| // Copyright (c) 2019 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "net/third_party/quiche/src/quic/qbone/platform/netlink.h" |
| |
| #include <linux/fib_rules.h> |
| #include <utility> |
| |
| #include "net/third_party/quiche/src/quic/core/crypto/quic_random.h" |
| #include "net/third_party/quiche/src/quic/platform/api/quic_fallthrough.h" |
| #include "net/third_party/quiche/src/quic/platform/api/quic_ip_address.h" |
| #include "net/third_party/quiche/src/quic/platform/api/quic_logging.h" |
| #include "net/quic/platform/impl/quic_ip_address_impl.h" |
| #include "net/third_party/quiche/src/quic/qbone/platform/rtnetlink_message.h" |
| #include "net/third_party/quiche/src/common/platform/api/quiche_str_cat.h" |
| |
| namespace quic { |
| |
| Netlink::Netlink(KernelInterface* kernel) : kernel_(kernel) { |
| seq_ = QuicRandom::GetInstance()->RandUint64(); |
| } |
| |
| Netlink::~Netlink() { |
| CloseSocket(); |
| } |
| |
| void Netlink::ResetRecvBuf(size_t size) { |
| if (size != 0) { |
| recvbuf_ = std::make_unique<char[]>(size); |
| } else { |
| recvbuf_ = nullptr; |
| } |
| recvbuf_length_ = size; |
| } |
| |
| bool Netlink::OpenSocket() { |
| if (socket_fd_ >= 0) { |
| return true; |
| } |
| |
| socket_fd_ = kernel_->socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); |
| |
| if (socket_fd_ < 0) { |
| QUIC_PLOG(ERROR) << "can't open netlink socket"; |
| return false; |
| } |
| |
| QUIC_LOG(INFO) << "Opened a new netlink socket fd = " << socket_fd_; |
| |
| // bind a local address to the socket |
| sockaddr_nl myaddr; |
| memset(&myaddr, 0, sizeof(myaddr)); |
| myaddr.nl_family = AF_NETLINK; |
| if (kernel_->bind(socket_fd_, reinterpret_cast<struct sockaddr*>(&myaddr), |
| sizeof(myaddr)) < 0) { |
| QUIC_LOG(INFO) << "can't bind address to socket"; |
| CloseSocket(); |
| return false; |
| } |
| |
| return true; |
| } |
| |
| void Netlink::CloseSocket() { |
| if (socket_fd_ >= 0) { |
| QUIC_LOG(INFO) << "Closing netlink socket fd = " << socket_fd_; |
| kernel_->close(socket_fd_); |
| } |
| ResetRecvBuf(0); |
| socket_fd_ = -1; |
| } |
| |
| namespace { |
| |
| class LinkInfoParser : public NetlinkParserInterface { |
| public: |
| LinkInfoParser(std::string interface_name, Netlink::LinkInfo* link_info) |
| : interface_name_(std::move(interface_name)), link_info_(link_info) {} |
| |
| void Run(struct nlmsghdr* netlink_message) override { |
| if (netlink_message->nlmsg_type != RTM_NEWLINK) { |
| QUIC_LOG(INFO) << quiche::QuicheStrCat( |
| "Unexpected nlmsg_type: ", netlink_message->nlmsg_type, |
| " expected: ", RTM_NEWLINK); |
| return; |
| } |
| |
| struct ifinfomsg* interface_info = |
| reinterpret_cast<struct ifinfomsg*>(NLMSG_DATA(netlink_message)); |
| |
| // make sure interface_info is what we asked for. |
| if (interface_info->ifi_family != AF_UNSPEC) { |
| QUIC_LOG(INFO) << quiche::QuicheStrCat( |
| "Unexpected ifi_family: ", interface_info->ifi_family, |
| " expected: ", AF_UNSPEC); |
| return; |
| } |
| |
| char hardware_address[kHwAddrSize]; |
| size_t hardware_address_length = 0; |
| char broadcast_address[kHwAddrSize]; |
| size_t broadcast_address_length = 0; |
| std::string name; |
| |
| // loop through the attributes |
| struct rtattr* rta; |
| int payload_length = IFLA_PAYLOAD(netlink_message); |
