From: Yu Watanabe Date: Fri, 21 May 2021 21:03:40 +0000 (+0900) Subject: sd-netlink: set NETLINK_GET_STRICT_CHK socket option X-Git-Tag: v249-rc1~157^2~3 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d7418b3bb2601b375f592d2640daa37a06f2ec05;p=thirdparty%2Fsystemd.git sd-netlink: set NETLINK_GET_STRICT_CHK socket option Then kernel filters out unnecessary info on dumping, e.g. RTM_GETADDR. --- diff --git a/src/libsystemd/sd-netlink/sd-netlink.c b/src/libsystemd/sd-netlink/sd-netlink.c index 25ba700ee20..97f45c83af3 100644 --- a/src/libsystemd/sd-netlink/sd-netlink.c +++ b/src/libsystemd/sd-netlink/sd-netlink.c @@ -125,10 +125,14 @@ int sd_netlink_open_fd(sd_netlink **ret, int fd) { rtnl->fd = fd; rtnl->protocol = protocol; - r = setsockopt_int(fd, SOL_NETLINK, NETLINK_EXT_ACK, 1); + r = setsockopt_int(fd, SOL_NETLINK, NETLINK_EXT_ACK, true); if (r < 0) log_debug_errno(r, "sd-netlink: Failed to enable NETLINK_EXT_ACK option, ignoring: %m"); + r = setsockopt_int(fd, SOL_NETLINK, NETLINK_GET_STRICT_CHK, true); + if (r < 0) + log_debug_errno(r, "sd-netlink: Failed to enable NETLINK_GET_STRICT_CHK option, ignoring: %m"); + r = socket_bind(rtnl); if (r < 0) { rtnl->fd = -1; /* on failure, the caller remains owner of the fd, hence don't close it here */ diff --git a/src/libsystemd/sd-netlink/test-netlink.c b/src/libsystemd/sd-netlink/test-netlink.c index cbae36472c9..41a72804774 100644 --- a/src/libsystemd/sd-netlink/test-netlink.c +++ b/src/libsystemd/sd-netlink/test-netlink.c @@ -35,36 +35,23 @@ static void test_message_link_bridge(sd_netlink *rtnl) { } static void test_link_configure(sd_netlink *rtnl, int ifindex) { - _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; - const char *mac = "98:fe:94:3f:c6:18", *name = "test"; - char buffer[ETHER_ADDR_TO_STRING_MAX]; - uint32_t mtu = 1450, mtu_out; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL; + uint32_t mtu_out; const char *name_out; struct ether_addr mac_out; /* we'd really like to test NEWLINK, but let's not mess with the running kernel */ assert_se(sd_rtnl_message_new_link(rtnl, &message, RTM_GETLINK, ifindex) >= 0); - assert_se(sd_netlink_message_append_string(message, IFLA_IFNAME, name) >= 0); - assert_se(sd_netlink_message_append_ether_addr(message, IFLA_ADDRESS, ether_aton(mac)) >= 0); - assert_se(sd_netlink_message_append_u32(message, IFLA_MTU, mtu) >= 0); - - assert_se(sd_netlink_call(rtnl, message, 0, NULL) == 1); - assert_se(sd_netlink_message_rewind(message, NULL) >= 0); - assert_se(sd_netlink_message_read_string(message, IFLA_IFNAME, &name_out) >= 0); - assert_se(streq(name, name_out)); + assert_se(sd_netlink_call(rtnl, message, 0, &reply) == 1); - assert_se(sd_netlink_message_read_ether_addr(message, IFLA_ADDRESS, &mac_out) >= 0); - assert_se(streq(mac, ether_addr_to_string(&mac_out, buffer))); - - assert_se(sd_netlink_message_read_u32(message, IFLA_MTU, &mtu_out) >= 0); - assert_se(mtu == mtu_out); + assert_se(sd_netlink_message_read_string(reply, IFLA_IFNAME, &name_out) >= 0); + assert_se(sd_netlink_message_read_ether_addr(reply, IFLA_ADDRESS, &mac_out) >= 0); + assert_se(sd_netlink_message_read_u32(reply, IFLA_MTU, &mtu_out) >= 0); } static void test_link_get(sd_netlink *rtnl, int ifindex) { - sd_netlink_message *m; - sd_netlink_message *r; - uint32_t mtu = 1500; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL, *r = NULL; const char *str_data; uint8_t u8_data; uint32_t u32_data; @@ -73,19 +60,7 @@ static void test_link_get(sd_netlink *rtnl, int ifindex) { assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_GETLINK, ifindex) >= 0); assert_se(m); - /* u8 test cases */ - assert_se(sd_netlink_message_append_u8(m, IFLA_CARRIER, 0) >= 0); - assert_se(sd_netlink_message_append_u8(m, IFLA_OPERSTATE, 0) >= 0); - assert_se(sd_netlink_message_append_u8(m, IFLA_LINKMODE, 0) >= 0); - - /* u32 test cases */ - assert_se(sd_netlink_message_append_u32(m, IFLA_MTU, mtu) >= 0); - assert_se(sd_netlink_message_append_u32(m, IFLA_GROUP, 0) >= 0); - assert_se(sd_netlink_message_append_u32(m, IFLA_TXQLEN, 0) >= 0); - assert_se(sd_netlink_message_append_u32(m, IFLA_NUM_TX_QUEUES, 0) >= 0); - assert_se(sd_netlink_message_append_u32(m, IFLA_NUM_RX_QUEUES, 0) >= 0); - - assert_se(sd_netlink_call(rtnl, m, -1, &r) == 1); + assert_se(sd_netlink_call(rtnl, m, 0, &r) == 1); assert_se(sd_netlink_message_read_string(r, IFLA_IFNAME, &str_data) == 0); @@ -100,14 +75,10 @@ static void test_link_get(sd_netlink *rtnl, int ifindex) { assert_se(sd_netlink_message_read_u32(r, IFLA_NUM_RX_QUEUES, &u32_data) == 0); assert_se(sd_netlink_message_read_ether_addr(r, IFLA_ADDRESS, ð_data) == 0); - - assert_se((m = sd_netlink_message_unref(m)) == NULL); - assert_se((r = sd_netlink_message_unref(r)) == NULL); } static void test_address_get(sd_netlink *rtnl, int ifindex) { - sd_netlink_message *m; - sd_netlink_message *r; + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL, *r = NULL; struct in_addr in_data; struct ifa_cacheinfo cache; const char *label; @@ -121,10 +92,6 @@ static void test_address_get(sd_netlink *rtnl, int ifindex) { assert_se(sd_netlink_message_read_in_addr(r, IFA_ADDRESS, &in_data) == 0); assert_se(sd_netlink_message_read_string(r, IFA_LABEL, &label) == 0); assert_se(sd_netlink_message_read_cache_info(r, IFA_CACHEINFO, &cache) == 0); - - assert_se((m = sd_netlink_message_unref(m)) == NULL); - assert_se((r = sd_netlink_message_unref(r)) == NULL); - } static void test_route(sd_netlink *rtnl) {