netlink/route: validate family attribute

PR: 283818

netlink/route: fix fib number validation in old Linux compat mode

The value passed via old field also needs to be validated.

PR: 283848
Fixes: f34aca55adef1e28cd68b2e6705a0cac03f0238e

netlink/route: fix nlattr_get_multipath() to check length

of supplied nexthop sub-attributes. While here, use unsigned types for
length calculations and improve style(9).

PR: 283860

netlink: restore the ability to delete PINNED routes

route(8) had such ability before migration to netlink. To be able
to delete PINNED routes we pass RTM_F_FORCE to rib_del_route_px()
when userland

netlink: restore the ability to delete PINNED routes

route(8) had such ability before migration to netlink. To be able
to delete PINNED routes we pass RTM_F_FORCE to rib_del_route_px()
when userland uses RTF_PINNED flag with RTM_DELETE command.
This is hackish way for route(8) tool, that third-party software
usually doesn't use.

PR: 279988
Tested by: franco at opnsense org
Discussed with: glebius
MFC after: 10 days
Differential Revision: https://reviews.freebsd.org/D46301

show more ...

netlink: augment group writer with priv(9) argument

This will allow to broadcast messages visible only to priveleged
subscribers.

Reviewed by: melifaro
Differential Revision: https://reviews.freeb

netlink: augment group writer with priv(9) argument

This will allow to broadcast messages visible only to priveleged
subscribers.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D48307

show more ...

netlink: use nitems() and roundup(2) from param.h

While here style nested includes (kernel ones go first).

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D47557

netlink: refactor writer initialization KPI

o Allow callers to initialize a writer that will malloc(9) with M_WAITOK.
o Use size_t for expected malloc size.
o Use correct types to initialize a group

netlink: refactor writer initialization KPI

o Allow callers to initialize a writer that will malloc(9) with M_WAITOK.
o Use size_t for expected malloc size.
o Use correct types to initialize a group writer.
o Rename functions into nl_writer_ namespace instead of nlmsg_, cause
they are working on nl_writer, not on nlmsg.
o Make the KPI responsible to sparsely initialize the writer structure.
o Garbage collect chain writer. Fixes 17083b94a915.

All current consumers are left as is, however some may benefit from
M_WAITOK allocation as well as supplying a correct expected size.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D47549

show more ...

netlink/route: provide pre-2.6.19 Linux compat shim

The old Linux used 8-bit rtm_table field of the RTM_NEWROUTE message to
specify routing table id. Modern netlink uses RTA_TABLE 32-bit attribute.

netlink/route: provide pre-2.6.19 Linux compat shim

The old Linux used 8-bit rtm_table field of the RTM_NEWROUTE message to
specify routing table id. Modern netlink uses RTA_TABLE 32-bit attribute.

Unfortunately, there is modern software (namely bird) that would prefer
the old API as long as the routing table id fits into 8-bit.

PR: 279662

show more ...

netlink: use protocol specific receive buffer

Implement Netlink socket receive buffer as a simple TAILQ of nl_buf's,
same part of struct sockbuf that is used for send buffer already.
This shaves a l

netlink: use protocol specific receive buffer

Implement Netlink socket receive buffer as a simple TAILQ of nl_buf's,
same part of struct sockbuf that is used for send buffer already.
This shaves a lot of code and a lot of extra processing. The pcb rids
of the I/O queues as the socket buffer is exactly the queue. The
message writer is simplified a lot, as we now always deal with linear
buf. Notion of different buffer types goes away as way as different
kinds of writers. The only things remaining are: a socket writer and
a group writer.
The impact on the network stack is that we no longer use mbufs, so
a workaround from d18715475071 disappears.

Note on message throttling. Now the taskqueue throttling mechanism
needs to look at both socket buffers protected by their respective
locks and on flags in the pcb that are protected by the pcb lock.
There is definitely some room for optimization, but this changes tries
to preserve as much as possible.

Note on new nl_soreceive(). It emulates soreceive_generic(). It
must undergo further optimization, see large comment put in there.

