, FAMILY_ADDRESS_SIZE(family)); + + return 0; +} + +int sd_netlink_message_read_in_addr(sd_netlink_message *m, uint16_t attr_type, struct in_addr *data) { + union in_addr_union u; + int r; + + r = netlink_message_read_in_addr_union(m, attr_type, AF_INET, &u); + if (r >= 0 && data) + *data = u.in; + + return r; +} + +int sd_netlink_message_read_in6_addr(sd_netlink_message *m, uint16_t attr_type, struct in6_addr *data) { + union in_addr_union u; + int r; + + r = netlink_message_read_in_addr_union(m, attr_type, AF_INET6, &u); + if (r >= 0 && data) + *data = u.in6; + + return r; +} + +int sd_netlink_message_has_flag(sd_netlink_message *m, uint16_t attr_type) { + void *attr_data; + int r; + + assert_return(m, -EINVAL); + + /* This returns 1 when the flag is set, 0 when not set, negative errno on error. */ + + r = message_attribute_has_type(m, NULL, attr_type, NETLINK_TYPE_FLAG); + if (r < 0) + return r; + + r = netlink_message_read_internal(m, attr_type, &attr_data, NULL); + if (r == -ENODATA) + return 0; + if (r < 0) + return r; + + return 1; +} + +int sd_netlink_message_read_strv(sd_netlink_message *m, uint16_t container_type, uint16_t attr_type, char ***ret) { + _cleanup_strv_free_ char **s = NULL; + const NLAPolicySet *policy_set; + const NLAPolicy *policy; + struct rtattr *rta; + void *container; + size_t rt_len; + int r; + + assert_return(m, -EINVAL); + assert_return(m->n_containers < NETLINK_CONTAINER_DEPTH, -EINVAL); + + policy = policy_set_get_policy( + m->containers[m->n_containers].policy_set, + container_type); + if (!policy) + return -EOPNOTSUPP; + + if (policy_get_type(policy) != NETLINK_TYPE_NESTED) + return -EINVAL; + + policy_set = policy_set_get_policy_set( + m->containers[m->n_containers].policy_set, + container_type); + if (!policy_set) + return -EOPNOTSUPP; + + policy = policy_set_get_policy(policy_set, attr_type); + if (!policy) + return -EOPNOTSUPP; + + if (policy_get_type(policy) != NETLINK_TYPE_STRING) + return -EINVAL; + + r = netlink_message_read_internal(m, container_type, &container, NULL); + if (r < 0) + return r; + + rt_len = (size_t) r; + rta = container; + + /* RTA_OK() macro compares with rta->rt_len, which is unsigned short, and + * LGTM.com analysis does not like the type difference. Hence, here we + * introduce an unsigned short variable as a workaround. */ + unsigned short len = rt_len; + for (; RTA_OK(rta, len); rta = RTA_NEXT(rta, len)) { + uint16_t type; + + type = RTA_TYPE(rta); + if (type != attr_type) + continue; + + r = strv_extend(&s, RTA_DATA(rta)); + if (r < 0) + return r; + } + + *ret = TAKE_PTR(s); + return 0; +} + +static int netlink_container_parse( + sd_netlink_message *m, + struct netlink_container *container, + struct rtattr *rta, + size_t rt_len) { + + _cleanup_free_ struct netlink_attribute *attributes = NULL; + uint16_t max_attr = 0; + + /* RTA_OK() macro compares with rta->rt_len, which is unsigned short, and + * LGTM.com analysis does not like the type difference. Hence, here we + * introduce an unsigned short variable as a workaround. */ + unsigned short len = rt_len; + for (; RTA_OK(rta, len); rta = RTA_NEXT(rta, len)) { + uint16_t attr; + + attr = RTA_TYPE(rta); + max_attr = MAX(max_attr, attr); + + if (!GREEDY_REALLOC0(attributes, (size_t) max_attr + 1)) + return -ENOMEM; + + if (attributes[attr].offset != 0) + log_debug("sd-netlink: message parse - overwriting repeated attribute"); + + attributes[attr].offset = (uint8_t *) rta - (uint8_t *) m->hdr; + attributes[attr].nested = RTA_FLAGS(rta) & NLA_F_NESTED; + attributes[attr].net_byteorder = RTA_FLAGS(rta) & NLA_F_NET_BYTEORDER; + } + + container->attributes = TAKE_PTR(attributes); + container->max_attribute = max_attr; + + return 0; +} + +int sd_netlink_message_enter_container(sd_netlink_message *m, uint16_t attr_type) { + const NLAPolicy *policy; + const NLAPolicySet *policy_set; + void *container; + size_t size; + int r; + + assert_return(m, -EINVAL); + assert_return(m->n_containers < (NETLINK_CONTAINER_DEPTH - 1), -EINVAL); + + policy = policy_set_get_policy( + m->containers[m->n_containers].policy_set, + attr_type); + if (!policy) + return -EOPNOTSUPP; + + switch (policy_get_type(policy)) { + case NETLINK_TYPE_NESTED: + policy_set = policy_set_get_policy_set( + m->containers[m->n_containers].policy_set, + attr_type); + break; + + case NETLINK_TYPE_NESTED_UNION_BY_STRING: { + const NLAPolicySetUnion *policy_set_union; + const char *key; + + policy_set_union = policy_get_policy_set_union(policy); + if (!policy_set_union) + return -EOPNOTSUPP; + + r = sd_netlink_message_read_string( + m, + policy_set_union_get_match_attribute(policy_set_union), + &key); + if (r < 0) + return r; + + policy_set = policy_set_union_get_policy_set_by_string( + policy_set_union, + key); + break; + } + case NETLINK_TYPE_NESTED_UNION_BY_FAMILY: { + const NLAPolicySetUnion *policy_set_union; + int family; + + policy_set_union = policy_get_policy_set_union(policy); + if (!policy_set_union) + return -EOPNOTSUPP; + + r = sd_rtnl_message_get_family(m, &family); + if (r < 0) + return r; + + policy_set = policy_set_union_get_policy_set_by_family( + policy_set_union, + family); + break; + } + default: + assert_not_reached(); + } + if (!policy_set) + return -EOPNOTSUPP; + + r = netlink_message_read_internal(m, attr_type, &container, NULL); + if (r < 0) + return r; + + size = (size_t) r; + m->n_containers++; + + r = netlink_container_parse(m, + &m->containers[m->n_containers], + container, + size); + if (r < 0) { + m->n_containers--; + return r; + } + + m->containers[m->n_containers].policy_set = policy_set; + + return 0; +} + +int sd_netlink_message_enter_array(sd_netlink_message *m, uint16_t attr_type) { + void *container; + size_t size; + int r; + + assert_return(m, -EINVAL); + assert_return(m->n_containers < (NETLINK_CONTAINER_DEPTH - 1), -EINVAL); + + r = netlink_message_read_internal(m, attr_type, &container, NULL); + if (r < 0) + return r; + + size = (size_t) r; + m->n_containers++; + + r = netlink_container_parse(m, + &m->containers[m->n_containers], + container, + size); + if (r < 0) { + m->n_containers--; + return r; + } + + m->containers[m->n_containers].policy_set = m->containers[m->n_containers - 1].policy_set; + + return 0; +} + +int sd_netlink_message_exit_container(sd_netlink_message *m) { + assert_return(m, -EINVAL); + assert_return(m->sealed, -EINVAL); + assert_return(m->n_containers > 0, -EINVAL); + + m->containers[m->n_containers].attributes = mfree(m->containers[m->n_containers].attributes); + m->containers[m->n_containers].max_attribute = 0; + m->containers[m->n_containers].policy_set = NULL; + + m->n_containers--; + + return 0; +} + +int sd_netlink_message_get_max_attribute(sd_netlink_message *m, uint16_t *ret) { + assert_return(m, -EINVAL); + assert_return(m->sealed, -EINVAL); + assert_return(ret, -EINVAL); + + *ret = m->containers[m->n_containers].max_attribute; + return 0; +} + +int sd_netlink_message_is_error(sd_netlink_message *m) { + assert_return(m, 0); + assert_return(m->hdr, 0); + + return m->hdr->nlmsg_type == NLMSG_ERROR; +} + +int sd_netlink_message_get_errno(sd_netlink_message *m) { + struct nlmsgerr *err; + + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + + if (!sd_netlink_message_is_error(m)) + return 0; + + err = NLMSG_DATA(m->hdr); + + return err->error; +} + +static int netlink_message_parse_error(sd_netlink_message *m) { + struct nlmsgerr *err = NLMSG_DATA(m->hdr); + size_t hlen = sizeof(struct nlmsgerr); + + /* no TLVs, nothing to do here */ + if (!(m->hdr->nlmsg_flags & NLM_F_ACK_TLVS)) + return 0; + + /* if NLM_F_CAPPED is set then the inner err msg was capped */ + if (!(m->hdr->nlmsg_flags & NLM_F_CAPPED)) + hlen += err->msg.nlmsg_len - sizeof(struct nlmsghdr); + + if (m->hdr->nlmsg_len <= NLMSG_SPACE(hlen)) + return 0; + + return netlink_container_parse(m, + &m->containers[m->n_containers], + (struct rtattr*)((uint8_t*) NLMSG_DATA(m->hdr) + hlen), + NLMSG_PAYLOAD(m->hdr, hlen)); +} + +int sd_netlink_message_rewind(sd_netlink_message *m, sd_netlink *nl) { + size_t size; + int r; + + assert_return(m, -EINVAL); + assert_return(nl, -EINVAL); + + /* don't allow appending to message once parsed */ + message_seal(m); + + for (unsigned i = 1; i <= m->n_containers; i++) + m->containers[i].attributes = mfree(m->containers[i].attributes); + + m->n_containers = 0; + + if (m->containers[0].attributes) + /* top-level attributes have already been parsed */ + return 0; + + assert(m->hdr); + + r = netlink_get_policy_set_and_header_size(nl, m->hdr->nlmsg_type, + &m->containers[0].policy_set, &size); + if (r < 0) + return r; + + if (sd_netlink_message_is_error(m)) + return netlink_message_parse_error(m); + + return netlink_container_parse(m, + &m->containers[0], + (struct rtattr*)((uint8_t*) NLMSG_DATA(m->hdr) + NLMSG_ALIGN(size)), + NLMSG_PAYLOAD(m->hdr, size)); +} + +void message_seal(sd_netlink_message *m) { + assert(m); + + m->sealed = true; +} + +sd_netlink_message *sd_netlink_message_next(sd_netlink_message *m) { + assert_return(m, NULL); + + return m->next; +} diff --git a/src/libsystemd/sd-netlink/netlink-slot.c b/src/libsystemd/sd-netlink/netlink-slot.c new file mode 100644 index 0000000..34f527d --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-slot.c @@ -0,0 +1,188 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <errno.h> + +#include "sd-netlink.h" + +#include "alloc-util.h" +#include "netlink-internal.h" +#include "netlink-slot.h" +#include "string-util.h" + +int netlink_slot_allocate( + sd_netlink *nl, + bool floating, + NetlinkSlotType type, + size_t extra, + void *userdata, + const char *description, + sd_netlink_slot **ret) { + + _cleanup_free_ sd_netlink_slot *slot = NULL; + + assert(nl); + assert(ret); + + slot = malloc0(offsetof(sd_netlink_slot, reply_callback) + extra); + if (!slot) + return -ENOMEM; + + slot->n_ref = 1; + slot->netlink = nl; + slot->userdata = userdata; + slot->type = type; + slot->floating = floating; + + if (description) { + slot->description = strdup(description); + if (!slot->description) + return -ENOMEM; + } + + if (!floating) + sd_netlink_ref(nl); + + LIST_PREPEND(slots, nl->slots, slot); + + *ret = TAKE_PTR(slot); + + return 0; +} + +void netlink_slot_disconnect(sd_netlink_slot *slot, bool unref) { + sd_netlink *nl; + + assert(slot); + + nl = slot->netlink; + if (!nl) + return; + + switch (slot->type) { + + case NETLINK_REPLY_CALLBACK: + (void) hashmap_remove(nl->reply_callbacks, &slot->reply_callback.serial); + + if (slot->reply_callback.timeout != 0) + prioq_remove(nl->reply_callbacks_prioq, &slot->reply_callback, &slot->reply_callback.prioq_idx); + + break; + case NETLINK_MATCH_CALLBACK: + LIST_REMOVE(match_callbacks, nl->match_callbacks, &slot->match_callback); + + for (size_t i = 0; i < slot->match_callback.n_groups; i++) + (void) socket_broadcast_group_unref(nl, slot->match_callback.groups[i]); + + slot->match_callback.n_groups = 0; + slot->match_callback.groups = mfree(slot->match_callback.groups); + + break; + default: + assert_not_reached(); + } + + slot->type = _NETLINK_SLOT_INVALID; + slot->netlink = NULL; + LIST_REMOVE(slots, nl->slots, slot); + + if (!slot->floating) + sd_netlink_unref(nl); + else if (unref) + sd_netlink_slot_unref(slot); +} + +static sd_netlink_slot* netlink_slot_free(sd_netlink_slot *slot) { + assert(slot); + + netlink_slot_disconnect(slot, false); + + if (slot->destroy_callback) + slot->destroy_callback(slot->userdata); + + free(slot->description); + return mfree(slot); +} + +DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_netlink_slot, sd_netlink_slot, netlink_slot_free); + +sd_netlink *sd_netlink_slot_get_netlink(sd_netlink_slot *slot) { + assert_return(slot, NULL); + + return slot->netlink; +} + +void *sd_netlink_slot_get_userdata(sd_netlink_slot *slot) { + assert_return(slot, NULL); + + return slot->userdata; +} + +void *sd_netlink_slot_set_userdata(sd_netlink_slot *slot, void *userdata) { + void *ret; + + assert_return(slot, NULL); + + ret = slot->userdata; + slot->userdata = userdata; + + return ret; +} + +int sd_netlink_slot_get_destroy_callback(sd_netlink_slot *slot, sd_netlink_destroy_t *callback) { + assert_return(slot, -EINVAL); + + if (callback) + *callback = slot->destroy_callback; + + return !!slot->destroy_callback; +} + +int sd_netlink_slot_set_destroy_callback(sd_netlink_slot *slot, sd_netlink_destroy_t callback) { + assert_return(slot, -EINVAL); + + slot->destroy_callback = callback; + return 0; +} + +int sd_netlink_slot_get_floating(sd_netlink_slot *slot) { + assert_return(slot, -EINVAL); + + return slot->floating; +} + +int sd_netlink_slot_set_floating(sd_netlink_slot *slot, int b) { + assert_return(slot, -EINVAL); + + if (slot->floating == !!b) + return 0; + + if (!slot->netlink) /* Already disconnected */ + return -ESTALE; + + slot->floating = b; + + if (b) { + sd_netlink_slot_ref(slot); + sd_netlink_unref(slot->netlink); + } else { + sd_netlink_ref(slot->netlink); + sd_netlink_slot_unref(slot); + } + + return 1; +} + +int sd_netlink_slot_get_description(sd_netlink_slot *slot, const char **description) { + assert_return(slot, -EINVAL); + + if (description) + *description = slot->description; + + return !!slot->description; +} + +int sd_netlink_slot_set_description(sd_netlink_slot *slot, const char *description) { + assert_return(slot, -EINVAL); + + return free_and_strdup(&slot->description, description); +} diff --git a/src/libsystemd/sd-netlink/netlink-slot.h b/src/libsystemd/sd-netlink/netlink-slot.h new file mode 100644 index 0000000..79de817 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-slot.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include "sd-netlink.h" + +int netlink_slot_allocate( + sd_netlink *nl, + bool floating, + NetlinkSlotType type, + size_t extra, + void *userdata, + const char *description, + sd_netlink_slot **ret); +void netlink_slot_disconnect(sd_netlink_slot *slot, bool unref); diff --git a/src/libsystemd/sd-netlink/netlink-socket.c b/src/libsystemd/sd-netlink/netlink-socket.c new file mode 100644 index 0000000..605e809 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-socket.c @@ -0,0 +1,383 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <malloc.h> +#include <netinet/in.h> +#include <stdbool.h> +#include <unistd.h> + +#include "sd-netlink.h" + +#include "alloc-util.h" +#include "fd-util.h" +#include "format-util.h" +#include "io-util.h" +#include "netlink-internal.h" +#include "netlink-types.h" +#include "socket-util.h" +#include "util.h" + +static int broadcast_groups_get(sd_netlink *nl) { + _cleanup_free_ uint32_t *groups = NULL; + socklen_t len = 0, old_len; + int r; + + assert(nl); + assert(nl->fd >= 0); + + if (getsockopt(nl->fd, SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS, NULL, &len) < 0) { + if (errno != ENOPROTOOPT) + return -errno; + + nl->broadcast_group_dont_leave = true; + return 0; + } + + if (len == 0) + return 0; + + groups = new0(uint32_t, len); + if (!groups) + return -ENOMEM; + + old_len = len; + + if (getsockopt(nl->fd, SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS, groups, &len) < 0) + return -errno; + + if (old_len != len) + return -EIO; + + for (unsigned i = 0; i < len; i++) + for (unsigned j = 0; j < sizeof(uint32_t) * 8; j++) + if (groups[i] & (1U << j)) { + unsigned group = i * sizeof(uint32_t) * 8 + j + 1; + + r = hashmap_ensure_put(&nl->broadcast_group_refs, NULL, UINT_TO_PTR(group), UINT_TO_PTR(1)); + if (r < 0) + return r; + } + + return 0; +} + +int socket_bind(sd_netlink *nl) { + socklen_t addrlen; + int r; + + r = setsockopt_int(nl->fd, SOL_NETLINK, NETLINK_PKTINFO, true); + if (r < 0) + return r; + + addrlen = sizeof(nl->sockaddr); + + /* ignore EINVAL to allow binding an already bound socket */ + if (bind(nl->fd, &nl->sockaddr.sa, addrlen) < 0 && errno != EINVAL) + return -errno; + + if (getsockname(nl->fd, &nl->sockaddr.sa, &addrlen) < 0) + return -errno; + + return broadcast_groups_get(nl); +} + +static unsigned broadcast_group_get_ref(sd_netlink *nl, unsigned group) { + assert(nl); + + return PTR_TO_UINT(hashmap_get(nl->broadcast_group_refs, UINT_TO_PTR(group))); +} + +static int broadcast_group_set_ref(sd_netlink *nl, unsigned group, unsigned n_ref) { + int r; + + assert(nl); + + r = hashmap_ensure_allocated(&nl->broadcast_group_refs, NULL); + if (r < 0) + return r; + + return hashmap_replace(nl->broadcast_group_refs, UINT_TO_PTR(group), UINT_TO_PTR(n_ref)); +} + +static int broadcast_group_join(sd_netlink *nl, unsigned group) { + assert(nl); + assert(nl->fd >= 0); + assert(group > 0); + + /* group is "unsigned", but netlink(7) says the argument for NETLINK_ADD_MEMBERSHIP is "int" */ + return setsockopt_int(nl->fd, SOL_NETLINK, NETLINK_ADD_MEMBERSHIP, group); +} + +int socket_broadcast_group_ref(sd_netlink *nl, unsigned group) { + unsigned n_ref; + int r; + + assert(nl); + + n_ref = broadcast_group_get_ref(nl, group); + + n_ref++; + + r = broadcast_group_set_ref(nl, group, n_ref); + if (r < 0) + return r; + + if (n_ref > 1) + /* already in the group */ + return 0; + + return broadcast_group_join(nl, group); +} + +static int broadcast_group_leave(sd_netlink *nl, unsigned group) { + assert(nl); + assert(nl->fd >= 0); + assert(group > 0); + + if (nl->broadcast_group_dont_leave) + return 0; + + /* group is "unsigned", but netlink(7) says the argument for NETLINK_DROP_MEMBERSHIP is "int" */ + return setsockopt_int(nl->fd, SOL_NETLINK, NETLINK_DROP_MEMBERSHIP, group); +} + +int socket_broadcast_group_unref(sd_netlink *nl, unsigned group) { + unsigned n_ref; + int r; + + assert(nl); + + n_ref = broadcast_group_get_ref(nl, group); + if (n_ref == 0) + return 0; + + n_ref--; + + r = broadcast_group_set_ref(nl, group, n_ref); + if (r < 0) + return r; + + if (n_ref > 0) + /* still refs left */ + return 0; + + return broadcast_group_leave(nl, group); +} + +/* returns the number of bytes sent, or a negative error code */ +int socket_write_message(sd_netlink *nl, sd_netlink_message *m) { + union sockaddr_union addr = { + .nl.nl_family = AF_NETLINK, + }; + ssize_t k; + + assert(nl); + assert(m); + assert(m->hdr); + + k = sendto(nl->fd, m->hdr, m->hdr->nlmsg_len, 0, &addr.sa, sizeof(addr)); + if (k < 0) + return -errno; + + return k; +} + +static int socket_recv_message(int fd, struct iovec *iov, uint32_t *ret_mcast_group, bool peek) { + union sockaddr_union sender; + CMSG_BUFFER_TYPE(CMSG_SPACE(sizeof(struct nl_pktinfo))) control; + struct msghdr msg = { + .msg_iov = iov, + .msg_iovlen = 1, + .msg_name = &sender, + .msg_namelen = sizeof(sender), + .msg_control = &control, + .msg_controllen = sizeof(control), + }; + ssize_t n; + + assert(fd >= 0); + assert(iov); + + n = recvmsg_safe(fd, &msg, MSG_TRUNC | (peek ? MSG_PEEK : 0)); + if (n < 0) { + if (n == -ENOBUFS) + return log_debug_errno(n, "sd-netlink: kernel receive buffer overrun"); + if (ERRNO_IS_TRANSIENT(n)) + return 0; + return (int) n; + } + + if (sender.nl.nl_pid != 0) { + /* not from the kernel, ignore */ + log_debug("sd-netlink: ignoring message from PID %"PRIu32, sender.nl.nl_pid); + + if (peek) { + /* drop the message */ + n = recvmsg_safe(fd, &msg, 0); + if (n < 0) + return (int) n; + } + + return 0; + } + + if (ret_mcast_group) { + struct nl_pktinfo *pi; + + pi = CMSG_FIND_DATA(&msg, SOL_NETLINK, NETLINK_PKTINFO, struct nl_pktinfo); + if (pi) + *ret_mcast_group = pi->group; + else + *ret_mcast_group = 0; + } + + return (int) n; +} + +/* On success, the number of bytes received is returned and *ret points to the received message + * which has a valid header and the correct size. + * If nothing useful was received 0 is returned. + * On failure, a negative error code is returned. + */ +int socket_read_message(sd_netlink *nl) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *first = NULL; + bool multi_part = false, done = false; + size_t len, allocated; + struct iovec iov = {}; + uint32_t group = 0; + unsigned i = 0; + int r; + + assert(nl); + assert(nl->rbuffer); + + /* read nothing, just get the pending message size */ + r = socket_recv_message(nl->fd, &iov, NULL, true); + if (r <= 0) + return r; + else + len = (size_t) r; + + /* make room for the pending message */ + if (!greedy_realloc((void**) &nl->rbuffer, len, sizeof(uint8_t))) + return -ENOMEM; + + allocated = MALLOC_SIZEOF_SAFE(nl->rbuffer); + iov = IOVEC_MAKE(nl->rbuffer, allocated); + + /* read the pending message */ + r = socket_recv_message(nl->fd, &iov, &group, false); + if (r <= 0) + return r; + else + len = (size_t) r; + + if (len > allocated) + /* message did not fit in read buffer */ + return -EIO; + + if (NLMSG_OK(nl->rbuffer, len) && nl->rbuffer->nlmsg_flags & NLM_F_MULTI) { + multi_part = true; + + for (i = 0; i < nl->rqueue_partial_size; i++) + if (message_get_serial(nl->rqueue_partial[i]) == + nl->rbuffer->nlmsg_seq) { + first = nl->rqueue_partial[i]; + break; + } + } + + for (struct nlmsghdr *new_msg = nl->rbuffer; NLMSG_OK(new_msg, len) && !done; new_msg = NLMSG_NEXT(new_msg, len)) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + size_t size; + + if (group == 0 && new_msg->nlmsg_pid != nl->sockaddr.nl.nl_pid) + /* not broadcast and not for us */ + continue; + + if (new_msg->nlmsg_type == NLMSG_NOOP) + /* silently drop noop messages */ + continue; + + if (new_msg->nlmsg_type == NLMSG_DONE) { + /* finished reading multi-part message */ + done = true; + + /* if first is not defined, put NLMSG_DONE into the receive queue. */ + if (first) + continue; + } + + /* check that we support this message type */ + r = netlink_get_policy_set_and_header_size(nl, new_msg->nlmsg_type, NULL, &size); + if (r < 0) { + if (r == -EOPNOTSUPP) + log_debug("sd-netlink: ignored message with unknown type: %i", + new_msg->nlmsg_type); + + continue; + } + + /* check that the size matches the message type */ + if (new_msg->nlmsg_len < NLMSG_LENGTH(size)) { + log_debug("sd-netlink: message is shorter than expected, dropping"); + continue; + } + + r = message_new_empty(nl, &m); + if (r < 0) + return r; + + m->multicast_group = group; + m->hdr = memdup(new_msg, new_msg->nlmsg_len); + if (!m->hdr) + return -ENOMEM; + + /* seal