1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2022 Alexander V. Chernikov <melifaro@FreeBSD.org> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28 #include <sys/cdefs.h> 29 __FBSDID("$FreeBSD$"); 30 #include "opt_inet.h" 31 #include "opt_inet6.h" 32 #include <sys/types.h> 33 #include <sys/eventhandler.h> 34 #include <sys/kernel.h> 35 #include <sys/malloc.h> 36 #include <sys/socket.h> 37 #include <sys/sockio.h> 38 #include <sys/syslog.h> 39 40 #include <net/if.h> 41 #include <net/if_dl.h> 42 #include <net/if_media.h> 43 #include <net/if_var.h> 44 #include <net/if_clone.h> 45 #include <net/route.h> 46 #include <net/route/nhop.h> 47 #include <net/route/route_ctl.h> 48 #include <netlink/netlink.h> 49 #include <netlink/netlink_ctl.h> 50 #include <netlink/netlink_route.h> 51 #include <netlink/route/route_var.h> 52 53 #include <netinet6/scope6_var.h> /* scope deembedding */ 54 55 #define DEBUG_MOD_NAME nl_iface 56 #define DEBUG_MAX_LEVEL LOG_DEBUG3 57 #include <netlink/netlink_debug.h> 58 _DECLARE_DEBUG(LOG_DEBUG); 59 60 struct netlink_walkargs { 61 struct nl_writer *nw; 62 struct nlmsghdr hdr; 63 struct nlpcb *so; 64 uint32_t fibnum; 65 int family; 66 int error; 67 int count; 68 int dumped; 69 }; 70 71 static eventhandler_tag ifdetach_event, ifattach_event, iflink_event, ifaddr_event; 72 73 static SLIST_HEAD(, nl_cloner) nl_cloners = SLIST_HEAD_INITIALIZER(nl_cloners); 74 75 static struct sx rtnl_cloner_lock; 76 SX_SYSINIT(rtnl_cloner_lock, &rtnl_cloner_lock, "rtnl cloner lock"); 77 78 static struct nl_cloner *rtnl_iface_find_cloner_locked(const char *name); 79 80 /* 81 * RTM_GETLINK request 82 * sendto(3, {{len=32, type=RTM_GETLINK, flags=NLM_F_REQUEST|NLM_F_DUMP, seq=1641940952, pid=0}, 83 * {ifi_family=AF_INET, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}}, 32, 0, NULL, 0) = 32 84 * 85 * Reply: 86 * {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_ETHER, ifi_index=if_nametoindex("enp0s31f6"), ifi_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_MULTICAST|IFF_LOWER_UP, ifi_change=0}, 87 {{nla_len=10, nla_type=IFLA_ADDRESS}, "\xfe\x54\x00\x52\x3e\x90"} 88 89 [ 90 {{nla_len=14, nla_type=IFLA_IFNAME}, "enp0s31f6"}, 91 {{nla_len=8, nla_type=IFLA_TXQLEN}, 1000}, 92 {{nla_len=5, nla_type=IFLA_OPERSTATE}, 6}, 93 {{nla_len=5, nla_type=IFLA_LINKMODE}, 0}, 94 {{nla_len=8, nla_type=IFLA_MTU}, 1500}, 95 {{nla_len=8, nla_type=IFLA_MIN_MTU}, 68}, 96 {{nla_len=8, nla_type=IFLA_MAX_MTU}, 9000}, 97 {{nla_len=8, nla_type=IFLA_GROUP}, 0}, 98 {{nla_len=8, nla_type=IFLA_PROMISCUITY}, 0}, 99 {{nla_len=8, nla_type=IFLA_NUM_TX_QUEUES}, 1}, 100 {{nla_len=8, nla_type=IFLA_GSO_MAX_SEGS}, 65535}, 101 {{nla_len=8, nla_type=IFLA_GSO_MAX_SIZE}, 65536}, 102 {{nla_len=8, nla_type=IFLA_NUM_RX_QUEUES}, 1}, 103 {{nla_len=5, nla_type=IFLA_CARRIER}, 1}, 104 {{nla_len=13, nla_type=IFLA_QDISC}, "fq_codel"}, 105 {{nla_len=8, nla_type=IFLA_CARRIER_CHANGES}, 2}, 106 {{nla_len=5, nla_type=IFLA_PROTO_DOWN}, 0}, 107 {{nla_len=8, nla_type=IFLA_CARRIER_UP_COUNT}, 1}, 108 {{nla_len=8, nla_type=IFLA_CARRIER_DOWN_COUNT}, 1}, 109 */ 110 111 struct if_state { 112 uint8_t ifla_operstate; 113 uint8_t ifla_carrier; 114 }; 115 116 static void 117 get_operstate_ether(struct ifnet *ifp, struct if_state *pstate) 118 { 119 struct ifmediareq ifmr = {}; 120 int error; 121 error = (*ifp->if_ioctl)(ifp, SIOCGIFMEDIA, (void *)&ifmr); 122 123 if (error != 0) { 124 NL_LOG(LOG_DEBUG, "error calling SIOCGIFMEDIA on %s: %d", 125 if_name(ifp), error); 126 return; 127 } 128 129 switch (IFM_TYPE(ifmr.ifm_active)) { 130 case IFM_ETHER: 131 if (ifmr.ifm_status & IFM_ACTIVE) { 132 pstate->ifla_carrier = 1; 133 if (ifp->if_flags & IFF_MONITOR) 134 pstate->ifla_operstate = IF_OPER_DORMANT; 135 else 136 pstate->ifla_operstate = IF_OPER_UP; 137 } else 138 pstate->ifla_operstate = IF_OPER_DOWN; 139 } 140 } 141 142 static bool 143 get_stats(struct nl_writer *nw, struct ifnet *ifp) 144 { 145 struct rtnl_link_stats64 *stats; 146 147 int nla_len = sizeof(struct nlattr) + sizeof(*stats); 148 struct nlattr *nla = nlmsg_reserve_data(nw, nla_len, struct nlattr); 149 if (nla == NULL) 150 return (false); 151 nla->nla_type = IFLA_STATS64; 152 nla->nla_len = nla_len; 153 stats = (struct rtnl_link_stats64 *)(nla + 1); 154 155 stats->rx_packets = ifp->if_get_counter(ifp, IFCOUNTER_IPACKETS); 156 stats->tx_packets = ifp->if_get_counter(ifp, IFCOUNTER_OPACKETS); 157 stats->rx_bytes = ifp->if_get_counter(ifp, IFCOUNTER_IBYTES); 158 stats->tx_bytes = ifp->if_get_counter(ifp, IFCOUNTER_OBYTES); 159 stats->rx_errors = ifp->if_get_counter(ifp, IFCOUNTER_IERRORS); 160 stats->tx_errors = ifp->if_get_counter(ifp, IFCOUNTER_OERRORS); 161 stats->rx_dropped = ifp->if_get_counter(ifp, IFCOUNTER_IQDROPS); 162 stats->tx_dropped = ifp->if_get_counter(ifp, IFCOUNTER_OQDROPS); 163 stats->multicast = ifp->if_get_counter(ifp, IFCOUNTER_IMCASTS); 164 stats->rx_nohandler = ifp->if_get_counter(ifp, IFCOUNTER_NOPROTO); 165 166 return (true); 167 } 168 169 static void 170 get_operstate(struct ifnet *ifp, struct if_state *pstate) 171 { 172 pstate->ifla_operstate = IF_OPER_UNKNOWN; 173 pstate->ifla_carrier = 0; /* no carrier */ 174 175 switch (ifp->if_type) { 176 case IFT_ETHER: 177 case IFT_L2VLAN: 178 get_operstate_ether(ifp, pstate); 179 break; 180 default: 181 /* Map admin state to the operstate */ 182 if (ifp->if_flags & IFF_UP) { 183 pstate->ifla_operstate = IF_OPER_UP; 184 pstate->ifla_carrier = 1; 185 } else 186 pstate->ifla_operstate = IF_OPER_DOWN; 187 break; 188 } 189 } 190 191 static unsigned 192 ifp_flags_to_netlink(const struct ifnet *ifp) 193 { 194 return (ifp->if_flags | ifp->if_drv_flags); 195 } 196 197 #define LLADDR_CONST(s) ((const void *)((s)->sdl_data + (s)->sdl_nlen)) 198 static bool 199 dump_sa(struct nl_writer *nw, int attr, const struct sockaddr *sa) 200 { 201 uint32_t addr_len = 0; 202 const void *addr_data = NULL; 203 #ifdef INET6 204 struct in6_addr addr6; 205 #endif 206 207 if (sa == NULL) 208 return (true); 209 210 switch (sa->sa_family) { 211 #ifdef INET 212 case AF_INET: 213 addr_len = sizeof(struct in_addr); 214 addr_data = &((const struct sockaddr_in *)sa)->sin_addr; 215 break; 216 #endif 217 #ifdef INET6 218 case AF_INET6: 219 in6_splitscope(&((const struct sockaddr_in6 *)sa)->sin6_addr, &addr6, &addr_len); 220 addr_len = sizeof(struct in6_addr); 221 addr_data = &addr6; 222 break; 223 #endif 224 case AF_LINK: 225 addr_len = ((const struct sockaddr_dl *)sa)->sdl_alen; 226 addr_data = LLADDR_CONST((const struct sockaddr_dl *)sa); 227 break; 228 default: 229 NL_LOG(LOG_DEBUG, "unsupported family: %d, skipping", sa->sa_family); 230 return (true); 231 } 232 233 return (nlattr_add(nw, attr, addr_len, addr_data)); 234 } 235 236 /* 237 * Dumps interface state, properties and metrics. 238 * @nw: message writer 239 * @ifp: target interface 240 * @hdr: template header 241 * @if_flags_mask: changed if_[drv]_flags bitmask 242 * 243 * This function is called without epoch and MAY sleep. 244 */ 245 static bool 246 dump_iface(struct nl_writer *nw, struct ifnet *ifp, const struct nlmsghdr *hdr, 247 int if_flags_mask) 248 { 249 struct ifinfomsg *ifinfo; 250 251 NL_LOG(LOG_DEBUG3, "dumping interface %s data", if_name(ifp)); 252 253 if (!nlmsg_reply(nw, hdr, sizeof(struct ifinfomsg))) 254 goto enomem; 255 256 ifinfo = nlmsg_reserve_object(nw, struct ifinfomsg); 257 ifinfo->ifi_family = AF_UNSPEC; 258 ifinfo->__ifi_pad = 0; 259 ifinfo->ifi_type = ifp->if_type; 260 ifinfo->ifi_index = ifp->if_index; 261 ifinfo->ifi_flags = ifp_flags_to_netlink(ifp); 262 ifinfo->ifi_change = if_flags_mask; 263 264 struct if_state ifs = {}; 265 get_operstate(ifp, &ifs); 266 267 if (ifs.ifla_operstate == IF_OPER_UP) 268 ifinfo->ifi_flags |= IFF_LOWER_UP; 269 270 nlattr_add_string(nw, IFLA_IFNAME, if_name(ifp)); 271 nlattr_add_u8(nw, IFLA_OPERSTATE, ifs.ifla_operstate); 272 nlattr_add_u8(nw, IFLA_CARRIER, ifs.ifla_carrier); 273 274 /* 275 nlattr_add_u8(nw, IFLA_PROTO_DOWN, val); 276 