This patch adds functions to dump information and stats for each
SRIOV VF.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds utility functions for translating link state and
VLAN protocols for SRIOV VFs.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds support for cloning SRIOV VF specific data in the
link object.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
* This patch adds support for parsing SRIOV VF specific
information on a link.
* Adds LINK_ATTR_VF_LIST to add to link->ce_mask.
* Extends the rtnl_link object to include 'l_vf_list', a member
to carry information for SRIOV VFs.
* Adds rtnl_link_sriov, a private structure to fill link->l_vf_list.
* This patch adds support for reading parsed SRIOV VF specific
informatino on a link.
* This patch adds support for freeing stored SRIOV VF specific
information on a link.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
The data structure of choice when adding/processing a security context
for xfrm is struct xfrm(nl)_user_sec_ctx. The previous code did however
use the (also exported) struct xfrm(nl)_sec_ctx. While sizeof(struct
xfrm(nl)_*sec_ctx) yields the same result, the interpretation of one of
the data structures as the other one messes up the contents.
With this fix, the wrong data structure has been replaced with the
correct one. Also -- since the size of the context string is not known
-- one can now call xfrmnl_sa_get_sec_ctx with ctx_str being NULL, thus
retrieving the length of the context string.
A new capability has been introduced, to test whether libnl3 supports
the modified semantics of this function.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* Rename rtnl_link_get_pmtudisc to rtnl_link_ipgre_get_pmtudisc
in ipgre.c, making the function correctly match the exported
functionality in ipgre.h. This fixes an error when trying to
use the function, returning an incorrect type usage due to the
link module already having a function of the same name.
* Export rtnl_link_is_[ipgre/ipgretap] allowing for usage per
documentation.
Reported-by: Sharada Shiddibhavi <sharada.shiddibhavi@intel.com>
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
As these properties are FLAG types in the netlink
API, we should also expose them as such in the
libnl API.
It is less code and require less code to support a new
flag.
The point is really to keep the API smaller instead of
wasting a getter and setter for each flag.
The ce_mask is there to indicate whether a certain attribute is
set or not. The VXLAN flags are different, because the flag is
either set or not. It cannot have the meaning of being missing.
Therefore, it should not be stored as a VXLAN_ATTR in ce_mask.
The VXLAN_ATTR flags are internal and not public API.
Still, they are exposed as part of nl_object_diff().
There is no reason to change previous behavior, restore
the previous numeric values.
The enable/disable API is redundant and increases the library
in binary size and documentation. There should be one sensible way
to do something, not several.
Yes, there is prior act to that like rtnl_link_vxlan_disable_proxy().
That doesn't mean it should be repeated.
Includes all VXLAN attributes as of Linux kernel 4.7.5. In particular it
adds the following attributes:
* IFLA_VXLAN_PORT,
* IFLA_VXLAN_UDP_CSUM,
* IFLA_VXLAN_UDP_ZERO_CSUM6_TX,
* IFLA_VXLAN_UDP_ZERO_CSUM6_RX,
* IFLA_VXLAN_REMCSUM_TX,
* IFLA_VXLAN_REMCSUM_RX,
* IFLA_VXLAN_GBP,
* IFLA_VXLAN_REMCSUM_NOPARTIAL,
* IFLA_VXLAN_COLLECT_METADATA,
* IFLA_VXLAN_LABEL,
* IFLA_VXLAN_GPE
https://github.com/thom311/libnl/pull/110
mvi_maccount only makes sense together with the data. They should be
treated as one setting, and both should be consistent.
That means, if there are no addresses, mvi_maccount should always be set to
zero. This is regardless of whether the mvi_mask indicates that MACVLAN_HAS_MACADDR
is set. Similarly, if mvi_maccount is larger then zero, the mvi_macaddr
must point to some valid addresses.
The only exception is, when mvi_maccount is zero, mvi_macaddr may be
NULL or point to some data of zero allocated bytes.
Also, ensure that uint32_t is used for all the types that compare with
mvi_maccount.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Unfortunately, libnl3 is rather inconsistent about the getters.
