Commit graph

945 commits

Author SHA1 Message Date
Tobias Klauser
8f82270cff cache_mngr: Return proper error code if nl_socket_alloc() fails
If nl_socket_alloc() failes in nl_cache_mngr_alloc() we would currently
return 0 due to the previous assignment of the err variable, even though
the failed allocation is an error condition. Fix this by setting err to
-NLE_NOMEM if nl_socket_alloc() fails.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-17 17:33:26 +02:00
Tobias Klauser
feda705426 cli: Fix typo in error message
s/neighbout/neighbour/

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-17 17:24:42 +02:00
Thomas Haller
f8144b11aa build: fix error in include/Makefile.am
Just introduced by me, as an oversight from commit
11f9cc0914.

Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-16 17:45:11 +02:00
Susant Sahani
11f9cc0914 ip6tnl: introduce ip6 tunnel support
This patch adds support for ip6 tunnel that works with
the ip6_tunnel kernel module.

Signed-off-by: Susant Sahani <susant@redhat.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-16 16:59:16 +02:00
Thomas Haller
cfc57ce359 Merge branch 'coverity-fixes'
http://lists.infradead.org/pipermail/libnl/2014-June/001475.html

Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:47:08 +02:00
Thomas Haller
3d5e4883be route/pktloc: read_pktlocs() always returned success status
Error found by coverity.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:52 +02:00
Thomas Haller
90cfeeecac netfilter/ct: fix calling nfnl_*_put() on uninitialized memory after nfnlmsg_*_parse()
nfnlmsg_*_parse() does not assign *result on error. So this will
lead to freeing a dangling pointer.

Error found by coverity.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:52 +02:00
Thomas Haller
d7a9e74f82 route/link: fix dangling pointer after rtnl_link_get_ifalias(link, NULL)
Fixed bug that left a dangling pointer after clearing the ifalias
property. This happened when calling 'rtnl_link_get_ifalias(link, NULL)'
on a link that has already an ifalias set.

This can cause a crash and/or a double-free.

Error found by coverity.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:52 +02:00
Thomas Haller
dae0a2316e cache: fix crash in nl_cache_dump_filter() when omitting the params argument
Error found by coverity.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:52 +02:00
Thomas Haller
8532ac5e10 cls: fix array overrun in rtnl_ematch_opnd2txt()
Error found by coverity.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:52 +02:00
Thomas Haller
87682a093a cli: add error checking to nl-route-get about out-of-memory
This is mainly to appease coverity which warned about this.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:52 +02:00
Thomas Haller
d50758cbfe route: remove unnecessary non-null check in pktloc and ematch
This check is not necessary, and also they cause coverity to
complain.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:52 +02:00
Thomas Haller
29a38942aa lib: reorder free() after printf("%p") statements
Previously coverity was complaining about a use-after-free.
This was not a real problem, because the printf statement
does not dereferenciate the pointer. Change it to avoid
the warning.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:51 +02:00
Thomas Haller
bb44548b92 route/link: pass proper type to sizeof() for calloc() in vlan_parse()
This fixes the following coverity warning:
  lib/route/link/vlan.c:148:23:warning – Result of 'calloc' is converted to a pointer of type 'struct vlan_map', which is incompatible with sizeof operand type 'struct ifla_vlan_qos_mapping'

This was not a real problem, because the types are effectively
the same.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 21:45:33 +02:00
Cong Wang
6608cd5d72 act: fix the logic of parsing actions
It is proved that actions are not always put from 0,
they could be discontinuous.

http://lists.infradead.org/pipermail/libnl/2014-April/001374.html

Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-10 19:09:00 +02:00
Tobias Klauser
872544c0c0 msg: Remove unnecessary call of nlmsg_free on known NULL pointer
In nlmsg_convert, if __nlmsg_alloc fails we can return NULL directly
instead of unnecessarily calling nlmsg_free on the NULL pointer.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-09 12:16:10 +02:00
Tobias Klauser
1087eb5314 obj: Fix dereference before NULL check
The check for !obj indicates that obj might be NULL, thus move the call
to obj_ops(obj) - which dereferences obj - after the check.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-06-09 12:02:58 +02:00
Thomas Haller
732c19948d Merge branch 'mgorny-master'
https://github.com/thom311/libnl/pull/58

Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-25 21:56:59 +02:00
Michał Górny
425d3d6661 Use paths relative to srcdir in setup.py.
Currently, setup.py is created by configure in builddir while source
files (.py and .i) reside in srcdir. Adjust paths in setup.py
appropriately to make it possible to perform an out-of-source build.

