From nobody Fri May 3 17:27:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.24 as permitted sender) client-ip=209.132.183.24; envelope-from=libvir-list-bounces@redhat.com; helo=mx3-phx2.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.24 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by mx.zohomail.com with SMTPS id 1488553502493299.7684924827638; Fri, 3 Mar 2017 07:05:02 -0800 (PST) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v23F1asi011782; Fri, 3 Mar 2017 10:01:36 -0500 Received: from smtp.corp.redhat.com (int-mx16.intmail.prod.int.phx2.redhat.com [10.5.11.28]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v23F0WNF029242 for ; Fri, 3 Mar 2017 10:00:32 -0500 Received: by smtp.corp.redhat.com (Postfix) id 20C7015A82; Fri, 3 Mar 2017 15:00:32 +0000 (UTC) Received: from mx1.redhat.com (ext-mx08.extmail.prod.ext.phx2.redhat.com [10.5.110.32]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CCDC815A87 for ; Fri, 3 Mar 2017 15:00:31 +0000 (UTC) Received: from smtp.nue.novell.com (smtp.nue.novell.com [195.135.221.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4DFEBC0567A1 for ; Fri, 3 Mar 2017 15:00:29 +0000 (UTC) Received: from laptop.vms (mhy71-2-88-167-63-197.fbx.proxad.net [88.167.63.197]) by smtp.nue.novell.com with ESMTP (TLS encrypted); Fri, 03 Mar 2017 16:00:26 +0100 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= To: libvir-list@redhat.com Date: Fri, 3 Mar 2017 16:00:19 +0100 Message-Id: <20170303150022.2524-2-cbosdonnat@suse.com> In-Reply-To: <20170303150022.2524-1-cbosdonnat@suse.com> References: <20170303150022.2524-1-cbosdonnat@suse.com> X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 202 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 03 Mar 2017 15:00:30 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 03 Mar 2017 15:00:30 +0000 (UTC) for IP:'195.135.221.5' DOMAIN:'smtp.nue.novell.com' HELO:'smtp.nue.novell.com' FROM:'cbosdonnat@suse.com' RCPT:'' X-RedHat-Spam-Score: -1.501 (BAYES_50, RCVD_IN_DNSWL_MED, SPF_PASS) 195.135.221.5 smtp.nue.novell.com 195.135.221.5 smtp.nue.novell.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.32 X-Scanned-By: MIMEDefang 2.74 on 10.5.11.28 X-loop: libvir-list@redhat.com Cc: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= Subject: [libvirt] [PATCH 1/4] util: extract the request sending code from virNetlinkCommand() X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Allow to reuse as much as possible from virNetlinkCommand(). This comment prepares for the introduction of virNetlindDumpCommand() only differing by how it handles the responses. --- src/util/virnetlink.c | 90 +++++++++++++++++++++++++++++++----------------= ---- 1 file changed, 55 insertions(+), 35 deletions(-) diff --git a/src/util/virnetlink.c b/src/util/virnetlink.c index a5d10fa8e..5fb49251c 100644 --- a/src/util/virnetlink.c +++ b/src/util/virnetlink.c @@ -209,61 +209,38 @@ virNetlinkCreateSocket(int protocol) goto cleanup; } =20 - -/** - * virNetlinkCommand: - * @nlmsg: pointer to netlink message - * @respbuf: pointer to pointer where response buffer will be allocated - * @respbuflen: pointer to integer holding the size of the response buffer - * on return of the function. - * @src_pid: the pid of the process to send a message - * @dst_pid: the pid of the process to talk to, i.e., pid =3D 0 for kernel - * @protocol: netlink protocol - * @groups: the group identifier - * - * Send the given message to the netlink layer and receive response. - * Returns 