Commit graph

471 commits

Author SHA1 Message Date
Thomas Graf
4a793a4235 link: Hold af_ops reference for each AF_SPEC block during lifetime of link object
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-02-05 13:46:42 +01:00
Thomas Graf
e5767684a6 link: Modify link policy on the stack
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-02-05 13:21:10 +01:00
Thomas Graf
2d36371aa1 link: Keep reference to af_ops during lifetime of link object
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-02-05 13:18:25 +01:00
Thomas Graf
8b8e26b333 link: Fix af_ops leak on ENOMEM
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-02-05 13:03:02 +01:00
Holger Dengler
506020ae99 can: Fix nested message creation in can_put_attrs()
Signed-off-by: Benedikt Spranger <b.spranger@linutronix.de>
Signed-off-by: Holger Dengler <dengler@linutronix.de>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-02-01 12:24:37 +01:00
Thomas Graf
8571f58f23 neigh: Remove check for AF_UNSPEC in rtnl_neigh_get()
This check was introduces to not accidently return AF_BRIDGE objects
to unaware API users as they do differ in structure. However, such
objects are only available if explicitely requests using the
NL_CACHE_AF_ITER flag or by using arg1 == AF_BRIDGE for the cache.

Therefore remove this check and allow rtnl_neigh_get() to be used to
fetch any neighbor object of a cache.

Reported-by: Maxime Bizon <mbizon@freebox.fr>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-02-01 10:45:01 +01:00
Thomas Graf
87458abbd0 Fix mask calculation in nl_addr_cmp_prefix()
Signed-off-by: Malte Langermann <mlangermann@radiodata.biz>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-31 10:59:10 +01:00
Thomas Graf
73cb5f57ba Merge branch 'nattuple' of https://github.com/rmfought/libnl 2013-01-31 10:47:58 +01:00
roopa
b06c23a9dd link cache: remove AF_UNSPEC check in rtnl_get_link and rtnl_get_link_by_name
This patch reverts back the AF_UNSPEC check introduced by AF_BRIDGE
changes at http://lists.infradead.org/pipermail/libnl/2012-November/000796.html

After the addition of AF_BRIDGE support, link cache can now contain objects of
type AF_BRIDGE. To make sure existing api's did not return AF_BRIDGE objects
and surprise existing callers, I introduced the check for AF_UNSPEC.

But from what Andy Wang reported, rtnl_link_get_by_name returns the first
link object with matching ifindex and that could have not only been AF_UNSPEC
but also of family AF_INET6. And his app always got an AF_INET6 object prior
to the patch that introduced the AF_UNSPEC check.

I could just add AF_INET6 family check along with AF_UNSPEC in the apis and that
should work well.

But thinking about it some more, removing the AF_UNSPEC change seems to be safer at
this point. That way this api will retain its semantics and return the first object
with matching ifindex. It could be of any supported family. The user will know if the
cache contains bridge objects, because they are available only with the cache flag
NL_CACHE_AF_ITER. Besides, if new users want to search for a specific object,
nl_cache_find is a better option.

Reported-by: Andy Wang <Andy.Wang@watchguard.com>
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-31 10:09:12 +01:00
Rich Fought
4f088d38ae netfilter: correct error in construction of NAT tuple 2013-01-29 15:10:01 -08:00
Benedikt Spranger
6cc5fdc0e9 can: add helper function to get CAN bus state
Add a helper function to get the CAN bus state.

Signed-off-by: Benedikt Spranger <b.spranger@linutronix.de>
2013-01-25 19:51:33 +01:00
Thomas Graf
4cb375a812 Merge pull request #29 from rmfought/natdir32
netfilter: expectation NAT direction is 32 bit attribute
2013-01-24 08:32:35 -08:00
Rich Fought
87244f739c netfilter: keep 8-bit API for 32-bit NAT dir attribute 2013-01-24 08:18:35 -08:00
Thomas Graf
9680f910f4 Move private header files to <netlink-private/*>
This clarifies the seperation between public and private
header files.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-24 13:51:24 +01:00
Rich Fought
56352ab9f6 netfilter: expectation NAT direction is 32 bit attribute 2013-01-23 13:59:27 -08:00
roopa
1481f97d36 route cache: This patch adds route priority to route object oo_id_attrs
The kernel allows multiple entries in the main table which differ in the
priority value. In libnl currently, since priority is not part of the base
netlink route message, it is not used as part of the key. This patch
includes priority in the key/oo_id_attrs and defaults the value to zero
for messages where priority is not included.

