Otherwise these tc caches would not be able to be updated
asynchronously.
Cc: Thomas Haller <thaller@redhat.com>
Cc: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
<linux/in6.h> is not compatible with some versions of <netinet/in.h>.
Cc: Susant Sahani <susant@redhat.com>
Cc: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Manually "inline" nla_memcpy() to nla_get_u64() and change the behavior
to return always zero (0) if the attribute does not contain at least
sizeof(uint64_t) bytes. Considering endianness, reading a truncated integer
does not seem to be useful and should result in a defined behavior
instead.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
If nla is not given, then tmp is not set. Explicitly initalize with 0
to prevent garbage values. Found by Clang static analyzer.
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Signed-off-by: Thomas Haller <thaller@redhat.com>
In the current form, the parentheses in these two if (...) statements
lead to err being assigned the result of nl_connect(...) < 0 and
nl_socket_set_nonblocking(...) < 0 instead of the return value of these
functions. Adjust the parentheses to assign the returned error code to
err.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
If nl_socket_alloc() failes in nl_cache_mngr_alloc() we would currently
return 0 due to the previous assignment of the err variable, even though
the failed allocation is an error condition. Fix this by setting err to
-NLE_NOMEM if nl_socket_alloc() fails.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds support for ip6 tunnel that works with
the ip6_tunnel kernel module.
Signed-off-by: Susant Sahani <susant@redhat.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
nfnlmsg_*_parse() does not assign *result on error. So this will
lead to freeing a dangling pointer.
Error found by coverity.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Fixed bug that left a dangling pointer after clearing the ifalias
property. This happened when calling 'rtnl_link_get_ifalias(link, NULL)'
on a link that has already an ifalias set.
This can cause a crash and/or a double-free.
Error found by coverity.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This check is not necessary, and also they cause coverity to
complain.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Previously coverity was complaining about a use-after-free.
This was not a real problem, because the printf statement
does not dereferenciate the pointer. Change it to avoid
the warning.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This fixes the following coverity warning:
lib/route/link/vlan.c:148:23:warning – Result of 'calloc' is converted to a pointer of type 'struct vlan_map', which is incompatible with sizeof operand type 'struct ifla_vlan_qos_mapping'
This was not a real problem, because the types are effectively
the same.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
It is proved that actions are not always put from 0,
they could be discontinuous.
http://lists.infradead.org/pipermail/libnl/2014-April/001374.html
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
In nlmsg_convert, if __nlmsg_alloc fails we can return NULL directly
instead of unnecessarily calling nlmsg_free on the NULL pointer.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
The check for !obj indicates that obj might be NULL, thus move the call
to obj_ops(obj) - which dereferences obj - after the check.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
When out-of-source build with '--disable-dependency-tracking' is
performed, the 'lib/route' and 'lib/route/cls' directories required for
flex/yacc output do not exist. As a result, the flex/yacc calls fail
with ENOENT.
Create the necessary directories explicitly via $(MKDIR_P)
in the flex/yacc rules to guarantee proper out-of-source and in-source
build.
This patch adds support for IFLA_VLAN_PROTOCOL
Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: minor fixes (whitespace, documentation, and a typo)]
Signed-off-by: Thomas Haller <thaller@redhat.com>
Instead of always trying the same order of ports when
looking for an unused port, randomize the order (naively).
As libnl-1 uses the same function, it is likely that two applications
that are using both libraries generate the same ports. By chosing a
different order how to select the local port, the chances are smaller
for this to happen (however, it cannot avoid it entirely. The user
and/or libnl3 still has to cope with the situation, that somebody
else might already use the port).
Signed-off-by: Thomas Haller <thaller@redhat.com>
It can easily happen that the generated local netlink port is alrady in
use. In that case bind will fail with ADDRINUSE.
Users of libnl3 could workaround this, by managing the local ports
themselves, but sometimes these users are libraries too and they also
don't know which ports might be used by other components.
This patch changes that nl_socket_alloc() no longer initilizes the local
port id immediately. Instead it will be initialized when the user calls
nl_socket_get_local_port() the first time and thereby shows interest in
the value.
If bind() fails with ADDRINUSE, check if the user ever cared about the
local port, i.e. whether the local port is still unset. If it is still
unset, assume that libnl should choose a suitable port and retry until
an unused port can be found.
Signed-off-by: Thomas Haller <thaller@redhat.com>
By failing inside of nl_socket_alloc(), the user can not even work around
when running out of local ports. This patch changes that if there are no more
local ports, we set the port to UINT32_MAX. This is a consistent behavior
to calling nl_socket_set_local_port(sk, 0).
In general, since nl_socket_set_local_port() does not restict the generated
ports in any way we cannot assume to have a valid port. So the check in
the constructor was harmful and users who ever encountered it (because they
created 1024 libnl3 sockets) could not even work around it.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This was a bug on architectures with native int type less then 32 bit.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch introduces sit tunnel support
Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch introduces gre tunnel support
Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch introduces ipip tunnel support. This
works with kernel module ipip.
Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
When we add an action to a filter, its lifetime becomes
same with the filter. So in case user frees it before
us, we could just grab a reference here.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
So that users could keep a refcount for the peer.
The capability trick is from Thomas Haller.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This expands functionality for manipulating conntracks over netlink by
adding other attributes to nfnl_ct_build_message(). Added a command link
program to add conntracks.
https://github.com/thom311/libnl/pull/55
[thaller@redhat.com: cleaned up whitespace from original patch]
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
rtnl_link_veth_add() is a helper API we provide, it makes sense to
set NLM_F_EXCL for it since it doesn't accept flags as a parameter.
BTW, correct an indention too.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Currently we use memcpy() to copy the peer rtnl_link for veth device,
this is wrong, we should do deep copy by calling nl_object_clone()
recursively. We should be careful and need to make sure we only call
it once.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
So that veth link can be just put by rtnl_link_put()
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Users don't have to call rtnl_link_veth_alloc(), instead
use generic rtnl_link_set_type().
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
We need to call link-specific ->io_alloc() to alloc
addtional structures.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
mirred action should accept all TC_ACT* policy
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Older kernels don't accept receiving unknown netlink attributes.
See net/core/rtnetlink.c, rtnetlink_rcv_msg(). This was fixed by kernel
commit 661d2967b3f1b34eeaa7e212e7b9bbe8ee072b59.
As a workaround, only set the additional attributes, when the user
provided flags that makes this necessary and useful.
https://github.com/thom311/libnl/issues/56https://bugzilla.redhat.com/show_bug.cgi?id=1063885
Based-on-patch-by: Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Take 'include/uapi/linux/ip.h' from current kernel v3.13
(commit d8ec26d7f8287f5788a494f56e8814210f0e64be).
Also add three new IPV4_DEVCONF_* names.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Take 'include/uapi/linux/snmp.h' from current kernel v3.13
(commit d8ec26d7f8287f5788a494f56e8814210f0e64be).
The header file added new values for IPSTATS_MIB_* and ICMP6_MIB_*, but
more importantly, the kernel broke user space API by reordering enum values in
IPSTATS_MIB_*. Add a workaround when parsing IFLA_PROTINFO trying to
be compatible with both older and newer kernels.
Note that this workaround might fail for some specific kernel versions by
assuming the old enum value mapping, although the kernel version already
contains the API change. In this case rtnl_link_get_stat() mixes up
values.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
If the netlink message for IFLA_INET_CONF contains less then
IPV4_DEVCONF_MAX entires, the last entries in i_conf are unset.
Modify rtnl_link_inet_get_conf() to return -EINVAL when accessing
an unset cfgid.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