Note on tests/sys/netlink/test_netlink_message_writer.py. This test
boiled down almost to nothing with mbufs removed. However, I left
it with minimal functionality (it basically checks that allocating N
bytes we get N bytes) as it is one of not so many examples of ktest
framework that allows to test KPIs with python.

Note on Linux support. It got much simplier: Netlink message writer
loses notion of Linux support lifetime, it is same regardless of
process ABI. On socket write from Linux process we perform
conversion immediately in nl_receive_message() and on an output
conversion to Linux happens in in nl_send_one(). XXX: both
conversions use M_NOWAIT allocation, which used to be the case
before this change, too.

Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D42524

show more ...

netlink: fix adding an interface route

route add <host> -iface <netif>" for a netif without an IPv4/IPv6
address fails with EINVAL. Need to use a link-level ifaddr for gw if
an ifaddr for dst is not

netlink: fix adding an interface route

route add <host> -iface <netif>" for a netif without an IPv4/IPv6
address fails with EINVAL. Need to use a link-level ifaddr for gw if
an ifaddr for dst is not found as the rtsock-based implementation does.

PR: 275341
Reported by: Sean Cody <sean@tinfoilhat.ca>
Reviewed by: rcm
Tested by: rcm
Approved by: kp (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41330

show more ...

netlink: move NETLINK define to opt_global.h

Move the NETLINK define into opt_global.h so we can rely on it being
set correctly, without having to remember to include opt_netlink.h.
This ensures tha

netlink: move NETLINK define to opt_global.h

Move the NETLINK define into opt_global.h so we can rely on it being
set correctly, without having to remember to include opt_netlink.h.
This ensures that the NETLINK define is correctly set. If not we
may end up with unloadable modules, due to missing symbols (such as
nlmsg_get_group_writer).

PR: 274306
Reviewed by: imp, markj
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D42179

show more ...

sys: Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

netlink: convert to IfAPI.

Convert to IfAPI everything except `IF_AFDATA_WLOCK` usage in neigh.c.

Reviewed By: jhibbits
Differential Revision: https://reviews.freebsd.org/D40577

netlink: add an optional post-process hook to the message parsers.

It is primarily used for adding scopeid to the IPv6 link-local
sockaddrs. Having proper sockaddrs after parsing minimises the
pos

netlink: add an optional post-process hook to the message parsers.

It is primarily used for adding scopeid to the IPv6 link-local
sockaddrs. Having proper sockaddrs after parsing minimises the
possibility of human mistake when using the parsing.

MFC after: 2 weeks

show more ...

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

show more ...

netlink: reduce default log levels

Reduce the default log level for netlink to LOG_INFO. This removes a
number of messages such as

> [nl_iface] dump_sa: unsupported family: 0, skipping
or
> [nl_ifa

netlink: reduce default log levels

Reduce the default log level for netlink to LOG_INFO. This removes a
number of messages such as

> [nl_iface] dump_sa: unsupported family: 0, skipping
or
> [nl_iface] get_operstate_ether: error calling SIOCGIFMEDIA on vlan0: 22

that are useful for debugging, but not for most users.

Reviewed by: melifaro
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D40062

show more ...

netlink: fix operations with link-local routes/gateways.

MFC after: 3 days

netlink: improve source ifa selection algorithm when adding routes.

Use route destination sockaddr when the gateway is eiter AF_LINK or
has the different family (IPv4 over IPv6). This change ensure

netlink: improve source ifa selection algorithm when adding routes.

Use route destination sockaddr when the gateway is eiter AF_LINK or
has the different family (IPv4 over IPv6). This change ensures
the nexthop IFA has the same family as the destination.

Reported by: Dmitriy Smirnov <fox@sage.su>
Tested by: Dmitriy Smirnov <fox@sage.su>
MFC after: 3 days

show more ...

netlink: set prefix-related flags to the created nexthop.

This fixes incorrect flag combinations when adding IPv4/IPv6 host
routes.

MFC after: 3 days

netlink: allow exact-match route lookups via RTM_GETROUTE.

Use already-existing RTM_F_PREFIX rtm_flag to indicate that the
request assumes exact-prefix lookup instead of the
longest-prefix-match.

netlink: allow exact-match route lookups via RTM_GETROUTE.