0 on success, -1 on error. In case of error, no response - * buffer will be returned. - */ -int virNetlinkCommand(struct nl_msg *nl_msg, - struct nlmsghdr **resp, unsigned int *respbuflen, - uint32_t src_pid, uint32_t dst_pid, - unsigned int protocol, unsigned int groups) +static virNetlinkHandle * +virNetlinkDoCommand(struct nl_msg *nl_msg, uint32_t src_pid, + struct sockaddr_nl nladdr, + unsigned int protocol, unsigned int groups) { - int ret =3D -1; - struct sockaddr_nl nladdr =3D { - .nl_family =3D AF_NETLINK, - .nl_pid =3D dst_pid, - .nl_groups =3D 0, - }; ssize_t nbytes; - struct pollfd fds[1]; int fd; int n; - struct nlmsghdr *nlmsg =3D nlmsg_hdr(nl_msg); virNetlinkHandle *nlhandle =3D NULL; - int len =3D 0; + struct pollfd fds[1]; + struct nlmsghdr *nlmsg =3D nlmsg_hdr(nl_msg); =20 if (protocol >=3D MAX_LINKS) { virReportSystemError(EINVAL, _("invalid protocol argument: %d"), protocol); - goto cleanup; + goto error; } =20 if (!(nlhandle =3D virNetlinkCreateSocket(protocol))) - goto cleanup; + goto error; =20 fd =3D nl_socket_get_fd(nlhandle); if (fd < 0) { virReportSystemError(errno, "%s", _("cannot get netlink socket fd")); - goto cleanup; + goto error; } =20 if (groups && nl_socket_add_membership(nlhandle, groups) < 0) { virReportSystemError(errno, "%s", _("cannot add netlink membership")); - goto cleanup; + goto error; } =20 nlmsg_set_dst(nl_msg, &nladdr); @@ -274,10 +251,11 @@ int virNetlinkCommand(struct nl_msg *nl_msg, if (nbytes < 0) { virReportSystemError(errno, "%s", _("cannot send to netlink socket")); - goto cleanup; + goto error; } =20 memset(fds, 0, sizeof(fds)); + fds[0].fd =3D fd; fds[0].events =3D POLLIN; =20 @@ -289,9 +267,51 @@ int virNetlinkCommand(struct nl_msg *nl_msg, if (n =3D=3D 0) virReportSystemError(ETIMEDOUT, "%s", _("no valid netlink response was received= ")); - goto cleanup; } =20 + return nlhandle; + + error: + virNetlinkFree(nlhandle); + return NULL; +} + +/** + * virNetlinkCommand: + * @nlmsg: pointer to netlink message + * @respbuf: pointer to pointer where response buffer will be allocated + * @respbuflen: pointer to integer holding the size of the response buffer + * on return of the function. + * @src_pid: the pid of the process to send a message + * @dst_pid: the pid of the process to talk to, i.e., pid =3D 0 for kernel + * @protocol: netlink protocol + * @groups: the group identifier + * + * Send the given message to the netlink layer and receive response. + * Returns 0 on success, -1 on error. In case of error, no response + * buffer will be returned. + */ +int virNetlinkCommand(struct nl_msg *nl_msg, + struct nlmsghdr **resp, unsigned int *respbuflen, + uint32_t src_pid, uint32_t dst_pid, + unsigned int protocol, unsigned int groups) +{ + int ret =3D -1; + struct sockaddr_nl nladdr =3D { + .nl_family =3D AF_NETLINK, + .nl_pid =3D dst_pid, + .nl_groups =3D 0, + }; + struct pollfd fds[1]; + virNetlinkHandle *nlhandle =3D NULL; + int len =3D 0; + + memset(fds, 0, sizeof(fds)); + + if (!(nlhandle =3D virNetlinkDoCommand(nl_msg, src_pid, nladdr, + protocol, groups))) + goto cleanup; + len =3D nl_recv(nlhandle, &nladdr, (unsigned char **)resp, NULL); if (len =3D=3D 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", --=20 2.11.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 17:27:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.39 as permitted sender) client-ip=209.132.183.39; envelope-from=libvir-list-bounces@redhat.com; helo=mx6-phx2.