nlattr_add_u8(nw, IFLA_LINKMODE, val); 277 */ 278 if ((ifp->if_addr != NULL)) { 279 dump_sa(nw, IFLA_ADDRESS, ifp->if_addr->ifa_addr); 280 } 281 282 if ((ifp->if_broadcastaddr != NULL)) { 283 nlattr_add(nw, IFLA_BROADCAST, ifp->if_addrlen, 284 ifp->if_broadcastaddr); 285 } 286 287 nlattr_add_u32(nw, IFLA_MTU, ifp->if_mtu); 288 /* 289 nlattr_add_u32(nw, IFLA_MIN_MTU, 60); 290 nlattr_add_u32(nw, IFLA_MAX_MTU, 9000); 291 nlattr_add_u32(nw, IFLA_GROUP, 0); 292 */ 293 294 if (ifp->if_description != NULL) 295 nlattr_add_string(nw, IFLA_IFALIAS, ifp->if_description); 296 297 get_stats(nw, ifp); 298 299 uint32_t val = (ifp->if_flags & IFF_PROMISC) != 0; 300 nlattr_add_u32(nw, IFLA_PROMISCUITY, val); 301 302 sx_slock(&rtnl_cloner_lock); 303 struct nl_cloner *cloner = rtnl_iface_find_cloner_locked(ifp->if_dname); 304 if (cloner != NULL && cloner->dump_f != NULL) { 305 /* Ignore any dump error */ 306 cloner->dump_f(ifp, nw); 307 } 308 sx_sunlock(&rtnl_cloner_lock); 309 310 if (nlmsg_end(nw)) 311 return (true); 312 313 enomem: 314 NL_LOG(LOG_DEBUG, "unable to dump interface %s state (ENOMEM)", if_name(ifp)); 315 nlmsg_abort(nw); 316 return (false); 317 } 318 319 static bool 320 check_ifmsg(void *hdr, struct nl_pstate *npt) 321 { 322 struct ifinfomsg *ifm = hdr; 323 324 if (ifm->__ifi_pad != 0 || ifm->ifi_type != 0 || 325 ifm->ifi_flags != 0 || ifm->ifi_change != 0) { 326 nlmsg_report_err_msg(npt, 327 "strict checking: non-zero values in ifinfomsg header"); 328 return (false); 329 } 330 331 return (true); 332 } 333 334 #define _IN(_field) offsetof(struct ifinfomsg, _field) 335 #define _OUT(_field) offsetof(struct nl_parsed_link, _field) 336 static const struct nlfield_parser nlf_p_if[] = { 337 { .off_in = _IN(ifi_type), .off_out = _OUT(ifi_type), .cb = nlf_get_u16 }, 338 { .off_in = _IN(ifi_index), .off_out = _OUT(ifi_index), .cb = nlf_get_u32 }, 339 { .off_in = _IN(ifi_flags), .off_out = _OUT(ifi_flags), .cb = nlf_get_u32 }, 340 { .off_in = _IN(ifi_change), .off_out = _OUT(ifi_change), .cb = nlf_get_u32 }, 341 }; 342 343 static const struct nlattr_parser nla_p_linfo[] = { 344 { .type = IFLA_INFO_KIND, .off = _OUT(ifla_cloner), .cb = nlattr_get_stringn }, 345 { .type = IFLA_INFO_DATA, .off = _OUT(ifla_idata), .cb = nlattr_get_nla }, 346 }; 347 NL_DECLARE_ATTR_PARSER(linfo_parser, nla_p_linfo); 348 349 static const struct nlattr_parser nla_p_if[] = { 350 { .type = IFLA_IFNAME, .off = _OUT(ifla_ifname), .cb = nlattr_get_string }, 351 { .type = IFLA_MTU, .off = _OUT(ifla_mtu), .cb = nlattr_get_uint32 }, 352 { .type = IFLA_LINK, .off = _OUT(ifi_index), .cb = nlattr_get_uint32 }, 353 { .type = IFLA_LINKINFO, .arg = &linfo_parser, .cb = nlattr_get_nested }, 354 { .type = IFLA_IFALIAS, .off = _OUT(ifla_ifalias), .cb = nlattr_get_string }, 355 { .type = IFLA_GROUP, .off = _OUT(ifla_group), .cb = nlattr_get_string }, 356 { .type = IFLA_ALT_IFNAME, .off = _OUT(ifla_ifname), .cb = nlattr_get_string }, 357 }; 358 #undef _IN 359 #undef _OUT 360 NL_DECLARE_STRICT_PARSER(ifmsg_parser, struct ifinfomsg, check_ifmsg, nlf_p_if, nla_p_if); 361 362 static bool 363 match_iface(struct ifnet *ifp, void *_arg) 364 { 365 struct nl_parsed_link *attrs = (struct nl_parsed_link *)_arg; 366 367 if (attrs->ifi_index != 0 && attrs->ifi_index != ifp->if_index) 368 return (false); 369 if (attrs->ifi_type != 0 && attrs->ifi_index != ifp->if_type) 370 return (false); 371 if (attrs->ifla_ifname != NULL && strcmp(attrs->ifla_ifname, if_name(ifp))) 372 return (false); 373 /* TODO: add group match */ 374 375 return (true); 376 } 377 378 static int 379 dump_cb(struct ifnet *ifp, void *_arg) 380 { 381 struct netlink_walkargs *wa = (struct netlink_walkargs *)_arg; 382 if (!dump_iface(wa->nw, ifp, &wa->hdr, 0)) 383 return (ENOMEM); 384 return (0); 385 } 386 387 /* 388 * {nlmsg_len=52, nlmsg_type=RTM_GETLINK, nlmsg_flags=NLM_F_REQUEST, nlmsg_seq=1662842818, nlmsg_pid=0}, 389 * {ifi_family=AF_PACKET, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, 390 * [ 