/**
* Delete a neighbour
* @arg handle netlink handle
* @arg neigh neighbour to delete
*
* Builds a netlink message by calling rtnl_neigh_build_delete_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_neigh_delete(struct nl_handle *handle, struct rtnl_neigh *neigh)
{
int err;
struct nl_msg *m = rtnl_neigh_build_delete_request(neigh);
if ((err = nl_send_auto_complete(handle, nl_msg_get(m))) < 0)
return err;
nl_msg_free(m);
return nl_wait_for_ack(handle);
}
/**
* Add a new rule
* @arg handle netlink handle
* @arg tmpl template with requested changes
*
* Builds a netlink message by calling rtnl_rule_build_add_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_rule_add(struct nl_handle *handle, struct rtnl_rule *tmpl)
{
int err;
struct nl_msg *m = rtnl_rule_build_add_request(tmpl);
if ((err = nl_send_auto_complete(handle, nl_msg_get(m))) < 0)
return err;
nl_msg_free(m);
return nl_wait_for_ack(handle);
}
static struct nl_msg * build_neigh_msg(struct rtnl_neigh *tmpl, int cmd,
int flags)
{
struct nl_msg *m;
struct nlmsghdr n = {
.nlmsg_type = cmd,
.nlmsg_flags = flags,
};
struct ndmsg nm = {
.ndm_ifindex = tmpl->n_ifindex,
.ndm_family = tmpl->n_dst.a_family,
.ndm_state = tmpl->n_state,
};
m = nl_msg_build(&n);
nl_msg_append_raw(m, &nm, sizeof(nm));
nl_msg_append_tlv(m, NDA_DST, &tmpl->n_dst.a_addr, tmpl->n_dst.a_len);
if (tmpl->n_mask & NEIGH_HAS_LLADDR)
nl_msg_append_tlv(m, NDA_LLADDR, &tmpl->n_lladdr.a_addr,
tmpl->n_lladdr.a_len);
return m;
}
/**
* Build netlink request message to add a new neighbour
* @arg tmpl template with data of new neighbour
*
* Builds a new netlink message requesting a addition of a new
* neighbour. The netlink message header isn't fully equipped with
* all relevant fields and must thus be sent out via nl_send_auto_complete()
* or supplemented as needed. \a tmpl must contain the attributes of the new
* neighbour set via \c rtnl_neigh_set_* functions.
*
* The following attributes must be set in the template:
* - Interface index (rtnl_neigh_set_ifindex())
* - State (rtnl_neigh_set_state())
* - Destination address (rtnl_neigh_set_dst())
* - Link layer address (rtnl_neigh_set_lladdr())
*
* @return The netlink message
*/
struct nl_msg * rtnl_neigh_build_add_request(struct rtnl_neigh *tmpl)
{
return build_neigh_msg(tmpl, RTM_NEWNEIGH, NLM_F_CREATE);
}
/**
* Add a new neighbour
* @arg handle netlink handle
* @arg tmpl template with requested changes
*
* Builds a netlink message by calling rtnl_neigh_build_add_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* The following attributes must be set in the template:
* - Interface index (rtnl_neigh_set_ifindex())
* - State (rtnl_neigh_set_state())
* - Destination address (rtnl_neigh_set_dst())
* - Link layer address (rtnl_neigh_set_lladdr())
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_neigh_add(struct nl_handle *handle, struct rtnl_neigh *tmpl)
{
int err;
struct nl_msg *m = rtnl_neigh_build_add_request(tmpl);
if ((err = nl_send_auto_complete(handle, nl_msg_get(m))) < 0)
return err;
nl_msg_free(m);
return nl_wait_for_ack(handle);
}
/**
* Send a netlink message.
* @arg handle netlink handle
* @arg nmsg netlink message
* @return see sendmsg(2)
*/
int nl_send(struct nl_handle *handle, struct nlmsghdr *nmsg)
{
struct nl_cb *cb;
struct iovec iov = {
.iov_base = (void *) nmsg,
.iov_len = nmsg->nlmsg_len,
};
struct msghdr msg = {
.msg_name = (void *) &handle->h_peer,
.msg_namelen = sizeof(struct sockaddr_nl),
.msg_iov = &iov,
.msg_iovlen = 1,
};
cb = &handle->h_cb;
if (cb->cb_msg_out)
if (cb->cb_msg_out(nmsg, cb->cb_msg_out_arg) != NL_PROCEED)
return 0;
return sendmsg(handle->h_fd, &msg, 0);
}
/**
* Send a netlink message and check & extend needed header values
* @arg handle netlink handle
* @arg nmsg netlink message
*
* Checks the netlink message \c nmsg for completness and extends it
* as required before sending it out. Checked fields include pid,
* sequence nr, and flags.