and parse the top-level message */ + r = sd_netlink_message_rewind(m, nl); + if (r < 0) + return r; + + /* push the message onto the multi-part message stack */ + if (first) + m->next = first; + first = TAKE_PTR(m); + } + + if (len > 0) + log_debug("sd-netlink: discarding %zu bytes of incoming message", len); + + if (!first) + return 0; + + if (!multi_part || done) { + /* we got a complete message, push it on the read queue */ + r = netlink_rqueue_make_room(nl); + if (r < 0) + return r; + + nl->rqueue[nl->rqueue_size++] = TAKE_PTR(first); + + if (multi_part && (i < nl->rqueue_partial_size)) { + /* remove the message form the partial read queue */ + memmove(nl->rqueue_partial + i, nl->rqueue_partial + i + 1, + sizeof(sd_netlink_message*) * (nl->rqueue_partial_size - i - 1)); + nl->rqueue_partial_size--; + } + + return 1; + } else { + /* we only got a partial multi-part message, push it on the + partial read queue */ + if (i < nl->rqueue_partial_size) + nl->rqueue_partial[i] = TAKE_PTR(first); + else { + r = netlink_rqueue_partial_make_room(nl); + if (r < 0) + return r; + + nl->rqueue_partial[nl->rqueue_partial_size++] = TAKE_PTR(first); + } + + return 0; + } +} diff --git a/src/libsystemd/sd-netlink/netlink-types-genl.c b/src/libsystemd/sd-netlink/netlink-types-genl.c new file mode 100644 index 0000000..6fe9adc --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-types-genl.c @@ -0,0 +1,251 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <netinet/in.h> +#include <sys/socket.h> +#include <linux/batman_adv.h> +#include <linux/fou.h> +#include <linux/genetlink.h> +#include <linux/if.h> +#include <linux/if_macsec.h> +#include <linux/l2tp.h> +#include <linux/nl80211.h> +#include <linux/wireguard.h> + +#include "missing_network.h" +#include "netlink-genl.h" +#include "netlink-types-internal.h" + +/***************** genl ctrl type systems *****************/ +static const NLAPolicy genl_ctrl_mcast_group_policies[] = { + [CTRL_ATTR_MCAST_GRP_NAME] = BUILD_POLICY(STRING), + [CTRL_ATTR_MCAST_GRP_ID] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(genl_ctrl_mcast_group); + +static const NLAPolicy genl_ctrl_ops_policies[] = { + [CTRL_ATTR_OP_ID] = BUILD_POLICY(U32), + [CTRL_ATTR_OP_FLAGS] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(genl_ctrl_ops); + +static const NLAPolicy genl_ctrl_policies[] = { + [CTRL_ATTR_FAMILY_ID] = BUILD_POLICY(U16), + [CTRL_ATTR_FAMILY_NAME] = BUILD_POLICY(STRING), + [CTRL_ATTR_VERSION] = BUILD_POLICY(U32), + [CTRL_ATTR_HDRSIZE] = BUILD_POLICY(U32), + [CTRL_ATTR_MAXATTR] = BUILD_POLICY(U32), + [CTRL_ATTR_OPS] = BUILD_POLICY_NESTED(genl_ctrl_ops), + [CTRL_ATTR_MCAST_GROUPS] = BUILD_POLICY_NESTED(genl_ctrl_mcast_group), + /* + [CTRL_ATTR_POLICY] = { .type = NETLINK_TYPE_NESTED, }, + [CTRL_ATTR_OP_POLICY] = { .type = NETLINK_TYPE_NESTED, } + */ + [CTRL_ATTR_OP] = BUILD_POLICY(U32), +}; + +/***************** genl batadv type systems *****************/ +static const NLAPolicy genl_batadv_policies[] = { + [BATADV_ATTR_VERSION] = BUILD_POLICY(STRING), + [BATADV_ATTR_ALGO_NAME] = BUILD_POLICY(STRING), + [BATADV_ATTR_MESH_IFINDEX] = BUILD_POLICY(U32), + [BATADV_ATTR_MESH_IFNAME] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ), + [BATADV_ATTR_MESH_ADDRESS] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_HARD_IFINDEX] = BUILD_POLICY(U32), + [BATADV_ATTR_HARD_IFNAME] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ), + [BATADV_ATTR_HARD_ADDRESS] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_ORIG_ADDRESS] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_TPMETER_RESULT] = BUILD_POLICY(U8), + [BATADV_ATTR_TPMETER_TEST_TIME] = BUILD_POLICY(U32), + [BATADV_ATTR_TPMETER_BYTES] = BUILD_POLICY(U64), + [BATADV_ATTR_TPMETER_COOKIE] = BUILD_POLICY(U32), + [BATADV_ATTR_PAD] = BUILD_POLICY(UNSPEC), + [BATADV_ATTR_ACTIVE] = BUILD_POLICY(FLAG), + [BATADV_ATTR_TT_ADDRESS] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_TT_TTVN] = BUILD_POLICY(U8), + [BATADV_ATTR_TT_LAST_TTVN] = BUILD_POLICY(U8), + [BATADV_ATTR_TT_CRC32] = BUILD_POLICY(U32), + [BATADV_ATTR_TT_VID] = BUILD_POLICY(U16), + [BATADV_ATTR_TT_FLAGS] = BUILD_POLICY(U32), + [BATADV_ATTR_FLAG_BEST] = BUILD_POLICY(FLAG), + [BATADV_ATTR_LAST_SEEN_MSECS] = BUILD_POLICY(U32), + [BATADV_ATTR_NEIGH_ADDRESS] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_TQ] = BUILD_POLICY(U8), + [BATADV_ATTR_THROUGHPUT] = BUILD_POLICY(U32), + [BATADV_ATTR_BANDWIDTH_UP] = BUILD_POLICY(U32), + [BATADV_ATTR_BANDWIDTH_DOWN] = BUILD_POLICY(U32), + [BATADV_ATTR_ROUTER] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_BLA_OWN] = BUILD_POLICY(FLAG), + [BATADV_ATTR_BLA_ADDRESS] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_BLA_VID] = BUILD_POLICY(U16), + [BATADV_ATTR_BLA_BACKBONE] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_BLA_CRC] = BUILD_POLICY(U16), + [BATADV_ATTR_DAT_CACHE_IP4ADDRESS] = BUILD_POLICY(U32), + [BATADV_ATTR_DAT_CACHE_HWADDRESS] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [BATADV_ATTR_DAT_CACHE_VID] = BUILD_POLICY(U16), + [BATADV_ATTR_MCAST_FLAGS] = BUILD_POLICY(U32), + [BATADV_ATTR_MCAST_FLAGS_PRIV] = BUILD_POLICY(U32), + [BATADV_ATTR_VLANID] = BUILD_POLICY(U16), + [BATADV_ATTR_AGGREGATED_OGMS_ENABLED] = BUILD_POLICY(U8), + [BATADV_ATTR_AP_ISOLATION_ENABLED] = BUILD_POLICY(U8), + [BATADV_ATTR_ISOLATION_MARK] = BUILD_POLICY(U32), + [BATADV_ATTR_ISOLATION_MASK] = BUILD_POLICY(U32), + [BATADV_ATTR_BONDING_ENABLED] = BUILD_POLICY(U8), + [BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED] = BUILD_POLICY(U8), + [BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED] = BUILD_POLICY(U8), + [BATADV_ATTR_FRAGMENTATION_ENABLED] = BUILD_POLICY(U8), + [BATADV_ATTR_GW_BANDWIDTH_DOWN] = BUILD_POLICY(U32), + [BATADV_ATTR_GW_BANDWIDTH_UP] = BUILD_POLICY(U32), + [BATADV_ATTR_GW_MODE] = BUILD_POLICY(U8), + [BATADV_ATTR_GW_SEL_CLASS] = BUILD_POLICY(U32), + [BATADV_ATTR_HOP_PENALTY] = BUILD_POLICY(U8), + [BATADV_ATTR_LOG_LEVEL] = BUILD_POLICY(U32), + [BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED] = BUILD_POLICY(U8), + [BATADV_ATTR_MULTICAST_FANOUT] = BUILD_POLICY(U32), + [BATADV_ATTR_NETWORK_CODING_ENABLED] = BUILD_POLICY(U8), + [BATADV_ATTR_ORIG_INTERVAL] = BUILD_POLICY(U32), + [BATADV_ATTR_ELP_INTERVAL] = BUILD_POLICY(U32), + [BATADV_ATTR_THROUGHPUT_OVERRIDE] = BUILD_POLICY(U32), +}; + +/***************** genl fou type systems *****************/ +static const NLAPolicy genl_fou_policies[] = { + [FOU_ATTR_PORT] = BUILD_POLICY(U16), + [FOU_ATTR_AF] = BUILD_POLICY(U8), + [FOU_ATTR_IPPROTO] = BUILD_POLICY(U8), + [FOU_ATTR_TYPE] = BUILD_POLICY(U8), + [FOU_ATTR_REMCSUM_NOPARTIAL] = BUILD_POLICY(FLAG), + [FOU_ATTR_LOCAL_V4] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in_addr)), + [FOU_ATTR_PEER_V4] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in_addr)), + [FOU_ATTR_LOCAL_V6] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [FOU_ATTR_PEER_V6] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [FOU_ATTR_PEER_PORT] = BUILD_POLICY(U16), + [FOU_ATTR_IFINDEX] = BUILD_POLICY(U32), +}; + +/***************** genl l2tp type systems *****************/ +static const NLAPolicy genl_l2tp_policies[] = { + [L2TP_ATTR_PW_TYPE] = BUILD_POLICY(U16), + [L2TP_ATTR_ENCAP_TYPE] = BUILD_POLICY(U16), + [L2TP_ATTR_OFFSET] = BUILD_POLICY(U16), + [L2TP_ATTR_DATA_SEQ] = BUILD_POLICY(U16), + [L2TP_ATTR_L2SPEC_TYPE] = BUILD_POLICY(U8), + [L2TP_ATTR_L2SPEC_LEN] = BUILD_POLICY(U8), + [L2TP_ATTR_PROTO_VERSION] = BUILD_POLICY(U8), + [L2TP_ATTR_IFNAME] = BUILD_POLICY(STRING), + [L2TP_ATTR_CONN_ID] = BUILD_POLICY(U32), + [L2TP_ATTR_PEER_CONN_ID] = BUILD_POLICY(U32), + [L2TP_ATTR_SESSION_ID] = BUILD_POLICY(U32), + [L2TP_ATTR_PEER_SESSION_ID] = BUILD_POLICY(U32), + [L2TP_ATTR_UDP_CSUM] = BUILD_POLICY(U8), + [L2TP_ATTR_VLAN_ID] = BUILD_POLICY(U16), + [L2TP_ATTR_RECV_SEQ] = BUILD_POLICY(U8), + [L2TP_ATTR_SEND_SEQ] = BUILD_POLICY(U8), + [L2TP_ATTR_LNS_MODE] = BUILD_POLICY(U8), + [L2TP_ATTR_USING_IPSEC] = BUILD_POLICY(U8), + [L2TP_ATTR_FD] = BUILD_POLICY(U32), + [L2TP_ATTR_IP_SADDR] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in_addr)), + [L2TP_ATTR_IP_DADDR] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in_addr)), + [L2TP_ATTR_UDP_SPORT] = BUILD_POLICY(U16), + [L2TP_ATTR_UDP_DPORT] = BUILD_POLICY(U16), + [L2TP_ATTR_IP6_SADDR] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [L2TP_ATTR_IP6_DADDR] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [L2TP_ATTR_UDP_ZERO_CSUM6_TX] = BUILD_POLICY(FLAG), + [L2TP_ATTR_UDP_ZERO_CSUM6_RX] = BUILD_POLICY(FLAG), +}; + +/***************** genl macsec type systems *****************/ +static const NLAPolicy genl_macsec_rxsc_policies[] = { + [MACSEC_RXSC_ATTR_SCI] = BUILD_POLICY(U64), +}; + +DEFINE_POLICY_SET(genl_macsec_rxsc); + +static const NLAPolicy genl_macsec_sa_policies[] = { + [MACSEC_SA_ATTR_AN] = BUILD_POLICY(U8), + [MACSEC_SA_ATTR_ACTIVE] = BUILD_POLICY(U8), + [MACSEC_SA_ATTR_PN] = BUILD_POLICY(U32), + [MACSEC_SA_ATTR_KEYID] = BUILD_POLICY_WITH_SIZE(BINARY, MACSEC_KEYID_LEN), + [MACSEC_SA_ATTR_KEY] = BUILD_POLICY_WITH_SIZE(BINARY, MACSEC_MAX_KEY_LEN), +}; + +DEFINE_POLICY_SET(genl_macsec_sa); + +static const NLAPolicy genl_macsec_policies[] = { + [MACSEC_ATTR_IFINDEX] = BUILD_POLICY(U32), + [MACSEC_ATTR_RXSC_CONFIG] = BUILD_POLICY_NESTED(genl_macsec_rxsc), + [MACSEC_ATTR_SA_CONFIG] = BUILD_POLICY_NESTED(genl_macsec_sa), +}; + +/***************** genl NetLabel type systems *****************/ +static const NLAPolicy genl_netlabel_policies[] = { + [NLBL_UNLABEL_A_IPV4ADDR] = BUILD_POLICY(IN_ADDR), + [NLBL_UNLABEL_A_IPV4MASK] = BUILD_POLICY(IN_ADDR), + [NLBL_UNLABEL_A_IPV6ADDR] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [NLBL_UNLABEL_A_IPV6MASK] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [NLBL_UNLABEL_A_IFACE] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ-1), + [NLBL_UNLABEL_A_SECCTX] = BUILD_POLICY(STRING), +}; + +/***************** genl nl80211 type systems *****************/ +static const NLAPolicy genl_nl80211_policies[] = { + [NL80211_ATTR_WIPHY] = BUILD_POLICY(U32), + [NL80211_ATTR_WIPHY_NAME] = BUILD_POLICY(STRING), + [NL80211_ATTR_IFINDEX] = BUILD_POLICY(U32), + [NL80211_ATTR_IFNAME] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ-1), + [NL80211_ATTR_IFTYPE] = BUILD_POLICY(U32), + [NL80211_ATTR_MAC] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [NL80211_ATTR_SSID] = BUILD_POLICY_WITH_SIZE(BINARY, IEEE80211_MAX_SSID_LEN), + [NL80211_ATTR_STATUS_CODE] = BUILD_POLICY(U16), + [NL80211_ATTR_4ADDR] = BUILD_POLICY(U8), +}; + +/***************** genl wireguard type systems *****************/ +static const NLAPolicy genl_wireguard_allowedip_policies[] = { + [WGALLOWEDIP_A_FAMILY] = BUILD_POLICY(U16), + [WGALLOWEDIP_A_IPADDR] = BUILD_POLICY(IN_ADDR), + [WGALLOWEDIP_A_CIDR_MASK] = BUILD_POLICY(U8), +}; + +DEFINE_POLICY_SET(genl_wireguard_allowedip); + +static const NLAPolicy genl_wireguard_peer_policies[] = { + [WGPEER_A_PUBLIC_KEY] = BUILD_POLICY_WITH_SIZE(BINARY, WG_KEY_LEN), + [WGPEER_A_FLAGS] = BUILD_POLICY(U32), + [WGPEER_A_PRESHARED_KEY] = BUILD_POLICY_WITH_SIZE(BINARY, WG_KEY_LEN), + [WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL] = BUILD_POLICY(U16), + [WGPEER_A_ENDPOINT] = BUILD_POLICY(SOCKADDR), + [WGPEER_A_ALLOWEDIPS] = BUILD_POLICY_NESTED(genl_wireguard_allowedip), +}; + +DEFINE_POLICY_SET(genl_wireguard_peer); + +static const NLAPolicy genl_wireguard_policies[] = { + [WGDEVICE_A_IFINDEX] = BUILD_POLICY(U32), + [WGDEVICE_A_IFNAME] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ-1), + [WGDEVICE_A_FLAGS] = BUILD_POLICY(U32), + [WGDEVICE_A_PRIVATE_KEY] = BUILD_POLICY_WITH_SIZE(BINARY, WG_KEY_LEN), + [WGDEVICE_A_LISTEN_PORT] = BUILD_POLICY(U16), + [WGDEVICE_A_FWMARK] = BUILD_POLICY(U32), + [WGDEVICE_A_PEERS] = BUILD_POLICY_NESTED(genl_wireguard_peer), +}; + +/***************** genl families *****************/ +static const NLAPolicySetUnionElement genl_policy_set_union_elements[] = { + BUILD_UNION_ELEMENT_BY_STRING(CTRL_GENL_NAME, genl_ctrl), + BUILD_UNION_ELEMENT_BY_STRING(BATADV_NL_NAME, genl_batadv), + BUILD_UNION_ELEMENT_BY_STRING(FOU_GENL_NAME, genl_fou), + BUILD_UNION_ELEMENT_BY_STRING(L2TP_GENL_NAME, genl_l2tp), + BUILD_UNION_ELEMENT_BY_STRING(MACSEC_GENL_NAME, genl_macsec), + BUILD_UNION_ELEMENT_BY_STRING(NETLBL_NLTYPE_UNLABELED_NAME, genl_netlabel), + BUILD_UNION_ELEMENT_BY_STRING(NL80211_GENL_NAME, genl_nl80211), + BUILD_UNION_ELEMENT_BY_STRING(WG_GENL_NAME, genl_wireguard), +}; + +/* This is the root type system union, so match_attribute is not necessary. */ +DEFINE_POLICY_SET_UNION(genl, 0); + +const NLAPolicySet *genl_get_policy_set_by_name(const char *name) { + return policy_set_union_get_policy_set_by_string(&genl_policy_set_union, name); +} diff --git a/src/libsystemd/sd-netlink/netlink-types-internal.h b/src/libsystemd/sd-netlink/netlink-types-internal.h new file mode 100644 index 0000000..1412514 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-types-internal.h @@ -0,0 +1,66 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include "macro.h" +#include "netlink-types.h" + +/* C.f. see 'struct nla_policy' at include/net/netlink.h. */ +struct NLAPolicy { + NLAType type; + size_t size; + union { + const NLAPolicySet *policy_set; + const NLAPolicySetUnion *policy_set_union; + }; +}; + +struct NLAPolicySet { + uint16_t count; + const NLAPolicy *policies; +}; + +typedef struct NLAPolicySetUnionElement { + union { + int family; /* used by NETLINK_TYPE_NESTED_UNION_BY_FAMILY */ + const char *string; /* used by NETLINK_TYPE_NESTED_UNION_BY_STRING */ + }; + NLAPolicySet policy_set; +} NLAPolicySetUnionElement; + +struct NLAPolicySetUnion { + size_t count; + const NLAPolicySetUnionElement *elements; + uint16_t match_attribute; /* used by NETLINK_TYPE_NESTED_UNION_BY_STRING */ +}; + +#define BUILD_POLICY_WITH_SIZE(t, n) \ + { .type = NETLINK_TYPE_##t, .size = n } +#define BUILD_POLICY(t) \ + BUILD_POLICY_WITH_SIZE(t, 0) +#define BUILD_POLICY_NESTED_WITH_SIZE(name, n) \ + { .type = NETLINK_TYPE_NESTED, .size = n, .policy_set = &name##_policy_set } +#define BUILD_POLICY_NESTED(name) \ + BUILD_POLICY_NESTED_WITH_SIZE(name, 0) +#define _BUILD_POLICY_NESTED_UNION(name, by) \ + { .type = NETLINK_TYPE_NESTED_UNION_BY_##by, .policy_set_union = &name##_policy_set_union } +#define BUILD_POLICY_NESTED_UNION_BY_STRING(name) \ + _BUILD_POLICY_NESTED_UNION(name, STRING) +#define BUILD_POLICY_NESTED_UNION_BY_FAMILY(name) \ + _BUILD_POLICY_NESTED_UNION(name, FAMILY) + +#define _BUILD_POLICY_SET(name) \ + { .count = ELEMENTSOF(name##_policies), .policies = name##_policies } +#define DEFINE_POLICY_SET(name) \ + static const NLAPolicySet name##_policy_set = _BUILD_POLICY_SET(name) + +# define BUILD_UNION_ELEMENT_BY_STRING(s, name) \ + { .string = s, .policy_set = _BUILD_POLICY_SET(name) } +# define BUILD_UNION_ELEMENT_BY_FAMILY(f, name) \ + { .family = f, .policy_set = _BUILD_POLICY_SET(name) } + +#define DEFINE_POLICY_SET_UNION(name, attr) \ + static const NLAPolicySetUnion name##_policy_set_union = { \ + .count = ELEMENTSOF(name##_policy_set_union_elements), \ + .elements = name##_policy_set_union_elements, \ + .match_attribute = attr, \ + } diff --git a/src/libsystemd/sd-netlink/netlink-types-nfnl.c b/src/libsystemd/sd-netlink/netlink-types-nfnl.c new file mode 100644 index 0000000..8ef4d45 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-types-nfnl.c @@ -0,0 +1,194 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <linux/if.h> +#include <linux/netfilter/nf_tables.h> +#include <linux/netfilter/nfnetlink.h> + +#include "netlink-types-internal.h" + +static const NLAPolicy nfnl_nft_table_policies[] = { + [NFTA_TABLE_NAME] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_TABLE_FLAGS] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(nfnl_nft_table); + +static const NLAPolicy nfnl_nft_chain_hook_policies[] = { + [NFTA_HOOK_HOOKNUM] = BUILD_POLICY(U32), + [NFTA_HOOK_PRIORITY] = BUILD_POLICY(U32), + [NFTA_HOOK_DEV] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ - 1), +}; + +DEFINE_POLICY_SET(nfnl_nft_chain_hook); + +static const NLAPolicy nfnl_nft_chain_policies[] = { + [NFTA_CHAIN_TABLE] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_CHAIN_NAME] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_CHAIN_HOOK] = BUILD_POLICY_NESTED(nfnl_nft_chain_hook), + [NFTA_CHAIN_TYPE] = BUILD_POLICY_WITH_SIZE(STRING, 16), + [NFTA_CHAIN_FLAGS] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(nfnl_nft_chain); + +static const NLAPolicy nfnl_nft_expr_meta_policies[] = { + [NFTA_META_DREG] = BUILD_POLICY(U32), + [NFTA_META_KEY] = BUILD_POLICY(U32), + [NFTA_META_SREG] = BUILD_POLICY(U32), +}; + +static const NLAPolicy nfnl_nft_expr_payload_policies[] = { + [NFTA_PAYLOAD_DREG] = BUILD_POLICY(U32), + [NFTA_PAYLOAD_BASE] = BUILD_POLICY(U32), + [NFTA_PAYLOAD_OFFSET] = BUILD_POLICY(U32), + [NFTA_PAYLOAD_LEN] = BUILD_POLICY(U32), +}; + +static const NLAPolicy nfnl_nft_expr_nat_policies[] = { + [NFTA_NAT_TYPE] = BUILD_POLICY(U32), + [NFTA_NAT_FAMILY] = BUILD_POLICY(U32), + [NFTA_NAT_REG_ADDR_MIN] = BUILD_POLICY(U32), + [NFTA_NAT_REG_ADDR_MAX] = BUILD_POLICY(U32), + [NFTA_NAT_REG_PROTO_MIN] = BUILD_POLICY(U32), + [NFTA_NAT_REG_PROTO_MAX] = BUILD_POLICY(U32), + [NFTA_NAT_FLAGS] = BUILD_POLICY(U32), +}; + +static const NLAPolicy nfnl_nft_data_policies[] = { + [NFTA_DATA_VALUE] = { .type = NETLINK_TYPE_BINARY }, +}; + +DEFINE_POLICY_SET(nfnl_nft_data); + +static const NLAPolicy nfnl_nft_expr_bitwise_policies[] = { + [NFTA_BITWISE_SREG] = BUILD_POLICY(U32), + [NFTA_BITWISE_DREG] = BUILD_POLICY(U32), + [NFTA_BITWISE_LEN] = BUILD_POLICY(U32), + [NFTA_BITWISE_MASK] = BUILD_POLICY_NESTED(nfnl_nft_data), + [NFTA_BITWISE_XOR] = BUILD_POLICY_NESTED(nfnl_nft_data), +}; + +static const NLAPolicy nfnl_nft_expr_cmp_policies[] = { + [NFTA_CMP_SREG] = BUILD_POLICY(U32), + [NFTA_CMP_OP] = BUILD_POLICY(U32), + [NFTA_CMP_DATA] = BUILD_POLICY_NESTED(nfnl_nft_data), +}; + +static const NLAPolicy nfnl_nft_expr_fib_policies[] = { + [NFTA_FIB_DREG] = BUILD_POLICY(U32), + [NFTA_FIB_RESULT] = BUILD_POLICY(U32), + [NFTA_FIB_FLAGS] = BUILD_POLICY(U32), +}; + +static const NLAPolicy nfnl_nft_expr_lookup_policies[] = { + [NFTA_LOOKUP_SET] = { .type = NETLINK_TYPE_STRING }, + [NFTA_LOOKUP_SREG] = BUILD_POLICY(U32), + [NFTA_LOOKUP_DREG] = BUILD_POLICY(U32), + [NFTA_LOOKUP_FLAGS] = BUILD_POLICY(U32), +}; + +static const NLAPolicy nfnl_nft_expr_masq_policies[] = { + [NFTA_MASQ_FLAGS] = BUILD_POLICY(U32), + [NFTA_MASQ_REG_PROTO_MIN] = BUILD_POLICY(U32), + [NFTA_MASQ_REG_PROTO_MAX] = BUILD_POLICY(U32), +}; + +static const NLAPolicySetUnionElement nfnl_expr_data_policy_set_union_elements[] = { + BUILD_UNION_ELEMENT_BY_STRING("bitwise", nfnl_nft_expr_bitwise), + BUILD_UNION_ELEMENT_BY_STRING("cmp", nfnl_nft_expr_cmp), + BUILD_UNION_ELEMENT_BY_STRING("fib", nfnl_nft_expr_fib), + BUILD_UNION_ELEMENT_BY_STRING("lookup", nfnl_nft_expr_lookup), + BUILD_UNION_ELEMENT_BY_STRING("masq", nfnl_nft_expr_masq), + BUILD_UNION_ELEMENT_BY_STRING("meta", nfnl_nft_expr_meta), + BUILD_UNION_ELEMENT_BY_STRING("nat", nfnl_nft_expr_nat), + BUILD_UNION_ELEMENT_BY_STRING("payload", nfnl_nft_expr_payload), +}; + +DEFINE_POLICY_SET_UNION(nfnl_expr_data, NFTA_EXPR_NAME); + +static const NLAPolicy nfnl_nft_rule_expr_policies[] = { + [NFTA_EXPR_NAME] = BUILD_POLICY_WITH_SIZE(STRING, 16), + [NFTA_EXPR_DATA] = BUILD_POLICY_NESTED_UNION_BY_STRING(nfnl_expr_data), +}; + +DEFINE_POLICY_SET(nfnl_nft_rule_expr); + +static const NLAPolicy nfnl_nft_rule_policies[] = { + [NFTA_RULE_TABLE] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_RULE_CHAIN] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_RULE_EXPRESSIONS] = BUILD_POLICY_NESTED(nfnl_nft_rule_expr), +}; + +DEFINE_POLICY_SET(nfnl_nft_rule); + +static const NLAPolicy nfnl_nft_set_policies[] = { + [NFTA_SET_TABLE] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_SET_NAME] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_SET_FLAGS] = BUILD_POLICY(U32), + [NFTA_SET_KEY_TYPE] = BUILD_POLICY(U32), + [NFTA_SET_KEY_LEN] = BUILD_POLICY(U32), + [NFTA_SET_DATA_TYPE] = BUILD_POLICY(U32), + [NFTA_SET_DATA_LEN] = BUILD_POLICY(U32), + [NFTA_SET_POLICY] = BUILD_POLICY(U32), + [NFTA_SET_ID] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(nfnl_nft_set); + +static const NLAPolicy nfnl_nft_setelem_policies[] = { + [NFTA_SET_ELEM_KEY] = BUILD_POLICY_NESTED(nfnl_nft_data), + [NFTA_SET_ELEM_DATA] = BUILD_POLICY_NESTED(nfnl_nft_data), + [NFTA_SET_ELEM_FLAGS] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(nfnl_nft_setelem); + +static const NLAPolicy nfnl_nft_setelem_list_policies[] = { + [NFTA_SET_ELEM_LIST_TABLE] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_SET_ELEM_LIST_SET] = BUILD_POLICY_WITH_SIZE(STRING, NFT_TABLE_MAXNAMELEN - 1), + [NFTA_SET_ELEM_LIST_ELEMENTS] = BUILD_POLICY_NESTED(nfnl_nft_setelem), +}; + +DEFINE_POLICY_SET(nfnl_nft_setelem_list); + +static const NLAPolicy nfnl_subsys_nft_policies[] = { + [NFT_MSG_DELTABLE] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_nft_table, sizeof(struct nfgenmsg)), + [NFT_MSG_NEWTABLE] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_nft_table, sizeof(struct nfgenmsg)), + [NFT_MSG_NEWCHAIN] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_nft_chain, sizeof(struct nfgenmsg)), + [NFT_MSG_NEWRULE] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_nft_rule, sizeof(struct nfgenmsg)), + [NFT_MSG_NEWSET] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_nft_set, sizeof(struct nfgenmsg)), + [NFT_MSG_NEWSETELEM] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_nft_setelem_list, sizeof(struct nfgenmsg)), + [NFT_MSG_DELSETELEM] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_nft_setelem_list, sizeof(struct nfgenmsg)), +}; + +DEFINE_POLICY_SET(nfnl_subsys_nft); + +static const NLAPolicy nfnl_msg_batch_policies[] = { + [NFNL_BATCH_GENID] = BUILD_POLICY(U32) +}; + +DEFINE_POLICY_SET(nfnl_msg_batch); + +static const NLAPolicy nfnl_subsys_none_policies[] = { + [NFNL_MSG_BATCH_BEGIN] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_msg_batch, sizeof(struct