One point to note is that the actual selection of route from multiple
options is done implicitly in the kernel by storing the routes in sort
priority order, but there is no explicit communication to a client of libnl
of that.

Signed-off-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-23 11:02:51 +01:00
Thomas Graf
5291af6fb5 link: fix reference leak in rtnl_link_af_data_compare()
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-18 14:49:33 +01:00
roopa
5c3f2f015a link: Add af data compare to link objects
Today the link compare function does not
compare af data of a link. We have found a
need for this to get approriate change callbacks
when af_data of a link changes.

This patch adds support to compare af_data
to link_compare function. This patch today
only adds support to compare af_data set by
PROTINFO attributes. It can be extended to
support compares of af_data set by AF_SPEC
attributes

It has been tested for AF_BRIDGE objects.
In case of AF_BRIDGE objects, this helps with
bridge port change notification callbacks.

Signed-off-by: Wilson Kok <wkok@cumulusnetworks.com>
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-18 14:42:18 +01:00
roopa
99399ca9c0 Add new rtnl_link_af_data_compare function to compare af_data
This patch adds a new api rtnl_linl_af_data_compare to
compare link af_data

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-18 14:41:58 +01:00
roopa
310ec86b39 Add ao_compare support to bridge family af_data
This patch adds support for ao_compare operation
to bridge link af data operations.

Adds field ce_mask to struct bridge_data to work
with the ATTR attributes. I can submit separate
patches to introduce mask field to ATTR macros.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Wilson Kok <wkok@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-12 11:38:35 +01:00
roopa
b1ebda9241 cache: Add new nl_cache_find api
This patch adds new cache find api

nl_cache_find api was suggested by Thomas.

Unlike nl_cache_search, this patch uses
nl_object_match_filter() to look for an
object match.

Am not sure this matches what was decided
on the list few weeks back. I will be happy
to make any changes.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-11 13:52:50 +01:00
Flavio Leitner
3540e44b15 link: add carrier support
Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-11 13:44:47 +01:00
mihai.dontu@gmail.com
ba38f39198 cache: make sure the user has specified a callback
In cache_include(), the user callback is used even though one might not
have been specified, leading to a crash. This happens, for example, when
NetworkManager calls nl_cache_include() with the change_cb argument set
to NULL. Fix it by making sure the callback points to a valid address.

Signed-off-by: Mihai Dontu <mihai.dontu@gmail.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-06 14:22:15 +01:00
Eric Paris
5d53626100 nlmsg_ok comparison between signed and unsigned
The nlmsg_ok macro has a comparison between an int and a size_t
(unsigned int).  The C spec says the int is cast to unsigned int before
the comparison.  This is a problem as the audit system will send skb's
with skb->len == nlhhdr->nlmsg_len which are NOT aligned.  Thus you can
end up with remaining being negative.  So the comparison becomes

(unsigned int)(-1) >= (unsigned int)16

Which turns out to be true!  It should clearly be false.  So if we cast
the size_t to an int we get a signed comparison and it works.  (This is
what linux/netlink.h and all of the kernel netlink headers do)

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2013-01-04 00:35:18 +01:00
Thomas Jarosch
6971932254 Fix file descriptor leak on error
Detected by cppcheck

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-12-27 13:20:18 +01:00
Thomas Graf
de213328f8 cache: Take cache_ops lock when modifying cache ops flags
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-12-27 13:19:04 +01:00
roopa
96bb7c9a4c cache pickup: Avoid duplicates during cache pickup
This patch adds search and replace/update functionality
to cache pickup_cb. This change is required to avoid
duplicates getting into the cache during pickup. Also
helps updating existing objects during cache pickup.
We have seen this in cases of ipv6 equal cost multipath
routes

changes v1 to v2:
	- Updated documentation

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2012-12-21 13:30:21 +01:00
roopa
20a051237c Bug Fix: cache_include: Fix object ref release after successful object update
The current code does a rtnl_link_put on new object instead of
old object. This patch fixes it. None of the caches have support
for object update, so this should not have affected anyone yet.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
2012-12-17 16:46:58 +01:00
roopa
29b71371e7 route cache: Fix handling of ipv6 multipath routes
There are two ways kernel handles ipv6 equal cost multipath routes
depending on which kernel version you are looking at.