*
* @return see sendmsg(2)
*/
int nl_send_auto_complete(struct nl_handle *handle, struct nlmsghdr *nmsg)
{
if (nmsg->nlmsg_pid == 0)
nmsg->nlmsg_pid = handle->h_local.nl_pid;
if (nmsg->nlmsg_seq == 0)
nmsg->nlmsg_seq = handle->h_seq_next++;
nmsg->nlmsg_flags |= (NLM_F_REQUEST | NLM_F_ACK);
if (handle->h_cb.cb_send_ow)
return handle->h_cb.cb_send_ow(handle, nmsg);
else
return nl_send(handle, nmsg);
}
/**
* Send a netlink request message
* @arg handle netlink handle
* @arg type message type
* @arg flags message flags
*
* Fills out a netlink request message and sends it out using
* nl_send_auto_complete()
*
* @return See sendmsg(2)
*/
int nl_request(struct nl_handle *handle, int type, int flags)
{
struct nlmsghdr n = {
.nlmsg_len = NLMSG_LENGTH(0),
.nlmsg_type = type,
.nlmsg_flags = flags,
};
return nl_send_auto_complete(handle, &n);
}
/**
* Send a netlink request message with data.
* @arg handle netlink handle
* @arg type message type
* @arg flags message flags
* @arg buf data buffer
* @arg len length of data
*
* Fills out a netlink request message, appends the data to the tail
* and sends it out using nl_send_auto_complete().
*
* @return See sendmsg(2)
*/
int nl_request_with_data(struct nl_handle *handle, int type, int flags,
unsigned char *buf, size_t len)
{
int err = 0;
struct nl_msg *m;
struct nlmsghdr n = {
.nlmsg_len = NLMSG_LENGTH(0),
.nlmsg_type = type,
.nlmsg_flags = flags,
};
m = nl_msg_build(&n);
nl_msg_append_raw(m, buf, len);
err = nl_send_auto_complete(handle, m->nmsg);
nl_msg_free(m);
return err;
}
/** @} */
/**
* @name Receive
* @{
*/
/**
* Receive a netlink message from netlink socket.
* @arg handle netlink handle
* @arg nla target pointer for peer's netlink address
* @arg buf target pointer for message content.
*
* Receives a netlink message, allocates a buffer in \c *buf and
* stores the message content. The peer's netlink address is stored
* in \c *nla. The caller is responsible for freeing the buffer allocated
* in \c *buf if a positive value is returned. Interruped system calls
* are handled by repeating the read. The input buffer size is determined
* by peeking before the actual read is done.
*
* A non-blocking sockets causes the function to return immediately if
* no data is available.
*
* @return Number of octets read, 0 on EOF or a negative error code.
*/
int nl_recv(struct nl_handle *handle, struct sockaddr_nl *nla, unsigned char **buf)
{
int n;
int flags = MSG_PEEK;
struct iovec iov = {
.iov_len = 4096,
};
struct msghdr msg = {
.msg_name = (void *) nla,
.msg_namelen = sizeof(sizeof(struct sockaddr_nl)),
.msg_iov = &iov,
.msg_iovlen = 1,
.msg_control = NULL,
.msg_controllen = 0,
.msg_flags = 0,
};
iov.iov_base = *buf = calloc(1, iov.iov_len);
retry:
if ((n = recvmsg(handle->h_fd, &msg, flags)) <= 0) {
if (!n)
goto abort;
else if (n < 0) {
if (errno == EINTR)
goto retry;
else if (errno == EAGAIN)
goto abort;
else {
free(*buf);
return nl_error(errno, "recvmsg failed");
}
}
}
if (iov.iov_len < n) {
/* Provided buffer is not long enough, enlarge it
* and try again. */
iov.iov_len *= 2;
iov.iov_base = *buf = realloc(*buf, iov.iov_len);
goto retry;
} else if (flags != 0) {
/* Buffer is big enough, do the actual reading */
flags = 0;
goto retry;
}
if (msg.msg_namelen != sizeof(struct sockaddr_nl)) {
free(*buf);
return nl_error(EADDRNOTAVAIL, "socket address size mismatch");
}
return n;
abort:
free(*buf);
return 0;
}
/**
* Receive a set of messages from a netlink socket.