nfgenmsg)), + [NFNL_MSG_BATCH_END] = BUILD_POLICY_NESTED_WITH_SIZE(nfnl_msg_batch, sizeof(struct nfgenmsg)), +}; + +DEFINE_POLICY_SET(nfnl_subsys_none); + +static const NLAPolicy nfnl_policies[] = { + [NFNL_SUBSYS_NONE] = BUILD_POLICY_NESTED(nfnl_subsys_none), + [NFNL_SUBSYS_NFTABLES] = BUILD_POLICY_NESTED(nfnl_subsys_nft), +}; + +DEFINE_POLICY_SET(nfnl); + +const NLAPolicy *nfnl_get_policy(uint16_t nlmsg_type) { + const NLAPolicySet *subsys; + + subsys = policy_set_get_policy_set(&nfnl_policy_set, NFNL_SUBSYS_ID(nlmsg_type)); + if (!subsys) + return NULL; + + return policy_set_get_policy(subsys, NFNL_MSG_TYPE(nlmsg_type)); +} diff --git a/src/libsystemd/sd-netlink/netlink-types-rtnl.c b/src/libsystemd/sd-netlink/netlink-types-rtnl.c new file mode 100644 index 0000000..919512d --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-types-rtnl.c @@ -0,0 +1,1228 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <netinet/in.h> +#include <sys/socket.h> +#include <linux/batman_adv.h> +#include <linux/can/netlink.h> +#include <linux/can/vxcan.h> +#include <linux/cfm_bridge.h> +#include <linux/fib_rules.h> +#include <linux/fou.h> +#include <linux/if.h> +#include <linux/if_addr.h> +#include <linux/if_addrlabel.h> +#include <linux/if_bridge.h> +#include <linux/if_link.h> +#include <linux/if_macsec.h> +#include <linux/if_tunnel.h> +#include <linux/ip.h> +#include <linux/l2tp.h> +#include <linux/netlink.h> +#include <linux/nexthop.h> +#include <linux/nl80211.h> +#include <linux/pkt_sched.h> +#include <linux/rtnetlink.h> +#include <linux/veth.h> +#include <linux/wireguard.h> + +#include "missing_network.h" +#include "netlink-types-internal.h" + +enum { + BOND_ARP_TARGETS_0, + BOND_ARP_TARGETS_1, + BOND_ARP_TARGETS_2, + BOND_ARP_TARGETS_3, + BOND_ARP_TARGETS_4, + BOND_ARP_TARGETS_5, + BOND_ARP_TARGETS_6, + BOND_ARP_TARGETS_7, + BOND_ARP_TARGETS_8, + BOND_ARP_TARGETS_9, + BOND_ARP_TARGETS_10, + BOND_ARP_TARGETS_11, + BOND_ARP_TARGETS_12, + BOND_ARP_TARGETS_13, + BOND_ARP_TARGETS_14, + BOND_ARP_TARGETS_15, + _BOND_ARP_TARGETS_MAX, +}; + +assert_cc(_BOND_ARP_TARGETS_MAX == BOND_MAX_ARP_TARGETS); + +static const NLAPolicySet rtnl_link_policy_set; + +static const NLAPolicy rtnl_link_info_data_bareudp_policies[] = { + [IFLA_BAREUDP_PORT] = BUILD_POLICY(U16), + [IFLA_BAREUDP_ETHERTYPE] = BUILD_POLICY(U16), + [IFLA_BAREUDP_SRCPORT_MIN] = BUILD_POLICY(U16), + [IFLA_BAREUDP_MULTIPROTO_MODE] = BUILD_POLICY(FLAG), +}; + +static const NLAPolicy rtnl_link_info_data_batadv_policies[] = { + [IFLA_BATADV_ALGO_NAME] = BUILD_POLICY_WITH_SIZE(STRING, 20), +}; + +static const NLAPolicy rtnl_bond_arp_ip_target_policies[] = { + [BOND_ARP_TARGETS_0] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_1] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_2] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_3] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_4] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_5] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_6] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_7] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_8] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_9] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_10] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_11] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_12] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_13] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_14] = BUILD_POLICY(U32), + [BOND_ARP_TARGETS_15] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bond_arp_ip_target); + +static const NLAPolicy rtnl_bond_ad_info_policies[] = { + [IFLA_BOND_AD_INFO_AGGREGATOR] = BUILD_POLICY(U16), + [IFLA_BOND_AD_INFO_NUM_PORTS] = BUILD_POLICY(U16), + [IFLA_BOND_AD_INFO_ACTOR_KEY] = BUILD_POLICY(U16), + [IFLA_BOND_AD_INFO_PARTNER_KEY] = BUILD_POLICY(U16), + [IFLA_BOND_AD_INFO_PARTNER_MAC] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), +}; + +DEFINE_POLICY_SET(rtnl_bond_ad_info); + +static const NLAPolicy rtnl_link_info_data_bond_policies[] = { + [IFLA_BOND_MODE] = BUILD_POLICY(U8), + [IFLA_BOND_ACTIVE_SLAVE] = BUILD_POLICY(U32), + [IFLA_BOND_MIIMON] = BUILD_POLICY(U32), + [IFLA_BOND_UPDELAY] = BUILD_POLICY(U32), + [IFLA_BOND_DOWNDELAY] = BUILD_POLICY(U32), + [IFLA_BOND_USE_CARRIER] = BUILD_POLICY(U8), + [IFLA_BOND_ARP_INTERVAL] = BUILD_POLICY(U32), + [IFLA_BOND_ARP_IP_TARGET] = BUILD_POLICY_NESTED(rtnl_bond_arp_ip_target), + [IFLA_BOND_ARP_VALIDATE] = BUILD_POLICY(U32), + [IFLA_BOND_ARP_ALL_TARGETS] = BUILD_POLICY(U32), + [IFLA_BOND_PRIMARY] = BUILD_POLICY(U32), + [IFLA_BOND_PRIMARY_RESELECT] = BUILD_POLICY(U8), + [IFLA_BOND_FAIL_OVER_MAC] = BUILD_POLICY(U8), + [IFLA_BOND_XMIT_HASH_POLICY] = BUILD_POLICY(U8), + [IFLA_BOND_RESEND_IGMP] = BUILD_POLICY(U32), + [IFLA_BOND_NUM_PEER_NOTIF] = BUILD_POLICY(U8), + [IFLA_BOND_ALL_SLAVES_ACTIVE] = BUILD_POLICY(U8), + [IFLA_BOND_MIN_LINKS] = BUILD_POLICY(U32), + [IFLA_BOND_LP_INTERVAL] = BUILD_POLICY(U32), + [IFLA_BOND_PACKETS_PER_SLAVE] = BUILD_POLICY(U32), + [IFLA_BOND_AD_LACP_RATE] = BUILD_POLICY(U8), + [IFLA_BOND_AD_SELECT] = BUILD_POLICY(U8), + [IFLA_BOND_AD_INFO] = BUILD_POLICY_NESTED(rtnl_bond_ad_info), + [IFLA_BOND_AD_ACTOR_SYS_PRIO] = BUILD_POLICY(U16), + [IFLA_BOND_AD_USER_PORT_KEY] = BUILD_POLICY(U16), + [IFLA_BOND_AD_ACTOR_SYSTEM] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [IFLA_BOND_TLB_DYNAMIC_LB] = BUILD_POLICY(U8), + [IFLA_BOND_PEER_NOTIF_DELAY] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_link_info_data_bridge_policies[] = { + [IFLA_BR_FORWARD_DELAY] = BUILD_POLICY(U32), + [IFLA_BR_HELLO_TIME] = BUILD_POLICY(U32), + [IFLA_BR_MAX_AGE] = BUILD_POLICY(U32), + [IFLA_BR_AGEING_TIME] = BUILD_POLICY(U32), + [IFLA_BR_STP_STATE] = BUILD_POLICY(U32), + [IFLA_BR_PRIORITY] = BUILD_POLICY(U16), + [IFLA_BR_VLAN_FILTERING] = BUILD_POLICY(U8), + [IFLA_BR_VLAN_PROTOCOL] = BUILD_POLICY(U16), + [IFLA_BR_GROUP_FWD_MASK] = BUILD_POLICY(U16), + [IFLA_BR_ROOT_ID] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_bridge_id)), + [IFLA_BR_BRIDGE_ID] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_bridge_id)), + [IFLA_BR_ROOT_PORT] = BUILD_POLICY(U16), + [IFLA_BR_ROOT_PATH_COST] = BUILD_POLICY(U32), + [IFLA_BR_TOPOLOGY_CHANGE] = BUILD_POLICY(U8), + [IFLA_BR_TOPOLOGY_CHANGE_DETECTED] = BUILD_POLICY(U8), + [IFLA_BR_HELLO_TIMER] = BUILD_POLICY(U64), + [IFLA_BR_TCN_TIMER] = BUILD_POLICY(U64), + [IFLA_BR_TOPOLOGY_CHANGE_TIMER] = BUILD_POLICY(U64), + [IFLA_BR_GC_TIMER] = BUILD_POLICY(U64), + [IFLA_BR_GROUP_ADDR] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [IFLA_BR_FDB_FLUSH] = BUILD_POLICY(FLAG), + [IFLA_BR_MCAST_ROUTER] = BUILD_POLICY(U8), + [IFLA_BR_MCAST_SNOOPING] = BUILD_POLICY(U8), + [IFLA_BR_MCAST_QUERY_USE_IFADDR] = BUILD_POLICY(U8), + [IFLA_BR_MCAST_QUERIER] = BUILD_POLICY(U8), + [IFLA_BR_MCAST_HASH_ELASTICITY] = BUILD_POLICY(U32), + [IFLA_BR_MCAST_HASH_MAX] = BUILD_POLICY(U32), + [IFLA_BR_MCAST_LAST_MEMBER_CNT] = BUILD_POLICY(U32), + [IFLA_BR_MCAST_STARTUP_QUERY_CNT] = BUILD_POLICY(U32), + [IFLA_BR_MCAST_LAST_MEMBER_INTVL] = BUILD_POLICY(U64), + [IFLA_BR_MCAST_MEMBERSHIP_INTVL] = BUILD_POLICY(U64), + [IFLA_BR_MCAST_QUERIER_INTVL] = BUILD_POLICY(U64), + [IFLA_BR_MCAST_QUERY_INTVL] = BUILD_POLICY(U64), + [IFLA_BR_MCAST_QUERY_RESPONSE_INTVL] = BUILD_POLICY(U64), + [IFLA_BR_MCAST_STARTUP_QUERY_INTVL] = BUILD_POLICY(U64), + [IFLA_BR_NF_CALL_IPTABLES] = BUILD_POLICY(U8), + [IFLA_BR_NF_CALL_IP6TABLES] = BUILD_POLICY(U8), + [IFLA_BR_NF_CALL_ARPTABLES] = BUILD_POLICY(U8), + [IFLA_BR_VLAN_DEFAULT_PVID] = BUILD_POLICY(U16), + [IFLA_BR_VLAN_STATS_ENABLED] = BUILD_POLICY(U8), + [IFLA_BR_MCAST_STATS_ENABLED] = BUILD_POLICY(U8), + [IFLA_BR_MCAST_IGMP_VERSION] = BUILD_POLICY(U8), + [IFLA_BR_MCAST_MLD_VERSION] = BUILD_POLICY(U8), + [IFLA_BR_VLAN_STATS_PER_PORT] = BUILD_POLICY(U8), + [IFLA_BR_MULTI_BOOLOPT] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct br_boolopt_multi)), +}; + +static const NLAPolicy rtnl_link_info_data_can_policies[] = { + [IFLA_CAN_BITTIMING] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct can_bittiming)), + [IFLA_CAN_BITTIMING_CONST] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct can_bittiming_const)), + [IFLA_CAN_CLOCK] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct can_clock)), + [IFLA_CAN_STATE] = BUILD_POLICY(U32), + [IFLA_CAN_CTRLMODE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct can_ctrlmode)), + [IFLA_CAN_RESTART_MS] = BUILD_POLICY(U32), + [IFLA_CAN_RESTART] = BUILD_POLICY(U32), + [IFLA_CAN_BERR_COUNTER] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct can_berr_counter)), + [IFLA_CAN_DATA_BITTIMING] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct can_bittiming)), + [IFLA_CAN_DATA_BITTIMING_CONST] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct can_bittiming_const)), + [IFLA_CAN_TERMINATION] = BUILD_POLICY(U16), + [IFLA_CAN_TERMINATION_CONST] = BUILD_POLICY(BINARY), /* size = termination_const_cnt * sizeof(u16) */ + [IFLA_CAN_BITRATE_CONST] = BUILD_POLICY(BINARY), /* size = bitrate_const_cnt * sizeof(u32) */ + [IFLA_CAN_DATA_BITRATE_CONST] = BUILD_POLICY(BINARY), /* size = data_bitrate_const_cnt * sizeof(u32) */ + [IFLA_CAN_BITRATE_MAX] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_link_info_data_geneve_policies[] = { + [IFLA_GENEVE_ID] = BUILD_POLICY(U32), + [IFLA_GENEVE_REMOTE] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in_addr)), + [IFLA_GENEVE_TTL] = BUILD_POLICY(U8), + [IFLA_GENEVE_TOS] = BUILD_POLICY(U8), + [IFLA_GENEVE_PORT] = BUILD_POLICY(U16), + [IFLA_GENEVE_COLLECT_METADATA] = BUILD_POLICY(FLAG), + [IFLA_GENEVE_REMOTE6] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [IFLA_GENEVE_UDP_CSUM] = BUILD_POLICY(U8), + [IFLA_GENEVE_UDP_ZERO_CSUM6_TX] = BUILD_POLICY(U8), + [IFLA_GENEVE_UDP_ZERO_CSUM6_RX] = BUILD_POLICY(U8), + [IFLA_GENEVE_LABEL] = BUILD_POLICY(U32), + [IFLA_GENEVE_TTL_INHERIT] = BUILD_POLICY(U8), + [IFLA_GENEVE_DF] = BUILD_POLICY(U8), +}; + +static const NLAPolicy rtnl_link_info_data_gre_policies[] = { + [IFLA_GRE_LINK] = BUILD_POLICY(U32), + [IFLA_GRE_IFLAGS] = BUILD_POLICY(U16), + [IFLA_GRE_OFLAGS] = BUILD_POLICY(U16), + [IFLA_GRE_IKEY] = BUILD_POLICY(U32), + [IFLA_GRE_OKEY] = BUILD_POLICY(U32), + [IFLA_GRE_LOCAL] = BUILD_POLICY(IN_ADDR), + [IFLA_GRE_REMOTE] = BUILD_POLICY(IN_ADDR), + [IFLA_GRE_TTL] = BUILD_POLICY(U8), + [IFLA_GRE_TOS] = BUILD_POLICY(U8), + [IFLA_GRE_PMTUDISC] = BUILD_POLICY(U8), + [IFLA_GRE_ENCAP_LIMIT] = BUILD_POLICY(U8), + [IFLA_GRE_FLOWINFO] = BUILD_POLICY(U32), + [IFLA_GRE_FLAGS] = BUILD_POLICY(U32), + [IFLA_GRE_ENCAP_TYPE] = BUILD_POLICY(U16), + [IFLA_GRE_ENCAP_FLAGS] = BUILD_POLICY(U16), + [IFLA_GRE_ENCAP_SPORT] = BUILD_POLICY(U16), + [IFLA_GRE_ENCAP_DPORT] = BUILD_POLICY(U16), + [IFLA_GRE_COLLECT_METADATA] = BUILD_POLICY(FLAG), + [IFLA_GRE_IGNORE_DF] = BUILD_POLICY(U8), + [IFLA_GRE_FWMARK] = BUILD_POLICY(U32), + [IFLA_GRE_ERSPAN_INDEX] = BUILD_POLICY(U32), + [IFLA_GRE_ERSPAN_VER] = BUILD_POLICY(U8), + [IFLA_GRE_ERSPAN_DIR] = BUILD_POLICY(U8), + [IFLA_GRE_ERSPAN_HWID] = BUILD_POLICY(U16), +}; + +static const NLAPolicy rtnl_link_info_data_ipoib_policies[] = { + [IFLA_IPOIB_PKEY] = BUILD_POLICY(U16), + [IFLA_IPOIB_MODE] = BUILD_POLICY(U16), + [IFLA_IPOIB_UMCAST] = BUILD_POLICY(U16), +}; + +/* IFLA_IPTUN_ attributes are used in ipv4/ipip.c, ipv6/ip6_tunnel.c, and ipv6/sit.c. And unfortunately, + * IFLA_IPTUN_FLAGS is used with different types, ugh... */ +#define DEFINE_IPTUN_TYPES(name, flags_type) \ + static const NLAPolicy rtnl_link_info_data_##name##_policies[] = { \ + [IFLA_IPTUN_LINK] = BUILD_POLICY(U32), \ + [IFLA_IPTUN_LOCAL] = BUILD_POLICY(IN_ADDR), \ + [IFLA_IPTUN_REMOTE] = BUILD_POLICY(IN_ADDR), \ + [IFLA_IPTUN_TTL] = BUILD_POLICY(U8), \ + [IFLA_IPTUN_TOS] = BUILD_POLICY(U8), \ + [IFLA_IPTUN_ENCAP_LIMIT] = BUILD_POLICY(U8), \ + [IFLA_IPTUN_FLOWINFO] = BUILD_POLICY(U32), \ + [IFLA_IPTUN_FLAGS] = BUILD_POLICY(flags_type), \ + [IFLA_IPTUN_PROTO] = BUILD_POLICY(U8), \ + [IFLA_IPTUN_PMTUDISC] = BUILD_POLICY(U8), \ + [IFLA_IPTUN_6RD_PREFIX] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), \ + [IFLA_IPTUN_6RD_RELAY_PREFIX] = BUILD_POLICY(U32), \ + [IFLA_IPTUN_6RD_PREFIXLEN] = BUILD_POLICY(U16), \ + [IFLA_IPTUN_6RD_RELAY_PREFIXLEN] = BUILD_POLICY(U16), \ + [IFLA_IPTUN_ENCAP_TYPE] = BUILD_POLICY(U16), \ + [IFLA_IPTUN_ENCAP_FLAGS] = BUILD_POLICY(U16), \ + [IFLA_IPTUN_ENCAP_SPORT] = BUILD_POLICY(U16), \ + [IFLA_IPTUN_ENCAP_DPORT] = BUILD_POLICY(U16), \ + [IFLA_IPTUN_COLLECT_METADATA] = BUILD_POLICY(FLAG), \ + [IFLA_IPTUN_FWMARK] = BUILD_POLICY(U32), \ + } + +DEFINE_IPTUN_TYPES(iptun, U32); /* for ipip and ip6tnl */ +DEFINE_IPTUN_TYPES(sit, U16); /* for sit */ + +static const NLAPolicy rtnl_link_info_data_ipvlan_policies[] = { + [IFLA_IPVLAN_MODE] = BUILD_POLICY(U16), + [IFLA_IPVLAN_FLAGS] = BUILD_POLICY(U16), +}; + +static const NLAPolicy rtnl_link_info_data_macsec_policies[] = { + [IFLA_MACSEC_SCI] = BUILD_POLICY(U64), + [IFLA_MACSEC_PORT] = BUILD_POLICY(U16), + [IFLA_MACSEC_ICV_LEN] = BUILD_POLICY(U8), + [IFLA_MACSEC_CIPHER_SUITE] = BUILD_POLICY(U64), + [IFLA_MACSEC_WINDOW] = BUILD_POLICY(U32), + [IFLA_MACSEC_ENCODING_SA] = BUILD_POLICY(U8), + [IFLA_MACSEC_ENCRYPT] = BUILD_POLICY(U8), + [IFLA_MACSEC_PROTECT] = BUILD_POLICY(U8), + [IFLA_MACSEC_INC_SCI] = BUILD_POLICY(U8), + [IFLA_MACSEC_ES] = BUILD_POLICY(U8), + [IFLA_MACSEC_SCB] = BUILD_POLICY(U8), + [IFLA_MACSEC_REPLAY_PROTECT] = BUILD_POLICY(U8), + [IFLA_MACSEC_VALIDATION] = BUILD_POLICY(U8), + [IFLA_MACSEC_OFFLOAD] = BUILD_POLICY(U8), +}; + +static const NLAPolicy rtnl_macvlan_macaddr_policies[] = { + [IFLA_MACVLAN_MACADDR] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), +}; + +DEFINE_POLICY_SET(rtnl_macvlan_macaddr); + +static const NLAPolicy rtnl_link_info_data_macvlan_policies[] = { + [IFLA_MACVLAN_MODE] = BUILD_POLICY(U32), + [IFLA_MACVLAN_FLAGS] = BUILD_POLICY(U16), + [IFLA_MACVLAN_MACADDR_MODE] = BUILD_POLICY(U32), + [IFLA_MACVLAN_MACADDR_DATA] = BUILD_POLICY_NESTED(rtnl_macvlan_macaddr), + [IFLA_MACVLAN_MACADDR_COUNT] = BUILD_POLICY(U32), + [IFLA_MACVLAN_BC_QUEUE_LEN] = BUILD_POLICY(U32), + [IFLA_MACVLAN_BC_QUEUE_LEN_USED] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_link_info_data_tun_policies[] = { + [IFLA_TUN_OWNER] = BUILD_POLICY(U32), + [IFLA_TUN_GROUP] = BUILD_POLICY(U32), + [IFLA_TUN_TYPE] = BUILD_POLICY(U8), + [IFLA_TUN_PI] = BUILD_POLICY(U8), + [IFLA_TUN_VNET_HDR] = BUILD_POLICY(U8), + [IFLA_TUN_PERSIST] = BUILD_POLICY(U8), + [IFLA_TUN_MULTI_QUEUE] = BUILD_POLICY(U8), + [IFLA_TUN_NUM_QUEUES] = BUILD_POLICY(U32), + [IFLA_TUN_NUM_DISABLED_QUEUES] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_link_info_data_veth_policies[] = { + [VETH_INFO_PEER] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), +}; + +static const NLAPolicy rtnl_vlan_qos_map_policies[] = { + [IFLA_VLAN_QOS_MAPPING] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vlan_qos_mapping)), +}; + +DEFINE_POLICY_SET(rtnl_vlan_qos_map); + +static const NLAPolicy rtnl_link_info_data_vlan_policies[] = { + [IFLA_VLAN_ID] = BUILD_POLICY(U16), + [IFLA_VLAN_FLAGS] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vlan_flags)), + [IFLA_VLAN_EGRESS_QOS] = BUILD_POLICY_NESTED(rtnl_vlan_qos_map), + [IFLA_VLAN_INGRESS_QOS] = BUILD_POLICY_NESTED(rtnl_vlan_qos_map), + [IFLA_VLAN_PROTOCOL] = BUILD_POLICY(U16), +}; + +static const NLAPolicy rtnl_link_info_data_vrf_policies[] = { + [IFLA_VRF_TABLE] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_link_info_data_vti_policies[] = { + [IFLA_VTI_LINK] = BUILD_POLICY(U32), + [IFLA_VTI_IKEY] = BUILD_POLICY(U32), + [IFLA_VTI_OKEY] = BUILD_POLICY(U32), + [IFLA_VTI_LOCAL] = BUILD_POLICY(IN_ADDR), + [IFLA_VTI_REMOTE] = BUILD_POLICY(IN_ADDR), + [IFLA_VTI_FWMARK] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_link_info_data_vxcan_policies[] = { + [VXCAN_INFO_PEER] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), +}; + +static const NLAPolicy rtnl_link_info_data_vxlan_policies[] = { + [IFLA_VXLAN_ID] = BUILD_POLICY(U32), + [IFLA_VXLAN_GROUP] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in_addr)), + [IFLA_VXLAN_LINK] = BUILD_POLICY(U32), + [IFLA_VXLAN_LOCAL] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in_addr)), + [IFLA_VXLAN_TTL] = BUILD_POLICY(U8), + [IFLA_VXLAN_TOS] = BUILD_POLICY(U8), + [IFLA_VXLAN_LEARNING] = BUILD_POLICY(U8), + [IFLA_VXLAN_AGEING] = BUILD_POLICY(U32), + [IFLA_VXLAN_LIMIT] = BUILD_POLICY(U32), + [IFLA_VXLAN_PORT_RANGE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vxlan_port_range)), + [IFLA_VXLAN_PROXY] = BUILD_POLICY(U8), + [IFLA_VXLAN_RSC] = BUILD_POLICY(U8), + [IFLA_VXLAN_L2MISS] = BUILD_POLICY(U8), + [IFLA_VXLAN_L3MISS] = BUILD_POLICY(U8), + [IFLA_VXLAN_PORT] = BUILD_POLICY(U16), + [IFLA_VXLAN_GROUP6] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [IFLA_VXLAN_LOCAL6] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [IFLA_VXLAN_UDP_CSUM] = BUILD_POLICY(U8), + [IFLA_VXLAN_UDP_ZERO_CSUM6_TX] = BUILD_POLICY(U8), + [IFLA_VXLAN_UDP_ZERO_CSUM6_RX] = BUILD_POLICY(U8), + [IFLA_VXLAN_REMCSUM_TX] = BUILD_POLICY(U8), + [IFLA_VXLAN_REMCSUM_RX] = BUILD_POLICY(U8), + [IFLA_VXLAN_GBP] = BUILD_POLICY(FLAG), + [IFLA_VXLAN_REMCSUM_NOPARTIAL] = BUILD_POLICY(FLAG), + [IFLA_VXLAN_COLLECT_METADATA] = BUILD_POLICY(U8), + [IFLA_VXLAN_LABEL] = BUILD_POLICY(U32), + [IFLA_VXLAN_GPE] = BUILD_POLICY(FLAG), + [IFLA_VXLAN_TTL_INHERIT] = BUILD_POLICY(FLAG), + [IFLA_VXLAN_DF] = BUILD_POLICY(U8), +}; + +static const NLAPolicy rtnl_link_info_data_xfrm_policies[] = { + [IFLA_XFRM_LINK] = BUILD_POLICY(U32), + [IFLA_XFRM_IF_ID] = BUILD_POLICY(U32) +}; + +static const NLAPolicySetUnionElement rtnl_link_info_data_policy_set_union_elements[] = { + BUILD_UNION_ELEMENT_BY_STRING("bareudp", rtnl_link_info_data_bareudp), + BUILD_UNION_ELEMENT_BY_STRING("batadv", rtnl_link_info_data_batadv), + BUILD_UNION_ELEMENT_BY_STRING("bond", rtnl_link_info_data_bond), + BUILD_UNION_ELEMENT_BY_STRING("bridge", rtnl_link_info_data_bridge), +/* + BUILD_UNION_ELEMENT_BY_STRING("caif", rtnl_link_info_data_caif), +*/ + BUILD_UNION_ELEMENT_BY_STRING("can", rtnl_link_info_data_can), + BUILD_UNION_ELEMENT_BY_STRING("erspan", rtnl_link_info_data_gre), + BUILD_UNION_ELEMENT_BY_STRING("geneve", rtnl_link_info_data_geneve), + BUILD_UNION_ELEMENT_BY_STRING("gre", rtnl_link_info_data_gre), + BUILD_UNION_ELEMENT_BY_STRING("gretap", rtnl_link_info_data_gre), +/* + BUILD_UNION_ELEMENT_BY_STRING("gtp", rtnl_link_info_data_gtp), + BUILD_UNION_ELEMENT_BY_STRING("hsr", rtnl_link_info_data_hsr), +*/ + BUILD_UNION_ELEMENT_BY_STRING("ip6erspan", rtnl_link_info_data_gre), + BUILD_UNION_ELEMENT_BY_STRING("ip6gre", rtnl_link_info_data_gre), + BUILD_UNION_ELEMENT_BY_STRING("ip6gretap", rtnl_link_info_data_gre), + BUILD_UNION_ELEMENT_BY_STRING("ip6tnl", rtnl_link_info_data_iptun), + BUILD_UNION_ELEMENT_BY_STRING("ipoib", rtnl_link_info_data_ipoib), + BUILD_UNION_ELEMENT_BY_STRING("ipip", rtnl_link_info_data_iptun), + BUILD_UNION_ELEMENT_BY_STRING("ipvlan", rtnl_link_info_data_ipvlan), + BUILD_UNION_ELEMENT_BY_STRING("ipvtap", rtnl_link_info_data_ipvlan), + BUILD_UNION_ELEMENT_BY_STRING("macsec", rtnl_link_info_data_macsec), + BUILD_UNION_ELEMENT_BY_STRING("macvlan", rtnl_link_info_data_macvlan), + BUILD_UNION_ELEMENT_BY_STRING("macvtap", rtnl_link_info_data_macvlan), +/* + BUILD_UNION_ELEMENT_BY_STRING("ppp", rtnl_link_info_data_ppp), + BUILD_UNION_ELEMENT_BY_STRING("rmnet", rtnl_link_info_data_rmnet), +*/ + BUILD_UNION_ELEMENT_BY_STRING("sit", rtnl_link_info_data_sit), + BUILD_UNION_ELEMENT_BY_STRING("tun", rtnl_link_info_data_tun), + BUILD_UNION_ELEMENT_BY_STRING("veth", rtnl_link_info_data_veth), + BUILD_UNION_ELEMENT_BY_STRING("vlan", rtnl_link_info_data_vlan), + BUILD_UNION_ELEMENT_BY_STRING("vrf", rtnl_link_info_data_vrf), + BUILD_UNION_ELEMENT_BY_STRING("vti", rtnl_link_info_data_vti), + BUILD_UNION_ELEMENT_BY_STRING("vti6", rtnl_link_info_data_vti), + BUILD_UNION_ELEMENT_BY_STRING("vxcan", rtnl_link_info_data_vxcan), + BUILD_UNION_ELEMENT_BY_STRING("vxlan", rtnl_link_info_data_vxlan), +/* + BUILD_UNION_ELEMENT_BY_STRING("wwan", rtnl_link_info_data_wwan), +*/ + BUILD_UNION_ELEMENT_BY_STRING("xfrm", rtnl_link_info_data_xfrm), +}; + +DEFINE_POLICY_SET_UNION(rtnl_link_info_data, IFLA_INFO_KIND); + +static const struct NLAPolicy rtnl_bridge_port_policies[] = { + [IFLA_BRPORT_STATE] = BUILD_POLICY(U8), + [IFLA_BRPORT_COST] = BUILD_POLICY(U32), + [IFLA_BRPORT_PRIORITY] = BUILD_POLICY(U16), + [IFLA_BRPORT_MODE] = BUILD_POLICY(U8), + [IFLA_BRPORT_GUARD] = BUILD_POLICY(U8), + [IFLA_BRPORT_PROTECT] = BUILD_POLICY(U8), + [IFLA_BRPORT_FAST_LEAVE] = BUILD_POLICY(U8), + [IFLA_BRPORT_LEARNING] = BUILD_POLICY(U8), + [IFLA_BRPORT_UNICAST_FLOOD] = BUILD_POLICY(U8), + [IFLA_BRPORT_PROXYARP] = BUILD_POLICY(U8), + [IFLA_BRPORT_LEARNING_SYNC] = BUILD_POLICY(U8), + [IFLA_BRPORT_PROXYARP_WIFI] = BUILD_POLICY(U8), + [IFLA_BRPORT_ROOT_ID] = BUILD_POLICY(U8), + [IFLA_BRPORT_BRIDGE_ID] = BUILD_POLICY(U8), + [IFLA_BRPORT_DESIGNATED_PORT] = BUILD_POLICY(U16), + [IFLA_BRPORT_DESIGNATED_COST] = BUILD_POLICY(U16), + [IFLA_BRPORT_ID] = BUILD_POLICY(U16), + [IFLA_BRPORT_NO] = BUILD_POLICY(U16), + [IFLA_BRPORT_TOPOLOGY_CHANGE_ACK] = BUILD_POLICY(U8), + [IFLA_BRPORT_CONFIG_PENDING] = BUILD_POLICY(U8), + [IFLA_BRPORT_MESSAGE_AGE_TIMER] = BUILD_POLICY(U64), + [IFLA_BRPORT_FORWARD_DELAY_TIMER] = BUILD_POLICY(U64), + [IFLA_BRPORT_HOLD_TIMER] = BUILD_POLICY(U64), + [IFLA_BRPORT_FLUSH] = BUILD_POLICY(U8), + [IFLA_BRPORT_MULTICAST_ROUTER] = BUILD_POLICY(U8), + [IFLA_BRPORT_PAD] = BUILD_POLICY(U8), + [IFLA_BRPORT_MCAST_FLOOD] = BUILD_POLICY(U8), + [IFLA_BRPORT_MCAST_TO_UCAST] = BUILD_POLICY(U8), + [IFLA_BRPORT_VLAN_TUNNEL] = BUILD_POLICY(U8), + [IFLA_BRPORT_BCAST_FLOOD] = BUILD_POLICY(U8), + [IFLA_BRPORT_GROUP_FWD_MASK] = BUILD_POLICY(U16), + [IFLA_BRPORT_NEIGH_SUPPRESS] = BUILD_POLICY(U8), + [IFLA_BRPORT_ISOLATED] = BUILD_POLICY(U8), + [IFLA_BRPORT_BACKUP_PORT] = BUILD_POLICY(U32), + [IFLA_BRPORT_MRP_RING_OPEN] = BUILD_POLICY(U8), + [IFLA_BRPORT_MRP_IN_OPEN] = BUILD_POLICY(U8), + [IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT] = BUILD_POLICY(U32), + [IFLA_BRPORT_MCAST_EHT_HOSTS_CNT] = BUILD_POLICY(U32), +}; + +static const NLAPolicySetUnionElement