1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
5 #include "sd-netlink.h"
7 #include "alloc-util.h"
12 #include "netlink-genl.h"
13 #include "netlink-internal.h"
14 #include "netlink-slot.h"
15 #include "netlink-util.h"
16 #include "process-util.h"
17 #include "socket-util.h"
18 #include "string-util.h"
20 /* Some really high limit, to catch programming errors */
21 #define REPLY_CALLBACKS_MAX UINT16_MAX
23 static int netlink_new(sd_netlink
**ret
) {
24 _cleanup_(sd_netlink_unrefp
) sd_netlink
*nl
= NULL
;
26 assert_return(ret
, -EINVAL
);
28 nl
= new(sd_netlink
, 1);
35 .sockaddr
.nl
.nl_family
= AF_NETLINK
,
36 .original_pid
= getpid_cached(),
39 /* Kernel change notification messages have sequence number 0. We want to avoid that with our
40 * own serials, in order not to get confused when matching up kernel replies to our earlier
43 * Moreover, when using netlink socket activation (i.e. where PID 1 binds an AF_NETLINK
44 * socket for us and passes it to us across execve()) and we get restarted multiple times
45 * while the socket sticks around we might get confused by replies from earlier runs coming
46 * in late — which is pretty likely if we'd start our sequence numbers always from 1. Hence,
47 * let's start with a value based on the system clock. This should make collisions much less
48 * likely (though still theoretically possible). We use a 32 bit µs counter starting at boot
49 * for this (and explicitly exclude the zero, see above). This counter will wrap around after
50 * a bit more than 1h, but that's hopefully OK as the kernel shouldn't take that long to
51 * reply to our requests.
53 * We only pick the initial start value this way. For each message we simply increase the
54 * sequence number by 1. This means we could enqueue 1 netlink message per µs without risking
55 * collisions, which should be OK.
57 * Note this means the serials will be in the range 1…UINT32_MAX here.
59 * (In an ideal world we'd attach the current serial counter to the netlink socket itself
60 * somehow, to avoid all this, but I couldn't come up with a nice way to do this) */
61 .serial
= (uint32_t) (now(CLOCK_MONOTONIC
) % UINT32_MAX
) + 1,
64 /* We guarantee that the read buffer has at least space for a message header */
65 if (!greedy_realloc((void**) &nl
->rbuffer
, sizeof(struct nlmsghdr
), sizeof(uint8_t)))
72 _public_
int sd_netlink_open_fd(sd_netlink
**ret
, int fd
) {
73 _cleanup_(sd_netlink_unrefp
) sd_netlink
*nl
= NULL
;
76 assert_return(ret
, -EINVAL
);
77 assert_return(fd
>= 0, -EBADF
);
83 r
= getsockopt_int(fd
, SOL_SOCKET
, SO_PROTOCOL
, &protocol
);
88 nl
->protocol
= protocol
;
90 r
= setsockopt_int(fd
, SOL_NETLINK
, NETLINK_EXT_ACK
, true);
92 log_debug_errno(r
, "sd-netlink: Failed to enable NETLINK_EXT_ACK option, ignoring: %m");
94 r
= setsockopt_int(fd
, SOL_NETLINK
, NETLINK_GET_STRICT_CHK
, true);
96 log_debug_errno(r
, "sd-netlink: Failed to enable NETLINK_GET_STRICT_CHK option, ignoring: %m");
100 nl
->fd
= -1; /* on failure, the caller remains owner of the fd, hence don't close it here */