* @arg handle netlink handle
* @arg cb set of callbacks to control the behaviour.
*
* Repeatedly calls nl_recv() and parses the messages as netlink
* messages. Stops reading if one of the callbacks returns
* NL_EXIT or nl_recv returns either 0 or a negative error code.
*
* A non-blocking sockets causes the function to return immediately if
* no data is available.
*
* @return 0 on success or a negative error code from nl_recv().
* @see \ref Handlers
*/
int nl_recvmsgs(struct nl_handle *handle, struct nl_cb *cb)
{
int n, err = 0;
unsigned char *buf = NULL;
struct nlmsghdr *hdr;
struct sockaddr_nl nla = {0};
continue_reading:
if (cb->cb_recv_ow)
n = cb->cb_recv_ow(handle, &nla, &buf);
else
n = nl_recv(handle, &nla, &buf);
if (n <= 0)
return n;
hdr = (struct nlmsghdr *) buf;
while (NLMSG_OK(hdr, n)) {
/* Raw callback is the first, it gives the most control
* to the user and he can do his very own parsing. */
if (cb->cb_msg_in) {
err = cb->cb_msg_in(&nla, hdr, cb->cb_msg_in_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
}
/* Sequence number checking. The check may be done by
* the user, otherwise a very simple check is applied
* enforcing strict ordering */
if (cb->cb_seq_check) {
err = cb->cb_seq_check(&nla, hdr, cb->cb_seq_check_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
} else if (hdr->nlmsg_seq != handle->h_seq_expect) {
if (cb->cb_invalid) {
err = cb->cb_invalid(&nla, hdr,
cb->cb_invalid_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
} else
goto out;
}
if (hdr->nlmsg_type == NLMSG_DONE ||
hdr->nlmsg_type == NLMSG_ERROR ||
hdr->nlmsg_type == NLMSG_NOOP ||
hdr->nlmsg_type == NLMSG_OVERRUN) {
/* We can't check for !NLM_F_MULTI since some netlink
* users in the kernel are broken. */
handle->h_seq_expect++;
}
/* Other side wishes to see an ack for this message */
if (hdr->nlmsg_flags & NLM_F_ACK) {
if (cb->cb_send_ack) {
err = cb->cb_send_ack(&nla, hdr,
cb->cb_send_ack_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
} else {
/* FIXME: implement */
}
}
/* messages terminates a multpart message, this is
* usually the end of a message and therefore we slip
* out of the loop by default. the user may overrule
* this action by skipping this packet. */
if (hdr->nlmsg_type == NLMSG_DONE) {
if (cb->cb_finish) {
err = cb->cb_finish(&nla, hdr,
cb->cb_finish_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
}
goto out;
}
/* Message to be ignored, the default action is to
* skip this message if no callback is specified. The
* user may overrule this action by returning
* NL_PROCEED. */
else if (hdr->nlmsg_type == NLMSG_NOOP) {
if (cb->cb_skipped) {
err = cb->cb_skipped(&nla, hdr,
cb->cb_skipped_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
} else
goto skip;
}
/* Data got lost, report back to user. The default action is to
* quit parsing. The user may overrule this action by retuning
* NL_SKIP or NL_PROCEED (dangerous) */
else if (hdr->nlmsg_type == NLMSG_OVERRUN) {
if (cb->cb_overrun) {
err = cb->cb_overrun(&nla, hdr,
cb->cb_overrun_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
} else
goto out;
}
/* Message carries a nlmsgerr */
else if (hdr->nlmsg_type == NLMSG_ERROR) {
struct nlmsgerr *e = (struct nlmsgerr*) NLMSG_DATA(hdr);
if (hdr->nlmsg_len < NLMSG_LENGTH(sizeof(*e))) {
/* Truncated error message, the default action
* is to stop parsing. The user may overrule
* this action by returning NL_SKIP or
* NL_PROCEED (dangerous) */
if (cb->cb_invalid) {
err = cb->cb_invalid(&nla, hdr,
cb->cb_invalid_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
} else
goto out;
} else if (e->error) {
/* Error message reported back from kernel. */
if (cb->cb_error) {
err = cb->cb_error(&nla, e,
cb->cb_error_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
} else
goto out;
} else if (cb->cb_ack) {
/* ACK */
err = cb->cb_ack(&nla, hdr, cb->cb_ack_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
}
} else {
/* Valid message (not checking for MULTIPART bit to
* get along with broken kernels. NL_SKIP has no
* effect on this. */
if (cb->cb_valid) {
err = cb->cb_valid(&nla, hdr, cb->cb_valid_arg);
if (err == NL_SKIP)
goto skip;
else if (err == NL_EXIT || err < 0)
goto out;
}
}
skip:
hdr = NLMSG_NEXT(hdr, n);
}
if (buf) {
free(buf);
buf = NULL;
}
/* Multipart message not yet complete, continue reading */
goto continue_reading;
out:
if (buf)
free(buf);
return err;
}
/**
* Receive a set of message from a netlink socket using handlers in nl_handle.