rtnl_link_info_slave_data_policy_set_union_elements[] = { + BUILD_UNION_ELEMENT_BY_STRING("bridge", rtnl_bridge_port), +}; + +DEFINE_POLICY_SET_UNION(rtnl_link_info_slave_data, IFLA_INFO_SLAVE_KIND); + +static const NLAPolicy rtnl_link_info_policies[] = { + [IFLA_INFO_KIND] = BUILD_POLICY(STRING), + [IFLA_INFO_DATA] = BUILD_POLICY_NESTED_UNION_BY_STRING(rtnl_link_info_data), + /* TODO: Currently IFLA_INFO_XSTATS is used only when IFLA_INFO_KIND is "can". In the future, + * when multiple kinds of netdevs use this attribute, convert its type to NETLINK_TYPE_UNION. */ + [IFLA_INFO_XSTATS] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct can_device_stats)), + [IFLA_INFO_SLAVE_KIND] = BUILD_POLICY(STRING), + [IFLA_INFO_SLAVE_DATA] = BUILD_POLICY_NESTED_UNION_BY_STRING(rtnl_link_info_slave_data), +}; + +DEFINE_POLICY_SET(rtnl_link_info); + +static const struct NLAPolicy rtnl_inet_policies[] = { + [IFLA_INET_CONF] = BUILD_POLICY(BINARY), /* size = IPV4_DEVCONF_MAX * 4 */ +}; + +DEFINE_POLICY_SET(rtnl_inet); + +static const struct NLAPolicy rtnl_inet6_policies[] = { + [IFLA_INET6_FLAGS] = BUILD_POLICY(U32), + [IFLA_INET6_CONF] = BUILD_POLICY(BINARY), /* size = DEVCONF_MAX * sizeof(s32) */ + [IFLA_INET6_STATS] = BUILD_POLICY(BINARY), /* size = IPSTATS_MIB_MAX * sizeof(u64) */ + [IFLA_INET6_MCAST] = {}, /* unused. */ + [IFLA_INET6_CACHEINFO] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_cacheinfo)), + [IFLA_INET6_ICMP6STATS] = BUILD_POLICY(BINARY), /* size = ICMP6_MIB_MAX * sizeof(u64) */ + [IFLA_INET6_TOKEN] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [IFLA_INET6_ADDR_GEN_MODE] = BUILD_POLICY(U8), +}; + +DEFINE_POLICY_SET(rtnl_inet6); + +static const NLAPolicySetUnionElement rtnl_prot_info_policy_set_union_elements[] = { + BUILD_UNION_ELEMENT_BY_FAMILY(AF_BRIDGE, rtnl_bridge_port), + BUILD_UNION_ELEMENT_BY_FAMILY(AF_INET6, rtnl_inet6), +}; + +DEFINE_POLICY_SET_UNION(rtnl_prot_info, 0); + +static const NLAPolicy rtnl_af_spec_unspec_policies[] = { + [AF_INET] = BUILD_POLICY_NESTED(rtnl_inet), + [AF_INET6] = BUILD_POLICY_NESTED(rtnl_inet6), +}; + +static const NLAPolicy rtnl_bridge_vlan_tunnel_info_policies[] = { + [IFLA_BRIDGE_VLAN_TUNNEL_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_VLAN_TUNNEL_VID] = BUILD_POLICY(U16), + [IFLA_BRIDGE_VLAN_TUNNEL_FLAGS] = BUILD_POLICY(U16), +}; + +DEFINE_POLICY_SET(rtnl_bridge_vlan_tunnel_info); + +static const NLAPolicy rtnl_bridge_mrp_instance_policies[] = { + [IFLA_BRIDGE_MRP_INSTANCE_RING_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INSTANCE_P_IFINDEX] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INSTANCE_S_IFINDEX] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INSTANCE_PRIO] = BUILD_POLICY(U16), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_instance); + +static const NLAPolicy rtnl_bridge_mrp_port_state_policies[] = { + [IFLA_BRIDGE_MRP_PORT_STATE_STATE] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_port_state); + +static const NLAPolicy rtnl_bridge_mrp_port_role_policies[] = { + [IFLA_BRIDGE_MRP_PORT_ROLE_ROLE] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_port_role); + +static const NLAPolicy rtnl_bridge_mrp_ring_state_policies[] = { + [IFLA_BRIDGE_MRP_RING_STATE_RING_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_RING_STATE_STATE] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_ring_state); + +static const NLAPolicy rtnl_bridge_mrp_ring_role_policies[] = { + [IFLA_BRIDGE_MRP_RING_ROLE_RING_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_RING_ROLE_ROLE] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_ring_role); + +static const NLAPolicy rtnl_bridge_mrp_start_test_policies[] = { + [IFLA_BRIDGE_MRP_START_TEST_RING_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_START_TEST_INTERVAL] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_START_TEST_MAX_MISS] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_START_TEST_PERIOD] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_START_TEST_MONITOR] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_start_test); + +static const NLAPolicy rtnl_bridge_mrp_info_policies[] = { + [IFLA_BRIDGE_MRP_INFO_RING_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_P_IFINDEX] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_S_IFINDEX] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_PRIO] = BUILD_POLICY(U16), + [IFLA_BRIDGE_MRP_INFO_RING_STATE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_RING_ROLE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_TEST_INTERVAL] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_TEST_MAX_MISS] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_TEST_MONITOR] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_I_IFINDEX] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_IN_STATE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_IN_ROLE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_IN_TEST_INTERVAL] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_INFO_IN_TEST_MAX_MISS] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_info); + +static const NLAPolicy rtnl_bridge_mrp_in_role_policies[] = { + [IFLA_BRIDGE_MRP_IN_ROLE_RING_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_IN_ROLE_IN_ID] = BUILD_POLICY(U16), + [IFLA_BRIDGE_MRP_IN_ROLE_ROLE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_IN_ROLE_I_IFINDEX] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_in_role); + +static const NLAPolicy rtnl_bridge_mrp_in_state_policies[] = { + [IFLA_BRIDGE_MRP_IN_STATE_IN_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_IN_STATE_STATE] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_in_state); + +static const NLAPolicy rtnl_bridge_mrp_start_in_test_policies[] = { + [IFLA_BRIDGE_MRP_START_IN_TEST_IN_ID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_START_IN_TEST_INTERVAL] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_START_IN_TEST_MAX_MISS] = BUILD_POLICY(U32), + [IFLA_BRIDGE_MRP_START_IN_TEST_PERIOD] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp_start_in_test); + +static const NLAPolicy rtnl_bridge_mrp_policies[] = { + [IFLA_BRIDGE_MRP_INSTANCE] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_instance), + [IFLA_BRIDGE_MRP_PORT_STATE] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_port_state), + [IFLA_BRIDGE_MRP_PORT_ROLE] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_port_role), + [IFLA_BRIDGE_MRP_RING_STATE] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_ring_state), + [IFLA_BRIDGE_MRP_RING_ROLE] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_ring_role), + [IFLA_BRIDGE_MRP_START_TEST] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_start_test), + [IFLA_BRIDGE_MRP_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_info), + [IFLA_BRIDGE_MRP_IN_ROLE] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_in_role), + [IFLA_BRIDGE_MRP_IN_STATE] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_in_state), + [IFLA_BRIDGE_MRP_START_IN_TEST] = BUILD_POLICY_NESTED(rtnl_bridge_mrp_start_in_test), +}; + +DEFINE_POLICY_SET(rtnl_bridge_mrp); + +static const NLAPolicy rtnl_bridge_cfm_mep_create_policies[] = { + [IFLA_BRIDGE_CFM_MEP_CREATE_INSTANCE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_MEP_CREATE_DOMAIN] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_MEP_CREATE_DIRECTION] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_MEP_CREATE_IFINDEX] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_mep_create); + +static const NLAPolicy rtnl_bridge_cfm_mep_delete_policies[] = { + [IFLA_BRIDGE_CFM_MEP_DELETE_INSTANCE] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_mep_delete); + +static const NLAPolicy rtnl_bridge_cfm_mep_config_policies[] = { + [IFLA_BRIDGE_CFM_MEP_CONFIG_INSTANCE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_MEP_CONFIG_UNICAST_MAC] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [IFLA_BRIDGE_CFM_MEP_CONFIG_MDLEVEL] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_MEP_CONFIG_MEPID] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_mep_config); + +static const NLAPolicy rtnl_bridge_cfm_cc_config_policies[] = { + [IFLA_BRIDGE_CFM_CC_CONFIG_INSTANCE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_CONFIG_ENABLE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_CONFIG_EXP_INTERVAL] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_CONFIG_EXP_MAID] = BUILD_POLICY_WITH_SIZE(BINARY, CFM_MAID_LENGTH), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_cc_config); + +static const NLAPolicy rtnl_bridge_cfm_cc_peer_mep_policies[] = { + [IFLA_BRIDGE_CFM_CC_PEER_MEP_INSTANCE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_PEER_MEPID] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_cc_peer_mep); + +static const NLAPolicy rtnl_bridge_cfm_cc_rdi_policies[] = { + [IFLA_BRIDGE_CFM_CC_RDI_INSTANCE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_RDI_RDI] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_cc_rdi); + +static const NLAPolicy rtnl_bridge_cfm_cc_ccm_tx_policies[] = { + [IFLA_BRIDGE_CFM_CC_CCM_TX_INSTANCE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_CCM_TX_DMAC] = BUILD_POLICY_WITH_SIZE(ETHER_ADDR, ETH_ALEN), + [IFLA_BRIDGE_CFM_CC_CCM_TX_SEQ_NO_UPDATE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_CCM_TX_PERIOD] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_CCM_TX_IF_TLV] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_CCM_TX_IF_TLV_VALUE] = BUILD_POLICY(U8), + [IFLA_BRIDGE_CFM_CC_CCM_TX_PORT_TLV] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_CCM_TX_PORT_TLV_VALUE] = BUILD_POLICY(U8), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_cc_ccm_tx); + +static const NLAPolicy rtnl_bridge_cfm_mep_status_policies[] = { + [IFLA_BRIDGE_CFM_MEP_STATUS_INSTANCE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_MEP_STATUS_OPCODE_UNEXP_SEEN] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_MEP_STATUS_VERSION_UNEXP_SEEN] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_MEP_STATUS_RX_LEVEL_LOW_SEEN] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_mep_status); + +static const NLAPolicy rtnl_bridge_cfm_cc_peer_status_policies[] = { + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_INSTANCE] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_PEER_MEPID] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_CCM_DEFECT] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_RDI] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_PORT_TLV_VALUE] = BUILD_POLICY(U8), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_IF_TLV_VALUE] = BUILD_POLICY(U8), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_SEEN] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_TLV_SEEN] = BUILD_POLICY(U32), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_SEQ_UNEXP_SEEN] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm_cc_peer_status); + +static const NLAPolicy rtnl_bridge_cfm_policies[] = { + [IFLA_BRIDGE_CFM_MEP_CREATE] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_mep_create), + [IFLA_BRIDGE_CFM_MEP_DELETE] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_mep_delete), + [IFLA_BRIDGE_CFM_MEP_CONFIG] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_mep_config), + [IFLA_BRIDGE_CFM_CC_CONFIG] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_config), + [IFLA_BRIDGE_CFM_CC_PEER_MEP_ADD] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_peer_mep), + [IFLA_BRIDGE_CFM_CC_PEER_MEP_REMOVE] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_peer_mep), + [IFLA_BRIDGE_CFM_CC_RDI] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_rdi), + [IFLA_BRIDGE_CFM_CC_CCM_TX] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_ccm_tx), + [IFLA_BRIDGE_CFM_MEP_CREATE_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_mep_create), + [IFLA_BRIDGE_CFM_MEP_CONFIG_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_mep_config), + [IFLA_BRIDGE_CFM_CC_CONFIG_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_config), + [IFLA_BRIDGE_CFM_CC_RDI_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_rdi), + [IFLA_BRIDGE_CFM_CC_CCM_TX_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_ccm_tx), + [IFLA_BRIDGE_CFM_CC_PEER_MEP_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_peer_mep), + [IFLA_BRIDGE_CFM_MEP_STATUS_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_mep_status), + [IFLA_BRIDGE_CFM_CC_PEER_STATUS_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_cfm_cc_peer_status), +}; + +DEFINE_POLICY_SET(rtnl_bridge_cfm); + +static const NLAPolicy rtnl_af_spec_bridge_policies[] = { + [IFLA_BRIDGE_FLAGS] = BUILD_POLICY(U16), + [IFLA_BRIDGE_MODE] = BUILD_POLICY(U16), + [IFLA_BRIDGE_VLAN_INFO] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct bridge_vlan_info)), + [IFLA_BRIDGE_VLAN_TUNNEL_INFO] = BUILD_POLICY_NESTED(rtnl_bridge_vlan_tunnel_info), + [IFLA_BRIDGE_MRP] = BUILD_POLICY_NESTED(rtnl_bridge_mrp), + [IFLA_BRIDGE_CFM] = BUILD_POLICY_NESTED(rtnl_bridge_cfm), +}; + +static const NLAPolicySetUnionElement rtnl_af_spec_policy_set_union_elements[] = { + BUILD_UNION_ELEMENT_BY_FAMILY(AF_UNSPEC, rtnl_af_spec_unspec), + BUILD_UNION_ELEMENT_BY_FAMILY(AF_BRIDGE, rtnl_af_spec_bridge), +}; + +DEFINE_POLICY_SET_UNION(rtnl_af_spec, 0); + +static const NLAPolicy rtnl_prop_list_policies[] = { + [IFLA_ALT_IFNAME] = BUILD_POLICY_WITH_SIZE(STRING, ALTIFNAMSIZ - 1), +}; + +DEFINE_POLICY_SET(rtnl_prop_list); + +static const NLAPolicy rtnl_vf_vlan_list_policies[] = { + [IFLA_VF_VLAN_INFO] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_vlan_info)), +}; + +DEFINE_POLICY_SET(rtnl_vf_vlan_list); + +static const NLAPolicy rtnl_vf_info_policies[] = { + [IFLA_VF_MAC] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_mac)), + [IFLA_VF_VLAN] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_vlan)), + [IFLA_VF_VLAN_LIST] = BUILD_POLICY_NESTED(rtnl_vf_vlan_list), + [IFLA_VF_TX_RATE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_tx_rate)), + [IFLA_VF_SPOOFCHK] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_spoofchk)), + [IFLA_VF_RATE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_rate)), + [IFLA_VF_LINK_STATE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_link_state)), + [IFLA_VF_RSS_QUERY_EN] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_rss_query_en)), + [IFLA_VF_TRUST] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_trust)), + [IFLA_VF_IB_NODE_GUID] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_guid)), + [IFLA_VF_IB_PORT_GUID] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_vf_guid)), +}; + +DEFINE_POLICY_SET(rtnl_vf_info); + +static const NLAPolicy rtnl_vfinfo_list_policies[] = { + [IFLA_VF_INFO] = BUILD_POLICY_NESTED(rtnl_vf_info), +}; + +DEFINE_POLICY_SET(rtnl_vfinfo_list); + +static const NLAPolicy rtnl_vf_port_policies[] = { + [IFLA_PORT_VF] = BUILD_POLICY(U32), + [IFLA_PORT_PROFILE] = BUILD_POLICY(STRING), + [IFLA_PORT_VSI_TYPE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct ifla_port_vsi)), + [IFLA_PORT_INSTANCE_UUID] = BUILD_POLICY_WITH_SIZE(BINARY, PORT_UUID_MAX), + [IFLA_PORT_HOST_UUID] = BUILD_POLICY_WITH_SIZE(BINARY, PORT_UUID_MAX), + [IFLA_PORT_REQUEST] = BUILD_POLICY(U8), + [IFLA_PORT_RESPONSE] = BUILD_POLICY(U16), +}; + +DEFINE_POLICY_SET(rtnl_vf_port); + +static const NLAPolicy rtnl_vf_ports_policies[] = { + [IFLA_VF_PORT] = BUILD_POLICY_NESTED(rtnl_vf_port), +}; + +DEFINE_POLICY_SET(rtnl_vf_ports); + +static const NLAPolicy rtnl_xdp_policies[] = { + [IFLA_XDP_FD] = BUILD_POLICY(S32), + [IFLA_XDP_ATTACHED] = BUILD_POLICY(U8), + [IFLA_XDP_FLAGS] = BUILD_POLICY(U32), + [IFLA_XDP_PROG_ID] = BUILD_POLICY(U32), + [IFLA_XDP_DRV_PROG_ID] = BUILD_POLICY(U32), + [IFLA_XDP_SKB_PROG_ID] = BUILD_POLICY(U32), + [IFLA_XDP_HW_PROG_ID] = BUILD_POLICY(U32), + [IFLA_XDP_EXPECTED_FD] = BUILD_POLICY(S32), +}; + +DEFINE_POLICY_SET(rtnl_xdp); + +static const NLAPolicy rtnl_proto_down_reason_policies[] = { + [IFLA_PROTO_DOWN_REASON_MASK] = BUILD_POLICY(U32), + [IFLA_PROTO_DOWN_REASON_VALUE] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_proto_down_reason); + +static const NLAPolicy rtnl_link_policies[] = { + [IFLA_ADDRESS] = BUILD_POLICY(ETHER_ADDR), + [IFLA_BROADCAST] = BUILD_POLICY(ETHER_ADDR), + [IFLA_IFNAME] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ - 1), + [IFLA_MTU] = BUILD_POLICY(U32), + [IFLA_LINK] = BUILD_POLICY(U32), + [IFLA_QDISC] = BUILD_POLICY(STRING), + [IFLA_STATS] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct rtnl_link_stats)), + [IFLA_COST] = { /* Not used. */ }, + [IFLA_PRIORITY] = { /* Not used. */ }, + [IFLA_MASTER] = BUILD_POLICY(U32), + [IFLA_WIRELESS] = { /* Used only by wext. */ }, + [IFLA_PROTINFO] = BUILD_POLICY_NESTED_UNION_BY_FAMILY(rtnl_prot_info), + [IFLA_TXQLEN] = BUILD_POLICY(U32), + [IFLA_MAP] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct rtnl_link_ifmap)), + [IFLA_WEIGHT] = BUILD_POLICY(U32), + [IFLA_OPERSTATE] = BUILD_POLICY(U8), + [IFLA_LINKMODE] = BUILD_POLICY(U8), + [IFLA_LINKINFO] = BUILD_POLICY_NESTED(rtnl_link_info), + [IFLA_NET_NS_PID] = BUILD_POLICY(U32), + [IFLA_IFALIAS] = BUILD_POLICY_WITH_SIZE(STRING, IFALIASZ - 1), + [IFLA_NUM_VF] = BUILD_POLICY(U32), + [IFLA_VFINFO_LIST] = BUILD_POLICY_NESTED(rtnl_vfinfo_list), + [IFLA_STATS64] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct rtnl_link_stats64)), + [IFLA_VF_PORTS] = BUILD_POLICY_NESTED(rtnl_vf_ports), + [IFLA_PORT_SELF] = BUILD_POLICY_NESTED(rtnl_vf_port), + [IFLA_AF_SPEC] = BUILD_POLICY_NESTED_UNION_BY_FAMILY(rtnl_af_spec), + [IFLA_GROUP] = BUILD_POLICY(U32), + [IFLA_NET_NS_FD] = BUILD_POLICY(U32), + [IFLA_EXT_MASK] = BUILD_POLICY(U32), + [IFLA_PROMISCUITY] = BUILD_POLICY(U32), + [IFLA_NUM_TX_QUEUES] = BUILD_POLICY(U32), + [IFLA_NUM_RX_QUEUES] = BUILD_POLICY(U32), + [IFLA_CARRIER] = BUILD_POLICY(U8), + [IFLA_PHYS_PORT_ID] = BUILD_POLICY_WITH_SIZE(BINARY, MAX_PHYS_ITEM_ID_LEN), + [IFLA_CARRIER_CHANGES] = BUILD_POLICY(U32), + [IFLA_PHYS_SWITCH_ID] = BUILD_POLICY_WITH_SIZE(BINARY, MAX_PHYS_ITEM_ID_LEN), + [IFLA_LINK_NETNSID] = BUILD_POLICY(S32), + [IFLA_PHYS_PORT_NAME] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ - 1), + [IFLA_PROTO_DOWN] = BUILD_POLICY(U8), + [IFLA_GSO_MAX_SEGS] = BUILD_POLICY(U32), + [IFLA_GSO_MAX_SIZE] = BUILD_POLICY(U32), + [IFLA_XDP] = BUILD_POLICY_NESTED(rtnl_xdp), + [IFLA_EVENT] = BUILD_POLICY(U32), + [IFLA_NEW_NETNSID] = BUILD_POLICY(S32), + [IFLA_TARGET_NETNSID] = BUILD_POLICY(S32), + [IFLA_CARRIER_UP_COUNT] = BUILD_POLICY(U32), + [IFLA_CARRIER_DOWN_COUNT] = BUILD_POLICY(U32), + [IFLA_NEW_IFINDEX] = BUILD_POLICY(S32), + [IFLA_MIN_MTU] = BUILD_POLICY(U32), + [IFLA_MAX_MTU] = BUILD_POLICY(U32), + [IFLA_PROP_LIST] = BUILD_POLICY_NESTED(rtnl_prop_list), + [IFLA_ALT_IFNAME] = BUILD_POLICY_WITH_SIZE(STRING, ALTIFNAMSIZ - 1), + [IFLA_PERM_ADDRESS] = BUILD_POLICY(ETHER_ADDR), + [IFLA_PROTO_DOWN_REASON] = BUILD_POLICY_NESTED(rtnl_proto_down_reason), + [IFLA_PARENT_DEV_NAME] = BUILD_POLICY(STRING), + [IFLA_PARENT_DEV_BUS_NAME] = BUILD_POLICY(STRING), +}; + +DEFINE_POLICY_SET(rtnl_link); + +/* IFA_FLAGS was defined in kernel 3.14, but we still support older + * kernels where IFA_MAX is lower. */ +static const NLAPolicy rtnl_address_policies[] = { + [IFA_ADDRESS] = BUILD_POLICY(IN_ADDR), + [IFA_LOCAL] = BUILD_POLICY(IN_ADDR), + [IFA_LABEL] = BUILD_POLICY_WITH_SIZE(STRING, IFNAMSIZ - 1), + [IFA_BROADCAST] = BUILD_POLICY(IN_ADDR), + [IFA_ANYCAST] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [IFA_CACHEINFO] = BUILD_POLICY_WITH_SIZE(CACHE_INFO, sizeof(struct ifa_cacheinfo)), + [IFA_MULTICAST] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [IFA_FLAGS] = BUILD_POLICY(U32), + [IFA_RT_PRIORITY] = BUILD_POLICY(U32), + [IFA_TARGET_NETNSID] = BUILD_POLICY(S32), +}; + +DEFINE_POLICY_SET(rtnl_address); + +/* RTM_METRICS --- array of struct rtattr with types of RTAX_* */ + +static const NLAPolicy rtnl_route_metrics_policies[] = { + [RTAX_MTU] = BUILD_POLICY(U32), + [RTAX_WINDOW] = BUILD_POLICY(U32), + [RTAX_RTT] = BUILD_POLICY(U32), + [RTAX_RTTVAR] = BUILD_POLICY(U32), + [RTAX_SSTHRESH] = BUILD_POLICY(U32), + [RTAX_CWND] = BUILD_POLICY(U32), + [RTAX_ADVMSS] = BUILD_POLICY(U32), + [RTAX_REORDERING] = BUILD_POLICY(U32), + [RTAX_HOPLIMIT] = BUILD_POLICY(U32), + [RTAX_INITCWND] = BUILD_POLICY(U32), + [RTAX_FEATURES] = BUILD_POLICY(U32), + [RTAX_RTO_MIN] = BUILD_POLICY(U32), + [RTAX_INITRWND] = BUILD_POLICY(U32), + [RTAX_QUICKACK] = BUILD_POLICY(U32), + [RTAX_CC_ALGO] = BUILD_POLICY(STRING), + [RTAX_FASTOPEN_NO_COOKIE] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_route_metrics); + +static const NLAPolicy rtnl_route_policies[] = { + [RTA_DST] = BUILD_POLICY(IN_ADDR), + [RTA_SRC] = BUILD_POLICY(IN_ADDR), + [RTA_IIF] = BUILD_POLICY(U32), + [RTA_OIF] = BUILD_POLICY(U32), + [RTA_GATEWAY] = BUILD_POLICY(IN_ADDR), + [RTA_PRIORITY] = BUILD_POLICY(U32), + [RTA_PREFSRC] = BUILD_POLICY(IN_ADDR), + [RTA_METRICS] = BUILD_POLICY_NESTED(rtnl_route_metrics), + [RTA_MULTIPATH] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct rtnexthop)), + [RTA_FLOW] = BUILD_POLICY(U32), + [RTA_CACHEINFO] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct rta_cacheinfo)), + [RTA_TABLE] = BUILD_POLICY(U32), + [RTA_MARK] = BUILD_POLICY(U32), + [RTA_MFC_STATS] = BUILD_POLICY(U64), + [RTA_VIA] = BUILD_POLICY(BINARY), /* See struct rtvia */ + [RTA_NEWDST] = BUILD_POLICY(U32), + [RTA_PREF] = BUILD_POLICY(U8), + [RTA_ENCAP_TYPE] = BUILD_POLICY(U16), + [RTA_ENCAP] = { .type = NETLINK_TYPE_NESTED }, /* Multiple type systems i.e. LWTUNNEL_ENCAP_MPLS/LWTUNNEL_ENCAP_IP/LWTUNNEL_ENCAP_ILA etc... */ + [RTA_EXPIRES] = BUILD_POLICY(U32), + [RTA_UID] = BUILD_POLICY(U32), + [RTA_TTL_PROPAGATE] = BUILD_POLICY(U8), + [RTA_IP_PROTO] = BUILD_POLICY(U8), + [RTA_SPORT] = BUILD_POLICY(U16), + [RTA_DPORT] = BUILD_POLICY(U16), + [RTA_NH_ID] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_route); + +static const NLAPolicy rtnl_neigh_policies[] = { + [NDA_DST] = BUILD_POLICY(IN_ADDR), + [NDA_LLADDR] = BUILD_POLICY(ETHER_ADDR), + [NDA_CACHEINFO] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct