/**
* virNetDevMacVLanDelete:
*
* @ifname: Name of the interface
*
* Tear down an interface with the given name.
*
* Returns 0 on success, -1 on fatal error.
*/
int virNetDevMacVLanDelete(const char *ifname)
{
int rc = -1;
struct nlmsghdr *resp;
struct nlmsgerr *err;
struct ifinfomsg ifinfo = { .ifi_family = AF_UNSPEC };
unsigned char *recvbuf = NULL;
unsigned int recvbuflen;
struct nl_msg *nl_msg;
nl_msg = nlmsg_alloc_simple(RTM_DELLINK,
NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL);
if (!nl_msg) {
virReportOOMError();
return -1;
}
if (nlmsg_append(nl_msg, &ifinfo, sizeof(ifinfo), NLMSG_ALIGNTO) < 0)
goto buffer_too_small;
if (nla_put(nl_msg, IFLA_IFNAME, strlen(ifname)+1, ifname) < 0)
goto buffer_too_small;
if (virNetlinkCommand(nl_msg, &recvbuf, &recvbuflen, 0) < 0) {
goto cleanup;
}
if (recvbuflen < NLMSG_LENGTH(0) || recvbuf == NULL)
goto malformed_resp;
resp = (struct nlmsghdr *)recvbuf;
switch (resp->nlmsg_type) {
case NLMSG_ERROR:
err = (struct nlmsgerr *)NLMSG_DATA(resp);
if (resp->nlmsg_len < NLMSG_LENGTH(sizeof(*err)))
goto malformed_resp;
if (err->error) {
virReportSystemError(-err->error,
_("error destroying %s interface"),
ifname);
goto cleanup;
}
break;
case NLMSG_DONE:
break;
default:
goto malformed_resp;
}
rc = 0;
cleanup:
nlmsg_free(nl_msg);
VIR_FREE(recvbuf);
return rc;
malformed_resp:
virNetDevError(VIR_ERR_INTERNAL_ERROR, "%s",
_("malformed netlink response message"));
goto cleanup;
buffer_too_small:
virNetDevError(VIR_ERR_INTERNAL_ERROR, "%s",
_("allocated netlink buffer is too small"));
goto cleanup;
}
/**
* virNetDevMacVLanCreate:
*
* @ifname: The name the interface is supposed to have; optional parameter
* @type: The type of device, i.e., "macvtap", "macvlan"
* @macaddress: The MAC address of the device
* @srcdev: The name of the 'link' device
* @macvlan_mode: The macvlan mode to use
* @retry: Pointer to integer that will be '1' upon return if an interface
* with the same name already exists and it is worth to try
* again with a different name
*
* Create a macvtap device with the given properties.
*
* Returns 0 on success, -1 on fatal error.
*/
int
virNetDevMacVLanCreate(const char *ifname,
const char *type,
const unsigned char *macaddress,
const char *srcdev,
uint32_t macvlan_mode,
int *retry)
{
int rc = -1;
struct nlmsghdr *resp;
struct nlmsgerr *err;
struct ifinfomsg ifinfo = { .ifi_family = AF_UNSPEC };
int ifindex;
unsigned char *recvbuf = NULL;
unsigned int recvbuflen;
struct nl_msg *nl_msg;
struct nlattr *linkinfo, *info_data;
if (virNetDevGetIndex(srcdev, &ifindex) < 0)
return -1;
*retry = 0;
nl_msg = nlmsg_alloc_simple(RTM_NEWLINK,
NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL);
if (!nl_msg) {
virReportOOMError();
return -1;
}
if (nlmsg_append(nl_msg, &ifinfo, sizeof(ifinfo), NLMSG_ALIGNTO) < 0)
goto buffer_too_small;
if (nla_put_u32(nl_msg, IFLA_LINK, ifindex) < 0)
goto buffer_too_small;
if (nla_put(nl_msg, IFLA_ADDRESS, VIR_MAC_BUFLEN, macaddress) < 0)
goto buffer_too_small;
if (ifname &&
nla_put(nl_msg, IFLA_IFNAME, strlen(ifname)+1, ifname) < 0)
goto buffer_too_small;
if (!(linkinfo = nla_nest_start(nl_msg, IFLA_LINKINFO)))
goto buffer_too_small;
if (nla_put(nl_msg, IFLA_INFO_KIND, strlen(type), type) < 0)
goto buffer_too_small;
if (macvlan_mode > 0) {
if (!(info_data = nla_nest_start(nl_msg, IFLA_INFO_DATA)))
goto buffer_too_small;
if (nla_put(nl_msg, IFLA_MACVLAN_MODE, sizeof(macvlan_mode),
&macvlan_mode) < 0)
goto buffer_too_small;
nla_nest_end(nl_msg, info_data);
}
nla_nest_end(nl_msg, linkinfo);
if (virNetlinkCommand(nl_msg, &recvbuf, &recvbuflen, 0) < 0) {
goto cleanup;
}
if (recvbuflen < NLMSG_LENGTH(0) || recvbuf == NULL)
goto malformed_resp;
resp = (struct nlmsghdr *)recvbuf;
switch (resp->nlmsg_type) {
case NLMSG_ERROR:
err = (struct nlmsgerr *)NLMSG_DATA(resp);
if (resp->nlmsg_len < NLMSG_LENGTH(sizeof(*err)))
goto malformed_resp;
switch (err->error) {
case 0:
break;
case -EEXIST:
*retry = 1;