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.39 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx6-phx2.redhat.com (mx6-phx2.redhat.com [209.132.183.39]) by mx.zohomail.com with SMTPS id 1488553496880127.27132777685881; Fri, 3 Mar 2017 07:04:56 -0800 (PST) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx6-phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v23F0W0x013088; Fri, 3 Mar 2017 10:00:32 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v23F0V6e029232 for ; Fri, 3 Mar 2017 10:00:31 -0500 Received: from mx1.redhat.com (ext-mx04.extmail.prod.ext.phx2.redhat.com [10.5.110.28]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v23F0VfL011916 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 3 Mar 2017 10:00:31 -0500 Received: from smtp.nue.novell.com (smtp.nue.novell.com [195.135.221.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B93C48048D for ; Fri, 3 Mar 2017 15:00:29 +0000 (UTC) Received: from laptop.vms (mhy71-2-88-167-63-197.fbx.proxad.net [88.167.63.197]) by smtp.nue.novell.com with ESMTP (TLS encrypted); Fri, 03 Mar 2017 16:00:27 +0100 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= To: libvir-list@redhat.com Date: Fri, 3 Mar 2017 16:00:20 +0100 Message-Id: <20170303150022.2524-3-cbosdonnat@suse.com> In-Reply-To: <20170303150022.2524-1-cbosdonnat@suse.com> References: <20170303150022.2524-1-cbosdonnat@suse.com> X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 203 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Fri, 03 Mar 2017 15:00:30 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Fri, 03 Mar 2017 15:00:30 +0000 (UTC) for IP:'195.135.221.5' DOMAIN:'smtp.nue.novell.com' HELO:'smtp.nue.novell.com' FROM:'cbosdonnat@suse.com' RCPT:'' X-RedHat-Spam-Score: -1.501 (BAYES_50, RCVD_IN_DNSWL_MED, SPF_PASS) 195.135.221.5 smtp.nue.novell.com 195.135.221.5 smtp.nue.novell.com X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Scanned-By: MIMEDefang 2.78 on 10.5.110.28 X-loop: libvir-list@redhat.com Cc: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= Subject: [libvirt] [PATCH 2/4] util: add virNetlinkDumpCommand() X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" virNetlinkCommand() processes only one response message, while some netlink commands like routes dumping need to process several ones. Add virNetlinkDumpCommand() as a virNetlinkCommand() sister. --- src/libvirt_private.syms | 1 + src/util/virnetlink.c | 55 ++++++++++++++++++++++++++++++++++++++++++++= ++++ src/util/virnetlink.h | 9 ++++++++ 3 files changed, 65 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index bce0487ab..71143851c 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2117,6 +2117,7 @@ virNetDevVPortProfileOpTypeToString; # util/virnetlink.h virNetlinkCommand; virNetlinkDelLink; +virNetlinkDumpCommand; virNetlinkDumpLink; virNetlinkEventAddClient; virNetlinkEventRemoveClient; diff --git a/src/util/virnetlink.c b/src/util/virnetlink.c index 5fb49251c..4747ba5a4 100644 --- a/src/util/virnetlink.c +++ b/src/util/virnetlink.c @@ -335,6 +335,49 @@ int virNetlinkCommand(struct nl_msg *nl_msg, return ret; } =20 +int +virNetlinkDumpCommand(struct nl_msg *nl_msg, + virNetlinkDumpCallback callback, + uint32_t src_pid, uint32_t dst_pid, + unsigned int protocol, unsigned int groups, + void *opaque) +{ + int ret =3D -1; + bool end =3D false; + int len =3D 0; + struct nlmsghdr *resp =3D NULL; + struct nlmsghdr *msg =3D NULL; + + struct sockaddr_nl nladdr =3D { + .nl_family =3D AF_NETLINK, + .nl_pid =3D dst_pid, + .nl_groups =3D 0, + }; + virNetlinkHandle *nlhandle =3D NULL; + + if (!