diff options
| author | John Fastabend <john.fastabend@gmail.com> | 2019-08-23 20:11:38 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2019-08-24 19:49:48 -0400 |
| commit | e93fb3e9521abffadb8f965c591a290cdd92b56c (patch) | |
| tree | afaf5cbf67edab91d2dc3775478b4782d87b7426 | |
| parent | 292a50e3fc2cf699587ea282e6253e0d6ae3cdc1 (diff) | |
net: route dump netlink NLM_F_MULTI flag missing
An excerpt from netlink(7) man page,
In multipart messages (multiple nlmsghdr headers with associated payload
in one byte stream) the first and all following headers have the
NLM_F_MULTI flag set, except for the last header which has the type
NLMSG_DONE.
but, after (ee28906) there is a missing NLM_F_MULTI flag in the middle of a
FIB dump. The result is user space applications following above man page
excerpt may get confused and may stop parsing msg believing something went
wrong.
In the golang netlink lib [0] the library logic stops parsing believing the
message is not a multipart message. Found this running Cilium[1] against
net-next while adding a feature to auto-detect routes. I noticed with
multiple route tables we no longer could detect the default routes on net
tree kernels because the library logic was not returning them.
Fix this by handling the fib_dump_info_fnhe() case the same way the
fib_dump_info() handles it by passing the flags argument through the
call chain and adding a flags argument to rt_fill_info().
Tested with Cilium stack and auto-detection of routes works again. Also
annotated libs to dump netlink msgs and inspected NLM_F_MULTI and
NLMSG_DONE flags look correct after this.
Note: In inet_rtm_getroute() pass rt_fill_info() '0' for flags the same
as is done for fib_dump_info() so this looks correct to me.
[0] https://github.com/vishvananda/netlink/
[1] https://github.com/cilium/
Fixes: ee28906fd7a14 ("ipv4: Dump route exceptions if requested")
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | include/net/route.h | 2 | ||||
| -rw-r--r-- | net/ipv4/fib_trie.c | 2 | ||||
| -rw-r--r-- | net/ipv4/route.c | 17 |
3 files changed, 12 insertions, 9 deletions
diff --git a/include/net/route.h b/include/net/route.h index 630a0493f1f3..dfce19c9fa96 100644 --- a/include/net/route.h +++ b/include/net/route.h | |||
| @@ -233,7 +233,7 @@ void rt_del_uncached_list(struct rtable *rt); | |||
| 233 | 233 | ||
| 234 | int fib_dump_info_fnhe(struct sk_buff *skb, struct netlink_callback *cb, | 234 | int fib_dump_info_fnhe(struct sk_buff *skb, struct netlink_callback *cb, |
| 235 | u32 table_id, struct fib_info *fi, | 235 | u32 table_id, struct fib_info *fi, |
| 236 | int *fa_index, int fa_start); | 236 | int *fa_index, int fa_start, unsigned int flags); |
| 237 | 237 | ||
| 238 | static inline void ip_rt_put(struct rtable *rt) | 238 | static inline void ip_rt_put(struct rtable *rt) |
| 239 | { | 239 | { |
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c index 2b2b3d291ab0..1ab2fb6bb37d 100644 --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c | |||
| @@ -2145,7 +2145,7 @@ static int fn_trie_dump_leaf(struct key_vector *l, struct fib_table *tb, | |||
| 2145 | 2145 | ||
| 2146 | if (filter->dump_exceptions) { | 2146 | if (filter->dump_exceptions) { |
| 2147 | err = fib_dump_info_fnhe(skb, cb, tb->tb_id, fi, | 2147 | err = fib_dump_info_fnhe(skb, cb, tb->tb_id, fi, |
| 2148 | &i_fa, s_fa); | 2148 | &i_fa, s_fa, flags); |
| 2149 | if (err < 0) | 2149 | if (err < 0) |
| 2150 | goto stop; | 2150 | goto stop; |
| 2151 | } | 2151 | } |
diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 517300d587a7..b6a6f18c3dd1 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c | |||
| @@ -2728,7 +2728,8 @@ EXPORT_SYMBOL_GPL(ip_route_output_flow); | |||
| 2728 | /* called with rcu_read_lock held */ | 2728 | /* called with rcu_read_lock held */ |