391 * [{nla_len=10, nla_type=IFLA_IFNAME}, "vnet9"], 392 * [{nla_len=8, nla_type=IFLA_EXT_MASK}, RTEXT_FILTER_VF] 393 * ] 394 */ 395 static int 396 rtnl_handle_getlink(struct nlmsghdr *hdr, struct nlpcb *nlp, struct nl_pstate *npt) 397 { 398 struct epoch_tracker et; 399 struct ifnet *ifp; 400 int error = 0; 401 402 struct nl_parsed_link attrs = {}; 403 error = nl_parse_nlmsg(hdr, &ifmsg_parser, npt, &attrs); 404 if (error != 0) 405 return (error); 406 407 struct netlink_walkargs wa = { 408 .so = nlp, 409 .nw = npt->nw, 410 .hdr.nlmsg_pid = hdr->nlmsg_pid, 411 .hdr.nlmsg_seq = hdr->nlmsg_seq, 412 .hdr.nlmsg_flags = hdr->nlmsg_flags, 413 .hdr.nlmsg_type = NL_RTM_NEWLINK, 414 }; 415 416 /* Fast track for an interface w/ explicit name or index match */ 417 if ((attrs.ifi_index != 0) || (attrs.ifla_ifname != NULL)) { 418 if (attrs.ifi_index != 0) { 419 NLP_LOG(LOG_DEBUG3, nlp, "fast track -> searching index %u", 420 attrs.ifi_index); 421 NET_EPOCH_ENTER(et); 422 ifp = ifnet_byindex_ref(attrs.ifi_index); 423 NET_EPOCH_EXIT(et); 424 } else { 425 NLP_LOG(LOG_DEBUG3, nlp, "fast track -> searching name %s", 426 attrs.ifla_ifname); 427 ifp = ifunit_ref(attrs.ifla_ifname); 428 } 429 430 if (ifp != NULL) { 431 if (match_iface(ifp, &attrs)) { 432 if (!dump_iface(wa.nw, ifp, &wa.hdr, 0)) 433 error = ENOMEM; 434 } else 435 error = ENODEV; 436 if_rele(ifp); 437 } else 438 error = ENODEV; 439 return (error); 440 } 441 442 /* Always treat non-direct-match as a multipart message */ 443 wa.hdr.nlmsg_flags |= NLM_F_MULTI; 444 445 /* 446 * Fetching some link properties require performing ioctl's that may be blocking. 447 * Address it by saving referenced pointers of the matching links, 448 * exiting from epoch and going through the list one-by-one. 449 */ 450 451 NL_LOG(LOG_DEBUG2, "Start dump"); 452 if_foreach_sleep(match_iface, &attrs, dump_cb, &wa); 453 NL_LOG(LOG_DEBUG2, "End dump, iterated %d dumped %d", wa.count, wa.dumped); 454 455 if (!nlmsg_end_dump(wa.nw, error, &wa.hdr)) { 456 NL_LOG(LOG_DEBUG, "Unable to finalize the dump"); 457 return (ENOMEM); 458 } 459 460 return (error); 461 } 462 463 /* 464 * sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base=[ 465 * {nlmsg_len=60, nlmsg_type=RTM_NEWLINK, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, nlmsg_seq=1662715618, nlmsg_pid=0}, 466 * {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0}, 467 * {nla_len=11, nla_type=IFLA_IFNAME}, "dummy0"], 468 * [ 469 * {nla_len=16, nla_type=IFLA_LINKINFO}, 470 * [ 471 * {nla_len=9, nla_type=IFLA_INFO_KIND}, "dummy"... 472 * ] 473 * ] 474 */ 475 476 static int 477 rtnl_handle_dellink(struct nlmsghdr *hdr, struct nlpcb *nlp, struct nl_pstate *npt) 478 { 479 struct epoch_tracker et; 480 struct ifnet *ifp; 481 int error; 482 483 struct nl_parsed_link attrs = {}; 484 error = nl_parse_nlmsg(hdr, &ifmsg_parser, npt, &attrs); 485 if (error != 0) 486 return (error); 487 488 NET_EPOCH_ENTER(et); 489 ifp = ifnet_byindex_ref(attrs.ifi_index); 490 NET_EPOCH_EXIT(et); 491 if (ifp == NULL) { 492 NLP_LOG(LOG_DEBUG, nlp, "unable to find interface %u", attrs.ifi_index); 493 return (ENOENT); 494 } 495 NLP_LOG(LOG_DEBUG3, nlp, "mapped ifindex %u to %s", attrs.ifi_index, if_name(ifp)); 496 497 sx_xlock(&ifnet_detach_sxlock); 498 error = if_clone_destroy(if_name(ifp)); 499 sx_xunlock(&ifnet_detach_sxlock); 500 501 NLP_LOG(LOG_DEBUG2, nlp, "deleting interface %s returned %d", if_name(ifp), error); 502 503 if_rele(ifp); 504 return (error); 505 } 506 507 /* 508 * New link: 509 * type=RTM_NEWLINK, flags=NLM_F_REQUEST|NLM_F_ACK|NLM_F_EXCL|NLM_F_CREATE, seq=1668185590, pid=0}, 510 * {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0} 511 * [ 512 * {{nla_len=8, nla_type=IFLA_MTU}, 123}, 513 * {{nla_len=10, nla_type=IFLA_IFNAME}, "vlan1"}, 514 * {{nla_len=24, nla_type=IFLA_LINKINFO}, 515 * [ 516 * {{nla_len=8, nla_type=IFLA_INFO_KIND}, "vlan"...