goto cleanup;
default:
virReportSystemError(-err->error,
_("error creating %s type of interface"),
type);
goto cleanup;
}
break;
case NLMSG_DONE:
break;
default:
goto malformed_resp;
}
rc = 0;
cleanup:
nlmsg_free(nl_msg);
VIR_FREE(recvbuf);
return rc;
malformed_resp:
virNetDevError(VIR_ERR_INTERNAL_ERROR, "%s",
_("malformed netlink response message"));
goto cleanup;
buffer_too_small:
virNetDevError(VIR_ERR_INTERNAL_ERROR, "%s",
_("allocated netlink buffer is too small"));
goto cleanup;
}
static int build_rule_msg(struct rtnl_rule *tmpl, int cmd, int flags,
struct nl_msg **result)
{
struct nl_msg *msg;
struct fib_rule_hdr frh = {
.family = tmpl->r_family,
.table = tmpl->r_table,
.action = tmpl->r_action,
.flags = tmpl->r_flags,
.tos = tmpl->r_dsfield,
};
if (!(tmpl->ce_mask & RULE_ATTR_FAMILY))
return -NLE_MISSING_ATTR;
msg = nlmsg_alloc_simple(cmd, flags);
if (!msg)
return -NLE_NOMEM;
if (tmpl->ce_mask & RULE_ATTR_SRC)
frh.src_len = nl_addr_get_prefixlen(tmpl->r_src);
if (tmpl->ce_mask & RULE_ATTR_DST)
frh.dst_len = nl_addr_get_prefixlen(tmpl->r_dst);
if (nlmsg_append(msg, &frh, sizeof(frh), NLMSG_ALIGNTO) < 0)
goto nla_put_failure;
if (tmpl->ce_mask & RULE_ATTR_SRC)
NLA_PUT_ADDR(msg, FRA_SRC, tmpl->r_src);
if (tmpl->ce_mask & RULE_ATTR_DST)
NLA_PUT_ADDR(msg, FRA_DST, tmpl->r_dst);
if (tmpl->ce_mask & RULE_ATTR_IIFNAME)
NLA_PUT_STRING(msg, FRA_IIFNAME, tmpl->r_iifname);
if (tmpl->ce_mask & RULE_ATTR_OIFNAME)
NLA_PUT_STRING(msg, FRA_OIFNAME, tmpl->r_oifname);
if (tmpl->ce_mask & RULE_ATTR_PRIO)
NLA_PUT_U32(msg, FRA_PRIORITY, tmpl->r_prio);
if (tmpl->ce_mask & RULE_ATTR_MARK)
NLA_PUT_U32(msg, FRA_FWMARK, tmpl->r_mark);
if (tmpl->ce_mask & RULE_ATTR_MASK)
NLA_PUT_U32(msg, FRA_FWMASK, tmpl->r_mask);
if (tmpl->ce_mask & RULE_ATTR_GOTO)
NLA_PUT_U32(msg, FRA_GOTO, tmpl->r_goto);
if (tmpl->ce_mask & RULE_ATTR_FLOW)
NLA_PUT_U32(msg, FRA_FLOW, tmpl->r_flow);
*result = msg;
return 0;
nla_put_failure:
nlmsg_free(msg);
return -NLE_MSGSIZE;
}
/**
* Build netlink request message to add a new rule
* @arg tmpl template with data of new rule
* @arg flags additional netlink message flags
* @arg result Result pointer
*
* Builds a new netlink message requesting a addition of a new
* rule. The netlink message header isn't fully equipped with
* all relevant fields and must thus be sent out via nl_send_auto_complete()
* or supplemented as needed. \a tmpl must contain the attributes of the new
* address set via \c rtnl_rule_set_* functions.
*
* @return 0 on success or a negative error code.
*/
int rtnl_rule_build_add_request(struct rtnl_rule *tmpl, int flags,
struct nl_msg **result)
{
return build_rule_msg(tmpl, RTM_NEWRULE, NLM_F_CREATE | flags,
result);
}
/**
* Add a new rule
* @arg sk Netlink socket.
* @arg tmpl template with requested changes
* @arg flags additional netlink message flags
*
* Builds a netlink message by calling rtnl_rule_build_add_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_rule_add(struct nl_sock *sk, struct rtnl_rule *tmpl, int flags)
{
struct nl_msg *msg;
int err;
if ((err = rtnl_rule_build_add_request(tmpl, flags, &msg)) < 0)
return err;
err = nl_send_auto_complete(sk, msg);
nlmsg_free(msg);
if (err < 0)
return err;
return wait_for_ack(sk);
}
/** @} */
/**
* @name Rule Deletion
* @{
*/
/**
* Build a netlink request message to delete a rule
* @arg rule rule to delete
* @arg flags additional netlink message flags
* @arg result Result pointer
*
* Builds a new netlink message requesting a deletion of a rule.
* The netlink message header isn't fully equipped with all relevant
* fields and must thus be sent out via nl_send_auto_complete()
* or supplemented as needed. \a rule must point to an existing
* address.
*
* @return 0 on success or a negative error code.
*/
int rtnl_rule_build_delete_request(struct rtnl_rule *rule, int flags,
struct nl_msg **result)
{
return build_rule_msg(rule, RTM_DELRULE, flags, result);
}
/**
* Delete a rule
* @arg sk Netlink socket.