This is far from perfect but it mostly works. Python files are copied
from srcdir, and swig *.i files are read from there. However, swig
output files are created in srcdir rather than builddir, and distutils
copies '..' literally when constructing '.o' paths. As a result,
'../python/foo.i' would end up being compiled to
'build/temp*/../python/foo.i'.

The alternative would be to copy '*.i' files to builddir before
proceeding with the build, either in Makefile or through creating
additional distutils command.
2014-05-25 12:51:32 +02:00
Michał Górny
4dc7246742 Explicitly create output directories for flex/yacc output.
When out-of-source build with '--disable-dependency-tracking' is
performed, the 'lib/route' and 'lib/route/cls' directories required for
flex/yacc output do not exist. As a result, the flex/yacc calls fail
with ENOENT.

Create the necessary directories explicitly via $(MKDIR_P)
in the flex/yacc rules to guarantee proper out-of-source and in-source
build.
2014-05-25 11:49:19 +02:00
Susant Sahani
430eb4004a vlan: add support for IFLA_VLAN_PROTOCOL
This patch adds support for IFLA_VLAN_PROTOCOL

Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: minor fixes (whitespace, documentation, and a typo)]
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-12 14:23:32 +02:00
Cong Wang
c79754297a tunnel: add a copy of include/linux/if_tunnel.h
This should fix the following compile error:

route/link/ipip.c:52: error: ‘IFLA_IPTUN_MAX’ undeclared here (not in a function)
route/link/ipip.c:53: error: ‘IFLA_IPTUN_LINK’ undeclared here (not in a function)
route/link/ipip.c:53: error: array index in initializer not of integer type
route/link/ipip.c:53: error: (near initialization for ‘ipip_policy’)
route/link/ipip.c:53: error: field name not in record or union initializer
route/link/ipip.c:53: error: (near initialization for ‘ipip_policy’)
...

Reported-by: Vinson Lee <vlee@twitter.com>
Cc: Susant Sahani <susant@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-12 14:03:34 +02:00
Thomas Haller
e21099908f Merge branch 'socket_local_port'
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 14:40:17 +02:00
Thomas Haller
1f734a8f89 lib/socket: randomize the generated local port
Instead of always trying the same order of ports when
looking for an unused port, randomize the order (naively).

As libnl-1 uses the same function, it is likely that two applications
that are using both libraries generate the same ports. By chosing a
different order how to select the local port, the chances are smaller
for this to happen (however, it cannot avoid it entirely. The user
and/or libnl3 still has to cope with the situation, that somebody
else might already use the port).

Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 14:37:26 +02:00
Thomas Haller
4dd5fdd0af lib/socket: retry generate local port in nl_connect on ADDRINUSE
It can easily happen that the generated local netlink port is alrady in
use. In that case bind will fail with ADDRINUSE.

Users of libnl3 could workaround this, by managing the local ports
themselves, but sometimes these users are libraries too and they also
don't know which ports might be used by other components.

This patch changes that nl_socket_alloc() no longer initilizes the local
port id immediately. Instead it will be initialized when the user calls
nl_socket_get_local_port() the first time and thereby shows interest in
the value.

If bind() fails with ADDRINUSE, check if the user ever cared about the
local port, i.e. whether the local port is still unset. If it is still
unset, assume that libnl should choose a suitable port and retry until
an unused port can be found.

Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 14:34:58 +02:00
Thomas Haller
0271578987 lib/socket: don't fail if no more local ports can be assigned in nl_socket_alloc
By failing inside of nl_socket_alloc(), the user can not even work around
when running out of local ports. This patch changes that if there are no more
local ports, we set the port to UINT32_MAX. This is a consistent behavior
to calling nl_socket_set_local_port(sk, 0).