110 _public_
int sd_netlink_open(sd_netlink
**ret
) {
111 return netlink_open_family(ret
, NETLINK_ROUTE
);
114 _public_
int sd_netlink_increase_rxbuf(sd_netlink
*nl
, size_t size
) {
115 assert_return(nl
, -EINVAL
);
116 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
118 return fd_increase_rxbuf(nl
->fd
, size
);
121 static sd_netlink
*netlink_free(sd_netlink
*nl
) {
127 for (i
= 0; i
< nl
->rqueue_size
; i
++)
128 sd_netlink_message_unref(nl
->rqueue
[i
]);
131 for (i
= 0; i
< nl
->rqueue_partial_size
; i
++)
132 sd_netlink_message_unref(nl
->rqueue_partial
[i
]);
133 free(nl
->rqueue_partial
);
137 while ((s
= nl
->slots
)) {
139 netlink_slot_disconnect(s
, true);
141 hashmap_free(nl
->reply_callbacks
);
142 prioq_free(nl
->reply_callbacks_prioq
);
144 sd_event_source_unref(nl
->io_event_source
);
145 sd_event_source_unref(nl
->time_event_source
);
146 sd_event_unref(nl
->event
);
148 hashmap_free(nl
->broadcast_group_refs
);
150 genl_clear_family(nl
);
156 DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_netlink
, sd_netlink
, netlink_free
);
158 _public_
int sd_netlink_send(
160 sd_netlink_message
*message
,
165 assert_return(nl
, -EINVAL
);
166 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
167 assert_return(message
, -EINVAL
);
168 assert_return(!message
->sealed
, -EPERM
);
170 netlink_seal_message(nl
, message
);
172 r
= socket_write_message(nl
, message
);
177 *serial
= message_get_serial(message
);
182 int netlink_rqueue_make_room(sd_netlink
*nl
) {
185 if (nl
->rqueue_size
>= NETLINK_RQUEUE_MAX
)
186 return log_debug_errno(SYNTHETIC_ERRNO(ENOBUFS
),
187 "sd-netlink: exhausted the read queue size (%d)",
190 if (!GREEDY_REALLOC(nl
->rqueue
, nl
->rqueue_size
+ 1))
196 int netlink_rqueue_partial_make_room(sd_netlink
*nl
) {
199 if (nl
->rqueue_partial_size
>= NETLINK_RQUEUE_MAX
)
200 return log_debug_errno(SYNTHETIC_ERRNO(ENOBUFS
),
201 "sd-netlink: exhausted the partial read queue size (%d)",
204 if (!GREEDY_REALLOC(nl
->rqueue_partial
, nl
->rqueue_partial_size
+ 1))
210 static int dispatch_rqueue(sd_netlink
*nl
, sd_netlink_message
**message
) {
216 if (nl
->rqueue_size
<= 0) {
217 /* Try to read a new message */
218 r
= socket_read_message(nl
);
219 if (r
== -ENOBUFS
) { /* FIXME: ignore buffer overruns for now */
220 log_debug_errno(r
, "sd-netlink: Got ENOBUFS from netlink socket, ignoring.");
227 /* Dispatch a queued message */
228 *message
= nl
->rqueue
[0];
230 memmove(nl
->rqueue
, nl
->rqueue
+ 1, sizeof(sd_netlink_message
*) * nl
->rqueue_size
);
235 static int process_timeout(sd_netlink
*nl
) {
236 _cleanup_(sd_netlink_message_unrefp
) sd_netlink_message
*m
= NULL
;
237 struct reply_callback
*c
;
238 sd_netlink_slot
*slot
;
244 c
= prioq_peek(nl
->reply_callbacks_prioq
);
248 n
= now(CLOCK_MONOTONIC
);
252 r
= message_new_synthetic_error(nl
, -ETIMEDOUT
, c
->serial
, &m
);
256 assert_se(prioq_pop(nl
->reply_callbacks_prioq
) == c
);
258 hashmap_remove(nl
->reply_callbacks
, UINT32_TO_PTR(c