* @arg rule rule to delete
* @arg flags additional netlink message flags
*
* Builds a netlink message by calling rtnl_rule_build_delete_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_rule_delete(struct nl_sock *sk, struct rtnl_rule *rule, int flags)
{
struct nl_msg *msg;
int err;
if ((err = rtnl_rule_build_delete_request(rule, flags, &msg)) < 0)
return err;
err = nl_send_auto_complete(sk, msg);
nlmsg_free(msg);
if (err < 0)
return err;
return wait_for_ack(sk);
}
/** @} */
/**
* @name Attribute Modification
* @{
*/
void rtnl_rule_set_family(struct rtnl_rule *rule, int family)
{
rule->r_family = family;
rule->ce_mask |= RULE_ATTR_FAMILY;
}
static int
tcpTable_load_netlink(void)
{
/* TODO: perhaps use permanent nl handle? */
struct nl_handle *nl = nl_handle_alloc();
struct inet_diag_req req = {
.idiag_family = AF_INET,
.idiag_states = TCP_ALL,
};
struct nl_msg *nm;
struct sockaddr_nl peer;
unsigned char *buf = NULL;
int running = 1, len;
if (nl == NULL) {
DEBUGMSGTL(("mibII/tcpTable", "Failed to allocate netlink handle\n"));
snmp_log(LOG_ERR, "snmpd: Failed to allocate netlink handle\n");
return -1;
}
if (nl_connect(nl, NETLINK_INET_DIAG) < 0) {
DEBUGMSGTL(("mibII/tcpTable", "Failed to connect to netlink: %s\n", nl_geterror()));
snmp_log(LOG_ERR, "snmpd: Couldn't connect to netlink: %s\n", nl_geterror());
nl_handle_destroy(nl);
return -1;
}
nm = nlmsg_alloc_simple(TCPDIAG_GETSOCK, NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST);
nlmsg_append(nm, &req, sizeof(struct inet_diag_req), 0);
if (nl_send_auto_complete(nl, nm) < 0) {
DEBUGMSGTL(("mibII/tcpTable", "nl_send_autocomplete(): %s\n", nl_geterror()));
snmp_log(LOG_ERR, "snmpd: nl_send_autocomplete(): %s\n", nl_geterror());
nl_handle_destroy(nl);
return -1;
}
nlmsg_free(nm);
while (running) {
struct nlmsghdr *h;
if ((len = nl_recv(nl, &peer, &buf, NULL)) <= 0) {
DEBUGMSGTL(("mibII/tcpTable", "nl_recv(): %s\n", nl_geterror()));
snmp_log(LOG_ERR, "snmpd: nl_recv(): %s\n", nl_geterror());
nl_handle_destroy(nl);
return -1;
}
h = (struct nlmsghdr*)buf;
while (nlmsg_ok(h, len)) {
struct inet_diag_msg *r = nlmsg_data(h);
struct inpcb pcb, *nnew;
if (h->nlmsg_type == NLMSG_DONE) {
running = 0;
break;
}
r = nlmsg_data(h);
if (r->idiag_family != AF_INET) {
h = nlmsg_next(h, &len);
continue;
}
memcpy(&pcb.inp_laddr.s_addr, r->id.idiag_src, r->idiag_family == AF_INET ? 4 : 6);
memcpy(&pcb.inp_faddr.s_addr, r->id.idiag_dst, r->idiag_family == AF_INET ? 4 : 6);
pcb.inp_lport = r->id.idiag_sport;
pcb.inp_fport = r->id.idiag_dport;
pcb.inp_state = (r->idiag_state & 0xf) < 12 ? linux_states[r->idiag_state & 0xf] : 2;
if (pcb.inp_state == 5 /* established */ ||
pcb.inp_state == 8 /* closeWait */ )
tcp_estab++;
pcb.uid = r->idiag_uid;
nnew = SNMP_MALLOC_TYPEDEF(struct inpcb);
if (nnew == NULL) {
running = 0;
/* XXX report malloc error and return -1? */
break;
}
memcpy(nnew, &pcb, sizeof(struct inpcb));
nnew->inp_next = tcp_head;
tcp_head = nnew;
h = nlmsg_next(h, &len);
}
free(buf);
}
nl_handle_destroy(nl);
if (tcp_head) {
DEBUGMSGTL(("mibII/tcpTable", "Loaded TCP Table using netlink\n"));
return 0;
}
DEBUGMSGTL(("mibII/tcpTable", "Failed to load TCP Table (netlink)\n"));
return -1;
}
int usnic_nl_rt_lookup(uint32_t src_addr, uint32_t dst_addr, int oif,
uint32_t *nh_addr)
{
struct usnic_nl_sk *unlsk;
struct nl_msg *nlm;
struct rtmsg rmsg;
struct usnic_rt_cb_arg arg;
int err;
unlsk = NULL;
err = usnic_nl_sk_alloc(&unlsk, NETLINK_ROUTE);
if (err)
return err;
memset(&rmsg, 0, sizeof(rmsg));
rmsg.rtm_family = AF_INET;
rmsg.rtm_dst_len = sizeof(dst_addr) * CHAR_BIT;
rmsg.rtm_src_len = sizeof(src_addr) * CHAR_BIT;
nlm = nlmsg_alloc_simple(RTM_GETROUTE, 0);
if (!nlm) {
usnic_err("Failed to alloc nl message, %s\n",
NL_GETERROR(err));
err = ENOMEM;
goto out;
}
nlmsg_append(nlm, &rmsg, sizeof(rmsg), NLMSG_ALIGNTO);
nla_put_u32(nlm, RTA_DST, dst_addr);
nla_put_u32(nlm, RTA_SRC, src_addr);
err = usnic_nl_send_query(unlsk, nlm, NETLINK_ROUTE, NLM_F_REQUEST);
nlmsg_free(nlm);
if (err < 0) {
usnic_err("Failed to send RTM_GETROUTE query message, error %s\n",
NL_GETERROR(err));
err = EINVAL;
goto out;
}
memset(&arg, 0, sizeof(arg));
