netlink: fix a panic with verbose debugging printfs

While here improve general debugging of this function.

Fixes: 660bd40a598a498ad850911772fcff3f2511875a

netlink: provide genl_unregister_group()

Cause generic netlink group IDs are dynamic, we go through all sockets
and unsubscribe from the group that goes away. Otherwise they could be
surprisingly f

netlink: provide genl_unregister_group()

Cause generic netlink group IDs are dynamic, we go through all sockets
and unsubscribe from the group that goes away. Otherwise they could be
surprisingly find themselves subscribed to a group created later.

show more ...

netlink: don't store an extra pointer to so_cred

netlink: rename functions that manipulate group membership of a pcb

Use nlp_ prefix for them, cause they operate on single pcb. Use words
"join" and "leave" instead of "add" and "del", cause we are

netlink: rename functions that manipulate group membership of a pcb

Use nlp_ prefix for them, cause they operate on single pcb. Use words
"join" and "leave" instead of "add" and "del", cause we aren't creating
or destroying groups, we are just joining or leaving.
Really assert locks instead of just having "locked" suffix.

show more ...

netlink: initialize VNET context with VNET_SYSINIT()

With the initial check-in netlink(4) was very conservative with regards to
using memory and intrusiveness to the kernel and network stack. In
par

netlink: initialize VNET context with VNET_SYSINIT()

With the initial check-in netlink(4) was very conservative with regards to
using memory and intrusiveness to the kernel and network stack. In
particular it would initialize the VNET context only on the first actuall
call to socket(PF_NETLINK), saving on allocation of a struct nl_control of
size 224 bytes.

Now it is clear that netlink(4) is primary citizen of FreeBSD, with a set
of system tools using it. So resort to normal VNET_SYSINIT() and with
that shave a lot of complexity, since after the change V_nl_ctl is
immutable.

show more ...

netlink: remove _pru_ prefix from protosw method names

This is a relic that doesn't has any value now.

netlink: avoid underflow of groups bitset index

The subtraction is absolutely unnecessary and created an underflow with
926d2eadcb67. I don't see why it was useful before 926d2eadcb67 and even
befo

netlink: avoid underflow of groups bitset index

The subtraction is absolutely unnecessary and created an underflow with
926d2eadcb67. I don't see why it was useful before 926d2eadcb67 and even
before edf5608bfef3. The bitset addresses bits from zero to
NLP_MAX_GROUPS-1. Note that check of user supplied argument for
NETLINK_ADD_MEMBERSHIP and NETLINK_DROP_MEMBERSHIP socket options is
already correct !(optval >= NLP_MAX_GROUPS).

Fixes: 926d2eadcb671dd26431a1082d4c49c3d5ad7f22

show more ...

netlink: augment group writer with priv(9) argument

This will allow to broadcast messages visible only to priveleged
subscribers.

Reviewed by: melifaro
Differential Revision: https://reviews.freeb

netlink: augment group writer with priv(9) argument

This will allow to broadcast messages visible only to priveleged
subscribers.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D48307

show more ...

netlink: use size_t through the allocation KPI

This fixes some signedness bugs and potential underflows. The length of
nl_buf is still limited by UINT_MAX and this is asserted now.

Reviewed by: m

netlink: use size_t through the allocation KPI

This fixes some signedness bugs and potential underflows. The length of
nl_buf is still limited by UINT_MAX and this is asserted now.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D47551

show more ...

netlink: use bitset(9)

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D47548

netlink: consistently use uint16_t for family id

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D47547

netlink: fix bug with socket buffer character counter underflow

Cover case when an nb that we are now reading in full had been partially
read by previous read(2) and now has positive offset. Throw

netlink: fix bug with socket buffer character counter underflow

Cover case when an nb that we are now reading in full had been partially
read by previous read(2) and now has positive offset. Throw couple
assertions that helped to catch that earlier.

show more ...

netlink: avoid putting empty mbufs on the socket queue

When processing incoming Netlink messages in nl_process_nbuf() kernel
always allocates a writer with a buffer to put generated reply to.
Howeve

netlink: avoid putting empty mbufs on the socket queue

When processing incoming Netlink messages in nl_process_nbuf() kernel
always allocates a writer with a buffer to put generated reply to.
However, certain messages aren't replied. That makes nlmsg_flush()
to put an empty buffer to the socket. Avoid doing that because avoiding
is much easier than dealing with empty buffers on the receiver side.

show more ...

netlink: improve edge case when reading out truncated last nlmsg in nb

When there is not enough space for one full message we return it truncated.
This enters special block of code that previously m

netlink: improve edge case when reading out truncated last nlmsg in nb

When there is not enough space for one full message we return it truncated.
This enters special block of code that previously may leave empty buffer
with offset == datalen in the queue. Avoid that, as dealing later with
empty buffers causes more pain than just avoiding them. While here add
missing msgrcv increment.

show more ...

netlink: fix regression with group writers

Refactoring of argument list to nl_send_one() led to derefercing
wrong union member. Rename nl_send_one() to a more generic name,
isolate anew nl_send_one

netlink: fix regression with group writers

Refactoring of argument list to nl_send_one() led to derefercing
wrong union member. Rename nl_send_one() to a more generic name,
isolate anew nl_send_one() as the callback only for the normal
writer and provide correct argument to nl_send() from nl_send_group().