->serial
));
260 slot
= container_of(c
, sd_netlink_slot
, reply_callback
);
262 r
= c
->callback(nl
, m
, slot
->userdata
);
264 log_debug_errno(r
, "sd-netlink: timedout callback %s%s%sfailed: %m",
265 slot
->description
? "'" : "",
266 strempty(slot
->description
),
267 slot
->description
? "' " : "");
270 netlink_slot_disconnect(slot
, true);
275 static int process_reply(sd_netlink
*nl
, sd_netlink_message
*m
) {
276 struct reply_callback
*c
;
277 sd_netlink_slot
*slot
;
285 serial
= message_get_serial(m
);
286 c
= hashmap_remove(nl
->reply_callbacks
, UINT32_TO_PTR(serial
));
290 if (c
->timeout
!= 0) {
291 prioq_remove(nl
->reply_callbacks_prioq
, c
, &c
->prioq_idx
);
295 r
= sd_netlink_message_get_type(m
, &type
);
299 if (type
== NLMSG_DONE
)
302 slot
= container_of(c
, sd_netlink_slot
, reply_callback
);
304 r
= c
->callback(nl
, m
, slot
->userdata
);
306 log_debug_errno(r
, "sd-netlink: reply callback %s%s%sfailed: %m",
307 slot
->description
? "'" : "",
308 strempty(slot
->description
),
309 slot
->description
? "' " : "");
312 netlink_slot_disconnect(slot
, true);
317 static int process_match(sd_netlink
*nl
, sd_netlink_message
*m
) {
325 r
= sd_netlink_message_get_type(m
, &type
);
329 if (m
->protocol
== NETLINK_GENERIC
) {
330 r
= sd_genl_message_get_command(nl
, m
, &cmd
);
336 LIST_FOREACH(match_callbacks
, c
, nl
->match_callbacks
) {
337 sd_netlink_slot
*slot
;
342 if (c
->cmd
!= 0 && c
->cmd
!= cmd
)
345 for (size_t i
= 0; i
< c
->n_groups
; i
++)
346 if (c
->groups
[i
] == m
->multicast_group
) {
354 slot
= container_of(c
, sd_netlink_slot
, match_callback
);
356 r
= c
->callback(nl
, m
, slot
->userdata
);
358 log_debug_errno(r
, "sd-netlink: match callback %s%s%sfailed: %m",
359 slot
->description
? "'" : "",
360 strempty(slot
->description
),
361 slot
->description
? "' " : "");
369 static int process_running(sd_netlink
*nl
, sd_netlink_message
**ret
) {
370 _cleanup_(sd_netlink_message_unrefp
) sd_netlink_message
*m
= NULL
;
375 r
= process_timeout(nl
);
379 r
= dispatch_rqueue(nl
, &m
);
385 if (sd_netlink_message_is_broadcast(m
))
386 r
= process_match(nl
, m
);
388 r
= process_reply(nl
, m
);
407 int sd_netlink_process(sd_netlink
*nl
, sd_netlink_message
**ret
) {
408 NETLINK_DONT_DESTROY(nl
);
411 assert_return(nl
, -EINVAL
);
412 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
413 assert_return(!nl
->processing
, -EBUSY
);
415 nl
->processing
= true;
416 r
= process_running(nl
, ret
);
417 nl
->processing
= false;
422 static usec_t
calc_elapse(uint64_t usec
) {
423 if (usec
== UINT64_MAX
)
427 usec
= NETLINK_DEFAULT_TIMEOUT_USEC
;
429 return usec_add(now(CLOCK_MONOTONIC
), usec
);
432 static int netlink_poll(sd_netlink
*nl
, bool need_more
, usec_t timeout_usec
) {
433 usec_t m
= USEC_INFINITY
;
438 e
= sd_netlink_get_events(nl
);
443 /* Caller wants more data, and doesn't care about
444 * what's been read or any other timeouts. */
449 /* Caller wants to process if there is something to
450 * process, but doesn't care otherwise */
452 r