(nlhandle =3D virNetlinkDoCommand(nl_msg, src_pid, nladdr, + protocol, groups))) + goto cleanup; + + while (!end) { + len =3D nl_recv(nlhandle, &nladdr, (unsigned char **)&resp, NULL); + + for (msg =3D resp; NLMSG_OK(msg, len); msg =3D NLMSG_NEXT(msg, len= )) { + if (msg->nlmsg_type =3D=3D NLMSG_DONE) + end =3D true; + + if (callback(msg, opaque) < 0) + goto cleanup; + } + } + + ret =3D 0; + + cleanup: + virNetlinkFree(nlhandle); + return ret; +} + =20 /** * virNetlinkDumpLink: @@ -1062,6 +1105,18 @@ int virNetlinkCommand(struct nl_msg *nl_msg ATTRIBUT= E_UNUSED, return -1; } =20 +int +virNetlinkDumpCommand(struct nl_msg *nl_msg ATTRIBUTE_UNUSED, + virNetlinkDumpCallback callback ATTRIBUTE_UNUSED, + uint32_t src_pid ATTRIBUTE_UNUSED, + uint32_t dst_pid ATTRIBUTE_UNUSED, + unsigned int protocol ATTRIBUTE_UNUSED, + unsigned int groups ATTRIBUTE_UNUSED, + void *opaque ATTRIBUTE_UNUSED) +{ + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _(unsupported)); + return -1; +} =20 int virNetlinkDumpLink(const char *ifname ATTRIBUTE_UNUSED, diff --git a/src/util/virnetlink.h b/src/util/virnetlink.h index 11e817c82..088b01343 100644 --- a/src/util/virnetlink.h +++ b/src/util/virnetlink.h @@ -52,6 +52,15 @@ int virNetlinkCommand(struct nl_msg *nl_msg, uint32_t src_pid, uint32_t dst_pid, unsigned int protocol, unsigned int groups); =20 +typedef int (*virNetlinkDumpCallback)(const struct nlmsghdr *resp, + void *data); + +int virNetlinkDumpCommand(struct nl_msg *nl_msg, + virNetlinkDumpCallback callback, + uint32_t src_pid, uint32_t dst_pid, + unsigned int protocol, unsigned int groups, + void *opaque); + typedef int (*virNetlinkDelLinkFallback)(const char *ifname); =20 int virNetlinkDelLink(const char *ifname, virNetlinkDelLinkFallback fallba= ck); --=20 2.11.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 17:27:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.24 as permitted sender) client-ip=209.132.183.24; envelope-from=libvir-list-bounces@redhat.com; helo=mx3-phx2.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.24 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by mx.zohomail.com with SMTPS id 1488553535761882.1874300682903; Fri, 3 Mar 2017 07:05:35 -0800 (PST) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v23F1aeT011781; Fri, 3 Mar 2017 10:01:36 -0500 Received: from smtp.corp.redhat.com (int-mx16.intmail.prod.int.phx2.redhat.com [10.5.11.28]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v23F0X1T029248 for ; Fri, 3 Mar 2017 10:00:33 -0500 Received: by smtp.corp.redhat.com (Postfix) id 013DD15A87; Fri, 3 Mar 2017 15:00:33 +0000 (UTC) Received: from mx1.redhat.com (ext-mx05.extmail.prod.ext.phx2.redhat.com [10.5.110.29]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D32F715A82 for ; Fri, 3 Mar 2017 15:00:32 +0000 (UTC) Received: from smtp.nue.novell.com (smtp.nue.novell.com [195.135.221.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1CC553A76AF for ; Fri, 3 Mar 2017 15:00:30 +0000 (UTC) Received: from laptop.vms (mhy71-2-88-167-63-197.fbx.proxad.net [88.167.63.197]) by smtp.nue.novell.com with ESMTP (TLS encrypted); Fri, 03 Mar 2017 16:00:27 +0100 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= To: libvir-list@redhat.com Date: Fri, 3 Mar 2017 16:00:21 +0100 Message-Id: <20170303150022.2524-4-cbosdonnat@suse.com> In-Reply-To: <20170303150022.2524-1-cbosdonnat@suse.com> References: <20170303150022.2524-1-cbosdonnat@suse.com> X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 203 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Fri, 03 Mar 2017 15:00:31 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Fri, 03 Mar 2017 15:00:31 +0000 (UTC) for IP:'195.135.221.5' DOMAIN:'smtp.nue.novell.com' HELO:'smtp.nue.novell.com' FROM:'cbosdonnat@suse.com' RCPT:'' X-RedHat-Spam-Score: -1.501 (BAYES_50, RCVD_IN_DNSWL_MED, SPF_PASS) 195.135.221.5 smtp.nue.novell.com 195.135.221.5 smtp.nue.novell.