older kernels without ipv6 ECMP support, accept the below ECMP routes,
#ip -6 route add 2001::/16 nexthop via fe80:2::2 dev swp1
#ip -6 route add 2001::/16 nexthop via fe80:2::3 dev swp1

store them as separate routes and pick the last one during lookup.

Newer kernels, after the support for equal cost multipath routes
was added http://patchwork.ozlabs.org/patch/188562/,
now accept multipath routes added individually using the
above 'ip -6 route' format OR
sent using RTA_MULTIPATH with the below command
#ip -6 route add 2001::/16 nexthop via fe80:2::2 dev swp1 nexthop via fe80:2::3 dev swp1

And the kernel now stores and treats them as equal cost multipath routes
during lookups.

However in all cases above, netlink notifications to ipv6 ECMP route adds and deletes
come separately for each next hop.

Example libnl notification in the above case with both old and new kernels:
	inet6 2001::/16 table main type unicast
                scope global priority 0x400 protocol boot
                nexthop via fe80:2::2 dev swp1

        inet6 2001::/16 table main type unicast
                scope global priority 0x400 protocol boot
                nexthop via fe80:2::3 dev swp1

Since they are separate route notifications for objects with same key,
libnl replaces the existing ones and hence only the last route update sticks.

This patch uses the oo_update feature to not replace but update an
existing route if its a ipv6 equal cost multipath route.
The object after an update looks like the below (similar to ipv4 ECMP routes):

        inet6 2001::/16 table main type unicast
                scope global priority 0x400 protocol boot
                nexthop via fe80:2::2 dev swp1
                nexthop via fe80:2::3 dev swp1

Signed-off-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com>
Reviewed-by: Wilson Kok <wkok@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-12-17 15:16:02 +01:00
Benedikt Spranger
c86088ff01 link: socket-CAN helper functions
Add helper functions to make socket-CAN configuration easy.

Signed-off-by: Benedikt Spranger <b.spranger@linutronix.de>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-29 22:17:58 +01:00
Benedikt Spranger
5251188673 link: basic socket-CAN support
Controller Area Network (CAN) is a networking technology which has
widespread use in automation, embedded devices and automotive fields.
The socket-CAN package is an implementation of CAN protocols for Linux.

All socket-CAN related configurations are carried out through Netlink.
Add basic socket-CAN support to libnl to be able to configure CAN devices
with libnl.

Signed-off-by: Benedikt Spranger <b.spranger@linutronix.de>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-29 22:17:58 +01:00
Jan Engelhardt
ab7f42e0bc build: resolve lex failure
This is an addendum to 0a9d5fcfa4,
which forgot to change ${LEX} to ${FLEX} in lib/Makefile.am.

On openSUSE, /usr/bin/lex is a wrapper that calls `flex -l ...`.
libnl however requires flex, not lex or a compat mode thereof,
so using ${FLEX} is the proper thing to do.

Signed-off-by: Jan Engelhardt <jengelh@inai.de>
2012-11-27 09:57:42 +01:00
Thomas Graf
4149154c22 cache: only continue iterating over co_groups if it is available
A co_groups == NULL must enter the loop to trigger the initial
fill of the cache but may never bump the grp pointer as doing
so prevents the loop from being escaped correctly.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-26 11:50:56 +01:00
roopa
4d94ed5f6b Bug Fix: Add new fill socket to cache manager
This patch adds a new socket to cache manager to request fill's on.
cache manager today uses cm_sock to request dump from
the kernel. It also listens to netlink async events on the same sock.
The problem with this is that when libnl is waiting to process the
response to get dump request sent to the kernel during fill,
it may receive an async event, resulting in libnl complaining about
unexpected msg

This is usually reproducible when there is heavy netlink async event
traffic during nl_cache_mngr_add.

This patch adds a new cm_sync_sock to use for fill during cache manager
add cache.