Fixes: ff5ad900d2a0793659241eee96be53e6053b5081

show more ...

netlink: just return EOPNOTSUPP on shutdown(2)

This matches what Linux does.

Reviewed by: melifaro, tuexen
Differential Revision: https://reviews.freebsd.org/D43366

netlink: remove stale comment

Fixes: ff5ad900d2a0793659241eee96be53e6053b5081

netlink: refactor control data generation for recvmsg(2)

Netlink should return a very simple control data on every recvmsg(2)
syscall. This data is associated with a syscall, not with an nlmsg,
nei

netlink: refactor control data generation for recvmsg(2)

Netlink should return a very simple control data on every recvmsg(2)
syscall. This data is associated with a syscall, not with an nlmsg,
neither with internal our internal representation (nl_bufs). There is
no need to pre-allocate it in non-sleepable context and attach to
nl_buf. Allocate right in the syscall with M_WAITOK. This also
shaves lots of code and simplifies things.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D42989

show more ...

netlink: improve nl_soreceive()

The previous commit conservatively mimiced operation of soreceive_generic().
The new code does two things:
- parses Netlink message headers and always returns at leas

netlink: improve nl_soreceive()

The previous commit conservatively mimiced operation of soreceive_generic().
The new code does two things:
- parses Netlink message headers and always returns at least one full nlmsg
- hides nl_buf boundaries from the userland, copying out several at once
More details can be found in the large comment block added.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D42785

show more ...

netlink: use protocol specific receive buffer

Implement Netlink socket receive buffer as a simple TAILQ of nl_buf's,
same part of struct sockbuf that is used for send buffer already.
This shaves a l

netlink: use protocol specific receive buffer

Implement Netlink socket receive buffer as a simple TAILQ of nl_buf's,
same part of struct sockbuf that is used for send buffer already.
This shaves a lot of code and a lot of extra processing. The pcb rids
of the I/O queues as the socket buffer is exactly the queue. The
message writer is simplified a lot, as we now always deal with linear
buf. Notion of different buffer types goes away as way as different
kinds of writers. The only things remaining are: a socket writer and
a group writer.
The impact on the network stack is that we no longer use mbufs, so
a workaround from d18715475071 disappears.

Note on message throttling. Now the taskqueue throttling mechanism
needs to look at both socket buffers protected by their respective
locks and on flags in the pcb that are protected by the pcb lock.
There is definitely some room for optimization, but this changes tries
to preserve as much as possible.

Note on new nl_soreceive(). It emulates soreceive_generic(). It
must undergo further optimization, see large comment put in there.

Note on tests/sys/netlink/test_netlink_message_writer.py. This test
boiled down almost to nothing with mbufs removed. However, I left
it with minimal functionality (it basically checks that allocating N
bytes we get N bytes) as it is one of not so many examples of ktest
framework that allows to test KPIs with python.

Note on Linux support. It got much simplier: Netlink message writer
loses notion of Linux support lifetime, it is same regardless of
process ABI. On socket write from Linux process we perform
conversion immediately in nl_receive_message() and on an output
conversion to Linux happens in in nl_send_one(). XXX: both
conversions use M_NOWAIT allocation, which used to be the case
before this change, too.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D42524

show more ...

netlink: use domain specific send buffer

Instead of using generic socket code, create Netlink specific socket
buffer. It is a simple TAILQ of writes that came from userland. This
saves us one memo

netlink: use domain specific send buffer

Instead of using generic socket code, create Netlink specific socket
buffer. It is a simple TAILQ of writes that came from userland. This
saves us one memory allocation that could fail and one memory copy.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D42522

show more ...

netlink: simplify socket destruction

Destroy the socket at the file descriptor close(2). There is no
reason to linger for any longer, there are no external references.
Remove pr_detach method as no

netlink: simplify socket destruction

Destroy the socket at the file descriptor close(2). There is no
reason to linger for any longer, there are no external references.
Remove pr_detach method as nothing left to do after pr_close.
Remove pr_abort method as it shall never be executed for this type
of socket.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D42521

show more ...

sockets: don't malloc/free sockaddr memory on getpeername/getsockname

Just like it was done for accept(2) in cfb1e92912b4, use same approach
for two simplier syscalls that return socket addresses.

sockets: don't malloc/free sockaddr memory on getpeername/getsockname

Just like it was done for accept(2) in cfb1e92912b4, use same approach
for two simplier syscalls that return socket addresses. Although,
these two syscalls aren't performance critical, this change generalizes
some code between 3 syscalls trimming code size.

Following example of accept(2), provide VNET-aware and INVARIANT-checking
wrappers sopeeraddr() and sosockaddr() around protosw methods.

Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D42694

show more ...

netlink: move NETLINK define to opt_global.h

Move the NETLINK define into opt_global.h so we can rely on it being
set correctly, without having to remember to include opt_netlink.h.
This ensures tha

netlink: move NETLINK define to opt_global.h

Move the NETLINK define into opt_global.h so we can rely on it being
set correctly, without having to remember to include opt_netlink.h.
This ensures that the NETLINK define is correctly set. If not we
may end up with unloadable modules, due to missing symbols (such as
nlmsg_get_group_writer).

PR: 274306
Reviewed by: imp, markj
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D42179

show more ...

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

show more ...