In general, since nl_socket_set_local_port() does not restict the generated
ports in any way we cannot assume to have a valid port. So the check in
the constructor was harmful and users who ever encountered it (because they
created 1024 libnl3 sockets) could not even work around it.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 14:33:54 +02:00
Thomas Haller
0fd510b367 lib/socket: use proper typed constant UINT32_MAX for uint32_t typed port
This was a bug on architectures with native int type less then 32 bit.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 14:33:38 +02:00
Thomas Haller
657e257ec5 gitignore: ignore test binaries and artifacts in "tests/"
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 12:48:47 +02:00
Susant Sahani
8f6301426a ipvti: introduce vti tunnel support
Signed-off-by: Susant Sahani <susant@redhat.com>
[thaller@redhat.com: some whitespace fixes]
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 12:04:02 +02:00
Susant Sahani
adb9f5d8fa ipgre: rename new public API to avoid confusion
Signed-off-by: Susant Sahani <susant@redhat.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 11:57:40 +02:00
Susant Sahani
737d5f0247 ipgre: fix attribute IPGRE_ATTR_OKEY in ipgre_put_attrs()
Signed-off-by: Susant Sahani <susant@redhat.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-06 11:57:32 +02:00
Susant Sahani
d715b8a5f6 introduce sit tunnel support
This patch introduces sit tunnel support

Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-05 19:08:29 +02:00
Susant Sahani
57bdc4ff48 introduce gre tunnel support
This patch introduces gre tunnel support

Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-05 19:08:23 +02:00
Susant Sahani
3a95fad5c9 introduce ipip tunnel support
This patch introduces ipip tunnel support. This
works with kernel module ipip.

Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-05 18:08:47 +02:00
Thomas Haller
0482cdcddb gitignore: ignore test binaries and artifacts in "tests/"
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-05 14:38:08 +02:00
Thomas Haller
a1c9915022 doc: fix wrong name in documentation for rtnl_link_bridge_alloc()
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-01 20:50:26 +02:00
Thomas Haller
35f44734bc act: fix memory leak in rtnl_act_parse()
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-01 16:59:06 +02:00
Cong Wang
b8d90d9bb1 act: fix a pointer in rtnl_act_msg_parse()
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-05-01 16:55:31 +02:00
Thomas Haller
6d70d83947 docs: add code comment to explain the meaning of the fields in rtnl_addr_cacheinfo
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-30 14:34:14 +02:00
Thomas Haller
a5917da51e gitignore: ignore 'nf-ct-add' (netfilter/ct)
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-30 13:06:50 +02:00
Cong Wang
e5d9b828f6 act: grab a reference when adding an action to a filter
When we add an action to a filter, its lifetime becomes
same with the filter. So in case user frees it before
us, we could just grab a reference here.

Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-30 11:19:42 +02:00
Cong Wang
0ba7e663ce veth: grab a reference for rtnl_link_veth_get_peer()
So that users could keep a refcount for the peer.
The capability trick is from Thomas Haller.

Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-30 11:08:15 +02:00
Hangbin Liu
f55ef93d1e gitignore: ignore patch files
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-16 10:08:47 +02:00
Hangbin Liu
6722853f49 doc/core: reply message should send from kernel to app
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-16 10:08:47 +02:00
Hangbin Liu
69f4a03425 gitignore: ignore ctags file
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
[thaller@redhat.com: change to ignore /tags only on top-level]
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-16 10:07:42 +02:00
Rich Fought
8ff199947f netfilter/ct: expand CT parameters that can be used in add/delete operations
This expands functionality for manipulating conntracks over netlink by
adding other attributes to nfnl_ct_build_message(). Added a command link
program to add conntracks.

https://github.com/thom311/libnl/pull/55

[thaller@redhat.com: cleaned up whitespace from original patch]
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-14 19:20:53 +02:00
Hiroaki KAWAI
cb319e22f5 python: fix wrongly passing argument to function in ObjIterator.next()
self.__next__() bound method does not take an extra argument.

https://github.com/thom311/libnl/pull/57

Signed-off-by: Hiroaki KAWAI <kawai@stratosphere.co.jp>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-09 09:22:47 +02:00
Cong Wang
65f218bcae add NLM_F_EXCL to rtnl_link_veth_add()
rtnl_link_veth_add() is a helper API we provide, it makes sense to
set NLM_F_EXCL for it since it doesn't accept flags as a parameter.

BTW, correct an indention too.

Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-09 09:10:19 +02:00
Cong Wang
3700bf56fa veth: use nl_object_clone() to deep copy rtnl_link object
Currently we use memcpy() to copy the peer rtnl_link for veth device,
this is wrong, we should do deep copy by calling nl_object_clone()
recursively. We should be careful and need to make sure we only call
it once.

Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-09 09:10:19 +02:00
Cong Wang
6c8f67b87a veth: implement ->io_free
So that veth link can be just put by rtnl_link_put()

Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
2014-04-09 09:10:19 +02:00