Use already-existing RTM_F_PREFIX rtm_flag to indicate that the
request assumes exact-prefix lookup instead of the
longest-prefix-match.

MFC after: 2 weeks

show more ...

netlink: Fix adding routes with nexthops on p2p interfaces.

Use full-featured ifa_ifwithroute() to guess route ifa/ifp
instead of ifa_ifwithnet(). This change makes the route addition
logic closer

netlink: Fix adding routes with nexthops on p2p interfaces.

Use full-featured ifa_ifwithroute() to guess route ifa/ifp
instead of ifa_ifwithnet(). This change makes the route addition
logic closer to the rt_getifa_fib() used by rtsock.

Reported by: glebius
Tested by: glebius
Differential Revision: https://reviews.freebsd.org/D39335
MFC after: 2 weeks

show more ...

netlink: add netlink KPI to the kernel by default

This change does the following:

Base Netlink KPIs (ability to register the family, parse and/or
write a Netlink message) are always present in the

netlink: add netlink KPI to the kernel by default

This change does the following:

Base Netlink KPIs (ability to register the family, parse and/or
write a Netlink message) are always present in the kernel. Specifically,
* Implementation of genetlink family/group registration/removal,
some base accessors (netlink_generic_kpi.c, 260 LoC) are compiled in
unconditionally.
* Basic TLV parser functions (netlink_message_parser.c, 507 LoC) are
compiled in unconditionally.
* Glue functions (netlink<>rtsock), malloc/core sysctl definitions
(netlink_glue.c, 259 LoC) are compiled in unconditionally.
* The rest of the KPI _functions_ are defined in the netlink_glue.c,
but their implementation calls a pointer to either the stub function
or the actual function, depending on whether the module is loaded or not.

This approach allows to have only 1k LoC out of ~3.7k LoC (current
sys/netlink implementation) in the kernel, which will not grow further.
It also allows for the generic netlink kernel customers to load
successfully without requiring Netlink module and operate correctly
once Netlink module is loaded.

Reviewed by: imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D39269

show more ...

netlink: remove forgotten debug message in handle_rtm_getroute().

MFC after: 2 weeks

netlink: allow netlink sockets in non-vnet jails.

This change allow to open Netlink sockets in the non-vnet jails, even for
unpriviledged processes.
The security model largely follows the existing

netlink: allow netlink sockets in non-vnet jails.

This change allow to open Netlink sockets in the non-vnet jails, even for
unpriviledged processes.
The security model largely follows the existing one. To be more specific:
* by default, every `NETLINK_ROUTE` command is **NOT** allowed in non-VNET
jail UNLESS `RTNL_F_ALLOW_NONVNET_JAIL` flag is specified in the command
handler.
* All notifications are **disabled** for non-vnet jails (requests to
subscribe for the notifications are ignored). This will change to be more
fine-grained model once the first netlink provider requiring this gets
committed.
* Listing interfaces (RTM_GETLINK) is **allowed** w/o limits (**including**
interfaces w/o any addresses attached to the jail). The value of this is
questionable, but it follows the existing approach.
* Listing ARP/NDP neighbours is **forbidden**. This is a **change** from the
current approach - currently we list static ARP/ND entries belonging to the
addresses attached to the jail.
* Listing interface addresses is **allowed**, but the addresses are filtered
to match only ones attached to the jail.
* Listing routes is **allowed**, but the routes are filtered to provide only
host routes matching the addresses attached to the jail.
* By default, every `NETLINK_GENERIC` command is **allowed** in non-VNET jail
(as sub-families may be unrelated to network at all).
It is the goal of the family author to implement the restriction if
necessary.

Differential Revision: https://reviews.freebsd.org/D39206
MFC after: 1 month

show more ...

netlink: fix addition of blackhole/reject routes.

* Make nhop_set_blackhole() set all necessary properties for the
nexthop
* Make nexthops blackhole/reject based on the rtm_type netlink
property i

netlink: fix addition of blackhole/reject routes.

* Make nhop_set_blackhole() set all necessary properties for the
nexthop
* Make nexthops blackhole/reject based on the rtm_type netlink
property instead of using rtflags.

Reported by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
MFC after: 3 days

show more ...