arg.oif = oif;
arg.unlsk = unlsk;
err = nl_socket_modify_cb(unlsk->nlh, NL_CB_MSG_IN, NL_CB_CUSTOM,
usnic_rt_raw_parse_cb, &arg);
if (err != 0) {
usnic_err("Failed to setup callback function, error %s\n",
NL_GETERROR(err));
err = EINVAL;
goto out;
}
NL_RECVMSGS(unlsk->nlh, arg, EHOSTUNREACH, err, out);
if (arg.found) {
*nh_addr = arg.nh_addr;
err = 0;
} else {
err = EHOSTUNREACH;
}
out:
usnic_nl_sk_free(unlsk);
return err;
}
TError TNlLink::AddXVlan(const std::string &vlantype,
const std::string &master,
uint32_t type,
const std::string &hw,
int mtu) {
TError error = TError::Success();
int ret;
uint32_t masterIdx;
struct nl_msg *msg;
struct nlattr *linkinfo, *infodata;
struct ifinfomsg ifi = { 0 };
struct ether_addr *ea = nullptr;
auto Name = GetName();
if (hw.length()) {
// FIXME THREADS
ea = ether_aton(hw.c_str());
if (!ea)
return TError(EError::Unknown, "Invalid " + vlantype + " mac address " + hw);
}
TNlLink masterLink(Nl, master);
error = masterLink.Load();
if (error)
return error;
masterIdx = masterLink.GetIndex();
msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_CREATE);
if (!msg)
return TError(EError::Unknown, "Unable to add " + vlantype + ": no memory");
ret = nlmsg_append(msg, &ifi, sizeof(ifi), NLMSG_ALIGNTO);
if (ret < 0) {
error = TError(EError::Unknown, "Unable to add " + vlantype + ": " + nl_geterror(ret));
goto free_msg;
}
/* link configuration */
ret = nla_put(msg, IFLA_LINK, sizeof(uint32_t), &masterIdx);
if (ret < 0) {
error = TError(EError::Unknown, std::string("Unable to put IFLA_LINK: ") + nl_geterror(ret));
goto free_msg;
}
ret = nla_put(msg, IFLA_IFNAME, Name.length() + 1, Name.c_str());
if (ret < 0) {
error = TError(EError::Unknown, std::string("Unable to put IFLA_IFNAME: ") + nl_geterror(ret));
goto free_msg;
}
if (mtu > 0) {
ret = nla_put(msg, IFLA_MTU, sizeof(int), &mtu);
if (ret < 0) {
error = TError(EError::Unknown, std::string("Unable to put IFLA_MTU: ") + nl_geterror(ret));
goto free_msg;
}
}
if (ea) {
struct nl_addr *addr = nl_addr_build(AF_LLC, ea, ETH_ALEN);
ret = nla_put(msg, IFLA_ADDRESS, nl_addr_get_len(addr), nl_addr_get_binary_addr(addr));
if (ret < 0) {
error = TError(EError::Unknown, std::string("Unable to put IFLA_ADDRESS: ") + nl_geterror(ret));
goto free_msg;
}
nl_addr_put(addr);
}
/* link type */
linkinfo = nla_nest_start(msg, IFLA_LINKINFO);
if (!linkinfo) {
error = TError(EError::Unknown, "Unable to add " + vlantype + ": can't nest IFLA_LINKINFO");
goto free_msg;
}
ret = nla_put(msg, IFLA_INFO_KIND, vlantype.length() + 1, vlantype.c_str());
if (ret < 0) {
error = TError(EError::Unknown, std::string("Unable to put IFLA_INFO_KIND: ") + nl_geterror(ret));
goto free_msg;
}
/* xvlan specific */
infodata = nla_nest_start(msg, IFLA_INFO_DATA);
if (!infodata) {
error = TError(EError::Unknown, "Unable to add " + vlantype + ": can't nest IFLA_INFO_DATA");
goto free_msg;
}
if (vlantype == "macvlan") {
ret = nla_put(msg, IFLA_MACVLAN_MODE, sizeof(uint32_t), &type);
if (ret < 0) {
error = TError(EError::Unknown, std::string("Unable to put IFLA_MACVLAN_MODE: ") + nl_geterror(ret));
goto free_msg;
}
#ifdef IFLA_IPVLAN_MAX
} else if (vlantype == "ipvlan") {
uint16_t mode = type;
ret = nla_put(msg, IFLA_IPVLAN_MODE, sizeof(uint16_t), &mode);
if (ret < 0) {
error = TError(EError::Unknown, std::string("Unable to put IFLA_IPVLAN_MODE: ") + nl_geterror(ret));
goto free_msg;
}
#endif
}
nla_nest_end(msg, infodata);
nla_nest_end(msg, linkinfo);
L() << "netlink: add " << vlantype << " " << Name << " master " << master
<< " type " << type << " hw " << hw << " mtu " << mtu << std::endl;
ret = nl_send_sync(GetSock(), msg);
if (ret)
return Error(ret, "Cannot add " + vlantype);
return Load();
free_msg:
nlmsg_free(msg);
return error;
}
static int route_request_update(struct nl_cache *c, struct nl_sock *h)
{
struct rtmsg rhdr = {
.rtm_family = c->c_iarg1,
};
if (c->c_iarg2 & ROUTE_CACHE_CONTENT)
rhdr.rtm_flags |= RTM_F_CLONED;
return nl_send_simple(h, RTM_GETROUTE, NLM_F_DUMP, &rhdr, sizeof(rhdr));
}
/**
* @name Cache Management
* @{
*/
/**
* Build a route cache holding all routes currently configured in the kernel
* @arg sk Netlink socket.