}, 517 * {{nla_len=12, nla_type=IFLA_INFO_DATA}, "\x06\x00\x01\x00\x7b\x00\x00\x00"}]}]} 518 * 519 * Update link: 520 * type=RTM_NEWLINK, flags=NLM_F_REQUEST|NLM_F_ACK, seq=1668185923, pid=0}, 521 * {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("lo"), ifi_flags=0, ifi_change=0}, 522 * {{nla_len=8, nla_type=IFLA_MTU}, 123}} 523 * 524 * 525 * Check command availability: 526 * type=RTM_NEWLINK, flags=NLM_F_REQUEST|NLM_F_ACK, seq=0, pid=0}, 527 * {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=0, ifi_flags=0, ifi_change=0} 528 */ 529 530 531 static int 532 create_link(struct nlmsghdr *hdr, struct nl_parsed_link *lattrs, 533 struct nlattr_bmask *bm, struct nlpcb *nlp, struct nl_pstate *npt) 534 { 535 if (lattrs->ifla_ifname == NULL || strlen(lattrs->ifla_ifname) == 0) { 536 NLMSG_REPORT_ERR_MSG(npt, "empty IFLA_IFNAME attribute"); 537 return (EINVAL); 538 } 539 if (lattrs->ifla_cloner == NULL || strlen(lattrs->ifla_cloner) == 0) { 540 NLMSG_REPORT_ERR_MSG(npt, "empty IFLA_INFO_KIND attribute"); 541 return (EINVAL); 542 } 543 544 bool found = false; 545 int error = 0; 546 547 sx_slock(&rtnl_cloner_lock); 548 struct nl_cloner *cloner = rtnl_iface_find_cloner_locked(lattrs->ifla_cloner); 549 if (cloner != NULL) { 550 found = true; 551 error = cloner->create_f(lattrs, bm, nlp, npt); 552 } 553 sx_sunlock(&rtnl_cloner_lock); 554 555 if (!found) 556 error = generic_cloner.create_f(lattrs, bm, nlp, npt); 557 558 return (error); 559 } 560 561 static int 562 modify_link(struct nlmsghdr *hdr, struct nl_parsed_link *lattrs, 563 struct nlattr_bmask *bm, struct nlpcb *nlp, struct nl_pstate *npt) 564 { 565 struct ifnet *ifp = NULL; 566 struct epoch_tracker et; 567 568 if (lattrs->ifi_index == 0 && lattrs->ifla_ifname == NULL) { 569 /* 570 * Applications like ip(8) verify RTM_NEWLINK command 571 * existence by calling it with empty arguments. Always 572 * return "innocent" error in that case. 573 */ 574 NLMSG_REPORT_ERR_MSG(npt, "empty ifi_index field"); 575 return (EPERM); 576 } 577 578 if (lattrs->ifi_index != 0) { 579 NET_EPOCH_ENTER(et); 580 ifp = ifnet_byindex_ref(lattrs->ifi_index); 581 NET_EPOCH_EXIT(et); 582 if (ifp == NULL) { 583 NLMSG_REPORT_ERR_MSG(npt, "unable to find interface #%u", 584 lattrs->ifi_index); 585 return (ENOENT); 586 } 587 } 588 589 if (ifp == NULL && lattrs->ifla_ifname != NULL) { 590 ifp = ifunit_ref(lattrs->ifla_ifname); 591 if (ifp == NULL) { 592 NLMSG_REPORT_ERR_MSG(npt, "unable to find interface %s", 593 lattrs->ifla_ifname); 594 return (ENOENT); 595 } 596 } 597 598 MPASS(ifp != NULL); 599 600 /* 601 * There can be multiple kinds of interfaces: 602 * 1) cloned, with additional options 603 * 2) cloned, but w/o additional options 604 * 3) non-cloned (e.g. "physical). 605 * 606 * Thus, try to find cloner-specific callback and fallback to the 607 * "default" handler if not found. 608 */ 609 bool found = false; 610 int error = 0; 611 612 sx_slock(&rtnl_cloner_lock); 613 struct nl_cloner *cloner = rtnl_iface_find_cloner_locked(ifp->if_dname); 614 if (cloner != NULL) { 615 found = true; 616 error = cloner->modify_f(ifp, lattrs, bm, nlp, npt); 617 } 618 sx_sunlock(&rtnl_cloner_lock); 619 620 if (!found) 621 error = generic_cloner.modify_f(ifp, lattrs, bm, nlp, npt); 622 623 if_rele(ifp); 624 625 return (error); 626 } 627 628 629 static int 630 rtnl_handle_newlink(struct nlmsghdr *hdr, struct nlpcb *nlp, struct nl_pstate *npt) 631 { 632 struct nlattr_bmask bm; 633 int error; 634 635 struct nl_parsed_link attrs = {}; 636 error = nl_parse_nlmsg(hdr, &ifmsg_parser, npt, &attrs); 637 if (error != 0) 638 return (error); 639 nl_get_attrs_bmask_nlmsg(hdr, &ifmsg_parser, &bm); 640 641 if (hdr->nlmsg_flags & NLM_F_CREATE) 642 return (create_link(hdr, &attrs, &bm, nlp, npt)); 643 else 644 return (modify_link(hdr, &attrs, &bm, nlp, npt)); 645 } 646 647 struct nl_parsed_ifa { 648 uint8_t ifa_family; 649 uint8_t ifa_prefixlen; 650 uint8_t ifa_scope; 651 uint32_t ifa_index; 652 uint32_t ifa_flags; 653 struct sockaddr *ifa_address; 654 struct sockaddr *ifa_local; 655 }; 656 657 #define _IN(_field) offsetof(struct ifaddrmsg, _field) 658 #define _OUT(_field) offsetof(struct nl_parsed_ifa, _field) 659 static const struct nlfield_parser nlf_p_ifa[] = { 660 { .off_in = _IN(ifa_family), .off_out = _OUT(ifa_family), .cb = nlf_get_u8 }, 661 { .off_in = _IN(ifa_prefixlen), .off_out = _OUT(ifa_prefixlen), .cb = nlf_get_u8 }, 662 { .off_in = _IN(ifa_scope), .off_out = _OUT(ifa_scope), .cb = nlf_get_u8 }, 663 { .off_in = _IN(ifa_flags), .off_out = _OUT(ifa_flags), .cb = nlf_get_u8_u32 }, 664 { .off_in = _IN(ifa_index), .off_out = _OUT(ifa_index), .cb = nlf_get_u32 }, 665 }; 666 667 static const struct nlattr_parser nla_p_ifa[] = { 668 { .type = IFA_ADDRESS, .off = _OUT(ifa_address), .cb = nlattr_get_ip }, 669 { .type = IFA_LOCAL, .off = _OUT(ifa_local), .cb = nlattr_get_ip }, 670 { .type = IFA_FLAGS, .off = _OUT(ifa_flags), .cb = nlattr_get_uint32 }, 671 }; 672 #undef _IN 673 #undef _OUT 674 NL_DECLARE_PARSER(ifaddrmsg_parser, struct ifaddrmsg, nlf_p_ifa, nla_p_ifa); 675 676 677 /* 678 679 {ifa_family=AF_INET, ifa_prefixlen=8, ifa_flags=IFA_F_PERMANENT, ifa_scope=RT_SCOPE_HOST, ifa_index=if_nametoindex("lo")}, 680 [ 681 {{nla_len=8, nla_type=IFA_ADDRESS}, inet_addr("127.0.0.1")}, 682 {{nla_len=8, nla_type=IFA_LOCAL}, inet_addr("127.0.0.1")}, 683 {{nla_len=7, nla_type=IFA_LABEL}, "lo"}, 684 {{nla_len=8, nla_type=IFA_FLAGS}, IFA_F_PERMANENT}, 685 {{nla_len=20, nla_type=IFA_CACHEINFO}, {ifa_prefered=4294967295, ifa_valid=4294967295, cstamp=3619, tstamp=3619}}]}, 686 --- 687 688 {{len=72, type=RTM_NEWADDR, flags=NLM_F_MULTI, seq=1642191126, pid=566735}, 689 {ifa_family=AF_INET6, ifa_prefixlen=96, ifa_flags=IFA_F_PERMANENT, ifa_scope=RT_SCOPE_UNIVERSE, ifa_index=if_nametoindex("virbr0")}, 690 [ 691 {{nla_len=20, nla_type=IFA_ADDRESS}, inet_pton(AF_INET6, "2a01:4f8:13a:70c:ffff::1")}, 692 {{nla_len=20, nla_type=IFA_CACHEINFO}, {ifa_prefered=4294967295, ifa_valid=4294967295, cstamp=4283, tstamp=4283}}, 693 {{nla_len=8, nla_type=IFA_FLAGS}, IFA_F_PERMANENT}]}, 694 */ 695 696 static uint8_t 697 ifa_get_scope(const struct ifaddr *ifa) 698 { 699 const struct sockaddr *sa; 700 uint8_t addr_scope = RT_SCOPE_UNIVERSE; 701 702 sa = ifa->ifa_addr; 703 switch (sa->sa_family) { 704 #ifdef INET 705 case AF_INET: 706 { 707 struct in_addr addr; 708 addr = ((const struct sockaddr_in *)sa)->sin_addr; 709 if (IN_LOOPBACK(addr.s_addr)) 710 addr_scope = RT_SCOPE_HOST; 711 else if (IN_LINKLOCAL(addr.s_addr)) 712 addr_scope = RT_SCOPE_LINK; 713 break; 714 } 715 #endif 716 #ifdef INET6 717 case AF_INET6: 718 { 719 const struct in6_addr *addr; 720 addr = &((const struct sockaddr_in6 *)sa)->sin6_addr; 721 if (IN6_IS_ADDR_LOOPBACK(addr)) 722 addr_scope = RT_SCOPE_HOST; 723 else if (IN6_IS_ADDR_LINKLOCAL(addr)) 724 addr_scope = RT_SCOPE_LINK; 725 break; 726 } 727 #endif 728 } 729 730 return (addr_scope); 731 } 732 733 static uint8_t 734 inet6_get_plen(const struct in6_addr *addr) 735 { 736 737 return (bitcount32(addr->s6_addr32[0]) + bitcount32(addr->s6_addr32[1]) + 738 bitcount32(addr->s6_addr32[2]) + bitcount32(addr->s6_addr32[3])); 739 } 740 741 static uint8_t 742 get_sa_plen(const struct sockaddr *sa) 743 { 744 #ifdef INET 745 const struct in_addr *paddr; 746 #endif 747 #ifdef INET6 748 const struct in6_addr *paddr6; 749 #endif 750 751 switch (sa->sa_family) { 752 #ifdef INET 753 case AF_INET: 754 paddr = &(((const struct sockaddr_in *)sa)->sin_addr); 755 return bitcount32(paddr->s_addr);; 756 #endif 757 #ifdef INET6 758 case AF_INET6: 759 paddr6 = &(((const struct sockaddr_in6 *)sa)->sin6_addr); 760 return inet6_get_plen(paddr6); 761 #endif 762 } 763 764 return (0); 765 } 766 767 768 /* 769 * {'attrs': [('IFA_ADDRESS', '12.0.0.1'), 770 ('IFA_LOCAL', '12.0.0.1'), 771 ('IFA_LABEL', 'eth10'), 772 ('IFA_FLAGS', 128), 773 ('IFA_CACHEINFO', {'ifa_preferred': 4294967295, 'ifa_valid': 4294967295, 'cstamp': 63745746, 'tstamp': 63745746})], 774 */ 775 static bool 776 dump_iface_addr(struct nl_writer *nw, struct ifnet *ifp, struct