* @arg handle netlink handle
*
* Calls nl_recvmsgs() with the handlers configured in the netlink handle.
*
* @see \ref Handlers
*/
int nl_recvmsgs_def(struct nl_handle *handle)
{
if (handle->h_cb.cb_recvmsgs_ow)
return handle->h_cb.cb_recvmsgs_ow(handle, &handle->h_cb);
else
return nl_recvmsgs(handle, &handle->h_cb);
}
static int ack_wait_handler(struct sockaddr_nl *who, struct nlmsghdr *n,
void *arg)
{
return NL_EXIT;
}
/**
* Wait for ACK.
* @arg handle netlink handle
* @pre The netlink socket must be in blocking state.
*
* Waits until an ACK is received for the latest not yet acknoledged
* netlink message.
*/
int nl_wait_for_ack(struct nl_handle *handle)
{
struct nl_cb cb;
memcpy(&cb, &handle->h_cb, sizeof(cb));
cb.cb_ack = ack_wait_handler;
return nl_recvmsgs(handle, &cb);
}
/** @} */
/**
* @name Netlink Family Translations
* @{
*/
static struct trans_tbl nlfamilies[] = {
__ADD(NETLINK_ROUTE,route)
__ADD(NETLINK_SKIP,skip)
__ADD(NETLINK_USERSOCK,usersock)
__ADD(NETLINK_FIREWALL,firewall)
__ADD(NETLINK_TCPDIAG,tcpdiag)
__ADD(NETLINK_NFLOG,nflog)
__ADD(NETLINK_XFRM,xfrm)
__ADD(NETLINK_SELINUX,selinux)
__ADD(NETLINK_ARPD,arpd)
__ADD(NETLINK_AUDIT,audit)
__ADD(NETLINK_ROUTE6,route6)
__ADD(NETLINK_IP6_FW,ip6_fw)
__ADD(NETLINK_DNRTMSG,dnrtmsg)
__ADD(NETLINK_KOBJECT_UEVENT,kobject_uevent)
__ADD(NETLINK_TAPBASE,tapbase)
};
/**
* Convert a netlink family to a character string (Reentrant).
* @arg family netlink family
* @arg buf destination buffer
* @arg len buffer length
*
* Converts a netlink family to a character string and stores it in
* the specified destination buffer.
*
* @return The destination buffer or the family encoded in hexidecimal
* form if no match was found.
*/
char * nl_nlfamily2str_r(int family, char *buf, size_t len)
{
return __type2str_r(family, buf, len, nlfamilies,
ARRAY_SIZE(nlfamilies));
}
/**
* Convert a netlink family to a character string.
* @arg family netlink family
*
* Converts a netlink family to a character string and stores it in a
* static buffer.
*
* @return A static buffer or the family encoded in hexidecimal
* form if no match was found.
* @attention This funnction is NOT thread safe.
*/
char * nl_nlfamily2str(int family)
{
static char buf[32];
memset(buf, 0, sizeof(buf));
return __type2str_r(family, buf, sizeof(buf), nlfamilies,
ARRAY_SIZE(nlfamilies));
}
/**
* Convert a character string to a netlink family
* @arg name name of netlink family
*
* Converts the provided character string specifying a netlink
* family to the corresponding numeric value.
*
* @return Netlink family negative value if none was found.
*/
int nl_str2nlfamily(const char *name)
{
return __str2type(name, nlfamilies, ARRAY_SIZE(nlfamilies));
}
/**
* The kernel will return an operation not permitted error, because
* we don't have necessary permissions for this request.