* @arg family Address family of routes to cover or AF_UNSPEC
* @arg flags Flags
* @arg result Result pointer
*
* Allocates a new cache, initializes it properly and updates it to
* contain all routes currently configured in the kernel.
*
* Valid flags:
* * ROUTE_CACHE_CONTENT - Cache will contain contents of routing cache
* instead of actual routes.
*
* @note The caller is responsible for destroying and freeing the
* cache after using it.
* @return 0 on success or a negative error code.
*/
int rtnl_route_alloc_cache(struct nl_sock *sk, int family, int flags,
struct nl_cache **result)
{
struct nl_cache *cache;
int err;
if (!(cache = nl_cache_alloc(&rtnl_route_ops)))
return -NLE_NOMEM;
cache->c_iarg1 = family;
cache->c_iarg2 = flags;
if (sk && (err = nl_cache_refill(sk, cache)) < 0) {
free(cache);
return err;
}
*result = cache;
return 0;
}
/** @} */
/**
* @name Route Addition
* @{
*/
static int build_route_msg(struct rtnl_route *tmpl, int cmd, int flags,
struct nl_msg **result)
{
struct nl_msg *msg;
int err;
if (!(msg = nlmsg_alloc_simple(cmd, flags)))
return -NLE_NOMEM;
if ((err = rtnl_route_build_msg(msg, tmpl)) < 0) {
nlmsg_free(msg);
return err;
}
*result = msg;
return 0;
}
int rtnl_route_build_add_request(struct rtnl_route *tmpl, int flags,
struct nl_msg **result)
{
return build_route_msg(tmpl, RTM_NEWROUTE, NLM_F_CREATE | flags,
result);
}
int rtnl_route_add(struct nl_sock *sk, struct rtnl_route *route, int flags)
{
struct nl_msg *msg;
int err;
if ((err = rtnl_route_build_add_request(route, flags, &msg)) < 0)
return err;
err = nl_send_auto_complete(sk, msg);
nlmsg_free(msg);
if (err < 0)
return err;
return wait_for_ack(sk);
}
int rtnl_route_build_del_request(struct rtnl_route *tmpl, int flags,
struct nl_msg **result)
{
return build_route_msg(tmpl, RTM_DELROUTE, flags, result);
}
int rtnl_route_delete(struct nl_sock *sk, struct rtnl_route *route, int flags)
{
struct nl_msg *msg;
int err;
if ((err = rtnl_route_build_del_request(route, flags, &msg)) < 0)
return err;
err = nl_send_auto_complete(sk, msg);
nlmsg_free(msg);
if (err < 0)
return err;
return wait_for_ack(sk);
}
/** @} */
static struct nl_af_group route_groups[] = {
{ AF_INET, RTNLGRP_IPV4_ROUTE },
{ AF_INET6, RTNLGRP_IPV6_ROUTE },
{ AF_DECnet, RTNLGRP_DECnet_ROUTE },
{ END_OF_GROUP_LIST },
};
static struct nl_cache_ops rtnl_route_ops = {
.co_name = "route/route",
.co_hdrsize = sizeof(struct rtmsg),
.co_msgtypes = {
{ RTM_NEWROUTE, NL_ACT_NEW, "new" },
{ RTM_DELROUTE, NL_ACT_DEL, "del" },
{ RTM_GETROUTE, NL_ACT_GET, "get" },
END_OF_MSGTYPES_LIST,
},
.co_protocol = NETLINK_ROUTE,
.co_groups = route_groups,
.co_request_update = route_request_update,
.co_msg_parser = route_msg_parser,
.co_obj_ops = &route_obj_ops,
};
static void __init route_init(void)
{
nl_cache_mngt_register(&rtnl_route_ops);
}
static void __exit route_exit(void)
{
nl_cache_mngt_unregister(&rtnl_route_ops);
}
static int build_xfrm_ae_message(struct xfrmnl_ae *tmpl, int cmd, int flags,
struct nl_msg **result)
{
struct nl_msg* msg;
struct xfrm_aevent_id ae_id;
if (!(tmpl->ce_mask & XFRM_AE_ATTR_DADDR) ||
!(tmpl->ce_mask & XFRM_AE_ATTR_SPI) ||
!(tmpl->ce_mask & XFRM_AE_ATTR_PROTO))
return -NLE_MISSING_ATTR;
memcpy (&ae_id.sa_id.daddr, nl_addr_get_binary_addr (tmpl->sa_id.daddr), sizeof (uint8_t) * nl_addr_get_len (tmpl->sa_id.daddr));
ae_id.sa_id.spi = htonl(tmpl->sa_id.spi);
ae_id.sa_id.family = tmpl->sa_id.family;
ae_id.sa_id.proto = tmpl->sa_id.proto;
if (tmpl->ce_mask & XFRM_AE_ATTR_SADDR)
memcpy (&ae_id.saddr, nl_addr_get_binary_addr (tmpl->saddr), sizeof (uint8_t) * nl_addr_get_len (tmpl->saddr));