ifaddr *ifa, 777 const struct nlmsghdr *hdr) 778 { 779 struct ifaddrmsg *ifamsg; 780 struct sockaddr *sa = ifa->ifa_addr; 781 782 NL_LOG(LOG_DEBUG3, "dumping ifa %p type %s(%d) for interface %s", 783 ifa, rib_print_family(sa->sa_family), sa->sa_family, if_name(ifp)); 784 785 if (!nlmsg_reply(nw, hdr, sizeof(struct ifaddrmsg))) 786 goto enomem; 787 788 ifamsg = nlmsg_reserve_object(nw, struct ifaddrmsg); 789 ifamsg->ifa_family = sa->sa_family; 790 ifamsg->ifa_prefixlen = get_sa_plen(ifa->ifa_netmask); 791 ifamsg->ifa_flags = 0; // ifa_flags is useless 792 ifamsg->ifa_scope = ifa_get_scope(ifa); 793 ifamsg->ifa_index = ifp->if_index; 794 795 if (ifp->if_flags & IFF_POINTOPOINT) { 796 dump_sa(nw, IFA_ADDRESS, ifa->ifa_dstaddr); 797 dump_sa(nw, IFA_LOCAL, sa); 798 } else { 799 dump_sa(nw, IFA_ADDRESS, sa); 800 #ifdef INET 801 /* 802 * In most cases, IFA_ADDRESS == IFA_LOCAL 803 * Skip IFA_LOCAL for anything except INET 804 */ 805 if (sa->sa_family == AF_INET) 806 dump_sa(nw, IFA_LOCAL, sa); 807 #endif 808 } 809 if (ifp->if_flags & IFF_BROADCAST) 810 dump_sa(nw, IFA_BROADCAST, ifa->ifa_broadaddr); 811 812 nlattr_add_string(nw, IFA_LABEL, if_name(ifp)); 813 814 uint32_t val = 0; // ifa->ifa_flags; 815 nlattr_add_u32(nw, IFA_FLAGS, val); 816 817 if (nlmsg_end(nw)) 818 return (true); 819 enomem: 820 NL_LOG(LOG_DEBUG, "Failed to dump ifa type %s(%d) for interface %s", 821 rib_print_family(sa->sa_family), sa->sa_family, if_name(ifp)); 822 nlmsg_abort(nw); 823 return (false); 824 } 825 826 static int 827 dump_iface_addrs(struct netlink_walkargs *wa, struct ifnet *ifp) 828 { 829 struct ifaddr *ifa; 830 831 CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 832 if (wa->family != 0 && wa->family != ifa->ifa_addr->sa_family) 833 continue; 834 if (ifa->ifa_addr->sa_family == AF_LINK) 835 continue; 836 wa->count++; 837 if (!dump_iface_addr(wa->nw, ifp, ifa, &wa->hdr)) 838 return (ENOMEM); 839 wa->dumped++; 840 } 841 842 return (0); 843 } 844 845 static int 846 rtnl_handle_getaddr(struct nlmsghdr *hdr, struct nlpcb *nlp, struct nl_pstate *npt) 847 { 848 struct ifnet *ifp; 849 int error = 0; 850 851 struct nl_parsed_ifa attrs = {}; 852 error = nl_parse_nlmsg(hdr, &ifaddrmsg_parser, npt, &attrs); 853 if (error != 0) 854 return (error); 855 856 struct netlink_walkargs wa = { 857 .so = nlp, 858 .nw = npt->nw, 859 .family = attrs.ifa_family, 860 .hdr.nlmsg_pid = hdr->nlmsg_pid, 861 .hdr.nlmsg_seq = hdr->nlmsg_seq, 862 .hdr.nlmsg_flags = hdr->nlmsg_flags | NLM_F_MULTI, 863 .hdr.nlmsg_type = NL_RTM_NEWADDR, 864 }; 865 866 NL_LOG(LOG_DEBUG2, "Start dump"); 867 868 if (attrs.ifa_index != 0) { 869 ifp = ifnet_byindex(attrs.ifa_index); 870 if (ifp == NULL) 871 error = ENOENT; 872 else 873 error = dump_iface_addrs(&wa, ifp); 874 } else { 875 CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) { 876 error = dump_iface_addrs(&wa, ifp); 877 if (error != 0) 878 break; 879 } 880 } 881 882 NL_LOG(LOG_DEBUG2, "End dump, iterated %d dumped %d", wa.count, wa.dumped); 883 884 if (!nlmsg_end_dump(wa.nw, error, &wa.hdr)) { 885 NL_LOG(LOG_DEBUG, "Unable to finalize the dump"); 886 return (ENOMEM); 887 } 888 889 return (error); 890 } 891 892 static void 893 rtnl_handle_ifaddr(void *arg __unused, struct ifaddr *ifa, int cmd) 894 { 895 struct nlmsghdr hdr = {}; 896 struct nl_writer nw = {}; 897 uint32_t group = 0; 898 899 switch (ifa->ifa_addr->sa_family) { 900 #ifdef INET 901 case AF_INET: 902 group = RTNLGRP_IPV4_IFADDR; 903 break; 904 #endif 905 #ifdef INET6 906 case AF_INET6: 907 group = RTNLGRP_IPV6_IFADDR; 908 break; 909 #endif 910 default: 911 NL_LOG(LOG_DEBUG2, "ifa notification for unknown AF: %d", 912 ifa->ifa_addr->sa_family); 913 return; 914 } 915 916 if (!nl_has_listeners(NETLINK_ROUTE, group)) 917 return; 918 919 if (!nlmsg_get_group_writer(&nw, NLMSG_LARGE, NETLINK_ROUTE, group)) { 920 NL_LOG(LOG_DEBUG, "error allocating group writer"); 921 return; 922 } 923 924 hdr.nlmsg_type = (cmd == RTM_DELETE) ? NL_RTM_DELADDR : NL_RTM_NEWADDR; 925 926 dump_iface_addr(&nw, ifa->ifa_ifp, ifa, &hdr); 927 nlmsg_flush(&nw); 928 } 929 930 static void 931 rtnl_handle_ifevent(struct ifnet *ifp, int nlmsg_type, int if_flags_mask) 932 { 933 struct nlmsghdr hdr = { .nlmsg_type = nlmsg_type }; 934 struct nl_writer nw = {}; 935 936 if (!nl_has_listeners(NETLINK_ROUTE, RTNLGRP_LINK)) 937 return; 938 939 if (!nlmsg_get_group_writer(&nw, NLMSG_LARGE, NETLINK_ROUTE, RTNLGRP_LINK)) { 940 NL_LOG(LOG_DEBUG, "error allocating mbuf"); 941 return; 942 } 943 dump_iface(&nw, ifp, &hdr, if_flags_mask); 944 nlmsg_flush(&nw); 945 } 946 947 static void 948 rtnl_handle_ifattach(void *arg, struct ifnet *ifp) 949 { 950 NL_LOG(LOG_DEBUG2, "ifnet %s", if_name(ifp)); 951 rtnl_handle_ifevent(ifp, NL_RTM_NEWLINK, 0); 952 } 953 954 static void 955 rtnl_handle_ifdetach(void *arg, struct ifnet *ifp) 956 { 957 NL_LOG(LOG_DEBUG2, "ifnet %s", if_name(ifp)); 958 rtnl_handle_ifevent(ifp, NL_RTM_DELLINK, 0); 959 } 960 961 static void 962 rtnl_handle_iflink(void *arg, struct ifnet *ifp) 963 { 964 NL_LOG(LOG_DEBUG2, "ifnet %s", if_name(ifp)); 965 rtnl_handle_ifevent(ifp, NL_RTM_NEWLINK, 0); 966 } 967 968 void 969 rtnl_handle_ifnet_event(struct ifnet *ifp, int if_flags_mask) 970 { 971 NL_LOG(LOG_DEBUG2, "ifnet %s", if_name(ifp)); 972 rtnl_handle_ifevent(ifp, NL_RTM_NEWLINK, if_flags_mask); 973 } 974 975 static const struct rtnl_cmd_handler cmd_handlers[] = { 976 { 977 .cmd = NL_RTM_GETLINK, 978 .name = "RTM_GETLINK", 979 .cb = &rtnl_handle_getlink, 980 .flags = RTNL_F_NOEPOCH, 981 }, 982 { 983 .cmd = NL_RTM_DELLINK, 984 .name = "RTM_DELLINK", 985 .cb = &rtnl_handle_dellink, 986 .priv = PRIV_NET_IFDESTROY, 987 .flags = RTNL_F_NOEPOCH, 988 }, 989 { 990 .cmd = NL_RTM_NEWLINK, 991 .name = "RTM_NEWLINK", 992 .cb = &rtnl_handle_newlink, 993 .priv = PRIV_NET_IFCREATE, 994 .flags = RTNL_F_NOEPOCH, 995 }, 996 { 997 .cmd = NL_RTM_GETADDR, 998 .name = "RTM_GETADDR", 999 .cb = &rtnl_handle_getaddr, 1000 }, 1001 { 1002 .cmd = NL_RTM_NEWADDR, 1003 .name = "RTM_NEWADDR", 1004 .cb = &rtnl_handle_getaddr, 1005 }, 1006 { 1007 .cmd = NL_RTM_DELADDR, 1008 .name = "RTM_DELADDR", 1009 .cb = &rtnl_handle_getaddr, 1010 }, 1011 }; 1012 1013 static const struct nlhdr_parser *all_parsers[] = { &ifmsg_parser, &ifaddrmsg_parser }; 1014 1015 void 1016 rtnl_iface_add_cloner(struct nl_cloner *cloner) 1017 { 1018 sx_xlock(&rtnl_cloner_lock); 1019 SLIST_INSERT_HEAD(&nl_cloners, cloner, next); 1020 sx_xunlock(&rtnl_cloner_lock); 1021 } 1022 1023 void 1024 rtnl_iface_del_cloner(struct nl_cloner *cloner) 1025 { 1026 sx_xlock(&rtnl_cloner_lock); 1027 SLIST_REMOVE(&nl_cloners, cloner, nl_cloner, next); 1028 sx_xunlock(&rtnl_cloner_lock); 1029 } 1030 1031 static struct nl_cloner * 1032 rtnl_iface_find_cloner_locked(const char *name) 1033 { 1034 struct nl_cloner *cloner; 1035 1036 SLIST_FOREACH(cloner, &nl_cloners, next) { 1037 if (!strcmp(name, cloner->name)) 1038 return (cloner); 1039 } 1040 1041 return (NULL); 1042 } 1043 1044 void 1045 rtnl_ifaces_init(void) 1046 { 1047 ifattach_event = EVENTHANDLER_REGISTER( 1048 ifnet_arrival_event, rtnl_handle_ifattach, NULL, 1049 EVENTHANDLER_PRI_ANY); 1050 ifdetach_event = EVENTHANDLER_REGISTER( 1051 ifnet_departure_event, rtnl_handle_ifdetach, NULL, 1052 EVENTHANDLER_PRI_ANY); 1053 ifaddr_event = EVENTHANDLER_REGISTER( 1054 rt_addrmsg, rtnl_handle_ifaddr, NULL, 1055 EVENTHANDLER_PRI_ANY); 1056 iflink_event = EVENTHANDLER_REGISTER( 1057 ifnet_link_event, rtnl_handle_iflink, NULL, 1058 EVENTHANDLER_PRI_ANY); 1059 NL_VERIFY_PARSERS(all_parsers); 1060 rtnl_iface_drivers_register(); 1061 rtnl_register_messages(cmd_handlers, NL_ARRAY_LEN(cmd_handlers)); 1062 } 1063 1064 void 1065 rtnl_ifaces_destroy(void) 1066 { 1067 EVENTHANDLER_DEREGISTER(ifnet_arrival_event, ifattach_event); 1068 EVENTHANDLER_DEREGISTER(ifnet_departure_event, ifdetach_event); 1069 EVENTHANDLER_DEREGISTER(rt_addrmsg, ifaddr_event); 1070 EVENTHANDLER_DEREGISTER(ifnet_link_event, iflink_event); 1071 } 1072