= sd_netlink_get_timeout(nl
, &until
);
456 m
= usec_sub_unsigned(until
, now(CLOCK_MONOTONIC
));
459 r
= fd_wait_for_event(nl
->fd
, e
, MIN(m
, timeout_usec
));
466 int sd_netlink_wait(sd_netlink
*nl
, uint64_t timeout_usec
) {
467 assert_return(nl
, -EINVAL
);
468 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
470 if (nl
->rqueue_size
> 0)
473 return netlink_poll(nl
, false, timeout_usec
);
476 static int timeout_compare(const void *a
, const void *b
) {
477 const struct reply_callback
*x
= a
, *y
= b
;
479 if (x
->timeout
!= 0 && y
->timeout
== 0)
482 if (x
->timeout
== 0 && y
->timeout
!= 0)
485 return CMP(x
->timeout
, y
->timeout
);
488 _public_
int sd_netlink_call_async(
490 sd_netlink_slot
**ret_slot
,
491 sd_netlink_message
*m
,
492 sd_netlink_message_handler_t callback
,
493 sd_netlink_destroy_t destroy_callback
,
496 const char *description
) {
498 _cleanup_free_ sd_netlink_slot
*slot
= NULL
;
501 assert_return(nl
, -EINVAL
);
502 assert_return(m
, -EINVAL
);
503 assert_return(callback
, -EINVAL
);
504 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
506 if (hashmap_size(nl
->reply_callbacks
) >= REPLY_CALLBACKS_MAX
)
509 r
= hashmap_ensure_allocated(&nl
->reply_callbacks
, &trivial_hash_ops
);
513 if (usec
!= UINT64_MAX
) {
514 r
= prioq_ensure_allocated(&nl
->reply_callbacks_prioq
, timeout_compare
);
519 r
= netlink_slot_allocate(nl
, !ret_slot
, NETLINK_REPLY_CALLBACK
, sizeof(struct reply_callback
), userdata
, description
, &slot
);
523 slot
->reply_callback
.callback
= callback
;
524 slot
->reply_callback
.timeout
= calc_elapse(usec
);
526 k
= sd_netlink_send(nl
, m
, &slot
->reply_callback
.serial
);
530 r
= hashmap_put(nl
->reply_callbacks
, UINT32_TO_PTR(slot
->reply_callback
.serial
), &slot
->reply_callback
);
534 if (slot
->reply_callback
.timeout
!= 0) {
535 r
= prioq_put(nl
->reply_callbacks_prioq
, &slot
->reply_callback
, &slot
->reply_callback
.prioq_idx
);
537 (void) hashmap_remove(nl
->reply_callbacks
, UINT32_TO_PTR(slot
->reply_callback
.serial
));
542 /* Set this at last. Otherwise, some failures in above would call destroy_callback but some would not. */
543 slot
->destroy_callback
= destroy_callback
;
553 _public_
int sd_netlink_read(
557 sd_netlink_message
**ret
) {
562 assert_return(nl
, -EINVAL
);
563 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
565 timeout
= calc_elapse(usec
);
570 for (unsigned i
= 0; i
< nl
->rqueue_size
; i
++) {
571 _cleanup_(sd_netlink_message_unrefp
) sd_netlink_message
*incoming
= NULL
;
572 uint32_t received_serial
;
575 received_serial
= message_get_serial(nl
->rqueue
[i
]);
576 if (received_serial
!= serial
)
579 incoming
= nl
->rqueue
[i
];
581 /* found a match, remove from rqueue and return it */
582 memmove(nl
->rqueue
+ i
, nl
->rqueue
+ i
+ 1,
583 sizeof(sd_netlink_message
*) * (nl
->rqueue_size
- i
- 1));
586 r
= sd_netlink_message_get_errno(incoming
);
590 r
= sd_netlink_message_get_type(incoming
, &type
);
594 if (type
== NLMSG_DONE
) {
600 *ret
= TAKE_PTR(incoming
);
604 r