if (tmpl->ce_mask & XFRM_AE_ATTR_FLAGS)
ae_id.flags = tmpl->flags;
if (tmpl->ce_mask & XFRM_AE_ATTR_REQID)
ae_id.reqid = tmpl->reqid;
msg = nlmsg_alloc_simple(cmd, flags);
if (!msg)
return -NLE_NOMEM;
if (nlmsg_append(msg, &ae_id, sizeof(ae_id), NLMSG_ALIGNTO) < 0)
goto nla_put_failure;
if (tmpl->ce_mask & XFRM_AE_ATTR_MARK)
NLA_PUT (msg, XFRMA_MARK, sizeof (struct xfrmnl_mark), &tmpl->mark);
if (tmpl->ce_mask & XFRM_AE_ATTR_LIFETIME)
NLA_PUT (msg, XFRMA_LTIME_VAL, sizeof (struct xfrmnl_lifetime_cur), &tmpl->lifetime_cur);
if (tmpl->ce_mask & XFRM_AE_ATTR_REPLAY_MAXAGE)
NLA_PUT_U32 (msg, XFRMA_ETIMER_THRESH, tmpl->replay_maxage);
if (tmpl->ce_mask & XFRM_AE_ATTR_REPLAY_MAXDIFF)
NLA_PUT_U32 (msg, XFRMA_REPLAY_THRESH, tmpl->replay_maxdiff);
if (tmpl->ce_mask & XFRM_AE_ATTR_REPLAY_STATE) {
if (tmpl->replay_state_esn) {
uint32_t len = sizeof (struct xfrm_replay_state_esn) + (sizeof (uint32_t) * tmpl->replay_state_esn->bmp_len);
NLA_PUT (msg, XFRMA_REPLAY_ESN_VAL, len, tmpl->replay_state_esn);
}
else {
NLA_PUT (msg, XFRMA_REPLAY_VAL, sizeof (struct xfrmnl_replay_state), &tmpl->replay_state);
}
}
*result = msg;
return 0;
nla_put_failure:
nlmsg_free(msg);
return -NLE_MSGSIZE;
}
/**
* Send netlink message.
* @arg sk Netlink socket.
* @arg msg Netlink message to be sent.
* @arg iov iovec to be sent.
* @arg iovlen number of struct iovec to be sent.
* @see nl_sendmsg()
* @return Number of characters sent on success or a negative error code.
*/
int nl_send_iovec(struct nl_sock *sk, struct nl_msg *msg, struct iovec *iov, unsigned iovlen)
{
struct sockaddr_nl *dst;
struct ucred *creds;
struct msghdr hdr = {
.msg_name = (void *) &sk->s_peer,
.msg_namelen = sizeof(struct sockaddr_nl),
.msg_iov = iov,
.msg_iovlen = iovlen,
};
/* Overwrite destination if specified in the message itself, defaults
* to the peer address of the socket.
*/
dst = nlmsg_get_dst(msg);
if (dst->nl_family == AF_NETLINK)
hdr.msg_name = dst;
/* Add credentials if present. */
creds = nlmsg_get_creds(msg);
if (creds != NULL) {
char buf[CMSG_SPACE(sizeof(struct ucred))];
struct cmsghdr *cmsg;
hdr.msg_control = buf;
hdr.msg_controllen = sizeof(buf);
cmsg = CMSG_FIRSTHDR(&hdr);
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = SCM_CREDENTIALS;
cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
memcpy(CMSG_DATA(cmsg), creds, sizeof(struct ucred));
}
return nl_sendmsg(sk, msg, &hdr);
}
/**
* Send netlink message.
* @arg sk Netlink socket.
* @arg msg Netlink message to be sent.
* @see nl_sendmsg()
* @return Number of characters sent on success or a negative error code.
*/
int nl_send(struct nl_sock *sk, struct nl_msg *msg)
{
struct iovec iov = {
.iov_base = (void *) nlmsg_hdr(msg),
.iov_len = nlmsg_hdr(msg)->nlmsg_len,
};
return nl_send_iovec(sk, msg, &iov, 1);
}
void nl_auto_complete(struct nl_sock *sk, struct nl_msg *msg)
{
struct nlmsghdr *nlh;
nlh = nlmsg_hdr(msg);
if (nlh->nlmsg_pid == 0)
nlh->nlmsg_pid = sk->s_local.nl_pid;
if (nlh->nlmsg_seq == 0)
nlh->nlmsg_seq = sk->s_seq_next++;
if (msg->nm_protocol == -1)
msg->nm_protocol = sk->s_proto;
nlh->nlmsg_flags |= NLM_F_REQUEST;
if (!(sk->s_flags & NL_NO_AUTO_ACK))
nlh->nlmsg_flags |= NLM_F_ACK;
}
/**
* Send netlink message and check & extend header values as needed.
* @arg sk Netlink socket.
* @arg msg Netlink message to be sent.
*
* Checks the netlink message \c nlh for completness and extends it
* as required before sending it out. Checked fields include pid,
* sequence nr, and flags.
*
* @see nl_send()
* @return Number of characters sent or a negative error code.