| for (rta = IFLA_RTA(interface_info); RTA_OK(rta, payload_length); |
| rta = RTA_NEXT(rta, payload_length)) { |
| int attribute_length; |
| switch (rta->rta_type) { |
| case IFLA_ADDRESS: { |
| attribute_length = RTA_PAYLOAD(rta); |
| if (attribute_length > kHwAddrSize) { |
| QUIC_VLOG(2) << "IFLA_ADDRESS too long: " << attribute_length; |
| break; |
| } |
| memmove(hardware_address, RTA_DATA(rta), attribute_length); |
| hardware_address_length = attribute_length; |
| break; |
| } |
| case IFLA_BROADCAST: { |
| attribute_length = RTA_PAYLOAD(rta); |
| if (attribute_length > kHwAddrSize) { |
| QUIC_VLOG(2) << "IFLA_BROADCAST too long: " << attribute_length; |
| break; |
| } |
| memmove(broadcast_address, RTA_DATA(rta), attribute_length); |
| broadcast_address_length = attribute_length; |
| break; |
| } |
| case IFLA_IFNAME: { |
| name = std::string(reinterpret_cast<char*>(RTA_DATA(rta)), |
| RTA_PAYLOAD(rta)); |
| // The name maybe a 0 terminated c string. |
| name = name.substr(0, name.find('\0')); |
| break; |
| } |
| } |
| } |
| |
| QUIC_VLOG(2) << "interface name: " << name |
| << ", index: " << interface_info->ifi_index; |
| |
| if (name == interface_name_) { |
| link_info_->index = interface_info->ifi_index; |
| link_info_->type = interface_info->ifi_type; |
| link_info_->hardware_address_length = hardware_address_length; |
| if (hardware_address_length > 0) { |
| memmove(&link_info_->hardware_address, hardware_address, |
| hardware_address_length); |
| } |
| link_info_->broadcast_address_length = broadcast_address_length; |
| if (broadcast_address_length > 0) { |
| memmove(&link_info_->broadcast_address, broadcast_address, |
| broadcast_address_length); |
| } |
| found_link_ = true; |
| } |
| } |
| |
| bool found_link() { return found_link_; } |
| |
| private: |
| const std::string interface_name_; |
| Netlink::LinkInfo* const link_info_; |
| bool found_link_ = false; |
| }; |
| |
| } // namespace |
| |
| bool Netlink::GetLinkInfo(const std::string& interface_name, |
| LinkInfo* link_info) { |
| auto message = LinkMessage::New(RtnetlinkMessage::Operation::GET, |
| NLM_F_ROOT | NLM_F_MATCH | NLM_F_REQUEST, |
| seq_, getpid(), nullptr); |
| |
| if (!Send(message.BuildIoVec().get(), message.IoVecSize())) { |
| QUIC_LOG(ERROR) << "send failed."; |
| return false; |
| } |
| |
| // Pass the parser to the receive routine. It may be called multiple times |
| // since there may be multiple reply packets each with multiple reply |
| // messages. |
| LinkInfoParser parser(interface_name, link_info); |
| if (!Recv(seq_++, &parser)) { |
| QUIC_LOG(ERROR) << "recv failed."; |
| return false; |
| } |
| |
| return parser.found_link(); |
| } |
| |
| namespace { |
| |
| class LocalAddressParser : public NetlinkParserInterface { |
| public: |
| LocalAddressParser(int interface_index, |
| uint8_t unwanted_flags, |
| std::vector<Netlink::AddressInfo>* local_addresses, |
| int* num_ipv6_nodad_dadfailed_addresses) |
| : interface_index_(interface_index), |
| unwanted_flags_(unwanted_flags), |
| local_addresses_(local_addresses), |
| num_ipv6_nodad_dadfailed_addresses_( |
| num_ipv6_nodad_dadfailed_addresses) {} |
| |
| void Run(struct nlmsghdr* netlink_message) override { |
| // each nlmsg contains a header and multiple address attributes. |
| if (netlink_message->nlmsg_type != RTM_NEWADDR) { |