= socket_read_message(nl
);
608 /* received message, so try to process straight away */
614 n
= now(CLOCK_MONOTONIC
);
618 left
= usec_sub_unsigned(timeout
, n
);
620 left
= USEC_INFINITY
;
622 r
= netlink_poll(nl
, true, left
);
630 _public_
int sd_netlink_call(
632 sd_netlink_message
*message
,
634 sd_netlink_message
**ret
) {
639 assert_return(nl
, -EINVAL
);
640 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
641 assert_return(message
, -EINVAL
);
643 r
= sd_netlink_send(nl
, message
, &serial
);
647 return sd_netlink_read(nl
, serial
, usec
, ret
);
650 _public_
int sd_netlink_get_events(sd_netlink
*nl
) {
651 assert_return(nl
, -EINVAL
);
652 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
654 return nl
->rqueue_size
== 0 ? POLLIN
: 0;
657 _public_
int sd_netlink_get_timeout(sd_netlink
*nl
, uint64_t *timeout_usec
) {
658 struct reply_callback
*c
;
660 assert_return(nl
, -EINVAL
);
661 assert_return(timeout_usec
, -EINVAL
);
662 assert_return(!netlink_pid_changed(nl
), -ECHILD
);
664 if (nl
->rqueue_size
> 0) {
669 c
= prioq_peek(nl
->reply_callbacks_prioq
);
671 *timeout_usec
= UINT64_MAX
;
675 *timeout_usec
= c
->timeout
;
680 static int io_callback(sd_event_source
*s
, int fd
, uint32_t revents
, void *userdata
) {
681 sd_netlink
*nl
= userdata
;
686 r
= sd_netlink_process(nl
, NULL
);
693 static int time_callback(sd_event_source
*s
, uint64_t usec
, void *userdata
) {
694 sd_netlink
*nl
= userdata
;
699 r
= sd_netlink_process(nl
, NULL
);
706 static int prepare_callback(sd_event_source
*s
, void *userdata
) {
707 sd_netlink
*nl
= userdata
;
714 r
= sd_netlink_get_events(nl
);
718 r
= sd_event_source_set_io_events(nl
->io_event_source
, r
);
722 enabled
= sd_netlink_get_timeout(nl
, &until
);
726 r
= sd_event_source_set_time(nl
->time_event_source
, until
);
731 r
= sd_event_source_set_enabled(nl
->time_event_source
,
732 enabled
> 0 ? SD_EVENT_ONESHOT
: SD_EVENT_OFF
);
739 _public_
int sd_netlink_attach_event(sd_netlink
*nl
, sd_event
*event
, int64_t priority
) {
742 assert_return(nl
, -EINVAL
);
743 assert_return(!nl
->event
, -EBUSY
);
745 assert(!nl
->io_event_source
);
746 assert(!nl
->time_event_source
);
749 nl
->event
= sd_event_ref(event
);
751 r
= sd_event_default(&nl
->event
);
756 r
= sd_event_add_io(nl
->event
, &nl
->io_event_source
, nl
->fd
, 0, io_callback
, nl
);
760 r
= sd_event_source_set_priority(nl
->io_event_source
, priority
);
764 r
= sd_event_source_set_description(nl
->io_event_source
, "netlink-receive-message");
768 r
= sd_event_source_set_prepare(nl
->io_event_source
, prepare_callback
);
772 r
= sd_event_add_time(nl
->event
, &nl
->time_event_source
, CLOCK_MONOTONIC
, 0, 0, time_callback
, nl
);
776 r
= sd_event_source_set_priority(nl
->time_event_source
, priority
);
780 r
= sd_event_source_set_description(nl
->time_event_source
, "netlink-timer");
787 sd_netlink_detach_event(nl
);
791 _public_
int sd_netlink_detach_event(sd_netlink
*nl
) {
792 assert_return(nl
, -EINVAL
);
793 assert_return(nl
->event
, -ENXIO
);
795 nl
