Cause generic netlink group IDs are dynamic, we go through all sockets
and unsubscribe from the group that goes away. Otherwise they could be
surprisingly find themselves subscribed to a group created later.
Now that the family and group are completely private to netlink_generic.c,
provide a simple and robust KPI, that would require very simple guarantees
from both KPI and the module:
* Strings are used only for family and group registration, that return ID:
uint16_t genl_register_family(const char *name, ...
uint32_t genl_register_group(uint16_t family, const char *name, ...
* Once created families and groups are guaranteed to not disappear and
be addressable by their ID.
* All subsequent calls, including deregistration shall use ID.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D48845
Use nlp_ prefix for them, cause they operate on single pcb. Use words
"join" and "leave" instead of "add" and "del", cause we aren't creating
or destroying groups, we are just joining or leaving.
Really assert locks instead of just having "locked" suffix.
With the initial check-in netlink(4) was very conservative with regards to
using memory and intrusiveness to the kernel and network stack. In
particular it would initialize the VNET context only on the first actuall
call to socket(PF_NETLINK), saving on allocation of a struct nl_control of
size 224 bytes.
Now it is clear that netlink(4) is primary citizen of FreeBSD, with a set
of system tools using it. So resort to normal VNET_SYSINIT() and with
that shave a lot of complexity, since after the change V_nl_ctl is
immutable.
Use uint32_t for anything that is derived from message length, use
uint16_t for anything that represents attribute length and use u_int for
array indices.
The function will clone an existing snl_state(). The clone points at the
same socket, but has a separate allocator. Closing a clone frees the
memory, but doesn't close the socket. Such clones are handy in a
multithreaded process that has a single socket with multiple writers and a
serialized reader. It can be easily extended to support multiple readers,
too, but now there is no use.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D48568
This function uses already supposedly opaque struct _getfamily_attrs as
the argument and it fills it with pointers to volatile memory, which makes
it is unsafe for general use. While here also underscore structures that
hang off the struct _getfamily_attrs.
Small programs like powerd(8) and RPC daemons are converted to use
snl_get_genl_mcast_group() and/or snl_get_genl_family(). The genl(1)
utility was fixed not to mix its own parsers with parsers declared in
netlink_snl_generic.h.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D48480
Rename supposedly internal _snl_reserve_msg_attr() into an official
snl_reserve_msg_attr_raw(), that would return pointer to a struct
nlattr followed by allocated memory. Adjust the snl_reserve_msg_attr()
macro to work on top of that function.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D48311
Just as we did in the kernel in e9255dafa1
Suggested by: glebius
Reviewed by: glebius, melifaro
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D48460
The subtraction is absolutely unnecessary and created an underflow with
926d2eadcb. I don't see why it was useful before 926d2eadcb and even
before edf5608bfe. The bitset addresses bits from zero to
NLP_MAX_GROUPS-1. Note that check of user supplied argument for
NETLINK_ADD_MEMBERSHIP and NETLINK_DROP_MEMBERSHIP socket options is
already correct !(optval >= NLP_MAX_GROUPS).
Fixes: 926d2eadcb
route(8) had such ability before migration to netlink. To be able
to delete PINNED routes we pass RTM_F_FORCE to rib_del_route_px()
when userland uses RTF_PINNED flag with RTM_DELETE command.
This is hackish way for route(8) tool, that third-party software
usually doesn't use.
PR: 279988
Tested by: franco at opnsense org
Discussed with: glebius
MFC after: 10 days
Differential Revision: https://reviews.freebsd.org/D46301
- Statically initialize control family/group. This removes extra startup
code and provides a strong guarantee that they reside at the 0 index of
the respective arrays. Before a genl_register_family() with a higher
SYSINIT order could try to hijack index 0.
- Remove the family_id field completely. Now the family ID as well as
group ID are array indices and there is basically no place for a mistake.
Previous code had a bug where a KPI user could induce an ID mismatch.
- Merge netlink_generic_kpi.c to netlink_generic.c. Both files are small
and now there is more dependency between the control family and the family
allocator. Ok'ed by melifaro@.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D48316
This will allow to broadcast messages visible only to priveleged
subscribers.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D48307
This fixes some signedness bugs and potential underflows. The length of
nl_buf is still limited by UINT_MAX and this is asserted now.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D47551
We may increase it to size_t later, KPI allows that already, but
doesn't seem to be needed today.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D47550
o Allow callers to initialize a writer that will malloc(9) with M_WAITOK.
o Use size_t for expected malloc size.
o Use correct types to initialize a group writer.
o Rename functions into nl_writer_ namespace instead of nlmsg_, cause
they are working on nl_writer, not on nlmsg.
o Make the KPI responsible to sparsely initialize the writer structure.
o Garbage collect chain writer. Fixes 17083b94a9.
All current consumers are left as is, however some may benefit from
M_WAITOK allocation as well as supplying a correct expected size.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D47549
This function is registered as a ifnet_link_event and so should have the
corresponding argument list.
PR: 282870
Reported by: nakayamakenjiro@gmail.com
MFC after: 1 week
Summary:
Remove the final direct access of struct ifnet members from netlink.
Since only the first address is used, create the iterator and then free,
without fully iterating.
Reviewed By: kp
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D42972
The SIOCDIFADDR{,_IN6} ioctls take an ifreq structure object, not an
ifaliasreq/in_aliasreq/in6_aliasreq structure object, as their argument.
As opposed to ifaliasreq/in_aliasreq/in6_aliasreq used by
SIOCAIFADDR{,_IN6}, the ifreq/in6_ifreq structures used by the
SIOCDIFADDR{,_IN6} ioctls do not include a separate field for a
broadcast address and other values required to add an address to a
network interface with SIOCAIFADDR{,_IN6}.
Whilst this issue is not specific to CHERI-extended architectures, it
was first observed on CheriBSD running on Arm Morello. For example,
incorrect calls using the in6_aliasreq object result in CHERI capability
violations. A pointer to the ifra_addr field in in6_aliasreq cast to the
ifru_addr union member of in6_ifreq results in bounds being set to the
union's larger size. Such bounds exceed the bounds of of in6_aliasreq
object and the bounds-setting instruction clears a tag of the object's
capability.
Reviewed by: brooks, kp, oshogbo
Accepted by: oshogbo (mentor)
Reported by: CHERI
Obtained from: CheriBSD
Differential Revision: https://reviews.freebsd.org/D46016
The old Linux used 8-bit rtm_table field of the RTM_NEWROUTE message to
specify routing table id. Modern netlink uses RTA_TABLE 32-bit attribute.
Unfortunately, there is modern software (namely bird) that would prefer
the old API as long as the routing table id fits into 8-bit.
PR: 279662
These take struct ifreq and struct in6_ifreq respectively. Passing struct
in_aliasreq or struct in6_aliasreq means we're supplying a shorter object than
expected. While this doesn't actively break things on most architectures other
than CHERI it is still wrong.
Reported by: CheriBSD
Event: Kitchener-Waterloo Hackathon 202406
Allow these files to be included in C++ programs with careful casting to
the proper type, like C++ wants (and in a way that also works for C).
MFC After: 1 week
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1245
Introduce pfctl_get_status_h() because we need the pfctl_handle. In this variant
use netlink to obtain the information.
Sponsored by: Rubicon Communications, LLC ("Netgate")