| QUIC_LOG(INFO) << "Unexpected nlmsg_type: " << netlink_message->nlmsg_type |
| << " expected: " << RTM_NEWADDR; |
| return; |
| } |
| |
| struct ifaddrmsg* interface_address = |
| reinterpret_cast<struct ifaddrmsg*>(NLMSG_DATA(netlink_message)); |
| |
| // Make sure this is for an address family we're interested in. |
| if (interface_address->ifa_family != AF_INET && |
| interface_address->ifa_family != AF_INET6) { |
| QUIC_VLOG(2) << quiche::QuicheStrCat("uninteresting ifa family: ", |
| interface_address->ifa_family); |
| return; |
| } |
| |
| // Keep track of addresses with both 'nodad' and 'dadfailed', this really |
| // should't be possible and is likely a kernel bug. |
| if (num_ipv6_nodad_dadfailed_addresses_ != nullptr && |
| (interface_address->ifa_flags & IFA_F_NODAD) && |
| (interface_address->ifa_flags & IFA_F_DADFAILED)) { |
| ++(*num_ipv6_nodad_dadfailed_addresses_); |
| } |
| |
| uint8_t unwanted_flags = interface_address->ifa_flags & unwanted_flags_; |
| if (unwanted_flags != 0) { |
| QUIC_VLOG(2) << quiche::QuicheStrCat("unwanted ifa flags: ", |
| unwanted_flags); |
| return; |
| } |
| |
| // loop through the attributes |
| struct rtattr* rta; |
| int payload_length = IFA_PAYLOAD(netlink_message); |
| Netlink::AddressInfo address_info; |
| for (rta = IFA_RTA(interface_address); RTA_OK(rta, payload_length); |
| rta = RTA_NEXT(rta, payload_length)) { |
| // There's quite a lot of confusion in Linux over the use of IFA_LOCAL and |
| // IFA_ADDRESS (source and destination address). For broadcast links, such |
| // as Ethernet, they are identical (see <linux/if_addr.h>), but the kernel |
| // sometimes uses only one or the other. We'll return both so that the |
| // caller can decide which to use. |
| if (rta->rta_type != IFA_LOCAL && rta->rta_type != IFA_ADDRESS) { |
| QUIC_VLOG(2) << "Ignoring uninteresting rta_type: " << rta->rta_type; |
| continue; |
| } |
| |
| switch (interface_address->ifa_family) { |
| case AF_INET: |
| QUIC_FALLTHROUGH_INTENDED; |
| case AF_INET6: |
| // QuicIpAddress knows how to parse ip from raw bytes as long as they |
| // are in network byte order. |
| if (RTA_PAYLOAD(rta) == sizeof(struct in_addr) || |
| RTA_PAYLOAD(rta) == sizeof(struct in6_addr)) { |
| auto* raw_ip = reinterpret_cast<char*>(RTA_DATA(rta)); |
| if (rta->rta_type == IFA_LOCAL) { |
| address_info.local_address.FromPackedString(raw_ip, |
| RTA_PAYLOAD(rta)); |
| } else { |
| address_info.interface_address.FromPackedString(raw_ip, |
| RTA_PAYLOAD(rta)); |
| } |
| } |
| break; |
| default: |
| QUIC_LOG(ERROR) << quiche::QuicheStrCat( |
| "Unknown address family: ", interface_address->ifa_family); |
| } |
| } |
| |
| QUIC_VLOG(2) << "local_address: " << address_info.local_address.ToString() |
| << " interface_address: " |
| << address_info.interface_address.ToString() |
| << " index: " << interface_address->ifa_index; |
| if (interface_address->ifa_index != interface_index_) { |
| return; |
| } |
| |
| address_info.prefix_length = interface_address->ifa_prefixlen; |
| address_info.scope = interface_address->ifa_scope; |
| if (address_info.local_address.IsInitialized() || |
| address_info.interface_address.IsInitialized()) { |
| local_addresses_->push_back(address_info); |
| } |
| } |
| |
| private: |
| const int interface_index_; |