* Anyway, this checks the basic send, receive, allocate functionality.
*/
int main(void)
{
logf_register(&logf_test_write, stdout);
DEBUG("Unit Test: nl.test.c");
/* Open two sockets in order to check if message transmission works though */
DEBUG("Open two sockets");
nl_sock_t *sock1 = nl_sock_routing_new();
nl_sock_t *sock2 = nl_sock_routing_new();
ASSERT(sock1 && sock2);
DEBUG("Check socket properties");
/* main point: different pids of the fd's */
ASSERT(sock1->fd != sock2->fd);
ASSERT(sock1->local.nl_family == AF_NETLINK);
ASSERT(sock1->local.nl_pid == (unsigned int) getpid());
ASSERT(sock1->local.nl_pid != sock2->local.nl_pid);
print_sock(sock1);
print_sock(sock2);
/* Allocate a request message */
nl_msg_t *msg1 = nl_msg_new(NL_MSG_DEFAULT_SIZE);
ASSERT(msg1);
ASSERT(msg1->nlmsghdr.nlmsg_seq == 0 && msg1->nlmsghdr.nlmsg_pid == 0);
print_msghdr(&msg1->nlmsghdr);
DEBUG("Request message allocated, preparing now...");
/* Prepare request message */
{
char* veth1 = "veth0";
char* veth2 = "veth1";
struct ifinfomsg link_req = {
.ifi_family = AF_INET
};
struct rtattr *attr1, *attr2, *attr3;
/* Fill netlink message header */
ASSERT(nl_msg_set_type(msg1, RTM_NEWLINK) == 0);
/* Set appropriate flags for request, creating new object, exclusive access and acknowledgment response */
ASSERT(nl_msg_set_flags(msg1,NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL |
NLM_F_ACK) == 0);
/* Fill link request header of request message */
ASSERT(nl_msg_set_link_req(msg1, &link_req) == 0);
DEBUG("Print linked/lengthed msg:");
print_msg(msg1);
/* Add the corresponding attributes to the netlink header */
attr1 = nl_msg_start_nested_attr(msg1, IFLA_LINKINFO);
ASSERT(attr1);
/* Set link type */
ASSERT(nl_msg_add_string(msg1, IFLA_INFO_KIND, "veth") == 0);
/* Add nested attributes for INFO and PEER */
attr2 = nl_msg_start_nested_attr(msg1, IFLA_INFO_DATA);
ASSERT(attr2);
attr3 = nl_msg_start_nested_attr(msg1, VETH_INFO_PEER);
ASSERT(attr3);
/* VETH_INFO_PEER carries struct ifinfomsg plus optional IFLA
attributes. A minimal size of sizeof(struct ifinfomsg) must be
enforced or we may risk accessing that struct beyond the limits
of the netlink message */
ASSERT(nl_msg_expand_len(msg1, sizeof(struct ifinfomsg)) == 0);
/* Set veth2 name */
ASSERT(nl_msg_add_string(msg1, IFLA_IFNAME, veth2) == 0);
/* Close nested attributes */
ASSERT(nl_msg_end_nested_attr(msg1, attr3) == 0);
ASSERT(nl_msg_end_nested_attr(msg1, attr2) == 0);
ASSERT(nl_msg_end_nested_attr(msg1, attr1) == 0);
/* Set veth1 name */
ASSERT(nl_msg_add_string(msg1, IFLA_IFNAME, veth1) == 0);
}
DEBUG("Send and rec. this completely initialized msg.:");
print_msg(msg1);
/* Send request message and wait for the response message */
nl_msg_send_kernel_verify(sock2, msg1);
DEBUG("Message should have nlmsg_pid and nlmsg_seq set after transmission");
print_msg(msg1);
/* seq. number set to socket fd to associate socket to message */
ASSERT(msg1->nlmsghdr.nlmsg_seq == (unsigned int) sock2->fd);
DEBUG("Sent and received, errno is: %d", errno);
ASSERT(errno == 1);
DEBUG("uevent shall be creatable but not configurable, as the permissions are not given:");
nl_sock_t *sock3 = nl_sock_uevent_new();
ASSERT(sock3 == NULL);
// free socks&msg
nl_msg_free(msg1);
nl_sock_free(sock1);
nl_sock_free(sock2);
return 0;
}
