From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 26 Jan 2023 15:17:15 +0000 (+0100)
Subject: kernel-netlink: Always register for events
X-Git-Tag: android-2.4.1~4^2~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d7ccb443541784a525301a2deae825593c81add1;p=thirdparty%2Fstrongswan.git

kernel-netlink: Always register for events

The starter-specific code path isn't necessary anymore since
d8fdd1018e16 ("starter: Don't flush SAs in the kernel").
---

diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
index e2f5d42add..ddc7b1c2ab 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -3764,7 +3764,7 @@ static void setup_spd_hash_thresh(private_kernel_netlink_ipsec_t *this,
 kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
 {
 	private_kernel_netlink_ipsec_t *this;
-	bool register_for_events = TRUE;
+	struct sockaddr_nl addr;
 
 	INIT(this,
 		.public = {
@@ -3804,11 +3804,6 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
 						FALSE, lib->ns),
 	);
 
-	if (streq(lib->ns, "starter"))
-	{	/* starter has no threads, so we do not register for kernel events */
-		register_for_events = FALSE;
-	}
-
 	this->socket_xfrm = netlink_socket_create(NETLINK_XFRM, xfrm_msg_names,
 				lib->settings->get_bool(lib->settings,
 					"%s.plugins.kernel-netlink.parallel_xfrm", FALSE, lib->ns));
@@ -3821,34 +3816,29 @@ kernel_netlink_ipsec_t *kernel_netlink_ipsec_create()
 	setup_spd_hash_thresh(this, "ipv4", XFRMA_SPD_IPV4_HTHRESH, 32);
 	setup_spd_hash_thresh(this, "ipv6", XFRMA_SPD_IPV6_HTHRESH, 128);
 
-	if (register_for_events)
-	{
-		struct sockaddr_nl addr;
-
-		memset(&addr, 0, sizeof(addr));
-		addr.nl_family = AF_NETLINK;
+	memset(&addr, 0, sizeof(addr));
+	addr.nl_family = AF_NETLINK;
 
-		/* create and bind XFRM socket for ACQUIRE, EXPIRE, MIGRATE & MAPPING */
-		this->socket_xfrm_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_XFRM);
-		if (this->socket_xfrm_events <= 0)
-		{
-			DBG1(DBG_KNL, "unable to create XFRM event socket: %s (%d)",
-				 strerror(errno), errno);
-			destroy(this);
-			return NULL;
-		}
-		addr.nl_groups = XFRMNLGRP(ACQUIRE) | XFRMNLGRP(EXPIRE) |
-						 XFRMNLGRP(MIGRATE) | XFRMNLGRP(MAPPING);
-		if (bind(this->socket_xfrm_events, (struct sockaddr*)&addr, sizeof(addr)))
-		{
-			DBG1(DBG_KNL, "unable to bind XFRM event socket: %s (%d)",
-				 strerror(errno), errno);
-			destroy(this);
-			return NULL;
-		}
-		lib->watcher->add(lib->watcher, this->socket_xfrm_events, WATCHER_READ,
-						  (watcher_cb_t)receive_events, this);
+	/* create and bind XFRM socket for ACQUIRE, EXPIRE, MIGRATE & MAPPING */
+	this->socket_xfrm_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_XFRM);
+	if (this->socket_xfrm_events <= 0)
+	{
+		DBG1(DBG_KNL, "unable to create XFRM event socket: %s (%d)",
+			 strerror(errno), errno);
+		destroy(this);
+		return NULL;
+	}
+	addr.nl_groups = XFRMNLGRP(ACQUIRE) | XFRMNLGRP(EXPIRE) |
+					 XFRMNLGRP(MIGRATE) | XFRMNLGRP(MAPPING);
+	if (bind(this->socket_xfrm_events, (struct sockaddr*)&addr, sizeof(addr)))
+	{
+		DBG1(DBG_KNL, "unable to bind XFRM event socket: %s (%d)",
+			 strerror(errno), errno);
+		destroy(this);
+		return NULL;
 	}
+	lib->watcher->add(lib->watcher, this->socket_xfrm_events, WATCHER_READ,
+					  (watcher_cb_t)receive_events, this);
 
 	netlink_find_offload_feature(lib->settings->get_str(lib->settings,
 					"%s.plugins.kernel-netlink.hw_offload_feature_interface",
diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
index 7dcb15676a..8af3016f6d 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_net.c
@@ -3096,7 +3096,7 @@ kernel_netlink_net_t *kernel_netlink_net_create()
 {
 	private_kernel_netlink_net_t *this;
 	enumerator_t *enumerator;
-	bool register_for_events = TRUE;
+	struct sockaddr_nl addr;
 	char *exclude;
 