| const uint8_t unwanted_flags_; |
| std::vector<Netlink::AddressInfo>* const local_addresses_; |
| int* const num_ipv6_nodad_dadfailed_addresses_; |
| }; |
| |
| } // namespace |
| |
| bool Netlink::GetAddresses(int interface_index, |
| uint8_t unwanted_flags, |
| std::vector<AddressInfo>* addresses, |
| int* num_ipv6_nodad_dadfailed_addresses) { |
| // the message doesn't contain the index, we'll have to do the filtering while |
| // parsing the reply. This is because NLM_F_MATCH, which only returns entries |
| // that matches the request criteria, is not yet implemented (see man 3 |
| // netlink). |
| auto message = AddressMessage::New(RtnetlinkMessage::Operation::GET, |
| NLM_F_ROOT | NLM_F_MATCH | NLM_F_REQUEST, |
| seq_, getpid(), nullptr); |
| |
| // the send routine returns the socket to listen on. |
| if (!Send(message.BuildIoVec().get(), message.IoVecSize())) { |
| QUIC_LOG(ERROR) << "send failed."; |
| return false; |
| } |
| |
| addresses->clear(); |
| if (num_ipv6_nodad_dadfailed_addresses != nullptr) { |
| *num_ipv6_nodad_dadfailed_addresses = 0; |
| } |
| |
| LocalAddressParser parser(interface_index, unwanted_flags, addresses, |
| num_ipv6_nodad_dadfailed_addresses); |
| // Pass the parser to the receive routine. It may be called multiple times |
| // since there may be multiple reply packets each with multiple reply |
| // messages. |
| if (!Recv(seq_++, &parser)) { |
| QUIC_LOG(ERROR) << "recv failed"; |
| return false; |
| } |
| return true; |
| } |
| |
| namespace { |
| |
| class UnknownParser : public NetlinkParserInterface { |
| public: |
| void Run(struct nlmsghdr* netlink_message) override { |
| QUIC_LOG(INFO) << "nlmsg reply type: " << netlink_message->nlmsg_type; |
| } |
| }; |
| |
| } // namespace |
| |
| bool Netlink::ChangeLocalAddress( |
| uint32_t interface_index, |
| Verb verb, |
| const QuicIpAddress& address, |
| uint8_t prefix_length, |
| uint8_t ifa_flags, |
| uint8_t ifa_scope, |
| const std::vector<struct rtattr*>& additional_attributes) { |
| if (verb == Verb::kReplace) { |
| return false; |
| } |
| auto operation = verb == Verb::kAdd ? RtnetlinkMessage::Operation::NEW |
| : RtnetlinkMessage::Operation::DEL; |
| uint8_t address_family; |
| if (address.address_family() == IpAddressFamily::IP_V4) { |
| address_family = AF_INET; |
| } else if (address.address_family() == IpAddressFamily::IP_V6) { |
| address_family = AF_INET6; |
| } else { |
| return false; |
| } |
| |
| struct ifaddrmsg address_header = {address_family, prefix_length, ifa_flags, |
| ifa_scope, interface_index}; |
| |
| auto message = AddressMessage::New(operation, NLM_F_REQUEST | NLM_F_ACK, seq_, |
| getpid(), &address_header); |
| |
| for (const auto& attribute : additional_attributes) { |
| if (attribute->rta_type == IFA_LOCAL) { |
| continue; |
| } |
| message.AppendAttribute(attribute->rta_type, RTA_DATA(attribute), |
| RTA_PAYLOAD(attribute)); |
| } |
| |
| message.AppendAttribute(IFA_LOCAL, address.ToPackedString().c_str(), |
| address.ToPackedString().size()); |
| |
| if (!Send(message.BuildIoVec().get(), message.IoVecSize())) { |
| QUIC_LOG(ERROR) << "send failed"; |
| return false; |
| } |
| |
| UnknownParser parser; |
| if (!Recv(seq_++, &parser)) { |
| QUIC_LOG(ERROR) << "receive failed."; |
| return false; |
| } |
| return true; |