| 2729 | static int rt_fill_info(struct net *net, __be32 dst, __be32 src, | 2729 | static int rt_fill_info(struct net *net, __be32 dst, __be32 src, |
| 2730 | struct rtable *rt, u32 table_id, struct flowi4 *fl4, | 2730 | struct rtable *rt, u32 table_id, struct flowi4 *fl4, |
| 2731 | struct sk_buff *skb, u32 portid, u32 seq) | 2731 | struct sk_buff *skb, u32 portid, u32 seq, |
| 2732 | unsigned int flags) | ||
| 2732 | { | 2733 | { |
| 2733 | struct rtmsg *r; | 2734 | struct rtmsg *r; |
| 2734 | struct nlmsghdr *nlh; | 2735 | struct nlmsghdr *nlh; |
| @@ -2736,7 +2737,7 @@ static int rt_fill_info(struct net *net, __be32 dst, __be32 src, | |||
| 2736 | u32 error; | 2737 | u32 error; |
| 2737 | u32 metrics[RTAX_MAX]; | 2738 | u32 metrics[RTAX_MAX]; |
| 2738 | 2739 | ||
| 2739 | nlh = nlmsg_put(skb, portid, seq, RTM_NEWROUTE, sizeof(*r), 0); | 2740 | nlh = nlmsg_put(skb, portid, seq, RTM_NEWROUTE, sizeof(*r), flags); |
| 2740 | if (!nlh) | 2741 | if (!nlh) |
| 2741 | return -EMSGSIZE; | 2742 | return -EMSGSIZE; |
| 2742 | 2743 | ||
| @@ -2860,7 +2861,7 @@ nla_put_failure: | |||
| 2860 | static int fnhe_dump_bucket(struct net *net, struct sk_buff *skb, | 2861 | static int fnhe_dump_bucket(struct net *net, struct sk_buff *skb, |
| 2861 | struct netlink_callback *cb, u32 table_id, | 2862 | struct netlink_callback *cb, u32 table_id, |
| 2862 | struct fnhe_hash_bucket *bucket, int genid, | 2863 | struct fnhe_hash_bucket *bucket, int genid, |
| 2863 | int *fa_index, int fa_start) | 2864 | int *fa_index, int fa_start, unsigned int flags) |
| 2864 | { | 2865 | { |
| 2865 | int i; | 2866 | int i; |
| 2866 | 2867 | ||
| @@ -2891,7 +2892,7 @@ static int fnhe_dump_bucket(struct net *net, struct sk_buff *skb, | |||
| 2891 | err = rt_fill_info(net, fnhe->fnhe_daddr, 0, rt, | 2892 | err = rt_fill_info(net, fnhe->fnhe_daddr, 0, rt, |
| 2892 | table_id, NULL, skb, | 2893 | table_id, NULL, skb, |
| 2893 | NETLINK_CB(cb->skb).portid, | 2894 | NETLINK_CB(cb->skb).portid, |
| 2894 | cb->nlh->nlmsg_seq); | 2895 | cb->nlh->nlmsg_seq, flags); |
| 2895 | if (err) | 2896 | if (err) |
| 2896 | return err; | 2897 | return err; |
| 2897 | next: | 2898 | next: |
| @@ -2904,7 +2905,7 @@ next: | |||
| 2904 | 2905 | ||
| 2905 | int fib_dump_info_fnhe(struct sk_buff *skb, struct netlink_callback *cb, | 2906 | int fib_dump_info_fnhe(struct sk_buff *skb, struct netlink_callback *cb, |
| 2906 | u32 table_id, struct fib_info *fi, | 2907 | u32 table_id, struct fib_info *fi, |
| 2907 | int *fa_index, int fa_start) | 2908 | int *fa_index, int fa_start, unsigned int flags) |
| 2908 | { | 2909 | { |
| 2909 | struct net *net = sock_net(cb->skb->sk); | 2910 | struct net *net = sock_net(cb->skb->sk); |
| 2910 | int nhsel, genid = fnhe_genid(net); | 2911 | int nhsel, genid = fnhe_genid(net); |
| @@ -2922,7 +2923,8 @@ int fib_dump_info_fnhe(struct sk_buff *skb, struct netlink_callback *cb, | |||
| 2922 | err = 0; | 2923 | err = 0; |
| 2923 | if (bucket) | 2924 | if (bucket) |
| 2924 | err = fnhe_dump_bucket(net, skb, cb, table_id, bucket, | 2925 | err = fnhe_dump_bucket(net, skb, cb, table_id, bucket, |
| 2925 | genid, fa_index, fa_start); | 2926 | genid, fa_index, fa_start, |
| 2927 | flags); | ||
| 2926 | rcu_read_unlock(); | 2928 | rcu_read_unlock(); |
| 2927 | if (err) | 2929 | if (err) |
| 2928 | return err; | 2930 | return err; |
| @@ -3183,7 +3185,8 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, | |||
| 3183 | fl4.flowi4_tos, res.fi, 0); | 3185 | fl4.flowi4_tos, res.fi, 0); |
| 3184 | } else { | 3186 | } else { |
| 3185 | err = rt_fill_info(net, dst, src, rt, table_id, &fl4, skb, | 3187 | err = rt_fill_info(net, dst, src, rt, table_id, &fl4, skb, |
| 3186 | NETLINK_CB(in_skb).portid, nlh->nlmsg_seq); | 3188 | NETLINK_CB(in_skb).portid, |
| 3189 | nlh->nlmsg_seq, 0); | ||
| 3187 | } | 3190 | } |
| 3188 | if (err < 0) | 3191 | if (err < 0) |
| 3189 | goto errout_rcu; | 3192 | goto errout_rcu; |