nda_cacheinfo)), + [NDA_PROBES] = BUILD_POLICY(U32), + [NDA_VLAN] = BUILD_POLICY(U16), + [NDA_PORT] = BUILD_POLICY(U16), + [NDA_VNI] = BUILD_POLICY(U32), + [NDA_IFINDEX] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_neigh); + +static const NLAPolicy rtnl_addrlabel_policies[] = { + [IFAL_ADDRESS] = BUILD_POLICY_WITH_SIZE(IN_ADDR, sizeof(struct in6_addr)), + [IFAL_LABEL] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_addrlabel); + +static const NLAPolicy rtnl_routing_policy_rule_policies[] = { + [FRA_DST] = BUILD_POLICY(IN_ADDR), + [FRA_SRC] = BUILD_POLICY(IN_ADDR), + [FRA_IIFNAME] = BUILD_POLICY(STRING), + [FRA_GOTO] = BUILD_POLICY(U32), + [FRA_PRIORITY] = BUILD_POLICY(U32), + [FRA_FWMARK] = BUILD_POLICY(U32), + [FRA_FLOW] = BUILD_POLICY(U32), + [FRA_TUN_ID] = BUILD_POLICY(U64), + [FRA_SUPPRESS_IFGROUP] = BUILD_POLICY(U32), + [FRA_SUPPRESS_PREFIXLEN] = BUILD_POLICY(U32), + [FRA_TABLE] = BUILD_POLICY(U32), + [FRA_FWMASK] = BUILD_POLICY(U32), + [FRA_OIFNAME] = BUILD_POLICY(STRING), + [FRA_PAD] = BUILD_POLICY(U32), + [FRA_L3MDEV] = BUILD_POLICY(U8), + [FRA_UID_RANGE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct fib_rule_uid_range)), + [FRA_PROTOCOL] = BUILD_POLICY(U8), + [FRA_IP_PROTO] = BUILD_POLICY(U8), + [FRA_SPORT_RANGE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct fib_rule_port_range)), + [FRA_DPORT_RANGE] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct fib_rule_port_range)), +}; + +DEFINE_POLICY_SET(rtnl_routing_policy_rule); + +static const NLAPolicy rtnl_nexthop_policies[] = { + [NHA_ID] = BUILD_POLICY(U32), + [NHA_GROUP] = { /* array of struct nexthop_grp */ }, + [NHA_GROUP_TYPE] = BUILD_POLICY(U16), + [NHA_BLACKHOLE] = BUILD_POLICY(FLAG), + [NHA_OIF] = BUILD_POLICY(U32), + [NHA_GATEWAY] = BUILD_POLICY(IN_ADDR), + [NHA_ENCAP_TYPE] = BUILD_POLICY(U16), + [NHA_ENCAP] = { .type = NETLINK_TYPE_NESTED }, + [NHA_GROUPS] = BUILD_POLICY(FLAG), + [NHA_MASTER] = BUILD_POLICY(U32), + [NHA_FDB] = BUILD_POLICY(FLAG), +}; + +DEFINE_POLICY_SET(rtnl_nexthop); + +static const NLAPolicy rtnl_tca_option_data_cake_policies[] = { + [TCA_CAKE_BASE_RATE64] = BUILD_POLICY(U64), + [TCA_CAKE_DIFFSERV_MODE] = BUILD_POLICY(U32), + [TCA_CAKE_ATM] = BUILD_POLICY(U32), + [TCA_CAKE_FLOW_MODE] = BUILD_POLICY(U32), + [TCA_CAKE_OVERHEAD] = BUILD_POLICY(S32), + [TCA_CAKE_RTT] = BUILD_POLICY(U32), + [TCA_CAKE_TARGET] = BUILD_POLICY(U32), + [TCA_CAKE_AUTORATE] = BUILD_POLICY(U32), + [TCA_CAKE_MEMORY] = BUILD_POLICY(U32), + [TCA_CAKE_NAT] = BUILD_POLICY(U32), + [TCA_CAKE_RAW] = BUILD_POLICY(U32), + [TCA_CAKE_WASH] = BUILD_POLICY(U32), + [TCA_CAKE_MPU] = BUILD_POLICY(U32), + [TCA_CAKE_INGRESS] = BUILD_POLICY(U32), + [TCA_CAKE_ACK_FILTER] = BUILD_POLICY(U32), + [TCA_CAKE_SPLIT_GSO] = BUILD_POLICY(U32), + [TCA_CAKE_FWMARK] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_codel_policies[] = { + [TCA_CODEL_TARGET] = BUILD_POLICY(U32), + [TCA_CODEL_LIMIT] = BUILD_POLICY(U32), + [TCA_CODEL_INTERVAL] = BUILD_POLICY(U32), + [TCA_CODEL_ECN] = BUILD_POLICY(U32), + [TCA_CODEL_CE_THRESHOLD] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_drr_policies[] = { + [TCA_DRR_QUANTUM] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_ets_quanta_policies[] = { + [TCA_ETS_QUANTA_BAND] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_tca_option_data_ets_quanta); + +static const NLAPolicy rtnl_tca_option_data_ets_prio_policies[] = { + [TCA_ETS_PRIOMAP_BAND] = BUILD_POLICY(U8), +}; + +DEFINE_POLICY_SET(rtnl_tca_option_data_ets_prio); + +static const NLAPolicy rtnl_tca_option_data_ets_policies[] = { + [TCA_ETS_NBANDS] = BUILD_POLICY(U8), + [TCA_ETS_NSTRICT] = BUILD_POLICY(U8), + [TCA_ETS_QUANTA] = BUILD_POLICY_NESTED(rtnl_tca_option_data_ets_quanta), + [TCA_ETS_PRIOMAP] = BUILD_POLICY_NESTED(rtnl_tca_option_data_ets_prio), + [TCA_ETS_QUANTA_BAND] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_fq_policies[] = { + [TCA_FQ_PLIMIT] = BUILD_POLICY(U32), + [TCA_FQ_FLOW_PLIMIT] = BUILD_POLICY(U32), + [TCA_FQ_QUANTUM] = BUILD_POLICY(U32), + [TCA_FQ_INITIAL_QUANTUM] = BUILD_POLICY(U32), + [TCA_FQ_RATE_ENABLE] = BUILD_POLICY(U32), + [TCA_FQ_FLOW_DEFAULT_RATE] = BUILD_POLICY(U32), + [TCA_FQ_FLOW_MAX_RATE] = BUILD_POLICY(U32), + [TCA_FQ_BUCKETS_LOG] = BUILD_POLICY(U32), + [TCA_FQ_FLOW_REFILL_DELAY] = BUILD_POLICY(U32), + [TCA_FQ_LOW_RATE_THRESHOLD] = BUILD_POLICY(U32), + [TCA_FQ_CE_THRESHOLD] = BUILD_POLICY(U32), + [TCA_FQ_ORPHAN_MASK] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_fq_codel_policies[] = { + [TCA_FQ_CODEL_TARGET] = BUILD_POLICY(U32), + [TCA_FQ_CODEL_LIMIT] = BUILD_POLICY(U32), + [TCA_FQ_CODEL_INTERVAL] = BUILD_POLICY(U32), + [TCA_FQ_CODEL_ECN] = BUILD_POLICY(U32), + [TCA_FQ_CODEL_FLOWS] = BUILD_POLICY(U32), + [TCA_FQ_CODEL_QUANTUM] = BUILD_POLICY(U32), + [TCA_FQ_CODEL_CE_THRESHOLD] = BUILD_POLICY(U32), + [TCA_FQ_CODEL_DROP_BATCH_SIZE] = BUILD_POLICY(U32), + [TCA_FQ_CODEL_MEMORY_LIMIT] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_fq_pie_policies[] = { + [TCA_FQ_PIE_LIMIT] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_gred_policies[] = { + [TCA_GRED_DPS] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct tc_gred_sopt)), +}; + +static const NLAPolicy rtnl_tca_option_data_hhf_policies[] = { + [TCA_HHF_BACKLOG_LIMIT] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_htb_policies[] = { + [TCA_HTB_PARMS] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct tc_htb_opt)), + [TCA_HTB_INIT] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct tc_htb_glob)), + [TCA_HTB_CTAB] = BUILD_POLICY_WITH_SIZE(BINARY, TC_RTAB_SIZE), + [TCA_HTB_RTAB] = BUILD_POLICY_WITH_SIZE(BINARY, TC_RTAB_SIZE), + [TCA_HTB_RATE64] = BUILD_POLICY(U64), + [TCA_HTB_CEIL64] = BUILD_POLICY(U64), +}; + +static const NLAPolicy rtnl_tca_option_data_pie_policies[] = { + [TCA_PIE_LIMIT] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_qfq_policies[] = { + [TCA_QFQ_WEIGHT] = BUILD_POLICY(U32), + [TCA_QFQ_LMAX] = BUILD_POLICY(U32), +}; + +static const NLAPolicy rtnl_tca_option_data_sfb_policies[] = { + [TCA_SFB_PARMS] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct tc_sfb_qopt)), +}; + +static const NLAPolicy rtnl_tca_option_data_tbf_policies[] = { + [TCA_TBF_PARMS] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct tc_tbf_qopt)), + [TCA_TBF_RTAB] = BUILD_POLICY_WITH_SIZE(BINARY, TC_RTAB_SIZE), + [TCA_TBF_PTAB] = BUILD_POLICY_WITH_SIZE(BINARY, TC_RTAB_SIZE), + [TCA_TBF_RATE64] = BUILD_POLICY(U64), + [TCA_TBF_PRATE64] = BUILD_POLICY(U64), + [TCA_TBF_BURST] = BUILD_POLICY(U32), + [TCA_TBF_PBURST] = BUILD_POLICY(U32), +}; + +static const NLAPolicySetUnionElement rtnl_tca_option_data_policy_set_union_elements[] = { + BUILD_UNION_ELEMENT_BY_STRING("cake", rtnl_tca_option_data_cake), + BUILD_UNION_ELEMENT_BY_STRING("codel", rtnl_tca_option_data_codel), + BUILD_UNION_ELEMENT_BY_STRING("drr", rtnl_tca_option_data_drr), + BUILD_UNION_ELEMENT_BY_STRING("ets", rtnl_tca_option_data_ets), + BUILD_UNION_ELEMENT_BY_STRING("fq", rtnl_tca_option_data_fq), + BUILD_UNION_ELEMENT_BY_STRING("fq_codel", rtnl_tca_option_data_fq_codel), + BUILD_UNION_ELEMENT_BY_STRING("fq_pie", rtnl_tca_option_data_fq_pie), + BUILD_UNION_ELEMENT_BY_STRING("gred", rtnl_tca_option_data_gred), + BUILD_UNION_ELEMENT_BY_STRING("hhf", rtnl_tca_option_data_hhf), + BUILD_UNION_ELEMENT_BY_STRING("htb", rtnl_tca_option_data_htb), + BUILD_UNION_ELEMENT_BY_STRING("pie", rtnl_tca_option_data_pie), + BUILD_UNION_ELEMENT_BY_STRING("qfq", rtnl_tca_option_data_qfq), + BUILD_UNION_ELEMENT_BY_STRING("sfb", rtnl_tca_option_data_sfb), + BUILD_UNION_ELEMENT_BY_STRING("tbf", rtnl_tca_option_data_tbf), +}; + +DEFINE_POLICY_SET_UNION(rtnl_tca_option_data, TCA_KIND); + +static const NLAPolicy rtnl_tca_policies[] = { + [TCA_KIND] = BUILD_POLICY(STRING), + [TCA_OPTIONS] = BUILD_POLICY_NESTED_UNION_BY_STRING(rtnl_tca_option_data), + [TCA_INGRESS_BLOCK] = BUILD_POLICY(U32), + [TCA_EGRESS_BLOCK] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(rtnl_tca); + +static const NLAPolicy rtnl_mdb_policies[] = { + [MDBA_SET_ENTRY] = BUILD_POLICY_WITH_SIZE(BINARY, sizeof(struct br_port_msg)), +}; + +DEFINE_POLICY_SET(rtnl_mdb); + +static const NLAPolicy rtnl_policies[] = { + [RTM_NEWLINK] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), + [RTM_DELLINK] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), + [RTM_GETLINK] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), + [RTM_SETLINK] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), + [RTM_NEWLINKPROP] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), + [RTM_DELLINKPROP] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), + [RTM_GETLINKPROP] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_link, sizeof(struct ifinfomsg)), + [RTM_NEWADDR] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_address, sizeof(struct ifaddrmsg)), + [RTM_DELADDR] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_address, sizeof(struct ifaddrmsg)), + [RTM_GETADDR] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_address, sizeof(struct ifaddrmsg)), + [RTM_NEWROUTE] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_route, sizeof(struct rtmsg)), + [RTM_DELROUTE] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_route, sizeof(struct rtmsg)), + [RTM_GETROUTE] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_route, sizeof(struct rtmsg)), + [RTM_NEWNEIGH] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_neigh, sizeof(struct ndmsg)), + [RTM_DELNEIGH] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_neigh, sizeof(struct ndmsg)), + [RTM_GETNEIGH] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_neigh, sizeof(struct ndmsg)), + [RTM_NEWADDRLABEL] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_addrlabel, sizeof(struct ifaddrlblmsg)), + [RTM_DELADDRLABEL] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_addrlabel, sizeof(struct ifaddrlblmsg)), + [RTM_GETADDRLABEL] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_addrlabel, sizeof(struct ifaddrlblmsg)), + [RTM_NEWRULE] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_routing_policy_rule, sizeof(struct fib_rule_hdr)), + [RTM_DELRULE] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_routing_policy_rule, sizeof(struct fib_rule_hdr)), + [RTM_GETRULE] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_routing_policy_rule, sizeof(struct fib_rule_hdr)), + [RTM_NEWNEXTHOP] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_nexthop, sizeof(struct nhmsg)), + [RTM_DELNEXTHOP] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_nexthop, sizeof(struct nhmsg)), + [RTM_GETNEXTHOP] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_nexthop, sizeof(struct nhmsg)), + [RTM_NEWQDISC] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_tca, sizeof(struct tcmsg)), + [RTM_DELQDISC] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_tca, sizeof(struct tcmsg)), + [RTM_GETQDISC] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_tca, sizeof(struct tcmsg)), + [RTM_NEWTCLASS] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_tca, sizeof(struct tcmsg)), + [RTM_DELTCLASS] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_tca, sizeof(struct tcmsg)), + [RTM_GETTCLASS] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_tca, sizeof(struct tcmsg)), + [RTM_NEWMDB] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_mdb, sizeof(struct br_port_msg)), + [RTM_DELMDB] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_mdb, sizeof(struct br_port_msg)), + [RTM_GETMDB] = BUILD_POLICY_NESTED_WITH_SIZE(rtnl_mdb, sizeof(struct br_port_msg)), +}; + +DEFINE_POLICY_SET(rtnl); + +const NLAPolicy *rtnl_get_policy(uint16_t nlmsg_type) { + return policy_set_get_policy(&rtnl_policy_set, nlmsg_type); +} diff --git a/src/libsystemd/sd-netlink/netlink-types.c b/src/libsystemd/sd-netlink/netlink-types.c new file mode 100644 index 0000000..21ef80c --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-types.c @@ -0,0 +1,153 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <linux/netlink.h> + +#include "netlink-genl.h" +#include "netlink-internal.h" +#include "netlink-types-internal.h" + +static const NLAPolicy empty_policies[1] = { + /* fake array to avoid .types==NULL, which denotes invalid type-systems */ +}; + +DEFINE_POLICY_SET(empty); + +static const NLAPolicy error_policies[] = { + [NLMSGERR_ATTR_MSG] = BUILD_POLICY(STRING), + [NLMSGERR_ATTR_OFFS] = BUILD_POLICY(U32), +}; + +DEFINE_POLICY_SET(error); + +static const NLAPolicy basic_policies[] = { + [NLMSG_DONE] = BUILD_POLICY_NESTED(empty), + [NLMSG_ERROR] = BUILD_POLICY_NESTED_WITH_SIZE(error, sizeof(struct nlmsgerr)), +}; + +DEFINE_POLICY_SET(basic); + +NLAType policy_get_type(const NLAPolicy *policy) { + return ASSERT_PTR(policy)->type; +} + +size_t policy_get_size(const NLAPolicy *policy) { + return ASSERT_PTR(policy)->size; +} + +const NLAPolicySet *policy_get_policy_set(const NLAPolicy *policy) { + assert(policy); + assert(policy->type == NETLINK_TYPE_NESTED); + + return ASSERT_PTR(policy->policy_set); +} + +const NLAPolicySetUnion *policy_get_policy_set_union(const NLAPolicy *policy) { + assert(policy); + assert(IN_SET(policy->type, NETLINK_TYPE_NESTED_UNION_BY_STRING, NETLINK_TYPE_NESTED_UNION_BY_FAMILY)); + + return ASSERT_PTR(policy->policy_set_union); +} + +int netlink_get_policy_set_and_header_size( + sd_netlink *nl, + uint16_t type, + const NLAPolicySet **ret_policy_set, + size_t *ret_header_size) { + + const NLAPolicy *policy; + + assert(nl); + + if (IN_SET(type, NLMSG_DONE, NLMSG_ERROR)) + policy = policy_set_get_policy(&basic_policy_set, type); + else + switch (nl->protocol) { + case NETLINK_ROUTE: + policy = rtnl_get_policy(type); + break; + case NETLINK_NETFILTER: + policy = nfnl_get_policy(type); + break; + case NETLINK_GENERIC: + return genl_get_policy_set_and_header_size(nl, type, ret_policy_set, ret_header_size); + default: + return -EOPNOTSUPP; + } + if (!policy) + return -EOPNOTSUPP; + + if (policy_get_type(policy) != NETLINK_TYPE_NESTED) + return -EOPNOTSUPP; + + if (ret_policy_set) + *ret_policy_set = policy_get_policy_set(policy); + if (ret_header_size) + *ret_header_size = policy_get_size(policy); + return 0; +} + +const NLAPolicy *policy_set_get_policy(const NLAPolicySet *policy_set, uint16_t attr_type) { + const NLAPolicy *policy; + + assert(policy_set); + assert(policy_set->policies); + + if (attr_type >= policy_set->count) + return NULL; + + policy = &policy_set->policies[attr_type]; + + if (policy->type == NETLINK_TYPE_UNSPEC) + return NULL; + + return policy; +} + +const NLAPolicySet *policy_set_get_policy_set(const NLAPolicySet *policy_set, uint16_t attr_type) { + const NLAPolicy *policy; + + policy = policy_set_get_policy(policy_set, attr_type); + if (!policy) + return NULL; + + return policy_get_policy_set(policy); +} + +const NLAPolicySetUnion *policy_set_get_policy_set_union(const NLAPolicySet *policy_set, uint16_t attr_type) { + const NLAPolicy *policy; + + policy = policy_set_get_policy(policy_set, attr_type); + if (!policy) + return NULL; + + return policy_get_policy_set_union(policy); +} + +uint16_t policy_set_union_get_match_attribute(const NLAPolicySetUnion *policy_set_union) { + assert(policy_set_union->match_attribute != 0); + + return policy_set_union->match_attribute; +} + +const NLAPolicySet *policy_set_union_get_policy_set_by_string(const NLAPolicySetUnion *policy_set_union, const char *string) { + assert(policy_set_union); + assert(policy_set_union->elements); + assert(string); + + for (size_t i = 0; i < policy_set_union->count; i++) + if (streq(policy_set_union->elements[i].string, string)) + return &policy_set_union->elements[i].policy_set; + + return NULL; +} + +const NLAPolicySet *policy_set_union_get_policy_set_by_family(const NLAPolicySetUnion *policy_set_union, int family) { + assert(policy_set_union); + assert(policy_set_union->elements); + + for (size_t i = 0; i < policy_set_union->count; i++) + if (policy_set_union->elements[i].family == family) + return &policy_set_union->elements[i].policy_set; + + return NULL; +} diff --git a/src/libsystemd/sd-netlink/netlink-types.h b/src/libsystemd/sd-netlink/netlink-types.h new file mode 100644 index 0000000..e034a98 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-types.h @@ -0,0 +1,63 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include <errno.h> + +#include "sd-netlink.h" + +typedef enum NLAType { + NETLINK_TYPE_UNSPEC, /* NLA_UNSPEC */ + NETLINK_TYPE_BINARY, /* NLA_BINARY */ + NETLINK_TYPE_FLAG, /* NLA_FLAG */ + NETLINK_TYPE_U8, /* NLA_U8 */ + NETLINK_TYPE_U16, /* NLA_U16 */ + NETLINK_TYPE_U32, /* NLA_U32 */ + NETLINK_TYPE_U64, /* NLA_U64 */ + NETLINK_TYPE_S8, /* NLA_S8 */ + NETLINK_TYPE_S16, /* NLA_S16 */ + NETLINK_TYPE_S32, /* NLA_S32 */ + NETLINK_TYPE_S64, /* NLA_S64 */ + NETLINK_TYPE_STRING, /* NLA_STRING */ + NETLINK_TYPE_BITFIELD32, /* NLA_BITFIELD32 */ + NETLINK_TYPE_REJECT, /* NLA_REJECT */ + NETLINK_TYPE_IN_ADDR, + NETLINK_TYPE_ETHER_ADDR, + NETLINK_TYPE_CACHE_INFO, + NETLINK_TYPE_SOCKADDR, + NETLINK_TYPE_NESTED, /* NLA_NESTED */ + NETLINK_TYPE_NESTED_UNION_BY_STRING, + NETLINK_TYPE_NESTED_UNION_BY_FAMILY, + _NETLINK_TYPE_MAX, + _NETLINK_TYPE_INVALID = -EINVAL, +} NLAType; + +typedef struct NLAPolicy NLAPolicy; +typedef struct NLAPolicySet NLAPolicySet; +typedef struct NLAPolicySetUnion NLAPolicySetUnion; + +const NLAPolicy *rtnl_get_policy(uint16_t nlmsg_type); +const NLAPolicy *nfnl_get_policy(uint16_t nlmsg_type); +const NLAPolicySet *genl_get_policy_set_by_name(const char *name); +int genl_get_policy_set_and_header_size( + sd_netlink *nl, + uint16_t id, + const NLAPolicySet **ret_policy_set, + size_t *ret_header_size); + +NLAType policy_get_type(const NLAPolicy *policy); +size_t policy_get_size(const NLAPolicy *policy); +const NLAPolicySet *policy_get_policy_set(const NLAPolicy *policy); +const NLAPolicySetUnion *policy_get_policy_set_union(const NLAPolicy *policy); + +int netlink_get_policy_set_and_header_size( + sd_netlink *nl, + uint16_t type, + const NLAPolicySet **ret_policy_set, + size_t *ret_header_size); + +const NLAPolicy *policy_set_get_policy(const NLAPolicySet *policy_set, uint16_t attr_type); +const NLAPolicySet *policy_set_get_policy_set(const NLAPolicySet *type_system, uint16_t attr_type); +const NLAPolicySetUnion *policy_set_get_policy_set_union(const NLAPolicySet *type_system, uint16_t attr_type); +uint16_t policy_set_union_get_match_attribute(const NLAPolicySetUnion *policy_set_union); +const NLAPolicySet *policy_set_union_get_policy_set_by_string(const NLAPolicySetUnion *type_system_union, const char *string); +const NLAPolicySet *policy_set_union_get_policy_set_by_family(const NLAPolicySetUnion *type_system_union, int family); diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c new file mode 100644 index 0000000..cfcf257 --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-util.c @@ -0,0 +1,760 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "sd-netlink.h" + +#include "fd-util.h" +#include "io-util.h" +#include "memory-util.h" +#include "netlink-internal.h" +#include "netlink-util.h" +#include "parse-util.h" +#include "process-util.h" +#include "strv.h" + +int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; + _cleanup_strv_free_ char **alternative_names = NULL; + bool altname_deleted = false; + int r; + + assert(rtnl); + assert(ifindex > 0); + assert(name); + + if (!ifname_valid(name)) + return -EINVAL; + + r = rtnl_get_link_alternative_names(rtnl, ifindex, &alternative_names); + if (r < 0) + log_debug_errno(r, "Failed to get alternative names on network interface %i, ignoring: %m", + ifindex); + + if (strv_contains(alternative_names, name)) { + r = rtnl_delete_link_alternative_names(rtnl, ifindex, STRV_MAKE(name)); + if (r < 0) + return log_debug_errno(r, "Failed to remove '%s' from alternative names on network interface %i: %m", + name, ifindex); + + altname_deleted = true; + } + + r = sd_rtnl_message_new_link(*rtnl, &message, RTM_SETLINK, ifindex); + if (r < 0) + goto fail; + + r = sd_netlink_message_append_string(message, IFLA_IFNAME, name); + if (r < 0) + goto fail; + + r = sd_netlink_call(*rtnl, message, 0, NULL); + if (r < 0) + goto fail; + + return 0; + +fail: + if (altname_deleted) { + int q = rtnl_set_link_alternative_names(rtnl, ifindex, STRV_MAKE(name)); + if (q < 0) + log_debug_errno(q, "Failed to restore '%s' as an alternative name on network interface %i, ignoring: %m", + name, ifindex); + } + + return r; +} + +int rtnl_set_link_properties( + sd_netlink **rtnl, + int ifindex, + const char *alias, + const struct hw_addr_data *hw_addr, + uint32_t txqueues, + uint32_t rxqueues, + uint32_t txqueuelen, + uint32_t mtu, + uint32_t gso_max_size, + size_t gso_max_segments) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; + int r; + + assert(rtnl); + assert(ifindex > 0); + + if (!alias && + (!hw_addr || hw_addr->length == 0) && + txqueues == 0 && + rxqueues == 0 && + txqueuelen == UINT32_MAX && + mtu == 0 && + gso_max_size == 0 && + gso_max_segments == 0) + return 0; + + if (!*rtnl) { + r = sd_netlink_open(rtnl); + if (r < 0) + return r; + } + + r = sd_rtnl_message_new_link(*rtnl, &message, RTM_SETLINK, ifindex); + if (r < 0) + return r; + + if (alias) { + r = sd_netlink_message_append_string(message, IFLA_IFALIAS, alias); + if (r < 0) + return r; + } + + if (hw_addr && hw_addr->length > 0) { + r = netlink_message_append_hw_addr(message, IFLA_ADDRESS, hw_addr); + if (r < 0) + return r; + } + + if (txqueues > 0) { + r = sd_netlink_message_append_u32(message, IFLA_NUM_TX_QUEUES, txqueues); + if (r < 0) + return r; + } + + if (rxqueues > 0) { + r = sd_netlink_message_append_u32(message, IFLA_NUM_RX_QUEUES, rxqueues); + if (r < 0) + return r; + } + + if (txqueuelen < UINT32_MAX) { + r = sd_netlink_message_append_u32(message, IFLA_TXQLEN, txqueuelen); + if (r < 0) + return r; + } + + if (mtu != 0) { + r = sd_netlink_message_append_u32(message, IFLA_MTU, mtu); + if (r < 0) + return r; + } + + if (gso_max_size > 0) { + r = sd_netlink_message_append_u32(message, IFLA_GSO_MAX_SIZE, gso_max_size); + if (r < 0) + return r; + } + + if (gso_max_segments > 0) { + r = sd_netlink_message_append_u32(message, IFLA_GSO_MAX_SEGS, gso_max_segments); + if (r < 0) + return r; + } + + r = sd_netlink_call(*rtnl, message, 0, NULL); + if (r < 0) + return r; + + return 0; +} + +int rtnl_get_link_alternative_names(sd_netlink **rtnl, int ifindex, char ***ret) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL; + _cleanup_strv_free_ char **names = NULL; + int r; + + assert(rtnl); + assert(ifindex > 0); + assert(ret); + + if (!