| } |
| |
| namespace { |
| |
| class RoutingRuleParser : public NetlinkParserInterface { |
| public: |
| explicit RoutingRuleParser(std::vector<Netlink::RoutingRule>* routing_rules) |
| : routing_rules_(routing_rules) {} |
| |
| void Run(struct nlmsghdr* netlink_message) override { |
| if (netlink_message->nlmsg_type != RTM_NEWROUTE) { |
| QUIC_LOG(WARNING) << quiche::QuicheStrCat( |
| "Unexpected nlmsg_type: ", netlink_message->nlmsg_type, |
| " expected: ", RTM_NEWROUTE); |
| return; |
| } |
| |
| auto* route = reinterpret_cast<struct rtmsg*>(NLMSG_DATA(netlink_message)); |
| int payload_length = RTM_PAYLOAD(netlink_message); |
| |
| if (route->rtm_family != AF_INET && route->rtm_family != AF_INET6) { |
| QUIC_VLOG(2) << quiche::QuicheStrCat("Uninteresting family: ", |
| route->rtm_family); |
| return; |
| } |
| |
| Netlink::RoutingRule rule; |
| rule.scope = route->rtm_scope; |
| rule.table = route->rtm_table; |
| |
| struct rtattr* rta; |
| for (rta = RTM_RTA(route); RTA_OK(rta, payload_length); |
| rta = RTA_NEXT(rta, payload_length)) { |
| switch (rta->rta_type) { |
| case RTA_TABLE: { |
| rule.table = *reinterpret_cast<uint32_t*>(RTA_DATA(rta)); |
| break; |
| } |
| case RTA_DST: { |
| QuicIpAddress destination; |
| destination.FromPackedString(reinterpret_cast<char*> RTA_DATA(rta), |
| RTA_PAYLOAD(rta)); |
| rule.destination_subnet = IpRange(destination, route->rtm_dst_len); |
| break; |
| } |
| case RTA_PREFSRC: { |
| QuicIpAddress preferred_source; |
| rule.preferred_source.FromPackedString( |
| reinterpret_cast<char*> RTA_DATA(rta), RTA_PAYLOAD(rta)); |
| break; |
| } |
| case RTA_OIF: { |
| rule.out_interface = *reinterpret_cast<int*>(RTA_DATA(rta)); |
| break; |
| } |
| default: { |
| QUIC_VLOG(2) << quiche::QuicheStrCat("Uninteresting attribute: ", |
| rta->rta_type); |
| } |
| } |
| } |
| routing_rules_->push_back(rule); |
| } |
| |
| private: |
| std::vector<Netlink::RoutingRule>* routing_rules_; |
| }; |
| |
| } // namespace |
| |
| bool Netlink::GetRouteInfo(std::vector<Netlink::RoutingRule>* routing_rules) { |
| rtmsg route_message{}; |
| // Only manipulate main routing table. |
| route_message.rtm_table = RT_TABLE_MAIN; |
| |
| auto message = RouteMessage::New(RtnetlinkMessage::Operation::GET, |
| NLM_F_REQUEST | NLM_F_ROOT | NLM_F_MATCH, |
| seq_, getpid(), &route_message); |
| |
| if (!Send(message.BuildIoVec().get(), message.IoVecSize())) { |
| QUIC_LOG(ERROR) << "send failed"; |
| return false; |
| } |
| |
| RoutingRuleParser parser(routing_rules); |
| if (!Recv(seq_++, &parser)) { |
| QUIC_LOG(ERROR) << "recv failed"; |
| return false; |
| } |
| |
| return true; |
| } |
| |
| bool Netlink::ChangeRoute(Netlink::Verb verb, |
| uint32_t table, |
| const IpRange& destination_subnet, |
| uint8_t scope, |
| QuicIpAddress preferred_source, |
| int32_t interface_index) { |
| if (!destination_subnet.prefix().IsInitialized()) { |
| return false; |
| } |
| if (destination_subnet.address_family() != IpAddressFamily::IP_V4 && |
| destination_subnet.address_family() != IpAddressFamily::IP_V6) { |
| return false; |
| } |
| if (preferred_source.IsInitialized() && |
| preferred_source.address_family() != |
| destination_subnet.address_family()) { |
| return false; |
| } |
| |
| RtnetlinkMessage::Operation operation; |