*/
int nl_send_auto_complete(struct nl_sock *sk, struct nl_msg *msg)
{
struct nl_cb *cb = sk->s_cb;
nl_auto_complete(sk, msg);
if (cb->cb_send_ow)
return cb->cb_send_ow(sk, msg);
else
return nl_send(sk, msg);
}
/**
* Send simple netlink message using nl_send_auto_complete()
* @arg sk Netlink socket.
* @arg type Netlink message type.
* @arg flags Netlink message flags.
* @arg buf Data buffer.
* @arg size Size of data buffer.
*
* Builds a netlink message with the specified type and flags and
* appends the specified data as payload to the message.
*
* @see nl_send_auto_complete()
* @return Number of characters sent on success or a negative error code.
*/
int nl_send_simple(struct nl_sock *sk, int type, int flags, void *buf,
size_t size)
{
int err;
struct nl_msg *msg;
msg = nlmsg_alloc_simple(type, flags);
if (!msg)
return -NLE_NOMEM;
if (buf && size) {
err = nlmsg_append(msg, buf, size, NLMSG_ALIGNTO);
if (err < 0)
goto errout;
}
err = nl_send_auto_complete(sk, msg);
errout:
nlmsg_free(msg);
return err;
}
/** @} */
/**
* @name Receive
* @{
*/
/**
* Receive data from netlink socket
* @arg sk Netlink socket.
* @arg nla Destination pointer for peer's netlink address.
* @arg buf Destination pointer for message content.
* @arg creds Destination pointer for credentials.
*
* Receives a netlink message, allocates a buffer in \c *buf and
* stores the message content. The peer's netlink address is stored
* in \c *nla. The caller is responsible for freeing the buffer allocated
* in \c *buf if a positive value is returned. Interruped system calls
* are handled by repeating the read. The input buffer size is determined
* by peeking before the actual read is done.
*
* A non-blocking sockets causes the function to return immediately with
* a return value of 0 if no data is available.
*
* @return Number of octets read, 0 on EOF or a negative error code.
*/
int nl_recv(struct nl_sock *sk, struct sockaddr_nl *nla,
unsigned char **buf, struct ucred **creds)
{
int n;
int flags = 0;
static int page_size = 0;
struct iovec iov;
struct msghdr msg = {
.msg_name = (void *) nla,
.msg_namelen = sizeof(struct sockaddr_nl),
.msg_iov = &iov,
.msg_iovlen = 1,
.msg_control = NULL,
.msg_controllen = 0,
.msg_flags = 0,
};
struct cmsghdr *cmsg;
if (sk->s_flags & NL_MSG_PEEK)
flags |= MSG_PEEK;
if (page_size == 0)
page_size = getpagesize();
iov.iov_len = page_size;
iov.iov_base = *buf = malloc(iov.iov_len);
if (sk->s_flags & NL_SOCK_PASSCRED) {
msg.msg_controllen = CMSG_SPACE(sizeof(struct ucred));
msg.msg_control = calloc(1, msg.msg_controllen);
}
retry:
n = recvmsg(sk->s_fd, &msg, flags);
if (!n)
goto abort;
else if (n < 0) {
if (errno == EINTR) {
NL_DBG(3, "recvmsg() returned EINTR, retrying\n");
goto retry;
} else if (errno == EAGAIN) {
NL_DBG(3, "recvmsg() returned EAGAIN, aborting\n");
goto abort;
} else {
free(msg.msg_control);
free(*buf);
return -nl_syserr2nlerr(errno);
}
}
if (iov.iov_len < n ||
msg.msg_flags & MSG_TRUNC) {
/* Provided buffer is not long enough, enlarge it
* and try again. */
iov.iov_len *= 2;
iov.iov_base = *buf = realloc(*buf, iov.iov_len);
goto retry;
} else if (msg.msg_flags & MSG_CTRUNC) {
msg.msg_controllen *= 2;
msg.msg_control = realloc(msg.msg_control, msg.msg_controllen);
goto retry;
} else if (flags != 0) {
/* Buffer is big enough, do the actual reading */
flags = 0;
goto retry;
}
if (msg.msg_namelen != sizeof(struct sockaddr_nl)) {
free(msg.msg_control);
free(*buf);
return -NLE_NOADDR;
}
for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
if (cmsg->cmsg_level == SOL_SOCKET &&
cmsg->cmsg_type == SCM_CREDENTIALS) {
*creds = calloc(1, sizeof(struct ucred));
memcpy(*creds, CMSG_DATA(cmsg), sizeof(struct ucred));
break;
}
}
free(msg.msg_control);
return n;
abort:
free(msg.msg_control);
free(*buf);
return 0;
}
#define NL_CB_CALL(cb, type, msg) \
do { \
err = nl_cb_call(cb, type, msg); \
switch (err) { \
case NL_OK: \
err = 0; \
break; \
case NL_SKIP: \
goto skip; \
case NL_STOP: \
goto stop; \
default: \
goto out; \
} \
} while (0)
static int recvmsgs(struct nl_sock *sk, struct nl_cb *cb)
{
int n, err = 0, multipart = 0;