->io_event_source
= sd_event_source_unref(nl
->io_event_source
);
797 nl
->time_event_source
= sd_event_source_unref(nl
->time_event_source
);
799 nl
->event
= sd_event_unref(nl
->event
);
804 int netlink_add_match_internal(
806 sd_netlink_slot
**ret_slot
,
807 const uint32_t *groups
,
811 sd_netlink_message_handler_t callback
,
812 sd_netlink_destroy_t destroy_callback
,
814 const char *description
) {
816 _cleanup_free_ sd_netlink_slot
*slot
= NULL
;
820 assert(n_groups
> 0);
822 for (size_t i
= 0; i
< n_groups
; i
++) {
823 r
= socket_broadcast_group_ref(nl
, groups
[i
]);
828 r
= netlink_slot_allocate(nl
, !ret_slot
, NETLINK_MATCH_CALLBACK
, sizeof(struct match_callback
),
829 userdata
, description
, &slot
);
833 slot
->match_callback
.groups
= newdup(uint32_t, groups
, n_groups
);
834 if (!slot
->match_callback
.groups
)
837 slot
->match_callback
.n_groups
= n_groups
;
838 slot
->match_callback
.callback
= callback
;
839 slot
->match_callback
.type
= type
;
840 slot
->match_callback
.cmd
= cmd
;
842 LIST_PREPEND(match_callbacks
, nl
->match_callbacks
, &slot
->match_callback
);
844 /* Set this at last. Otherwise, some failures in above call the destroy callback but some do not. */
845 slot
->destroy_callback
= destroy_callback
;
854 _public_
int sd_netlink_add_match(
856 sd_netlink_slot
**ret_slot
,
858 sd_netlink_message_handler_t callback
,
859 sd_netlink_destroy_t destroy_callback
,
861 const char *description
) {
863 static const uint32_t
864 address_groups
[] = { RTNLGRP_IPV4_IFADDR
, RTNLGRP_IPV6_IFADDR
, },
865 link_groups
[] = { RTNLGRP_LINK
, },
866 neighbor_groups
[] = { RTNLGRP_NEIGH
, },
867 nexthop_groups
[] = { RTNLGRP_NEXTHOP
, },
868 route_groups
[] = { RTNLGRP_IPV4_ROUTE
, RTNLGRP_IPV6_ROUTE
, },
869 rule_groups
[] = { RTNLGRP_IPV4_RULE
, RTNLGRP_IPV6_RULE
, },
870 tc_groups
[] = { RTNLGRP_TC
};
871 const uint32_t *groups
;
874 assert_return(rtnl
, -EINVAL
);
875 assert_return(callback
, -EINVAL
);
876 assert_return(!netlink_pid_changed(rtnl
), -ECHILD
);
881 groups
= link_groups
;
882 n_groups
= ELEMENTSOF(link_groups
);
886 groups
= address_groups
;
887 n_groups
= ELEMENTSOF(address_groups
);
891 groups
= neighbor_groups
;
892 n_groups
= ELEMENTSOF(neighbor_groups
);
896 groups
= route_groups
;
897 n_groups
= ELEMENTSOF(route_groups
);
901 groups
= rule_groups
;
902 n_groups
= ELEMENTSOF(rule_groups
);
906 groups
= nexthop_groups
;
907 n_groups
= ELEMENTSOF(nexthop_groups
);
914 n_groups
= ELEMENTSOF(tc_groups
);
920 return netlink_add_match_internal(rtnl
, ret_slot
, groups
, n_groups
, type
, 0, callback
,
921 destroy_callback
, userdata
, description
);
924 _public_
int sd_netlink_attach_filter(sd_netlink
*nl
, size_t len
, const struct sock_filter
*filter
) {
925 assert_return(nl
, -EINVAL
);
926 assert_return(len
== 0 || filter
, -EINVAL
);
928 if (setsockopt(nl
->fd
, SOL_SOCKET
,
929 len
== 0 ? SO_DETACH_FILTER
: SO_ATTACH_FILTER
,
930 &(struct sock_fprog
) {
932 .filter
= (struct sock_filter
*) filter
,
933 }, sizeof(struct sock_fprog
)) < 0)