- some return the value directly, and don't have a dedicated
error return value.
- some don't check whether the attribute was set and just
return the default value
- some fail with -NLE_INVAL or -NLE_NOATTR if the value is
unset.
I think the best pattern is to fail if the attribue is unset.
However, the return value should be negative to indicate an error,
while 0 should mean success.
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds support for hardware assisted bridge modes stored
in IFLA_AF_SPEC[IFLA_BRIDGE_MODE].
This patch adds rtnl_link_[g/s]et_hwmode() functions, allowing
for getting and setting the hardware mode for a bridged link.
This patch adds the convenience functions for translating between
integer and string names for hardware modes.
This patch adds rtnl_link_bridge_set_self(), a function that
stores flags in IFLA_AF_SPEC[IFLA_BRIDGE_FLAGS], an attribute
that tells the kernel whether it should apply settings to the
virtual bridge device or the hardware device itself. This requires
hardware that supports the hardware flags.
This patch adds bridge_fill_af(), a function to fill IFLA_AF_SPEC
with AF_BRIDGE specific information.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds the ability to override nesting into an AF specific
attribute. An example of this is the bridge module.
Regular Nesting:
[IFLA_AF_SPEC]
[AF_INET]
[AF_INET_ATTRS]
Bridge Nesting:
[IFLA_AF_SPEC]
[AF_BRIDGE_ATTRS]
This patch adds ao_fill_af_no_nest to struct rtnl_link_af_ops.
When set to non-zero, this will override the nested AF attribute
and allow nesting of attributes directly into IFLA_AF_SPEC.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds support for the following bridge port flags:
IFLA_BRPORT_UNICAST_FLOOD
IFLA_BRPORT_LEARNING
IFLA_BRPORT_LEARNING_SYNC
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds translation functions for translating the port
state between integers and strings.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch fixes IFLA_BRPORT_FASTLEAVE to append to the correct
netlink attribute. (Turned up in automated testing.)
Fixes: 55bc931a7272e6ac8f555bcc2a373eb2b6b58377
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Update copy of kernel header 'if_macsec.h' to Linux 4.8-rc5, so that
upstream commit 2ccbe2cb79f2f74ab739252299b6f9ff27586f2c ("macsec: limit
ICV length to 16 octets") is included. Return -NLE_INVAL when trying to
configure an ICV length greater than 16 octets.
Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
'sci' passed to kernel is meant to be in network byte order: use
ntohll() and htonll() accordingly.
Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
This patch modifies link/bridge to set link attributes in a
request message. It adds set support for currently implemented
functionality.
This patch adds bridge_fill_pi, a function to fill in the
IFLA_PROTINFO nested attribute.
This patch modifies the bridge_ops structure to support
modifications made to properly set RTM_SETLINK during modifcation
of a link, append the NLA_F_NESTED flag to IFLA_PROTINFO, and
to call the newly added bridge_fill_pi.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds the functionality to set IFLA_PROTINFO in a
request. This allows for appending protocol specific information
to a request message.
This patch adds ao_fill_pi to the rtnl_link_af_ops structure. This
registers a function to fill the IFLA_PROTINFO attribute. This
function follows the makeup of ao_fill_af.
This patch adds ao_fill_pi_flags to the rtnl_link_af_ops
structure. This registers an extra flag that can be bitmasked
onto the IFLA_PROTINFO definition. This is useful for address
families that require NLA_F_NESTED.
This patch adds a function named af_fill_pi, which is called by
build_link_msg. This function calls the registered function
pointers for an address family to fill IFLA_PROTINFO and to
bitmask any extra flags.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
When rtnl_link_build_change_request() builds a change request,
it sets the message type to RTM_NEWLINK by default. If the
request fails, it changes the type to RTM_SETLINK, and resubmits.
For some address families, this will result in a requested change
never being applied by the kernel. An exmaple of this is the Linux
bridge. When a netlink message of type RTM_NEWLINK is recieved,
rather than failing, it simply ignores the message and does not
return a failure.