*rtnl) { + r = sd_netlink_open(rtnl); + if (r < 0) + return r; + } + + r = sd_rtnl_message_new_link(*rtnl, &message, RTM_GETLINK, ifindex); + if (r < 0) + return r; + + r = sd_netlink_call(*rtnl, message, 0, &reply); + if (r < 0) + return r; + + r = sd_netlink_message_read_strv(reply, IFLA_PROP_LIST, IFLA_ALT_IFNAME, &names); + if (r < 0 && r != -ENODATA) + return r; + + *ret = TAKE_PTR(names); + + return 0; +} + +static int rtnl_update_link_alternative_names( + sd_netlink **rtnl, + uint16_t nlmsg_type, + int ifindex, + char* const *alternative_names) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; + int r; + + assert(rtnl); + assert(ifindex > 0); + assert(IN_SET(nlmsg_type, RTM_NEWLINKPROP, RTM_DELLINKPROP)); + + if (strv_isempty(alternative_names)) + return 0; + + if (!*rtnl) { + r = sd_netlink_open(rtnl); + if (r < 0) + return r; + } + + r = sd_rtnl_message_new_link(*rtnl, &message, nlmsg_type, ifindex); + if (r < 0) + return r; + + r = sd_netlink_message_open_container(message, IFLA_PROP_LIST); + if (r < 0) + return r; + + r = sd_netlink_message_append_strv(message, IFLA_ALT_IFNAME, (const char**) alternative_names); + if (r < 0) + return r; + + r = sd_netlink_message_close_container(message); + if (r < 0) + return r; + + r = sd_netlink_call(*rtnl, message, 0, NULL); + if (r < 0) + return r; + + return 0; +} + +int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char* const *alternative_names) { + return rtnl_update_link_alternative_names(rtnl, RTM_NEWLINKPROP, ifindex, alternative_names); +} + +int rtnl_delete_link_alternative_names(sd_netlink **rtnl, int ifindex, char* const *alternative_names) { + return rtnl_update_link_alternative_names(rtnl, RTM_DELLINKPROP, ifindex, alternative_names); +} + +int rtnl_set_link_alternative_names_by_ifname( + sd_netlink **rtnl, + const char *ifname, + char* const *alternative_names) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; + int r; + + assert(rtnl); + assert(ifname); + + if (strv_isempty(alternative_names)) + return 0; + + if (!*rtnl) { + r = sd_netlink_open(rtnl); + if (r < 0) + return r; + } + + r = sd_rtnl_message_new_link(*rtnl, &message, RTM_NEWLINKPROP, 0); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(message, IFLA_IFNAME, ifname); + if (r < 0) + return r; + + r = sd_netlink_message_open_container(message, IFLA_PROP_LIST); + if (r < 0) + return r; + + r = sd_netlink_message_append_strv(message, IFLA_ALT_IFNAME, (const char**) alternative_names); + if (r < 0) + return r; + + r = sd_netlink_message_close_container(message); + if (r < 0) + return r; + + r = sd_netlink_call(*rtnl, message, 0, NULL); + if (r < 0) + return r; + + return 0; +} + +int rtnl_resolve_link_alternative_name(sd_netlink **rtnl, const char *name, char **ret) { + _cleanup_(sd_netlink_unrefp) sd_netlink *our_rtnl = NULL; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL; + int r, ifindex; + + assert(name); + + /* This returns ifindex and the main interface name. */ + + if (!ifname_valid_full(name, IFNAME_VALID_ALTERNATIVE)) + return -EINVAL; + + if (!rtnl) + rtnl = &our_rtnl; + if (!*rtnl) { + r = sd_netlink_open(rtnl); + if (r < 0) + return r; + } + + r = sd_rtnl_message_new_link(*rtnl, &message, RTM_GETLINK, 0); + if (r < 0) + return r; + + r = sd_netlink_message_append_string(message, IFLA_ALT_IFNAME, name); + if (r < 0) + return r; + + r = sd_netlink_call(*rtnl, message, 0, &reply); + if (r == -EINVAL) + return -ENODEV; /* The device doesn't exist */ + if (r < 0) + return r; + + r = sd_rtnl_message_link_get_ifindex(reply, &ifindex); + if (r < 0) + return r; + assert(ifindex > 0); + + if (ret) { + r = sd_netlink_message_read_string_strdup(message, IFLA_IFNAME, ret); + if (r < 0) + return r; + } + + return ifindex; +} + +int rtnl_resolve_ifname(sd_netlink **rtnl, const char *name) { + int r; + + /* Like if_nametoindex, but resolves "alternative names" too. */ + + assert(name); + + r = if_nametoindex(name); + if (r > 0) + return r; + + return rtnl_resolve_link_alternative_name(rtnl, name, NULL); +} + +int rtnl_resolve_interface(sd_netlink **rtnl, const char *name) { + int r; + + /* Like rtnl_resolve_ifname, but resolves interface numbers too. */ + + assert(name); + + r = parse_ifindex(name); + if (r > 0) + return r; + assert(r < 0); + + return rtnl_resolve_ifname(rtnl, name); +} + +int rtnl_resolve_interface_or_warn(sd_netlink **rtnl, const char *name) { + int r; + + r = rtnl_resolve_interface(rtnl, name); + if (r < 0) + return log_error_errno(r, "Failed to resolve interface \"%s\": %m", name); + return r; +} + +int rtnl_get_link_info( + sd_netlink **rtnl, + int ifindex, + unsigned short *ret_iftype, + unsigned *ret_flags, + char **ret_kind, + struct hw_addr_data *ret_hw_addr, + struct hw_addr_data *ret_permanent_hw_addr) { + + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL; + struct hw_addr_data addr = HW_ADDR_NULL, perm_addr = HW_ADDR_NULL; + _cleanup_free_ char *kind = NULL; + unsigned short iftype; + unsigned flags; + int r; + + assert(rtnl); + assert(ifindex > 0); + + if (!ret_iftype && !ret_flags) + return 0; + + if (!*rtnl) { + r = sd_netlink_open(rtnl); + if (r < 0) + return r; + } + + r = sd_rtnl_message_new_link(*rtnl, &message, RTM_GETLINK, ifindex); + if (r < 0) + return r; + + r = sd_netlink_call(*rtnl, message, 0, &reply); + if (r == -EINVAL) + return -ENODEV; /* The device does not exist */ + if (r < 0) + return r; + + if (ret_iftype) { + r = sd_rtnl_message_link_get_type(reply, &iftype); + if (r < 0) + return r; + } + + if (ret_flags) { + r = sd_rtnl_message_link_get_flags(reply, &flags); + if (r < 0) + return r; + } + + if (ret_kind) { + r = sd_netlink_message_enter_container(reply, IFLA_LINKINFO); + if (r >= 0) { + r = sd_netlink_message_read_string_strdup(reply, IFLA_INFO_KIND, &kind); + if (r < 0 && r != -ENODATA) + return r; + + r = sd_netlink_message_exit_container(reply); + if (r < 0) + return r; + } + } + + if (ret_hw_addr) { + r = netlink_message_read_hw_addr(reply, IFLA_ADDRESS, &addr); + if (r < 0 && r != -ENODATA) + return r; + } + + if (ret_permanent_hw_addr) { + r = netlink_message_read_hw_addr(reply, IFLA_PERM_ADDRESS, &perm_addr); + if (r < 0 && r != -ENODATA) + return r; + } + + if (ret_iftype) + *ret_iftype = iftype; + if (ret_flags) + *ret_flags = flags; + if (ret_kind) + *ret_kind = TAKE_PTR(kind); + if (ret_hw_addr) + *ret_hw_addr = addr; + if (ret_permanent_hw_addr) + *ret_permanent_hw_addr = perm_addr; + return 0; +} + +int rtnl_log_parse_error(int r) { + return log_error_errno(r, "Failed to parse netlink message: %m"); +} + +int rtnl_log_create_error(int r) { + return log_error_errno(r, "Failed to create netlink message: %m"); +} + +void rtattr_append_attribute_internal(struct rtattr *rta, unsigned short type, const void *data, size_t data_length) { + size_t padding_length; + uint8_t *padding; + + assert(rta); + assert(!data || data_length > 0); + + /* fill in the attribute */ + rta->rta_type = type; + rta->rta_len = RTA_LENGTH(data_length); + if (data) + /* we don't deal with the case where the user lies about the type + * and gives us too little data (so don't do that) + */ + padding = mempcpy(RTA_DATA(rta), data, data_length); + + else + /* if no data was passed, make sure we still initialize the padding + note that we can have data_length > 0 (used by some containers) */ + padding = RTA_DATA(rta); + + /* make sure also the padding at the end of the message is initialized */ + padding_length = (uint8_t *) rta + RTA_SPACE(data_length) - padding; + memzero(padding, padding_length); +} + +int rtattr_append_attribute(struct rtattr **rta, unsigned short type, const void *data, size_t data_length) { + struct rtattr *new_rta, *sub_rta; + size_t message_length; + + assert(rta); + assert(!data || data_length > 0); + + /* get the new message size (with padding at the end) */ + message_length = RTA_ALIGN(rta ? (*rta)->rta_len : 0) + RTA_SPACE(data_length); + + /* buffer should be smaller than both one page or 8K to be accepted by the kernel */ + if (message_length > MIN(page_size(), 8192UL)) + return -ENOBUFS; + + /* realloc to fit the new attribute */ + new_rta = realloc(*rta, message_length); + if (!new_rta) + return -ENOMEM; + *rta = new_rta; + + /* get pointer to the attribute we are about to add */ + sub_rta = (struct rtattr *) ((uint8_t *) *rta + RTA_ALIGN((*rta)->rta_len)); + + rtattr_append_attribute_internal(sub_rta, type, data, data_length); + + /* update rta_len */ + (*rta)->rta_len = message_length; + + return 0; +} + +MultipathRoute *multipath_route_free(MultipathRoute *m) { + if (!m) + return NULL; + + free(m->ifname); + + return mfree(m); +} + +int multipath_route_dup(const MultipathRoute *m, MultipathRoute **ret) { + _cleanup_(multipath_route_freep) MultipathRoute *n = NULL; + _cleanup_free_ char *ifname = NULL; + + assert(m); + assert(ret); + + if (m->ifname) { + ifname = strdup(m->ifname); + if (!ifname) + return -ENOMEM; + } + + n = new(MultipathRoute, 1); + if (!n) + return -ENOMEM; + + *n = (MultipathRoute) { + .gateway = m->gateway, + .weight = m->weight, + .ifindex = m->ifindex, + .ifname = TAKE_PTR(ifname), + }; + + *ret = TAKE_PTR(n); + + return 0; +} + +int rtattr_read_nexthop(const struct rtnexthop *rtnh, size_t size, int family, OrderedSet **ret) { + _cleanup_ordered_set_free_free_ OrderedSet *set = NULL; + int r; + + assert(rtnh); + assert(IN_SET(family, AF_INET, AF_INET6)); + + if (size < sizeof(struct rtnexthop)) + return -EBADMSG; + + for (; size >= sizeof(struct rtnexthop); ) { + _cleanup_(multipath_route_freep) MultipathRoute *m = NULL; + + if (NLMSG_ALIGN(rtnh->rtnh_len) > size) + return -EBADMSG; + + if (rtnh->rtnh_len < sizeof(struct rtnexthop)) + return -EBADMSG; + + m = new(MultipathRoute, 1); + if (!m) + return -ENOMEM; + + *m = (MultipathRoute) { + .ifindex = rtnh->rtnh_ifindex, + .weight = rtnh->rtnh_hops, + }; + + if (rtnh->rtnh_len > sizeof(struct rtnexthop)) { + size_t len = rtnh->rtnh_len - sizeof(struct rtnexthop); + + for (struct rtattr *attr = RTNH_DATA(rtnh); RTA_OK(attr, len); attr = RTA_NEXT(attr, len)) { + if (attr->rta_type == RTA_GATEWAY) { + if (attr->rta_len != RTA_LENGTH(FAMILY_ADDRESS_SIZE(family))) + return -EBADMSG; + + m->gateway.family = family; + memcpy(&m->gateway.address, RTA_DATA(attr), FAMILY_ADDRESS_SIZE(family)); + break; + } else if (attr->rta_type == RTA_VIA) { + uint16_t gw_family; + + if (family != AF_INET) + return -EINVAL; + + if (attr->rta_len < RTA_LENGTH(sizeof(uint16_t))) + return -EBADMSG; + + gw_family = *(uint16_t *) RTA_DATA(attr); + + if (gw_family != AF_INET6) + return -EBADMSG; + + if (attr->rta_len != RTA_LENGTH(FAMILY_ADDRESS_SIZE(gw_family) + sizeof(gw_family))) + return -EBADMSG; + + memcpy(&m->gateway, RTA_DATA(attr), FAMILY_ADDRESS_SIZE(gw_family) + sizeof(gw_family)); + break; + } + } + } + + r = ordered_set_ensure_put(&set, NULL, m); + if (r < 0) + return r; + + TAKE_PTR(m); + + size -= NLMSG_ALIGN(rtnh->rtnh_len); + rtnh = RTNH_NEXT(rtnh); + } + + if (ret) + *ret = TAKE_PTR(set); + return 0; +} + +bool netlink_pid_changed(sd_netlink *nl) { + /* We don't support people creating an nl connection and + * keeping it around over a fork(). Let's complain. */ + return ASSERT_PTR(nl)->original_pid != getpid_cached(); +} + +static int socket_open(int family) { + int fd; + + fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, family); + if (fd < 0) + return -errno; + + return fd_move_above_stdio(fd); +} + +int netlink_open_family(sd_netlink **ret, int family) { + _cleanup_close_ int fd = -1; + int r; + + fd = socket_open(family); + if (fd < 0) + return fd; + + r = sd_netlink_open_fd(ret, fd); + if (r < 0) + return r; + TAKE_FD(fd); + + return 0; +} + +void netlink_seal_message(sd_netlink *nl, sd_netlink_message *m) { + uint32_t picked; + + assert(nl); + assert(!netlink_pid_changed(nl)); + assert(m); + assert(m->hdr); + + /* Avoid collisions with outstanding requests */ + do { + picked = nl->serial; + + /* Don't use seq == 0, as that is used for broadcasts, so we would get confused by replies to + such messages */ + nl->serial = nl->serial == UINT32_MAX ? 1 : nl->serial + 1; + + } while (hashmap_contains(nl->reply_callbacks, UINT32_TO_PTR(picked))); + + m->hdr->nlmsg_seq = picked; + message_seal(m); +} + +static int socket_writev_message(sd_netlink *nl, sd_netlink_message **m, size_t msgcount) { + _cleanup_free_ struct iovec *iovs = NULL; + ssize_t k; + + assert(nl); + assert(m); + assert(msgcount > 0); + + iovs = new(struct iovec, msgcount); + if (!iovs) + return -ENOMEM; + + for (size_t i = 0; i < msgcount; i++) { + assert(m[i]->hdr); + assert(m[i]->hdr->nlmsg_len > 0); + + iovs[i] = IOVEC_MAKE(m[i]->hdr, m[i]->hdr->nlmsg_len); + } + + k = writev(nl->fd, iovs, msgcount); + if (k < 0) + return -errno; + + return k; +} + +int sd_netlink_sendv( + sd_netlink *nl, + sd_netlink_message **messages, + size_t msgcount, + uint32_t **ret_serial) { + + _cleanup_free_ uint32_t *serials = NULL; + int r; + + assert_return(nl, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + assert_return(messages, -EINVAL); + assert_return(msgcount > 0, -EINVAL); + + if (ret_serial) { + serials = new(uint32_t, msgcount); + if (!serials) + return -ENOMEM; + } + + for (size_t i = 0; i < msgcount; i++) { + assert_return(!messages[i]->sealed, -EPERM); + + netlink_seal_message(nl, messages[i]); + if (serials) + serials[i] = message_get_serial(messages[i]); + } + + r = socket_writev_message(nl, messages, msgcount); + if (r < 0) + return r; + + if (ret_serial) + *ret_serial = TAKE_PTR(serials); + + return r; +} diff --git a/src/libsystemd/sd-netlink/netlink-util.h b/src/libsystemd/sd-netlink/netlink-util.h new file mode 100644 index 0000000..d14392a --- /dev/null +++ b/src/libsystemd/sd-netlink/netlink-util.h @@ -0,0 +1,109 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include <linux/rtnetlink.h> + +#include "sd-netlink.h" + +#include "ether-addr-util.h" +#include "in-addr-util.h" +#include "ordered-set.h" +#include "socket-util.h" +#include "util.h" + +/* See struct rtvia in rtnetlink.h */ +typedef struct RouteVia { + uint16_t family; + union in_addr_union address; +} _packed_ RouteVia; + +typedef struct MultipathRoute { + RouteVia gateway; + uint32_t weight; + int ifindex; + char *ifname; +} MultipathRoute; + +MultipathRoute *multipath_route_free(MultipathRoute *m); +DEFINE_TRIVIAL_CLEANUP_FUNC(MultipathRoute*, multipath_route_free); + +int multipath_route_dup(const MultipathRoute *m, MultipathRoute **ret); + +int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name); +int rtnl_set_link_properties( + sd_netlink **rtnl, + int ifindex, + const char *alias, + const struct hw_addr_data *hw_addr, + uint32_t txqueues, + uint32_t rxqueues, + uint32_t txqueuelen, + uint32_t mtu, + uint32_t gso_max_size, + size_t gso_max_segments); +int rtnl_get_link_alternative_names(sd_netlink **rtnl, int ifindex, char ***ret); +int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char* const *alternative_names); +int rtnl_set_link_alternative_names_by_ifname(sd_netlink **rtnl, const char *ifname, char* const *alternative_names); +int rtnl_delete_link_alternative_names(sd_netlink **rtnl, int ifindex, char* const *alternative_names); +int rtnl_resolve_link_alternative_name(sd_netlink **rtnl, const char *name, char **ret); +int rtnl_resolve_ifname(sd_netlink **rtnl, const char *name); +int rtnl_resolve_interface(sd_netlink **rtnl, const char *name); +int rtnl_resolve_interface_or_warn(sd_netlink **rtnl, const char *name); +int rtnl_get_link_info( + sd_netlink **rtnl, + int ifindex, + unsigned short *ret_iftype, + unsigned *ret_flags, + char **ret_kind, + struct hw_addr_data *ret_hw_addr, + struct hw_addr_data *ret_permanent_hw_addr); + +int rtnl_log_parse_error(int r); +int rtnl_log_create_error(int r); + +#define netlink_call_async(nl, ret_slot, message, callback, destroy_callback, userdata) \ + ({ \ + int (*_callback_)(sd_netlink *, sd_netlink_message *, typeof(userdata)) = callback; \ + void (*_destroy_)(typeof(userdata)) = destroy_callback; \ + sd_netlink_call_async(nl, ret_slot, message, \ + (sd_netlink_message_handler_t) _callback_, \ + (sd_netlink_destroy_t) _destroy_, \ + userdata, 0, __func__); \ + }) + +#define netlink_add_match(nl, ret_slot, match, callback, destroy_callback, userdata, description) \ + ({ \ + int (*_callback_)(sd_netlink *, sd_netlink_message *, typeof(userdata)) = callback; \ + void (*_destroy_)(typeof(userdata)) = destroy_callback; \ + sd_netlink_add_match(nl, ret_slot, match, \ + (sd_netlink_message_handler_t) _callback_, \ + (sd_netlink_destroy_t) _destroy_, \ + userdata, description); \ + }) + +#define genl_add_match(nl, ret_slot, family, group, cmd, callback, destroy_callback, userdata, description) \ + ({ \ + int (*_callback_)(sd_netlink *, sd_netlink_message *, typeof(userdata)) = callback; \ + void (*_destroy_)(typeof(userdata)) = destroy_callback; \ + sd_genl_add_match(nl, ret_slot, family, group, cmd, \ + (sd_netlink_message_handler_t) _callback_, \ + (sd_netlink_destroy_t) _destroy_, \ + userdata, description); \ + }) + +int netlink_message_append_hw_addr(sd_netlink_message *m, unsigned short type, const struct hw_addr_data *data); +int netlink_message_append_in_addr_union(sd_netlink_message *m, unsigned short type, int family, const union in_addr_union *data); +int netlink_message_append_sockaddr_union(sd_netlink_message *m, unsigned short type, const union sockaddr_union *data); + +int netlink_message_read_hw_addr(sd_netlink_message *m, unsigned short type, struct hw_addr_data *data); +int netlink_message_read_in_addr_union(sd_netlink_message *m, unsigned short type, int family, union in_addr_union *data); + +void rtattr_append_attribute_internal(struct rtattr *rta, unsigned short type, const void *data, size_t data_length); +int rtattr_append_attribute(struct rtattr **rta, unsigned short type, const void *data, size_t data_length); + +int rtattr_read_nexthop(const struct rtnexthop *rtnh, size_t size, int family, OrderedSet **ret); + +void netlink_seal_message(sd_netlink *nl, sd_netlink_message *m); + +/* TODO: to be exported later */ +int sd_netlink_sendv(sd_netlink *nl, sd_netlink_message **messages, size_t msgcnt, uint32_t **ret_serial); diff --git a/src/libsystemd/sd-netlink/sd-netlink.c b/src/libsystemd/sd-netlink/sd-netlink.c new file mode 100644 index 0000000..74f2972 --- /dev/null +++ b/src/libsystemd/sd-netlink/sd-netlink.c @@ -0,0 +1,933 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <poll.h> + +#include "sd-netlink.h" + +#include "alloc-util.h" +#include "fd-util.h" +#include "hashmap.h" +#include "io-util.h" +#include "macro.h" +#include "netlink-genl.h" +#include "netlink-internal.h" +#include "netlink-slot.h" +#include "netlink-util.h" +#include "process-util.h" +#include "socket-util.h" +#include "string-util.h" + +/* Some really high limit, to catch programming errors */ +#define REPLY_CALLBACKS_MAX UINT16_MAX + +static int netlink_new(sd_netlink **ret) { + _cleanup_(sd_netlink_unrefp) sd_netlink *nl = NULL; + + assert_return(ret, -EINVAL); + + nl = new(sd_netlink, 1); + if (!nl) + return -ENOMEM; + + *nl = (sd_netlink) { + .n_ref = 1, + .fd = -1, + .sockaddr.nl.nl_family = AF_NETLINK, + .original_pid = getpid_cached(), + .protocol = -1, + + /* Kernel change notification messages have sequence number 0. We want to avoid that with our + * own serials, in order not to get confused when matching up kernel replies to our earlier + * requests. + * + * Moreover, when using netlink socket activation (i.e. where PID 1 binds an AF_NETLINK + * socket for us and passes it to us across execve()) and we get restarted multiple times + * while the socket sticks around we might get confused by replies from earlier runs coming + * in late — which is pretty likely if we'd start our sequence numbers always from 1. Hence, + * let's start with a value based on the system clock. This should make collisions much less + * likely (though still theoretically possible). We use a 32 bit µs counter starting at boot + * for this (and explicitly exclude the zero, see above). This counter will wrap around after + * a bit more than 1h, but that's hopefully OK as the kernel shouldn't take that long to + * reply to our requests. + * + * We only pick the initial start value this way. For each message we simply increase the + * sequence number by 1. This means we could enqueue 1 netlink message per µs without risking + * collisions, which should be OK. + * + * Note this means the serials will be in the range 1…UINT32_MAX here. + * + * (In an ideal world we'd attach the current serial counter to the netlink socket itself + * somehow, to avoid all this, but I couldn't come up with a nice way to do this) */ + .serial = (uint32_t) (now(CLOCK_MONOTONIC) % UINT32_MAX) + 1, + }; + + /* We guarantee that the read buffer has at least space for a message header */ + if (!greedy_realloc((void**) &nl->rbuffer, sizeof(struct nlmsghdr), sizeof(uint8_t))) + return -ENOMEM; + + *ret = TAKE_PTR(nl); + return 0; +} + +int sd_netlink_open_fd(sd_netlink **ret, int fd) { + _cleanup_(sd_netlink_unrefp) sd_netlink *nl = NULL; + int r, protocol; + + assert_return(ret, -EINVAL); + assert_return(fd >= 0, -EBADF); + + r = netlink_new(&nl); + if (r < 0) + return r; + + r = getsockopt_int(fd, SOL_SOCKET, SO_PROTOCOL, &protocol); + if (r < 0) + return r; + + nl->fd = fd; + nl->protocol = protocol; + + r = setsockopt_int(fd, SOL_NETLINK, NETLINK_EXT_ACK, true); + if (r < 0) + log_debug_errno(r, "sd-netlink: Failed to enable NETLINK_EXT_ACK option, ignoring: %m"); + + r = setsockopt_int(fd, SOL_NETLINK, NETLINK_GET_STRICT_CHK, true); + if (r < 0) + log_debug_errno(r, "sd-netlink: Failed to enable NETLINK_GET_STRICT_CHK option, ignoring: %m"); + + r = socket_bind(nl); + if (r < 0) { + nl->fd = -1; /* on failure, the