unsigned char *buf = NULL;
struct nlmsghdr *hdr;
struct sockaddr_nl nla = {0};
struct nl_msg *msg = NULL;
struct ucred *creds = NULL;
continue_reading:
NL_DBG(3, "Attempting to read from %p\n", sk);
if (cb->cb_recv_ow)
n = cb->cb_recv_ow(sk, &nla, &buf, &creds);
else
n = nl_recv(sk, &nla, &buf, &creds);
if (n <= 0)
return n;
NL_DBG(3, "recvmsgs(%p): Read %d bytes\n", sk, n);
hdr = (struct nlmsghdr *) buf;
while (nlmsg_ok(hdr, n)) {
NL_DBG(3, "recgmsgs(%p): Processing valid message...\n", sk);
nlmsg_free(msg);
msg = nlmsg_convert(hdr);
if (!msg) {
err = -NLE_NOMEM;
goto out;
}
nlmsg_set_proto(msg, sk->s_proto);
nlmsg_set_src(msg, &nla);
if (creds)
nlmsg_set_creds(msg, creds);
/* Raw callback is the first, it gives the most control
* to the user and he can do his very own parsing. */
if (cb->cb_set[NL_CB_MSG_IN])
NL_CB_CALL(cb, NL_CB_MSG_IN, msg);
/* Sequence number checking. The check may be done by
* the user, otherwise a very simple check is applied
* enforcing strict ordering */
if (cb->cb_set[NL_CB_SEQ_CHECK])
NL_CB_CALL(cb, NL_CB_SEQ_CHECK, msg);
else if (hdr->nlmsg_seq != sk->s_seq_expect) {
if (cb->cb_set[NL_CB_INVALID])
NL_CB_CALL(cb, NL_CB_INVALID, msg);
else {
err = -NLE_SEQ_MISMATCH;
goto out;
}
}
if (hdr->nlmsg_type == NLMSG_DONE ||
hdr->nlmsg_type == NLMSG_ERROR ||
hdr->nlmsg_type == NLMSG_NOOP ||
hdr->nlmsg_type == NLMSG_OVERRUN) {
/* We can't check for !NLM_F_MULTI since some netlink
* users in the kernel are broken. */
sk->s_seq_expect++;
NL_DBG(3, "recvmsgs(%p): Increased expected " \
"sequence number to %d\n",
sk, sk->s_seq_expect);
}
if (hdr->nlmsg_flags & NLM_F_MULTI)
multipart = 1;
/* Other side wishes to see an ack for this message */
if (hdr->nlmsg_flags & NLM_F_ACK) {
if (cb->cb_set[NL_CB_SEND_ACK])
NL_CB_CALL(cb, NL_CB_SEND_ACK, msg);
else {
/* FIXME: implement */
}
}
/* messages terminates a multpart message, this is
* usually the end of a message and therefore we slip
* out of the loop by default. the user may overrule
* this action by skipping this packet. */
if (hdr->nlmsg_type == NLMSG_DONE) {
multipart = 0;
if (cb->cb_set[NL_CB_FINISH])
NL_CB_CALL(cb, NL_CB_FINISH, msg);
}
/* Message to be ignored, the default action is to
* skip this message if no callback is specified. The
* user may overrule this action by returning
* NL_PROCEED. */
else if (hdr->nlmsg_type == NLMSG_NOOP) {
if (cb->cb_set[NL_CB_SKIPPED])
NL_CB_CALL(cb, NL_CB_SKIPPED, msg);
else
goto skip;
}
/* Data got lost, report back to user. The default action is to
* quit parsing. The user may overrule this action by retuning
* NL_SKIP or NL_PROCEED (dangerous) */
else if (hdr->nlmsg_type == NLMSG_OVERRUN) {
if (cb->cb_set[NL_CB_OVERRUN])
NL_CB_CALL(cb, NL_CB_OVERRUN, msg);
else {
err = -NLE_MSG_OVERFLOW;
goto out;
}
}
/* Message carries a nlmsgerr */
else if (hdr->nlmsg_type == NLMSG_ERROR) {
struct nlmsgerr *e = nlmsg_data(hdr);
if (hdr->nlmsg_len < nlmsg_msg_size(sizeof(*e))) {
/* Truncated error message, the default action
* is to stop parsing. The user may overrule
* this action by returning NL_SKIP or
* NL_PROCEED (dangerous) */
if (cb->cb_set[NL_CB_INVALID])
NL_CB_CALL(cb, NL_CB_INVALID, msg);
else {
err = -NLE_MSG_TRUNC;
goto out;
}
} else if (e->error) {
/* Error message reported back from kernel. */
if (cb->cb_err) {
err = cb->cb_err(&nla, e,
cb->cb_err_arg);
if (err < 0)
goto out;
else if (err == NL_SKIP)
goto skip;
else if (err == NL_STOP) {
err = -nl_syserr2nlerr(e->error);
goto out;
}
} else {
err = -nl_syserr2nlerr(e->error);
goto out;
}
} else if (cb->cb_set[NL_CB_ACK])
NL_CB_CALL(cb, NL_CB_ACK, msg);
} else {
/* Valid message (not checking for MULTIPART bit to
* get along with broken kernels. NL_SKIP has no
* effect on this. */
if (cb->cb_set[NL_CB_VALID])
NL_CB_CALL(cb, NL_CB_VALID, msg);
}
skip:
err = 0;
hdr = nlmsg_next(hdr, &n);
}
nlmsg_free(msg);
free(buf);
free(creds);
buf = NULL;
msg = NULL;
creds = NULL;
if (multipart) {
/* Multipart message not yet complete, continue reading */
goto continue_reading;
}
stop:
err = 0;
out:
nlmsg_free(msg);
free(buf);
free(creds);
return err;
}