To fix this, this patch implements an override for address
families that require it. The override can be set when an address
family registers itself in libnl.
This patch adds ao_override_rtm to the rtnl_link_af_ops structure.
This patch adds a static function named af_request_type.
This patch modifies rtnl_link_build_change_request to call
af_request_type to properly set the request type if an address
family wishes to override.
Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
The __kernel_sa_family_t type is not present on older systems (e.g.,
RHEL 6), and libnl3 will not built without it. Copy
/usr/include/linux/socket.h from a RHEL7 system to
include/linux-private/linux/socket.h so that it will be found by the
build system.
Fortunately, this socket.h is small and self-contained; it contains
very little (and does not #include any other files) beyond necessary
type.
https://github.com/thom311/libnl/pull/107
Signed-off-by: Jeff Squyres <jsquyres@cisco.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
glibc provides two versions of strerror_r(), which
can be chosen between using feature test macros
_GNU_SOURCE and _POSIX_C_SOURCE. libnl is built using
the former, hence we get the glibc special version,
and all code so far has been written for this.
Other C libraries like musl on the other hand only try
to be posix compliant, and only ever provide the posix
version of strerror_r(), which has a different signature.
Uses in libnl hence generally cause printf() of an *int*
with a *string format* specifier for that reason.
Additionally, strerror_r() has been deprecated:
http://austingroupbugs.net/view.php?id=655
Switch to using strerror_l().
Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Stephane Ayotte <sayotte@tycoint.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
glibc provides two versions of strerror_r(), which
can be chosen between using feature test macros
_GNU_SOURCE and _POSIX_C_SOURCE. libnl is built using
the former, hence we get the glibc special version,
and all code so far has been written for this.
Other C libraries like musl on the other hand only try
to be posix compliant, and only ever provide the posix
version of strerror_r(), which has a different signature.
Uses in libnl hence generally cause printf() of an *int*
with a *string format* specifier for that reason.
Additionally, strerror_r() has been deprecated:
http://austingroupbugs.net/view.php?id=655
Switch to using strerror_l() (via our wrapper just
introduced).
Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Stephane Ayotte <sayotte@tycoint.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
libnl currently uses strerror_r() throughout, but this is
problematic because there is a non-standard GNU version
implemented in glibc, and the standard POSIX version, which
differ in signature. When using glibc, one can choose
between the two versions using feature test macros
_GNU_SOURCE and _POSIX_C_SOURCE.
Given libnl is built using the former, we always get the
glibc special version, and all code so far has been written
for that non-standard version.
Other C libraries like musl on the other hand only try
to be posix compliant, and only ever provide the posix
version of strerror_r(), which has a different signature.
The alternative is to use strerror_l() rather than
strerror_r() http://austingroupbugs.net/view.php?id=655
- this will avoid the non-confirming versions issue
- strerror_l() is now recommended by POSIX to replace
strerror_r() usage
So rather than changing all uses of strerror_r() to be in
line with posix, we are going to switch to the recommended
interface strerror_l().
Since strerror_l() is slightly more difficuly to use, we
add a little (private) wrapper that we can use from all
current callsites of strerror_r().
Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Stephane Ayotte <sayotte@tycoint.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
The ID attributes for IPv4 addresses were broken which causes wrong
nl_object_identical() and cache lookup.
This capability shall indicate that the bug was fixed.
Signed-off-by: Thomas Haller <thaller@redhat.com>
addr_id_attrs_get returned a fixed set of attributes for AF_INET. This
leads to an invalid cache in case the default cache manager is used.
The error was cause by nl_object_identical, which checkes the ce_mask
of an object against the req_attrs. For route/addr objects the ce_mask
may contain the ADDR_ATTR_PEER, but the addr_id_attrs_get always
includes this attribute. Thus nl_object_identical fails always in case
no peer exists, which is the default for local addresses.
Fixes: 83e851ca9c842ccb6dae411d3fff9c7e9561269a
https://github.com/thom311/libnl/pull/105
Signed-off-by: Thomas Haller <thaller@redhat.com>