| uint16_t flags = NLM_F_REQUEST | NLM_F_ACK; |
| switch (verb) { |
| case Verb::kAdd: |
| operation = RtnetlinkMessage::Operation::NEW; |
| // Setting NLM_F_EXCL so that an existing entry for this subnet will fail |
| // the request. NLM_F_CREATE is necessary to indicate this is trying to |
| // create a new entry - simply having RTM_NEWROUTE is not enough even the |
| // name suggests so. |
| flags |= NLM_F_EXCL | NLM_F_CREATE; |
| break; |
| case Verb::kRemove: |
| operation = RtnetlinkMessage::Operation::DEL; |
| break; |
| case Verb::kReplace: |
| operation = RtnetlinkMessage::Operation::NEW; |
| // Setting NLM_F_REPLACE to tell the kernel that existing entry for this |
| // subnet should be replaced. |
| flags |= NLM_F_REPLACE | NLM_F_CREATE; |
| break; |
| } |
| |
| struct rtmsg route_message; |
| memset(&route_message, 0, sizeof(route_message)); |
| route_message.rtm_family = |
| destination_subnet.address_family() == IpAddressFamily::IP_V4 ? AF_INET |
| : AF_INET6; |
| // rtm_dst_len and rtm_src_len are actually the subnet prefix lengths. Poor |
| // naming. |
| route_message.rtm_dst_len = destination_subnet.prefix_length(); |
| // 0 means no source subnet for this rule. |
| route_message.rtm_src_len = 0; |
| // Only program the main table. Other tables are intended for the kernel to |
| // manage. |
| route_message.rtm_table = RT_TABLE_MAIN; |
| // Use RTPROT_UNSPEC to match all the different protocol. Rules added by |
| // kernel have RTPROT_KERNEL. Rules added by the root user have RTPROT_STATIC |
| // instead. |
| route_message.rtm_protocol = |
| verb == Verb::kRemove ? RTPROT_UNSPEC : RTPROT_STATIC; |
| route_message.rtm_scope = scope; |
| // Only add unicast routing rule. |
| route_message.rtm_type = RTN_UNICAST; |
| auto message = |
| RouteMessage::New(operation, flags, seq_, getpid(), &route_message); |
| |
| message.AppendAttribute(RTA_TABLE, &table, sizeof(table)); |
| |
| // RTA_OIF is the target interface for this rule. |
| message.AppendAttribute(RTA_OIF, &interface_index, sizeof(interface_index)); |
| // The actual destination subnet must be truncated of all the tailing zeros. |
| message.AppendAttribute( |
| RTA_DST, |
| reinterpret_cast<const void*>( |
| destination_subnet.prefix().ToPackedString().c_str()), |
| destination_subnet.prefix().ToPackedString().size()); |
| // This is the source address to use in the IP packet should this routing rule |
| // is used. |
| if (preferred_source.IsInitialized()) { |
| message.AppendAttribute(RTA_PREFSRC, |
| reinterpret_cast<const void*>( |
| preferred_source.ToPackedString().c_str()), |
| preferred_source.ToPackedString().size()); |
| } |
| |
| if (!Send(message.BuildIoVec().get(), message.IoVecSize())) { |
| QUIC_LOG(ERROR) << "send failed"; |
| return false; |
| } |
| |
| UnknownParser parser; |
| if (!Recv(seq_++, &parser)) { |
| QUIC_LOG(ERROR) << "receive failed."; |
| return false; |
| } |
| return true; |
| } |
| |
| namespace { |
| |
| class IpRuleParser : public NetlinkParserInterface { |
| public: |
| explicit IpRuleParser(std::vector<Netlink::IpRule>* ip_rules) |
| : ip_rules_(ip_rules) {} |
| |
| void Run(struct nlmsghdr* netlink_message) override { |
| if (netlink_message->nlmsg_type != RTM_NEWRULE) { |
| QUIC_LOG(WARNING) << quiche::QuicheStrCat( |
| "Unexpected nlmsg_type: ", netlink_message->nlmsg_type, |