caller remains owner of the fd, hence don't close it here */ + nl->protocol = -1; + return r; + } + + *ret = TAKE_PTR(nl); + + return 0; +} + +int sd_netlink_open(sd_netlink **ret) { + return netlink_open_family(ret, NETLINK_ROUTE); +} + +int sd_netlink_increase_rxbuf(sd_netlink *nl, size_t size) { + assert_return(nl, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + + return fd_increase_rxbuf(nl->fd, size); +} + +static sd_netlink *netlink_free(sd_netlink *nl) { + sd_netlink_slot *s; + unsigned i; + + assert(nl); + + for (i = 0; i < nl->rqueue_size; i++) + sd_netlink_message_unref(nl->rqueue[i]); + free(nl->rqueue); + + for (i = 0; i < nl->rqueue_partial_size; i++) + sd_netlink_message_unref(nl->rqueue_partial[i]); + free(nl->rqueue_partial); + + free(nl->rbuffer); + + while ((s = nl->slots)) { + assert(s->floating); + netlink_slot_disconnect(s, true); + } + hashmap_free(nl->reply_callbacks); + prioq_free(nl->reply_callbacks_prioq); + + sd_event_source_unref(nl->io_event_source); + sd_event_source_unref(nl->time_event_source); + sd_event_unref(nl->event); + + hashmap_free(nl->broadcast_group_refs); + + genl_clear_family(nl); + + safe_close(nl->fd); + return mfree(nl); +} + +DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_netlink, sd_netlink, netlink_free); + +int sd_netlink_send( + sd_netlink *nl, + sd_netlink_message *message, + uint32_t *serial) { + + int r; + + assert_return(nl, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + assert_return(message, -EINVAL); + assert_return(!message->sealed, -EPERM); + + netlink_seal_message(nl, message); + + r = socket_write_message(nl, message); + if (r < 0) + return r; + + if (serial) + *serial = message_get_serial(message); + + return 1; +} + +int netlink_rqueue_make_room(sd_netlink *nl) { + assert(nl); + + if (nl->rqueue_size >= NETLINK_RQUEUE_MAX) + return log_debug_errno(SYNTHETIC_ERRNO(ENOBUFS), + "sd-netlink: exhausted the read queue size (%d)", + NETLINK_RQUEUE_MAX); + + if (!GREEDY_REALLOC(nl->rqueue, nl->rqueue_size + 1)) + return -ENOMEM; + + return 0; +} + +int netlink_rqueue_partial_make_room(sd_netlink *nl) { + assert(nl); + + if (nl->rqueue_partial_size >= NETLINK_RQUEUE_MAX) + return log_debug_errno(SYNTHETIC_ERRNO(ENOBUFS), + "sd-netlink: exhausted the partial read queue size (%d)", + NETLINK_RQUEUE_MAX); + + if (!GREEDY_REALLOC(nl->rqueue_partial, nl->rqueue_partial_size + 1)) + return -ENOMEM; + + return 0; +} + +static int dispatch_rqueue(sd_netlink *nl, sd_netlink_message **message) { + int r; + + assert(nl); + assert(message); + + if (nl->rqueue_size <= 0) { + /* Try to read a new message */ + r = socket_read_message(nl); + if (r == -ENOBUFS) { /* FIXME: ignore buffer overruns for now */ + log_debug_errno(r, "sd-netlink: Got ENOBUFS from netlink socket, ignoring."); + return 1; + } + if (r <= 0) + return r; + } + + /* Dispatch a queued message */ + *message = nl->rqueue[0]; + nl->rqueue_size--; + memmove(nl->rqueue, nl->rqueue + 1, sizeof(sd_netlink_message*) * nl->rqueue_size); + + return 1; +} + +static int process_timeout(sd_netlink *nl) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + struct reply_callback *c; + sd_netlink_slot *slot; + usec_t n; + int r; + + assert(nl); + + c = prioq_peek(nl->reply_callbacks_prioq); + if (!c) + return 0; + + n = now(CLOCK_MONOTONIC); + if (c->timeout > n) + return 0; + + r = message_new_synthetic_error(nl, -ETIMEDOUT, c->serial, &m); + if (r < 0) + return r; + + assert_se(prioq_pop(nl->reply_callbacks_prioq) == c); + c->timeout = 0; + hashmap_remove(nl->reply_callbacks, UINT32_TO_PTR(c->serial)); + + slot = container_of(c, sd_netlink_slot, reply_callback); + + r = c->callback(nl, m, slot->userdata); + if (r < 0) + log_debug_errno(r, "sd-netlink: timedout callback %s%s%sfailed: %m", + slot->description ? "'" : "", + strempty(slot->description), + slot->description ? "' " : ""); + + if (slot->floating) + netlink_slot_disconnect(slot, true); + + return 1; +} + +static int process_reply(sd_netlink *nl, sd_netlink_message *m) { + struct reply_callback *c; + sd_netlink_slot *slot; + uint32_t serial; + uint16_t type; + int r; + + assert(nl); + assert(m); + + serial = message_get_serial(m); + c = hashmap_remove(nl->reply_callbacks, UINT32_TO_PTR(serial)); + if (!c) + return 0; + + if (c->timeout != 0) { + prioq_remove(nl->reply_callbacks_prioq, c, &c->prioq_idx); + c->timeout = 0; + } + + r = sd_netlink_message_get_type(m, &type); + if (r < 0) + return r; + + if (type == NLMSG_DONE) + m = NULL; + + slot = container_of(c, sd_netlink_slot, reply_callback); + + r = c->callback(nl, m, slot->userdata); + if (r < 0) + log_debug_errno(r, "sd-netlink: reply callback %s%s%sfailed: %m", + slot->description ? "'" : "", + strempty(slot->description), + slot->description ? "' " : ""); + + if (slot->floating) + netlink_slot_disconnect(slot, true); + + return 1; +} + +static int process_match(sd_netlink *nl, sd_netlink_message *m) { + uint16_t type; + uint8_t cmd; + int r; + + assert(nl); + assert(m); + + r = sd_netlink_message_get_type(m, &type); + if (r < 0) + return r; + + if (m->protocol == NETLINK_GENERIC) { + r = sd_genl_message_get_command(nl, m, &cmd); + if (r < 0) + return r; + } else + cmd = 0; + + LIST_FOREACH(match_callbacks, c, nl->match_callbacks) { + sd_netlink_slot *slot; + bool found = false; + + if (c->type != type) + continue; + if (c->cmd != 0 && c->cmd != cmd) + continue; + + for (size_t i = 0; i < c->n_groups; i++) + if (c->groups[i] == m->multicast_group) { + found = true; + break; + } + + if (!found) + continue; + + slot = container_of(c, sd_netlink_slot, match_callback); + + r = c->callback(nl, m, slot->userdata); + if (r < 0) + log_debug_errno(r, "sd-netlink: match callback %s%s%sfailed: %m", + slot->description ? "'" : "", + strempty(slot->description), + slot->description ? "' " : ""); + if (r != 0) + break; + } + + return 1; +} + +static int process_running(sd_netlink *nl, sd_netlink_message **ret) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + int r; + + assert(nl); + + r = process_timeout(nl); + if (r != 0) + goto null_message; + + r = dispatch_rqueue(nl, &m); + if (r < 0) + return r; + if (!m) + goto null_message; + + if (sd_netlink_message_is_broadcast(m)) + r = process_match(nl, m); + else + r = process_reply(nl, m); + if (r != 0) + goto null_message; + + if (ret) { + *ret = TAKE_PTR(m); + + return 1; + } + + return 1; + +null_message: + if (r >= 0 && ret) + *ret = NULL; + + return r; +} + +int sd_netlink_process(sd_netlink *nl, sd_netlink_message **ret) { + NETLINK_DONT_DESTROY(nl); + int r; + + assert_return(nl, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + assert_return(!nl->processing, -EBUSY); + + nl->processing = true; + r = process_running(nl, ret); + nl->processing = false; + + return r; +} + +static usec_t calc_elapse(uint64_t usec) { + if (usec == UINT64_MAX) + return 0; + + if (usec == 0) + usec = NETLINK_DEFAULT_TIMEOUT_USEC; + + return usec_add(now(CLOCK_MONOTONIC), usec); +} + +static int netlink_poll(sd_netlink *nl, bool need_more, usec_t timeout_usec) { + usec_t m = USEC_INFINITY; + int r, e; + + assert(nl); + + e = sd_netlink_get_events(nl); + if (e < 0) + return e; + + if (need_more) + /* Caller wants more data, and doesn't care about + * what's been read or any other timeouts. */ + e |= POLLIN; + else { + usec_t until; + + /* Caller wants to process if there is something to + * process, but doesn't care otherwise */ + + r = sd_netlink_get_timeout(nl, &until); + if (r < 0) + return r; + + m = usec_sub_unsigned(until, now(CLOCK_MONOTONIC)); + } + + r = fd_wait_for_event(nl->fd, e, MIN(m, timeout_usec)); + if (r <= 0) + return r; + + return 1; +} + +int sd_netlink_wait(sd_netlink *nl, uint64_t timeout_usec) { + assert_return(nl, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + + if (nl->rqueue_size > 0) + return 0; + + return netlink_poll(nl, false, timeout_usec); +} + +static int timeout_compare(const void *a, const void *b) { + const struct reply_callback *x = a, *y = b; + + if (x->timeout != 0 && y->timeout == 0) + return -1; + + if (x->timeout == 0 && y->timeout != 0) + return 1; + + return CMP(x->timeout, y->timeout); +} + +int sd_netlink_call_async( + sd_netlink *nl, + sd_netlink_slot **ret_slot, + sd_netlink_message *m, + sd_netlink_message_handler_t callback, + sd_netlink_destroy_t destroy_callback, + void *userdata, + uint64_t usec, + const char *description) { + + _cleanup_free_ sd_netlink_slot *slot = NULL; + int r, k; + + assert_return(nl, -EINVAL); + assert_return(m, -EINVAL); + assert_return(callback, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + + if (hashmap_size(nl->reply_callbacks) >= REPLY_CALLBACKS_MAX) + return -ERANGE; + + r = hashmap_ensure_allocated(&nl->reply_callbacks, &trivial_hash_ops); + if (r < 0) + return r; + + if (usec != UINT64_MAX) { + r = prioq_ensure_allocated(&nl->reply_callbacks_prioq, timeout_compare); + if (r < 0) + return r; + } + + r = netlink_slot_allocate(nl, !ret_slot, NETLINK_REPLY_CALLBACK, sizeof(struct reply_callback), userdata, description, &slot); + if (r < 0) + return r; + + slot->reply_callback.callback = callback; + slot->reply_callback.timeout = calc_elapse(usec); + + k = sd_netlink_send(nl, m, &slot->reply_callback.serial); + if (k < 0) + return k; + + r = hashmap_put(nl->reply_callbacks, UINT32_TO_PTR(slot->reply_callback.serial), &slot->reply_callback); + if (r < 0) + return r; + + if (slot->reply_callback.timeout != 0) { + r = prioq_put(nl->reply_callbacks_prioq, &slot->reply_callback, &slot->reply_callback.prioq_idx); + if (r < 0) { + (void) hashmap_remove(nl->reply_callbacks, UINT32_TO_PTR(slot->reply_callback.serial)); + return r; + } + } + + /* Set this at last. Otherwise, some failures in above would call destroy_callback but some would not. */ + slot->destroy_callback = destroy_callback; + + if (ret_slot) + *ret_slot = slot; + + TAKE_PTR(slot); + + return k; +} + +int sd_netlink_read( + sd_netlink *nl, + uint32_t serial, + uint64_t usec, + sd_netlink_message **ret) { + + usec_t timeout; + int r; + + assert_return(nl, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + + timeout = calc_elapse(usec); + + for (;;) { + usec_t left; + + for (unsigned i = 0; i < nl->rqueue_size; i++) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *incoming = NULL; + uint32_t received_serial; + uint16_t type; + + received_serial = message_get_serial(nl->rqueue[i]); + if (received_serial != serial) + continue; + + incoming = nl->rqueue[i]; + + /* found a match, remove from rqueue and return it */ + memmove(nl->rqueue + i, nl->rqueue + i + 1, + sizeof(sd_netlink_message*) * (nl->rqueue_size - i - 1)); + nl->rqueue_size--; + + r = sd_netlink_message_get_errno(incoming); + if (r < 0) + return r; + + r = sd_netlink_message_get_type(incoming, &type); + if (r < 0) + return r; + + if (type == NLMSG_DONE) { + if (ret) + *ret = NULL; + return 0; + } + + if (ret) + *ret = TAKE_PTR(incoming); + return 1; + } + + r = socket_read_message(nl); + if (r < 0) + return r; + if (r > 0) + /* received message, so try to process straight away */ + continue; + + if (timeout > 0) { + usec_t n; + + n = now(CLOCK_MONOTONIC); + if (n >= timeout) + return -ETIMEDOUT; + + left = usec_sub_unsigned(timeout, n); + } else + left = USEC_INFINITY; + + r = netlink_poll(nl, true, left); + if (r < 0) + return r; + if (r == 0) + return -ETIMEDOUT; + } +} + +int sd_netlink_call( + sd_netlink *nl, + sd_netlink_message *message, + uint64_t usec, + sd_netlink_message **ret) { + + uint32_t serial; + int r; + + assert_return(nl, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + assert_return(message, -EINVAL); + + r = sd_netlink_send(nl, message, &serial); + if (r < 0) + return r; + + return sd_netlink_read(nl, serial, usec, ret); +} + +int sd_netlink_get_events(sd_netlink *nl) { + assert_return(nl, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + + return nl->rqueue_size == 0 ? POLLIN : 0; +} + +int sd_netlink_get_timeout(sd_netlink *nl, uint64_t *timeout_usec) { + struct reply_callback *c; + + assert_return(nl, -EINVAL); + assert_return(timeout_usec, -EINVAL); + assert_return(!netlink_pid_changed(nl), -ECHILD); + + if (nl->rqueue_size > 0) { + *timeout_usec = 0; + return 1; + } + + c = prioq_peek(nl->reply_callbacks_prioq); + if (!c) { + *timeout_usec = UINT64_MAX; + return 0; + } + + *timeout_usec = c->timeout; + + return 1; +} + +static int io_callback(sd_event_source *s, int fd, uint32_t revents, void *userdata) { + sd_netlink *nl = ASSERT_PTR(userdata); + int r; + + r = sd_netlink_process(nl, NULL); + if (r < 0) + return r; + + return 1; +} + +static int time_callback(sd_event_source *s, uint64_t usec, void *userdata) { + sd_netlink *nl = ASSERT_PTR(userdata); + int r; + + r = sd_netlink_process(nl, NULL); + if (r < 0) + return r; + + return 1; +} + +static int prepare_callback(sd_event_source *s, void *userdata) { + sd_netlink *nl = ASSERT_PTR(userdata); + int r, enabled; + usec_t until; + + assert(s); + + r = sd_netlink_get_events(nl); + if (r < 0) + return r; + + r = sd_event_source_set_io_events(nl->io_event_source, r); + if (r < 0) + return r; + + enabled = sd_netlink_get_timeout(nl, &until); + if (enabled < 0) + return enabled; + if (enabled > 0) { + r = sd_event_source_set_time(nl->time_event_source, until); + if (r < 0) + return r; + } + + r = sd_event_source_set_enabled(nl->time_event_source, + enabled > 0 ? SD_EVENT_ONESHOT : SD_EVENT_OFF); + if (r < 0) + return r; + + return 1; +} + +int sd_netlink_attach_event(sd_netlink *nl, sd_event *event, int64_t priority) { + int r; + + assert_return(nl, -EINVAL); + assert_return(!nl->event, -EBUSY); + + assert(!nl->io_event_source); + assert(!nl->time_event_source); + + if (event) + nl->event = sd_event_ref(event); + else { + r = sd_event_default(&nl->event); + if (r < 0) + return r; + } + + r = sd_event_add_io(nl->event, &nl->io_event_source, nl->fd, 0, io_callback, nl); + if (r < 0) + goto fail; + + r = sd_event_source_set_priority(nl->io_event_source, priority); + if (r < 0) + goto fail; + + r = sd_event_source_set_description(nl->io_event_source, "netlink-receive-message"); + if (r < 0) + goto fail; + + r = sd_event_source_set_prepare(nl->io_event_source, prepare_callback); + if (r < 0) + goto fail; + + r = sd_event_add_time(nl->event, &nl->time_event_source, CLOCK_MONOTONIC, 0, 0, time_callback, nl); + if (r < 0) + goto fail; + + r = sd_event_source_set_priority(nl->time_event_source, priority); + if (r < 0) + goto fail; + + r = sd_event_source_set_description(nl->time_event_source, "netlink-timer"); + if (r < 0) + goto fail; + + return 0; + +fail: + sd_netlink_detach_event(nl); + return r; +} + +int sd_netlink_detach_event(sd_netlink *nl) { + assert_return(nl, -EINVAL); + assert_return(nl->event, -ENXIO); + + nl->io_event_source = sd_event_source_unref(nl->io_event_source); + + nl->time_event_source = sd_event_source_unref(nl->time_event_source); + + nl->event = sd_event_unref(nl->event); + + return 0; +} + +int netlink_add_match_internal( + sd_netlink *nl, + sd_netlink_slot **ret_slot, + const uint32_t *groups, + size_t n_groups, + uint16_t type, + uint8_t cmd, + sd_netlink_message_handler_t callback, + sd_netlink_destroy_t destroy_callback, + void *userdata, + const char *description) { + + _cleanup_free_ sd_netlink_slot *slot = NULL; + int r; + + assert(groups); + assert(n_groups > 0); + + for (size_t i = 0; i < n_groups; i++) { + r = socket_broadcast_group_ref(nl, groups[i]); + if (r < 0) + return r; + } + + r = netlink_slot_allocate(nl, !ret_slot, NETLINK_MATCH_CALLBACK, sizeof(struct match_callback), + userdata, description, &slot); + if (r < 0) + return r; + + slot->match_callback.groups = newdup(uint32_t, groups, n_groups); + if (!slot->match_callback.groups) + return -ENOMEM; + + slot->match_callback.n_groups = n_groups; + slot->match_callback.callback = callback; + slot->match_callback.type = type; + slot->match_callback.cmd = cmd; + + LIST_PREPEND(match_callbacks, nl->match_callbacks, &slot->match_callback); + + /* Set this at last. Otherwise, some failures in above call the destroy callback but some do not. */ + slot->destroy_callback = destroy_callback; + + if (ret_slot) + *ret_slot = slot; + + TAKE_PTR(slot); + return 0; +} + +int sd_netlink_add_match( + sd_netlink *rtnl, + sd_netlink_slot **ret_slot, + uint16_t type, + sd_netlink_message_handler_t callback, + sd_netlink_destroy_t destroy_callback, + void *userdata, + const char *description) { + + static const uint32_t + address_groups[] = { RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR, }, + link_groups[] = { RTNLGRP_LINK, }, + neighbor_groups[] = { RTNLGRP_NEIGH, }, + nexthop_groups[] = { RTNLGRP_NEXTHOP, }, + route_groups[] = { RTNLGRP_IPV4_ROUTE, RTNLGRP_IPV6_ROUTE, }, + rule_groups[] = { RTNLGRP_IPV4_RULE, RTNLGRP_IPV6_RULE, }, + tc_groups[] = { RTNLGRP_TC }; + const uint32_t *groups; + size_t n_groups; + + assert_return(rtnl, -EINVAL); + assert_return(callback, -EINVAL); + assert_return(!netlink_pid_changed(rtnl), -ECHILD); + + switch (type) { + case RTM_NEWLINK: + case RTM_DELLINK: + groups = link_groups; + n_groups = ELEMENTSOF(link_groups); + break; + case RTM_NEWADDR: + case RTM_DELADDR: + groups = address_groups; + n_groups = ELEMENTSOF(address_groups); + break; + case RTM_NEWNEIGH: + case RTM_DELNEIGH: + groups = neighbor_groups; + n_groups = ELEMENTSOF(neighbor_groups); + break; + case RTM_NEWROUTE: + case RTM_DELROUTE: + groups = route_groups; + n_groups = ELEMENTSOF(route_groups); + break; + case RTM_NEWRULE: + case RTM_DELRULE: + groups = rule_groups; + n_groups = ELEMENTSOF(rule_groups); + break; + case RTM_NEWNEXTHOP: + case RTM_DELNEXTHOP: + groups = nexthop_groups; + n_groups = ELEMENTSOF(nexthop_groups); + break; + case RTM_NEWQDISC: + case RTM_DELQDISC: + case RTM_NEWTCLASS: + case RTM_DELTCLASS: + groups = tc_groups; + n_groups = ELEMENTSOF(tc_groups); + break; + default: + return -EOPNOTSUPP; + } + + return netlink_add_match_internal(rtnl, ret_slot, groups, n_groups, type, 0, callback, + destroy_callback, userdata, description); +} + +int sd_netlink_attach_filter(sd_netlink *nl, size_t len, const struct sock_filter *filter) { + assert_return(nl, -EINVAL); + assert_return(len == 0 || filter, -EINVAL); + + if (setsockopt(nl->fd, SOL_SOCKET, + len == 0 ? SO_DETACH_FILTER : SO_ATTACH_FILTER, + &(struct sock_fprog) { + .len = len, + .filter = (struct sock_filter*) filter, + }, sizeof(struct sock_fprog)) < 0) + return -errno; + + return 0; +} diff --git a/src/libsystemd/sd-netlink/test-netlink.c b/src/libsystemd/sd-netlink/test-netlink.c new file mode 100644 index 0000000..df2e203 --- /dev/null +++ b/src/libsystemd/sd-netlink/test-netlink.c @@ -0,0 +1,759 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <net/if.h> +#include <netinet/ether.h> +#include <netinet/in.h> +#include <linux/fou.h> +#include <linux/genetlink.h> +#include <linux/if_macsec.h> +#include <linux/l2tp.h> +#include <linux/nl80211.h> +#include <unistd.h> + +#include "sd-netlink.h" + +#include "alloc-util.h" +#include "ether-addr-util.h" +#include "macro.h" +#include "netlink-genl.h" +#include "netlink-internal.h" +#include "netlink-util.h" +#include "socket-util.h" +#include "stdio-util.h" +#include "string-util.h" +#include "strv.h" +#include "tests.h" + +static void test_message_link_bridge(sd_netlink *rtnl) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; + uint32_t cost; + + log_debug("/* %s */", __func__); + + assert_se(sd_rtnl_message_new_link(rtnl, &message, RTM_NEWLINK, 1) >= 0); + assert_se(sd_rtnl_message_link_set_family(message, AF_BRIDGE) >= 0); + assert_se(sd_netlink_message_open_container(message, IFLA_PROTINFO) >= 0); + assert_se(sd_netlink_message_append_u32(message, IFLA_BRPORT_COST, 10) >= 0); + assert_se(sd_netlink_message_close_container(message) >= 0); + + assert_se(sd_netlink_message_rewind(message, rtnl) >= 0); + + assert_se(sd_netlink_message_enter_container(message, IFLA_PROTINFO) >= 0); + assert_se(sd_netlink_message_read_u32(message, IFLA_BRPORT_COST, &cost) >= 0); + assert_se(cost == 10); + assert_se(sd_netlink_message_exit_container(message) >= 0); +} + +static void test_link_configure(sd_netlink *rtnl, int ifindex) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL; + uint32_t mtu_out; + const char *name_out; + struct ether_addr mac_out; + + log_debug("/* %s */", __func__); + + /* we'd really like to test NEWLINK, but let's not mess with the running kernel */ + assert_se(sd_rtnl_message_new_link(rtnl, &message, RTM_GETLINK, ifindex) >= 0); + + assert_se(sd_netlink_call(rtnl, message, 0, &reply) == 1); + + assert_se(sd_netlink_message_read_string(reply, IFLA_IFNAME, &name_out) >= 0); + assert_se(sd_netlink_message_read_ether_addr(reply, IFLA_ADDRESS, &mac_out) >= 0); + assert_se(sd_netlink_message_read_u32(reply, IFLA_MTU, &mtu_out) >= 0); +} + +static void test_link_get(sd_netlink *rtnl, int ifindex) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL, *r = NULL; + const char *str_data; + uint8_t u8_data; + uint32_t u32_data; + struct ether_addr eth_data; + + log_debug("/* %s */", __func__); + + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, ifindex) >= 0); + assert_se(m); + + assert_se(sd_netlink_call(rtnl, m, 0, &r) == 1); + + assert_se(sd_netlink_message_read_string(r, IFLA_IFNAME, &str_data) == 0); + + assert_se(sd_netlink_message_read_u8(r, IFLA_CARRIER, &u8_data) == 0); + assert_se(sd_netlink_message_read_u8(r, IFLA_OPERSTATE, &u8_data) == 0); + assert_se(sd_netlink_message_read_u8(r, IFLA_LINKMODE, &u8_data) == 0); + + assert_se(sd_netlink_message_read_u32(r, IFLA_MTU, &u32_data) == 0); + assert_se(sd_netlink_message_read_u32(r, IFLA_GROUP, &u32_data) == 0); + assert_se(sd_netlink_message_read_u32(r, IFLA_TXQLEN, &u32_data) == 0); + assert_se(sd_netlink_message_read_u32(r, IFLA_NUM_TX_QUEUES, &u32_data) == 0); + + assert_se(sd_netlink_message_read_ether_addr(r, IFLA_ADDRESS, ð_data) == 0); +} + +static void test_address_get(sd_netlink *rtnl, int ifindex) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL, *r = NULL; + struct in_addr in_data; + struct ifa_cacheinfo cache; + const