 	INIT(this,
@@ -3168,11 +3168,6 @@ kernel_netlink_net_t *kernel_netlink_net_create()
 		return NULL;
 	}
 
-	if (streq(lib->ns, "starter"))
-	{	/* starter has no threads, so we do not register for kernel events */
-		register_for_events = FALSE;
-	}
-
 	exclude = lib->settings->get_str(lib->settings,
 									 "%s.ignore_routing_tables", NULL, lib->ns);
 	if (exclude)
@@ -3194,46 +3189,40 @@ kernel_netlink_net_t *kernel_netlink_net_create()
 		enumerator->destroy(enumerator);
 	}
 
-	if (register_for_events)
-	{
-		struct sockaddr_nl addr;
-
-		memset(&addr, 0, sizeof(addr));
-		addr.nl_family = AF_NETLINK;
-
-		/* create and bind RT socket for events (address/interface/route changes) */
-		this->socket_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
-		if (this->socket_events < 0)
-		{
-			DBG1(DBG_KNL, "unable to create RT event socket: %s (%d)",
-				 strerror(errno), errno);
-			destroy(this);
-			return NULL;
-		}
-		addr.nl_groups = nl_group(RTNLGRP_IPV4_IFADDR) |
-						 nl_group(RTNLGRP_IPV6_IFADDR) |
-						 nl_group(RTNLGRP_LINK);
-		if (this->process_route)
-		{
-			addr.nl_groups |= nl_group(RTNLGRP_IPV4_ROUTE) |
-							  nl_group(RTNLGRP_IPV6_ROUTE);
-		}
-		if (this->process_rules)
-		{
-			addr.nl_groups |= nl_group(RTNLGRP_IPV4_RULE) |
-							  nl_group(RTNLGRP_IPV6_RULE);
-		}
-		if (bind(this->socket_events, (struct sockaddr*)&addr, sizeof(addr)))
-		{
-			DBG1(DBG_KNL, "unable to bind RT event socket: %s (%d)",
-				 strerror(errno), errno);
-			destroy(this);
-			return NULL;
-		}
+	memset(&addr, 0, sizeof(addr));
+	addr.nl_family = AF_NETLINK;
 
-		lib->watcher->add(lib->watcher, this->socket_events, WATCHER_READ,
-						  (watcher_cb_t)receive_events, this);
+	/* create and bind RT socket for events (address/interface/route changes) */
+	this->socket_events = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
+	if (this->socket_events < 0)
+	{
+		DBG1(DBG_KNL, "unable to create RT event socket: %s (%d)",
+			 strerror(errno), errno);
+		destroy(this);
+		return NULL;
+	}
+	addr.nl_groups = nl_group(RTNLGRP_IPV4_IFADDR) |
+					 nl_group(RTNLGRP_IPV6_IFADDR) |
+					 nl_group(RTNLGRP_LINK);
+	if (this->process_route)
+	{
+		addr.nl_groups |= nl_group(RTNLGRP_IPV4_ROUTE) |
+						  nl_group(RTNLGRP_IPV6_ROUTE);
+	}
+	if (this->process_rules)
+	{
+		addr.nl_groups |= nl_group(RTNLGRP_IPV4_RULE) |
+						  nl_group(RTNLGRP_IPV6_RULE);
+	}
+	if (bind(this->socket_events, (struct sockaddr*)&addr, sizeof(addr)))
+	{
+		DBG1(DBG_KNL, "unable to bind RT event socket: %s (%d)",
+			 strerror(errno), errno);
+		destroy(this);
+		return NULL;
 	}
+	lib->watcher->add(lib->watcher, this->socket_events, WATCHER_READ,
+					  (watcher_cb_t)receive_events, this);
 
 	if (init_address_list(this) != SUCCESS)
 	{