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.29 X-Scanned-By: MIMEDefang 2.74 on 10.5.11.28 X-loop: libvir-list@redhat.com Cc: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= Subject: [libvirt] [PATCH 3/4] bridge_driver.c: more uses of SYSCTL_PATH X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Replace a few occurences of /proc/sys by the corresponding macro defined a few lines after: SYSCTL_PATH --- src/network/bridge_driver.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index c5ec2823d..3f6561055 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -85,6 +85,8 @@ */ #define VIR_NETWORK_DHCP_LEASE_FILE_SIZE_MAX (32 * 1024 * 1024) =20 +#define SYSCTL_PATH "/proc/sys" + VIR_LOG_INIT("network.bridge_driver"); =20 static virNetworkDriverStatePtr network_driver; @@ -2080,15 +2082,14 @@ networkEnableIPForwarding(bool enableIPv4, bool ena= bleIPv6) &enabled, sizeof(enabled)); #else if (enableIPv4) - ret =3D virFileWriteStr("/proc/sys/net/ipv4/ip_forward", "1\n", 0); + ret =3D virFileWriteStr(SYSCTL_PATH "/net/ipv4/ip_forward", "1\n",= 0); if (enableIPv6 && ret =3D=3D 0) - ret =3D virFileWriteStr("/proc/sys/net/ipv6/conf/all/forwarding", = "1\n", 0); + ret =3D virFileWriteStr(SYSCTL_PATH "/net/ipv6/conf/all/forwarding= ", "1\n", 0); + #endif return ret; } =20 -#define SYSCTL_PATH "/proc/sys" - static int networkSetIPv6Sysctls(virNetworkObjPtr network) { --=20 2.11.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri May 3 17:27:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.39 as permitted sender) client-ip=209.132.183.39; envelope-from=libvir-list-bounces@redhat.com; helo=mx6-phx2.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.39 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx6-phx2.redhat.com (mx6-phx2.redhat.com [209.132.183.39]) by mx.zohomail.com with SMTPS id 1488553533239255.96391472475136; Fri, 3 Mar 2017 07:05:33 -0800 (PST) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx6-phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v23F2EPk013608; Fri, 3 Mar 2017 10:02:14 -0500 Received: from smtp.corp.redhat.com (int-mx16.intmail.prod.int.phx2.redhat.com [10.5.11.28]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v23F0XLa029264 for ; Fri, 3 Mar 2017 10:00:33 -0500 Received: by smtp.corp.redhat.com (Postfix) id DB6212D5ED; Fri, 3 Mar 2017 15:00:33 +0000 (UTC) Received: from mx1.redhat.com (ext-mx08.extmail.prod.ext.phx2.redhat.com [10.5.110.32]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D07862D5D2 for ; Fri, 3 Mar 2017 15:00:33 +0000 (UTC) Received: from smtp.nue.novell.com (smtp.nue.novell.com [195.135.221.