The other option is to provide an api to set the cm_sync_sock. But since
this is a bug fix its probably better to fix the cache manager add api
like this patch does. Please suggest otherwise.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com>
Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-19 10:15:04 +01:00
Thomas Graf
00132b4696 cache: provide safe variant of nl_cache_mngt_require() and use it
This makes runtime removal of cache operations possible if non-safe
API is not in use by application. The non-safe API will be removed
in the next major version.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-16 01:11:55 +01:00
Thomas Graf
23c4ef67c7 Use NL_DBG() instead of printing warnings and errors to stderr
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-16 00:42:34 +01:00
Thomas Graf
235aa7ff17 cache: hold a reference to the cache ops while a cache is provided over it
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-16 00:29:58 +01:00
Thomas Graf
cb82c2a545 use safe cache lookup variants internally
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-16 00:29:58 +01:00
Thomas Graf
2b3912a320 cache: Provide safe versions of nl_cache_ops_associate() and nl_cache_ops_lookup()
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-16 00:19:38 +01:00
Thomas Graf
1a2c3e36a8 cache: Add reference counter to cache operations
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-16 00:17:50 +01:00
Thomas Graf
74926f92dd link: Protect registration of af and link ops with rwlock
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-15 22:33:23 +01:00
Thomas Graf
f5af5c5ecd cache: rwlock accesses to cache operations
Puts an rwlock around 'cache_ops'.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-15 21:42:02 +01:00
Thomas Graf
20efa14e5c lock abstraction layer
Hide pthread availability and enablement behind internal API

Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-15 21:30:57 +01:00
Thomas Graf
3ed1f9ab5f cache: Hold cache reference while a cache is being provided
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-15 20:49:33 +01:00
Thomas Graf
c658a6eef8 cache: Add reference counter to caches
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-15 20:45:44 +01:00
roopa
cb25338ac3 Add master support to rtnl_neigh for AF_BRIDGE objects
AF_BRIDGE neigh objects can be uniquely identified by
the family, lladdr and bridge ifindex. This patch adds
bridge ifindex to AF_BRIDGE neigh objects.

Things will be ok even without this patch with just family and
lladdr if we assume that we will have unique lladdr's
accross bridges in a system.

Kernel does not send the bridge ifindex in the AF_BRIDGE
fdb/neigh message. This patch tries to get that info by a
link cache lookup and adds it to the bridge neigh object

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com>
Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Reviewed-by: Wilson Kok <wkok@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-15 19:42:47 +01:00
roopa
64fcb47a36 Add AF_BRIDGE support to neigh cache
This patch adds AF_BRIDGE to the list of families
supported by the cache. Implements oo_id_attrs_get to
declare separate id attributes for AF_UNSPEC and AF_BRIDGE
neigh objects

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com>
Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Reviewed-by: Wilson Kok <wkok@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-15 19:42:43 +01:00
roopa
125119aff0 Add AF_BRIDGE support to link cache
This patch was previously submitted as the first approach in
RFC http://lists.infradead.org/pipermail/libnl/2012-November/000730.html

It adds support for AF_BRIDGE family in link cache.
And the key for link object lookups will now be ifindex and family.

This allows for AF_UNSPEC rtnl link objects to co-exist with the AF_BRIDGE
link objects in the same cache.

I have changed some of the rtnl_link api's to explicitly check for
AF_UNSPEC to not break existing apps. I will submit a new patch to
introduce equivalent rtnl_bridge_link_* api's.

We had also discussed updating the existing link objects with
AF_BRIDGE attributes, but realized that the updates to link objects will
be both AF_UNSPEC and AF_BRIDGE. And that would change link cache to always
update existing objects, resulting in comparing and updating close to
thirty attributes at cache_include time which seems like a overkill.

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com>
Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Reviewed-by: Wilson Kok <wkok@cumulusnetworks.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-14 15:18:08 +01:00
Thomas Graf
ea79a76288 addr: Support setting local/peer/anycast/multicast/broadcast address to NULL
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-12 23:48:02 +01:00
Thomas Graf
8ffa257bfa cache: Move nl_cache_ops_set_flags() to cache_mngt.c
Signed-off-by: Thomas Graf <tgraf@suug.ch>
2012-11-12 22:07:39 +01:00