| " expected: ", RTM_NEWRULE); |
| return; |
| } |
| |
| auto* rule = reinterpret_cast<rtmsg*>(NLMSG_DATA(netlink_message)); |
| int payload_length = RTM_PAYLOAD(netlink_message); |
| |
| if (rule->rtm_family != AF_INET6) { |
| QUIC_LOG(ERROR) << quiche::QuicheStrCat("Unexpected family: ", |
| rule->rtm_family); |
| return; |
| } |
| |
| Netlink::IpRule ip_rule; |
| ip_rule.table = rule->rtm_table; |
| |
| struct rtattr* rta; |
| for (rta = RTM_RTA(rule); RTA_OK(rta, payload_length); |
| rta = RTA_NEXT(rta, payload_length)) { |
| switch (rta->rta_type) { |
| case RTA_TABLE: { |
| ip_rule.table = *reinterpret_cast<uint32_t*>(RTA_DATA(rta)); |
| break; |
| } |
| case RTA_SRC: { |
| QuicIpAddress src_addr; |
| src_addr.FromPackedString(reinterpret_cast<char*>(RTA_DATA(rta)), |
| RTA_PAYLOAD(rta)); |
| IpRange src_range(src_addr, rule->rtm_src_len); |
| ip_rule.source_range = src_range; |
| break; |
| } |
| default: { |
| QUIC_VLOG(2) << quiche::QuicheStrCat("Uninteresting attribute: ", |
| rta->rta_type); |
| } |
| } |
| } |
| ip_rules_->emplace_back(ip_rule); |
| } |
| |
| private: |
| std::vector<Netlink::IpRule>* ip_rules_; |
| }; |
| |
| } // namespace |
| |
| bool Netlink::GetRuleInfo(std::vector<Netlink::IpRule>* ip_rules) { |
| rtmsg rule_message{}; |
| rule_message.rtm_family = AF_INET6; |
| |
| auto message = RuleMessage::New(RtnetlinkMessage::Operation::GET, |
| NLM_F_REQUEST | NLM_F_DUMP, seq_, getpid(), |
| &rule_message); |
| |
| if (!Send(message.BuildIoVec().get(), message.IoVecSize())) { |
| QUIC_LOG(ERROR) << "send failed"; |
| return false; |
| } |
| |
| IpRuleParser parser(ip_rules); |
| if (!Recv(seq_++, &parser)) { |
| QUIC_LOG(ERROR) << "receive failed."; |
| return false; |
| } |
| return true; |
| } |
| |
| bool Netlink::ChangeRule(Verb verb, uint32_t table, IpRange source_range) { |
| RtnetlinkMessage::Operation operation; |
| uint16_t flags = NLM_F_REQUEST | NLM_F_ACK; |
| |
| rtmsg rule_message{}; |
| rule_message.rtm_family = AF_INET6; |
| rule_message.rtm_protocol = RTPROT_STATIC; |
| rule_message.rtm_scope = RT_SCOPE_UNIVERSE; |
| rule_message.rtm_table = RT_TABLE_UNSPEC; |
| |
| rule_message.rtm_flags |= FIB_RULE_FIND_SADDR; |
| |
| switch (verb) { |
| case Verb::kAdd: |
| if (!source_range.IsInitialized()) { |
| QUIC_LOG(ERROR) << "Source range must be initialized."; |
| return false; |
| } |
| operation = RtnetlinkMessage::Operation::NEW; |
| flags |= NLM_F_EXCL | NLM_F_CREATE; |
| rule_message.rtm_type = FRA_DST; |
| rule_message.rtm_src_len = source_range.prefix_length(); |
| break; |
| case Verb::kRemove: |
| operation = RtnetlinkMessage::Operation::DEL; |
| break; |
| case Verb::kReplace: |
| QUIC_LOG(ERROR) << "Unsupported verb: kReplace"; |
| return false; |
| } |
| auto message = |
| RuleMessage::New(operation, flags, seq_, getpid(), &rule_message); |
| |
| message.AppendAttribute(RTA_TABLE, &table, sizeof(table)); |
| |
| if (source_range.IsInitialized()) { |
| std::string packed_src = source_range.prefix().ToPackedString(); |
| message.AppendAttribute(RTA_SRC, |
| reinterpret_cast<const void*>(packed_src.c_str()), |
| packed_src.size()); |
| } |
| |
| if (!Send(message.BuildIoVec().get(), message.IoVecSize())) { |
| QUIC_LOG(ERROR) << "send failed"; |
| return false; |
| } |
| |