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 91FEBC057FA4 for ; Fri, 3 Mar 2017 15:00:30 +0000 (UTC) Received: from laptop.vms (mhy71-2-88-167-63-197.fbx.proxad.net [88.167.63.197]) by smtp.nue.novell.com with ESMTP (TLS encrypted); Fri, 03 Mar 2017 16:00:27 +0100 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= To: libvir-list@redhat.com Date: Fri, 3 Mar 2017 16:00:22 +0100 Message-Id: <20170303150022.2524-5-cbosdonnat@suse.com> In-Reply-To: <20170303150022.2524-1-cbosdonnat@suse.com> References: <20170303150022.2524-1-cbosdonnat@suse.com> X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 202 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 03 Mar 2017 15:00:31 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 03 Mar 2017 15:00:31 +0000 (UTC) for IP:'195.135.221.5' DOMAIN:'smtp.nue.novell.com' HELO:'smtp.nue.novell.com' FROM:'cbosdonnat@suse.com' RCPT:'' X-RedHat-Spam-Score: -1.501 (BAYES_50, RCVD_IN_DNSWL_MED, SPF_PASS) 195.135.221.5 smtp.nue.novell.com 195.135.221.5 smtp.nue.novell.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.32 X-Scanned-By: MIMEDefang 2.74 on 10.5.11.28 X-loop: libvir-list@redhat.com Cc: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= Subject: [libvirt] [PATCH 4/4] network: check accept_ra before enabling ipv6 forwarding X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" When enabling IPv6 on all interfaces, we may get the host Router Advertisement routes discarded. To avoid this, the user needs to set accept_ra to 2 for the interfaces with such routes. See https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt on this topic. To avoid user mistakenly loosing routes on their hosts, check accept_ra values before enabling IPv6 forwarding. If a RA route is detected, but neither the corresponding device nor global accept_ra is set to 2, the network will fail to start. --- src/network/bridge_driver.c | 178 ++++++++++++++++++++++++++++++++++++++++= ++-- 1 file changed, 173 insertions(+), 5 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 3f6561055..1ac837f7f 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -61,6 +61,7 @@ #include "virlog.h" #include "virdnsmasq.h" #include "configmake.h" +#include "virnetlink.h" #include "virnetdev.h" #include "virnetdevip.h" #include "virnetdevbridge.h" @@ -2067,6 +2068,168 @@ networkReloadFirewallRules(virNetworkDriverStatePtr= driver) NULL); } =20 +static int +networkGetAcceptRA(const char *ifname) +{ + char *path =3D NULL; + char *buf =3D NULL; + char *suffix; + int accept_ra =3D -1; + + if (virAsprintf(&path, SYSCTL_PATH "/net/ipv6/conf/%s/accept_ra", + ifname ? ifname : "all") < 0) + goto cleanup; + + if ((virFileReadAll(path, 512, &buf) < 0) || + (virStrToLong_i(buf, &suffix, 10, &accept_ra) < 0)) + goto cleanup; + + cleanup: + VIR_FREE(path); + VIR_FREE(buf); + + return accept_ra; +} + +#if defined(__linux__) && defined(HAVE_LIBNL) +struct networkIPv6CheckData { + bool hasRARoutes; + + /* Devices with conflicting accept_ra */ + char **devices; + size_t ndevices; +}; + +static int +networkCheckIPv6ForwardingCallback(const struct nlmsghdr *resp, + void *opaque) +{ + struct rtmsg *rtmsg =3D NLMSG_DATA(resp); + int accept_ra =3D -1; + struct rtattr *rta; + char *ifname =3D NULL; + char name[IFNAMSIZ]; + struct networkIPv6CheckData *data =3D opaque; + int ret =3D 0; + int len =3D RTM_PAYLOAD(resp); + int oif =3D -1; + + /* Ignore messages other than route ones */ + if (resp->nlmsg_type !=3D RTM_NEWROUTE) + return ret; + + memset(&name, 0, sizeof(name)); + + /* Extract a few attributes */ + for (rta =3D RTM_RTA(rtmsg); RTA_OK(rta, len); rta =3D RTA_NEXT(rta, l= en)) { + switch (rta->rta_type) { + case RTA_OIF: + oif =3D *(int *)RTA_DATA(rta); + if (!if_indextoname(oif, name) || VIR_STRDUP(ifname, name) < 0) + VIR_DEBUG("Failed to convert OIF to a device name"); + break; + } + } + + /* No need to do anything else for non RA routes */ + if (rtmsg->rtm_protocol !