char *label; + + log_debug("/* %s */", __func__); + + assert_se(sd_rtnl_message_new_addr(rtnl, &m, RTM_GETADDR, ifindex, AF_INET) >= 0); + assert_se(m); + assert_se(sd_netlink_message_set_request_dump(m, true) >= 0); + assert_se(sd_netlink_call(rtnl, m, -1, &r) == 1); + + assert_se(sd_netlink_message_read_in_addr(r, IFA_LOCAL, &in_data) == 0); + assert_se(sd_netlink_message_read_in_addr(r, IFA_ADDRESS, &in_data) == 0); + assert_se(sd_netlink_message_read_string(r, IFA_LABEL, &label) == 0); + assert_se(sd_netlink_message_read_cache_info(r, IFA_CACHEINFO, &cache) == 0); +} + +static void test_route(sd_netlink *rtnl) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL; + struct in_addr addr, addr_data; + uint32_t index = 2, u32_data; + int r; + + log_debug("/* %s */", __func__); + + r = sd_rtnl_message_new_route(rtnl, &req, RTM_NEWROUTE, AF_INET, RTPROT_STATIC); + if (r < 0) { + log_error_errno(r, "Could not create RTM_NEWROUTE message: %m"); + return; + } + + addr.s_addr = htobe32(INADDR_LOOPBACK); + + r = sd_netlink_message_append_in_addr(req, RTA_GATEWAY, &addr); + if (r < 0) { + log_error_errno(r, "Could not append RTA_GATEWAY attribute: %m"); + return; + } + + r = sd_netlink_message_append_u32(req, RTA_OIF, index); + if (r < 0) { + log_error_errno(r, "Could not append RTA_OIF attribute: %m"); + return; + } + + assert_se(sd_netlink_message_rewind(req, rtnl) >= 0); + + assert_se(sd_netlink_message_read_in_addr(req, RTA_GATEWAY, &addr_data) >= 0); + assert_se(addr_data.s_addr == addr.s_addr); + + assert_se(sd_netlink_message_read_u32(req, RTA_OIF, &u32_data) >= 0); + assert_se(u32_data == index); + + assert_se((req = sd_netlink_message_unref(req)) == NULL); +} + +static void test_multiple(void) { + sd_netlink *rtnl1, *rtnl2; + + log_debug("/* %s */", __func__); + + assert_se(sd_netlink_open(&rtnl1) >= 0); + assert_se(sd_netlink_open(&rtnl2) >= 0); + + rtnl1 = sd_netlink_unref(rtnl1); + rtnl2 = sd_netlink_unref(rtnl2); +} + +static int link_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) { + char *ifname = userdata; + const char *data; + + assert_se(rtnl); + assert_se(m); + assert_se(userdata); + + log_info("%s: got link info about %s", __func__, ifname); + free(ifname); + + assert_se(sd_netlink_message_read_string(m, IFLA_IFNAME, &data) >= 0); + assert_se(streq(data, "lo")); + + return 1; +} + +static void test_event_loop(int ifindex) { + _cleanup_(sd_event_unrefp) sd_event *event = NULL; + _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + char *ifname; + + log_debug("/* %s */", __func__); + + ifname = strdup("lo2"); + assert_se(ifname); + + assert_se(sd_netlink_open(&rtnl) >= 0); + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, ifindex) >= 0); + + assert_se(sd_netlink_call_async(rtnl, NULL, m, link_handler, NULL, ifname, 0, NULL) >= 0); + + assert_se(sd_event_default(&event) >= 0); + + assert_se(sd_netlink_attach_event(rtnl, event, 0) >= 0); + + assert_se(sd_event_run(event, 0) >= 0); + + assert_se(sd_netlink_detach_event(rtnl) >= 0); + + assert_se((rtnl = sd_netlink_unref(rtnl)) == NULL); +} + +static void test_async_destroy(void *userdata) { +} + +static void test_async(int ifindex) { + _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL, *r = NULL; + _cleanup_(sd_netlink_slot_unrefp) sd_netlink_slot *slot = NULL; + sd_netlink_destroy_t destroy_callback; + const char *description; + char *ifname; + + log_debug("/* %s */", __func__); + + ifname = strdup("lo"); + assert_se(ifname); + + assert_se(sd_netlink_open(&rtnl) >= 0); + + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, ifindex) >= 0); + + assert_se(sd_netlink_call_async(rtnl, &slot, m, link_handler, test_async_destroy, ifname, 0, "hogehoge") >= 0); + + assert_se(sd_netlink_slot_get_netlink(slot) == rtnl); + assert_se(sd_netlink_slot_get_userdata(slot) == ifname); + assert_se(sd_netlink_slot_get_destroy_callback(slot, &destroy_callback) == 1); + assert_se(destroy_callback == test_async_destroy); + assert_se(sd_netlink_slot_get_floating(slot) == 0); + assert_se(sd_netlink_slot_get_description(slot, &description) == 1); + assert_se(streq(description, "hogehoge")); + + assert_se(sd_netlink_wait(rtnl, 0) >= 0); + assert_se(sd_netlink_process(rtnl, &r) >= 0); + + assert_se((rtnl = sd_netlink_unref(rtnl)) == NULL); +} + +static void test_slot_set(int ifindex) { + _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL, *r = NULL; + _cleanup_(sd_netlink_slot_unrefp) sd_netlink_slot *slot = NULL; + sd_netlink_destroy_t destroy_callback; + const char *description; + char *ifname; + + log_debug("/* %s */", __func__); + + ifname = strdup("lo"); + assert_se(ifname); + + assert_se(sd_netlink_open(&rtnl) >= 0); + + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, ifindex) >= 0); + + assert_se(sd_netlink_call_async(rtnl, &slot, m, link_handler, NULL, NULL, 0, NULL) >= 0); + + assert_se(sd_netlink_slot_get_netlink(slot) == rtnl); + assert_se(!sd_netlink_slot_get_userdata(slot)); + assert_se(!sd_netlink_slot_set_userdata(slot, ifname)); + assert_se(sd_netlink_slot_get_userdata(slot) == ifname); + assert_se(sd_netlink_slot_get_destroy_callback(slot, NULL) == 0); + assert_se(sd_netlink_slot_set_destroy_callback(slot, test_async_destroy) >= 0); + assert_se(sd_netlink_slot_get_destroy_callback(slot, &destroy_callback) == 1); + assert_se(destroy_callback == test_async_destroy); + assert_se(sd_netlink_slot_get_floating(slot) == 0); + assert_se(sd_netlink_slot_set_floating(slot, 1) == 1); + assert_se(sd_netlink_slot_get_floating(slot) == 1); + assert_se(sd_netlink_slot_get_description(slot, NULL) == 0); + assert_se(sd_netlink_slot_set_description(slot, "hogehoge") >= 0); + assert_se(sd_netlink_slot_get_description(slot, &description) == 1); + assert_se(streq(description, "hogehoge")); + + assert_se(sd_netlink_wait(rtnl, 0) >= 0); + assert_se(sd_netlink_process(rtnl, &r) >= 0); + + assert_se((rtnl = sd_netlink_unref(rtnl)) == NULL); +} + +struct test_async_object { + unsigned n_ref; + char *ifname; +}; + +static struct test_async_object *test_async_object_free(struct test_async_object *t) { + assert_se(t); + + free(t->ifname); + return mfree(t); +} + +DEFINE_PRIVATE_TRIVIAL_REF_UNREF_FUNC(struct test_async_object, test_async_object, test_async_object_free); +DEFINE_TRIVIAL_CLEANUP_FUNC(struct test_async_object *, test_async_object_unref); + +static int link_handler2(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) { + struct test_async_object *t = userdata; + const char *data; + + assert_se(rtnl); + assert_se(m); + assert_se(userdata); + + log_info("%s: got link info about %s", __func__, t->ifname); + + assert_se(sd_netlink_message_read_string(m, IFLA_IFNAME, &data) >= 0); + assert_se(streq(data, "lo")); + + return 1; +} + +static void test_async_object_destroy(void *userdata) { + struct test_async_object *t = userdata; + + assert_se(userdata); + + log_info("%s: n_ref=%u", __func__, t->n_ref); + test_async_object_unref(t); +} + +static void test_async_destroy_callback(int ifindex) { + _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL, *r = NULL; + _cleanup_(test_async_object_unrefp) struct test_async_object *t = NULL; + _cleanup_(sd_netlink_slot_unrefp) sd_netlink_slot *slot = NULL; + char *ifname; + + log_debug("/* %s */", __func__); + + assert_se(t = new(struct test_async_object, 1)); + assert_se(ifname = strdup("lo")); + *t = (struct test_async_object) { + .n_ref = 1, + .ifname = ifname, + }; + + assert_se(sd_netlink_open(&rtnl) >= 0); + + /* destroy callback is called after processing message */ + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, ifindex) >= 0); + assert_se(sd_netlink_call_async(rtnl, NULL, m, link_handler2, test_async_object_destroy, t, 0, NULL) >= 0); + + assert_se(t->n_ref == 1); + assert_se(test_async_object_ref(t)); + assert_se(t->n_ref == 2); + + assert_se(sd_netlink_wait(rtnl, 0) >= 0); + assert_se(sd_netlink_process(rtnl, &r) == 1); + assert_se(t->n_ref == 1); + + assert_se(!sd_netlink_message_unref(m)); + + /* destroy callback is called when asynchronous call is cancelled, that is, slot is freed. */ + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, ifindex) >= 0); + assert_se(sd_netlink_call_async(rtnl, &slot, m, link_handler2, test_async_object_destroy, t, 0, NULL) >= 0); + + assert_se(t->n_ref == 1); + assert_se(test_async_object_ref(t)); + assert_se(t->n_ref == 2); + + assert_se(!(slot = sd_netlink_slot_unref(slot))); + assert_se(t->n_ref == 1); + + assert_se(!sd_netlink_message_unref(m)); + + /* destroy callback is also called by sd_netlink_unref() */ + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, ifindex) >= 0); + assert_se(sd_netlink_call_async(rtnl, NULL, m, link_handler2, test_async_object_destroy, t, 0, NULL) >= 0); + + assert_se(t->n_ref == 1); + assert_se(test_async_object_ref(t)); + assert_se(t->n_ref == 2); + + assert_se((rtnl = sd_netlink_unref(rtnl)) == NULL); + assert_se(t->n_ref == 1); +} + +static int pipe_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) { + int *counter = userdata; + int r; + + (*counter)--; + + r = sd_netlink_message_get_errno(m); + + log_info_errno(r, "%d left in pipe. got reply: %m", *counter); + + assert_se(r >= 0); + + return 1; +} + +static void test_pipe(int ifindex) { + _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m1 = NULL, *m2 = NULL; + int counter = 0; + + log_debug("/* %s */", __func__); + + assert_se(sd_netlink_open(&rtnl) >= 0); + + assert_se(sd_rtnl_message_new_link(rtnl, &m1, RTM_GETLINK, ifindex) >= 0); + assert_se(sd_rtnl_message_new_link(rtnl, &m2, RTM_GETLINK, ifindex) >= 0); + + counter++; + assert_se(sd_netlink_call_async(rtnl, NULL, m1, pipe_handler, NULL, &counter, 0, NULL) >= 0); + + counter++; + assert_se(sd_netlink_call_async(rtnl, NULL, m2, pipe_handler, NULL, &counter, 0, NULL) >= 0); + + while (counter > 0) { + assert_se(sd_netlink_wait(rtnl, 0) >= 0); + assert_se(sd_netlink_process(rtnl, NULL) >= 0); + } + + assert_se((rtnl = sd_netlink_unref(rtnl)) == NULL); +} + +static void test_container(sd_netlink *rtnl) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + uint16_t u16_data; + uint32_t u32_data; + const char *string_data; + + log_debug("/* %s */", __func__); + + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_NEWLINK, 0) >= 0); + + assert_se(sd_netlink_message_open_container(m, IFLA_LINKINFO) >= 0); + assert_se(sd_netlink_message_open_container_union(m, IFLA_INFO_DATA, "vlan") >= 0); + assert_se(sd_netlink_message_append_u16(m, IFLA_VLAN_ID, 100) >= 0); + assert_se(sd_netlink_message_close_container(m) >= 0); + assert_se(sd_netlink_message_append_string(m, IFLA_INFO_KIND, "vlan") >= 0); + assert_se(sd_netlink_message_close_container(m) >= 0); + assert_se(sd_netlink_message_close_container(m) == -EINVAL); + + assert_se(sd_netlink_message_rewind(m, rtnl) >= 0); + + assert_se(sd_netlink_message_enter_container(m, IFLA_LINKINFO) >= 0); + assert_se(sd_netlink_message_read_string(m, IFLA_INFO_KIND, &string_data) >= 0); + assert_se(streq("vlan", string_data)); + + assert_se(sd_netlink_message_enter_container(m, IFLA_INFO_DATA) >= 0); + assert_se(sd_netlink_message_read_u16(m, IFLA_VLAN_ID, &u16_data) >= 0); + assert_se(sd_netlink_message_exit_container(m) >= 0); + + assert_se(sd_netlink_message_read_string(m, IFLA_INFO_KIND, &string_data) >= 0); + assert_se(streq("vlan", string_data)); + assert_se(sd_netlink_message_exit_container(m) >= 0); + + assert_se(sd_netlink_message_read_u32(m, IFLA_LINKINFO, &u32_data) < 0); + + assert_se(sd_netlink_message_exit_container(m) == -EINVAL); +} + +static void test_match(void) { + _cleanup_(sd_netlink_slot_unrefp) sd_netlink_slot *s1 = NULL, *s2 = NULL; + _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL; + + log_debug("/* %s */", __func__); + + assert_se(sd_netlink_open(&rtnl) >= 0); + + assert_se(sd_netlink_add_match(rtnl, &s1, RTM_NEWLINK, link_handler, NULL, NULL, NULL) >= 0); + assert_se(sd_netlink_add_match(rtnl, &s2, RTM_NEWLINK, link_handler, NULL, NULL, NULL) >= 0); + assert_se(sd_netlink_add_match(rtnl, NULL, RTM_NEWLINK, link_handler, NULL, NULL, NULL) >= 0); + + assert_se(!(s1 = sd_netlink_slot_unref(s1))); + assert_se(!(s2 = sd_netlink_slot_unref(s2))); + + assert_se((rtnl = sd_netlink_unref(rtnl)) == NULL); +} + +static void test_get_addresses(sd_netlink *rtnl) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL; + sd_netlink_message *m; + + log_debug("/* %s */", __func__); + + assert_se(sd_rtnl_message_new_addr(rtnl, &req, RTM_GETADDR, 0, AF_UNSPEC) >= 0); + assert_se(sd_netlink_message_set_request_dump(req, true) >= 0); + assert_se(sd_netlink_call(rtnl, req, 0, &reply) >= 0); + + for (m = reply; m; m = sd_netlink_message_next(m)) { + uint16_t type; + unsigned char scope, flags; + int family, ifindex; + + assert_se(sd_netlink_message_get_type(m, &type) >= 0); + assert_se(type == RTM_NEWADDR); + + assert_se(sd_rtnl_message_addr_get_ifindex(m, &ifindex) >= 0); + assert_se(sd_rtnl_message_addr_get_family(m, &family) >= 0); + assert_se(sd_rtnl_message_addr_get_scope(m, &scope) >= 0); + assert_se(sd_rtnl_message_addr_get_flags(m, &flags) >= 0); + + assert_se(ifindex > 0); + assert_se(IN_SET(family, AF_INET, AF_INET6)); + + log_info("got IPv%i address on ifindex %i", family == AF_INET ? 4 : 6, ifindex); + } +} + +static void test_message(sd_netlink *rtnl) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + + log_debug("/* %s */", __func__); + + assert_se(message_new_synthetic_error(rtnl, -ETIMEDOUT, 1, &m) >= 0); + assert_se(sd_netlink_message_get_errno(m) == -ETIMEDOUT); +} + +static void test_array(void) { + _cleanup_(sd_netlink_unrefp) sd_netlink *genl = NULL; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + + log_debug("/* %s */", __func__); + + assert_se(sd_genl_socket_open(&genl) >= 0); + assert_se(sd_genl_message_new(genl, CTRL_GENL_NAME, CTRL_CMD_GETFAMILY, &m) >= 0); + + assert_se(sd_netlink_message_open_container(m, CTRL_ATTR_MCAST_GROUPS) >= 0); + for (unsigned i = 0; i < 10; i++) { + char name[STRLEN("hoge") + DECIMAL_STR_MAX(uint32_t)]; + uint32_t id = i + 1000; + + xsprintf(name, "hoge%" PRIu32, id); + assert_se(sd_netlink_message_open_array(m, i + 1) >= 0); + assert_se(sd_netlink_message_append_u32(m, CTRL_ATTR_MCAST_GRP_ID, id) >= 0); + assert_se(sd_netlink_message_append_string(m, CTRL_ATTR_MCAST_GRP_NAME, name) >= 0); + assert_se(sd_netlink_message_close_container(m) >= 0); + } + assert_se(sd_netlink_message_close_container(m) >= 0); + + message_seal(m); + assert_se(sd_netlink_message_rewind(m, genl) >= 0); + + assert_se(sd_netlink_message_enter_container(m, CTRL_ATTR_MCAST_GROUPS) >= 0); + for (unsigned i = 0; i < 10; i++) { + char expected[STRLEN("hoge") + DECIMAL_STR_MAX(uint32_t)]; + const char *name; + uint32_t id; + + assert_se(sd_netlink_message_enter_array(m, i + 1) >= 0); + assert_se(sd_netlink_message_read_u32(m, CTRL_ATTR_MCAST_GRP_ID, &id) >= 0); + assert_se(sd_netlink_message_read_string(m, CTRL_ATTR_MCAST_GRP_NAME, &name) >= 0); + assert_se(sd_netlink_message_exit_container(m) >= 0); + + assert_se(id == i + 1000); + xsprintf(expected, "hoge%" PRIu32, id); + assert_se(streq(name, expected)); + } + assert_se(sd_netlink_message_exit_container(m) >= 0); +} + +static void test_strv(sd_netlink *rtnl) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + _cleanup_strv_free_ char **names_in = NULL, **names_out; + const char *p; + + log_debug("/* %s */", __func__); + + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_NEWLINKPROP, 1) >= 0); + + for (unsigned i = 0; i < 10; i++) { + char name[STRLEN("hoge") + DECIMAL_STR_MAX(uint32_t)]; + + xsprintf(name, "hoge%" PRIu32, i + 1000); + assert_se(strv_extend(&names_in, name) >= 0); + } + + assert_se(sd_netlink_message_open_container(m, IFLA_PROP_LIST) >= 0); + assert_se(sd_netlink_message_append_strv(m, IFLA_ALT_IFNAME, (const char**) names_in) >= 0); + assert_se(sd_netlink_message_close_container(m) >= 0); + + message_seal(m); + assert_se(sd_netlink_message_rewind(m, rtnl) >= 0); + + assert_se(sd_netlink_message_read_strv(m, IFLA_PROP_LIST, IFLA_ALT_IFNAME, &names_out) >= 0); + assert_se(strv_equal(names_in, names_out)); + + assert_se(sd_netlink_message_enter_container(m, IFLA_PROP_LIST) >= 0); + assert_se(sd_netlink_message_read_string(m, IFLA_ALT_IFNAME, &p) >= 0); + assert_se(streq(p, "hoge1009")); + assert_se(sd_netlink_message_exit_container(m) >= 0); +} + +static int genl_ctrl_match_callback(sd_netlink *genl, sd_netlink_message *m, void *userdata) { + const char *name; + uint16_t id; + uint8_t cmd; + + assert_se(genl); + assert_se(m); + + assert_se(sd_genl_message_get_family_name(genl, m, &name) >= 0); + assert_se(streq(name, CTRL_GENL_NAME)); + + assert_se(sd_genl_message_get_command(genl, m, &cmd) >= 0); + + switch (cmd) { + case CTRL_CMD_NEWFAMILY: + case CTRL_CMD_DELFAMILY: + assert_se(sd_netlink_message_read_string(m, CTRL_ATTR_FAMILY_NAME, &name) >= 0); + assert_se(sd_netlink_message_read_u16(m, CTRL_ATTR_FAMILY_ID, &id) >= 0); + log_debug("%s: %s (id=%"PRIu16") family is %s.", + __func__, name, id, cmd == CTRL_CMD_NEWFAMILY ? "added" : "removed"); + break; + case CTRL_CMD_NEWMCAST_GRP: + case CTRL_CMD_DELMCAST_GRP: + assert_se(sd_netlink_message_read_string(m, CTRL_ATTR_FAMILY_NAME, &name) >= 0); + assert_se(sd_netlink_message_read_u16(m, CTRL_ATTR_FAMILY_ID, &id) >= 0); + log_debug("%s: multicast group for %s (id=%"PRIu16") family is %s.", + __func__, name, id, cmd == CTRL_CMD_NEWMCAST_GRP ? "added" : "removed"); + break; + default: + log_debug("%s: received nlctrl message with unknown command '%"PRIu8"'.", __func__, cmd); + } + + return 0; +} + +static void test_genl(void) { + _cleanup_(sd_event_unrefp) sd_event *event = NULL; + _cleanup_(sd_netlink_unrefp) sd_netlink *genl = NULL; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; + const char *name; + uint8_t cmd; + int r; + + log_debug("/* %s */", __func__); + + assert_se(sd_genl_socket_open(&genl) >= 0); + assert_se(sd_event_default(&event) >= 0); + assert_se(sd_netlink_attach_event(genl, event, 0) >= 0); + + assert_se(sd_genl_message_new(genl, CTRL_GENL_NAME, CTRL_CMD_GETFAMILY, &m) >= 0); + assert_se(sd_genl_message_get_family_name(genl, m, &name) >= 0); + assert_se(streq(name, CTRL_GENL_NAME)); + assert_se(sd_genl_message_get_command(genl, m, &cmd) >= 0); + assert_se(cmd == CTRL_CMD_GETFAMILY); + + assert_se(sd_genl_add_match(genl, NULL, CTRL_GENL_NAME, "notify", 0, genl_ctrl_match_callback, NULL, NULL, "genl-ctrl-notify") >= 0); + + m = sd_netlink_message_unref(m); + assert_se(sd_genl_message_new(genl, "should-not-exist", CTRL_CMD_GETFAMILY, &m) < 0); + assert_se(sd_genl_message_new(genl, "should-not-exist", CTRL_CMD_GETFAMILY, &m) == -EOPNOTSUPP); + + /* These families may not be supported by kernel. Hence, ignore results. */ + (void) sd_genl_message_new(genl, FOU_GENL_NAME, 0, &m); + m = sd_netlink_message_unref(m); + (void) sd_genl_message_new(genl, L2TP_GENL_NAME, 0, &m); + m = sd_netlink_message_unref(m); + (void) sd_genl_message_new(genl, MACSEC_GENL_NAME, 0, &m); + m = sd_netlink_message_unref(m); + (void) sd_genl_message_new(genl, NL80211_GENL_NAME, 0, &m); + m = sd_netlink_message_unref(m); + (void) sd_genl_message_new(genl, NETLBL_NLTYPE_UNLABELED_NAME, 0, &m); + + for (;;) { + r = sd_event_run(event, 500 * USEC_PER_MSEC); + assert_se(r >= 0); + if (r == 0) + return; + } +} + +static void test_rtnl_set_link_name(sd_netlink *rtnl, int ifindex) { + _cleanup_strv_free_ char **alternative_names = NULL; + int r; + + log_debug("/* %s */", __func__); + + if (geteuid() != 0) + return (void) log_tests_skipped("not root"); + + /* Test that the new name (which is currently an alternative name) is + * restored as an alternative name on error. Create an error by using + * an invalid device name, namely one that exceeds IFNAMSIZ + * (alternative names can exceed IFNAMSIZ, but not regular names). */ + r = rtnl_set_link_alternative_names(&rtnl, ifindex, STRV_MAKE("testlongalternativename")); + if (r == -EPERM) + return (void) log_tests_skipped("missing required capabilities"); + + assert_se(r >= 0); + assert_se(rtnl_set_link_name(&rtnl, ifindex, "testlongalternativename") == -EINVAL); + assert_se(rtnl_get_link_alternative_names(&rtnl, ifindex, &alternative_names) >= 0); + assert_se(strv_contains(alternative_names, "testlongalternativename")); + assert_se(rtnl_delete_link_alternative_names(&rtnl, ifindex, STRV_MAKE("testlongalternativename")) >= 0); +} + +int main(void) { + sd_netlink *rtnl; + sd_netlink_message *m; + sd_netlink_message *r; + const char *string_data; + int if_loopback; + uint16_t type; + + test_setup_logging(LOG_DEBUG); + + test_match(); + test_multiple(); + + assert_se(sd_netlink_open(&rtnl) >= 0); + assert_se(rtnl); + + test_route(rtnl); + test_message(rtnl); + test_container(rtnl); + test_array(); + test_strv(rtnl); + + if_loopback = (int) if_nametoindex("lo"); + assert_se(if_loopback > 0); + + test_async(if_loopback); + test_slot_set(if_loopback); + test_async_destroy_callback(if_loopback); + test_pipe(if_loopback); + test_event_loop(if_loopback); + test_link_configure(rtnl, if_loopback); + test_rtnl_set_link_name(rtnl, if_loopback); + + test_get_addresses(rtnl); + test_message_link_bridge(rtnl); + + assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, if_loopback) >= 0); + assert_se(m); + + assert_se(sd_netlink_message_get_type(m, &type) >= 0); + assert_se(type == RTM_GETLINK); + + assert_se(sd_netlink_message_read_string(m, IFLA_IFNAME, &string_data) == -EPERM); + + assert_se(sd_netlink_call(rtnl, m, 0, &r) == 1); + assert_se(sd_netlink_message_get_type(r, &type) >= 0); + assert_se(type == RTM_NEWLINK); + + assert_se((r = sd_netlink_message_unref(r)) == NULL); + + assert_se(sd_netlink_call(rtnl, m, -1, &r) == -EPERM); + assert_se((m = sd_netlink_message_unref(m)) == NULL); + assert_se((r = sd_netlink_message_unref(r)) == NULL); + + test_link_get(rtnl, if_loopback); + test_address_get(rtnl, if_loopback); + + assert_se((m = sd_netlink_message_unref(m)) == NULL); + assert_se((r = sd_netlink_message_unref(r)) == NULL); + assert_se((rtnl = sd_netlink_unref(rtnl)) == NULL); + + test_genl(); + + return EXIT_SUCCESS; +} |