=3D RTPROT_RA) + goto cleanup; + + data->hasRARoutes =3D true; + + /* Check the accept_ra value for the interface */ + accept_ra =3D networkGetAcceptRA(ifname); + VIR_DEBUG("Checking route for device %s, accept_ra: %d", ifname, accep= t_ra); + + if (accept_ra !=3D 2 && VIR_APPEND_ELEMENT(data->devices, data->ndevic= es, ifname) < 0) + ret =3D -1; + + cleanup: + VIR_FREE(ifname); + return ret; +} + +static bool +networkCheckIPv6Forwarding(void) +{ + struct nl_msg *nlmsg =3D NULL; + bool valid =3D false; + struct rtgenmsg genmsg; + size_t i; + struct networkIPv6CheckData data =3D { + .hasRARoutes =3D false, + .devices =3D NULL, + .ndevices =3D 0 + }; + + + /* Prepare the request message */ + if (!(nlmsg =3D nlmsg_alloc_simple(RTM_GETROUTE, + NLM_F_REQUEST | NLM_F_DUMP))) { + virReportOOMError(); + goto cleanup; + } + + memset(&genmsg, 0, sizeof(genmsg)); + genmsg.rtgen_family =3D AF_INET6; + + if (nlmsg_append(nlmsg, &genmsg, sizeof(genmsg), NLMSG_ALIGNTO) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("allocated netlink buffer is too small")); + goto cleanup; + } + + /* Send the request and loop over the responses */ + if (virNetlinkDumpCommand(nlmsg, networkCheckIPv6ForwardingCallback, 0= , 0, + NETLINK_ROUTE, 0, &data) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Failed to loop over routes")); + goto cleanup; + } + + valid =3D !data.hasRARoutes || data.ndevices =3D=3D 0; + + /* Check the global accept_ra if at least one isn't set on a + per-device basis */ + if (!valid && data.hasRARoutes) { + int accept_ra =3D networkGetAcceptRA(NULL); + valid =3D accept_ra =3D=3D 2; + VIR_DEBUG("Checked global accept_ra: %d", accept_ra); + } + + if (!valid) { + virBuffer buf =3D VIR_BUFFER_INITIALIZER; + for (i =3D 0; i < data.ndevices; i++) { + virBufferAdd(&buf, data.devices[i], -1); + if (i < data.ndevices - 1) + virBufferAddLit(&buf, ", "); + } + + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Check the host setup: enabling IPv6 forwarding w= ith " + "RA routes without accept_ra set to 2 is likely t= o cause " + "routes loss. Interfaces to look at: %s"), + virBufferCurrentContent(&buf)); + virBufferFreeAndReset(&buf); + } + + cleanup: + nlmsg_free(nlmsg); + for (i =3D 0; i < data.ndevices; i++) + VIR_FREE(data.devices[i]); + return valid; +} + +#else /* defined(__linux__) && defined(HAVE_LIBNL) */ + +static bool +networkCheckIPv6Forwarding(void) +{ + VIR_WARN("built without libnl: unable to check if IPv6 forwarding can = be safely enabled"); + return true; +} +#endif /* defined(__linux__) && defined(HAVE_LIBNL) */ + /* Enable IP Forwarding. Return 0 for success, -1 for failure. */ static int networkEnableIPForwarding(bool enableIPv4, bool enableIPv6) @@ -2377,11 +2540,16 @@ networkStartNetworkVirtual(virNetworkDriverStatePtr= driver, } =20 /* If forward.type !=3D NONE, turn on global IP forwarding */ - if (network->def->forward.type !=3D VIR_NETWORK_FORWARD_NONE && - networkEnableIPForwarding(v4present, v6present) < 0) { - virReportSystemError(errno, "%s", - _("failed to enable IP forwarding")); - goto err3; + if (network->def->forward.type !=3D VIR_NETWORK_FORWARD_NONE) { + if (!networkCheckIPv6Forwarding()) + goto err3; /* Precise error message already provided */ + + + if (networkEnableIPForwarding(v4present, v6present) < 0) { + virReportSystemError(errno, "%s", + _("failed to enable IP forwarding")); + goto err3; + } } =20 =20 --=20 2.11.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list