| UnknownParser parser; |
| if (!Recv(seq_++, &parser)) { |
| QUIC_LOG(ERROR) << "receive failed."; |
| return false; |
| } |
| return true; |
| } |
| |
| bool Netlink::Send(struct iovec* iov, size_t iovlen) { |
| if (!OpenSocket()) { |
| QUIC_LOG(ERROR) << "can't open socket"; |
| return false; |
| } |
| |
| // an address for communicating with the kernel netlink code |
| sockaddr_nl netlink_address; |
| memset(&netlink_address, 0, sizeof(netlink_address)); |
| netlink_address.nl_family = AF_NETLINK; |
| netlink_address.nl_pid = 0; // destination is kernel |
| netlink_address.nl_groups = 0; // no multicast |
| |
| struct msghdr msg = { |
| &netlink_address, sizeof(netlink_address), iov, iovlen, nullptr, 0, 0}; |
| |
| if (kernel_->sendmsg(socket_fd_, &msg, 0) < 0) { |
| QUIC_LOG(ERROR) << "sendmsg failed"; |
| CloseSocket(); |
| return false; |
| } |
| |
| return true; |
| } |
| |
| bool Netlink::Recv(uint32_t seq, NetlinkParserInterface* parser) { |
| sockaddr_nl netlink_address; |
| |
| // replies can span multiple packets |
| for (;;) { |
| socklen_t address_length = sizeof(netlink_address); |
| |
| // First, call recvfrom with buffer size of 0 and MSG_PEEK | MSG_TRUNC set |
| // so that we know the size of the incoming packet before actually receiving |
| // it. |
| int next_packet_size = kernel_->recvfrom( |
| socket_fd_, recvbuf_.get(), /* len = */ 0, MSG_PEEK | MSG_TRUNC, |
| reinterpret_cast<struct sockaddr*>(&netlink_address), &address_length); |
| if (next_packet_size < 0) { |
| QUIC_LOG(ERROR) |
| << "error recvfrom with MSG_PEEK | MSG_TRUNC to get packet length."; |
| CloseSocket(); |
| return false; |
| } |
| QUIC_VLOG(3) << "netlink packet size: " << next_packet_size; |
| if (next_packet_size > recvbuf_length_) { |
| QUIC_VLOG(2) << "resizing recvbuf to " << next_packet_size; |
| ResetRecvBuf(next_packet_size); |
| } |
| |
| // Get the packet for real. |
| memset(recvbuf_.get(), 0, recvbuf_length_); |
| int len = kernel_->recvfrom( |
| socket_fd_, recvbuf_.get(), recvbuf_length_, /* flags = */ 0, |
| reinterpret_cast<struct sockaddr*>(&netlink_address), &address_length); |
| QUIC_VLOG(3) << "recvfrom returned: " << len; |
| if (len < 0) { |
| QUIC_LOG(INFO) << "can't receive netlink packet"; |
| CloseSocket(); |
| return false; |
| } |
| |
| // there may be multiple nlmsg's in each reply packet |
| struct nlmsghdr* netlink_message; |
| for (netlink_message = reinterpret_cast<struct nlmsghdr*>(recvbuf_.get()); |
| NLMSG_OK(netlink_message, len); |
| netlink_message = NLMSG_NEXT(netlink_message, len)) { |
| QUIC_VLOG(3) << "netlink_message->nlmsg_type = " |
| << netlink_message->nlmsg_type; |
| // make sure this is to us |
| if (netlink_message->nlmsg_seq != seq) { |
| QUIC_LOG(INFO) << "netlink_message not meant for us." |
| << " seq: " << seq |
| << " nlmsg_seq: " << netlink_message->nlmsg_seq; |
| continue; |
| } |
| |
| // done with this whole reply (not just this particular packet) |
| if (netlink_message->nlmsg_type == NLMSG_DONE) { |
| return true; |
| } |
| if (netlink_message->nlmsg_type == NLMSG_ERROR) { |
| struct nlmsgerr* err = |
| reinterpret_cast<struct nlmsgerr*>(NLMSG_DATA(netlink_message)); |
| if (netlink_message->nlmsg_len < |
| NLMSG_LENGTH(sizeof(struct nlmsgerr))) { |
| QUIC_LOG(INFO) << "netlink_message ERROR truncated"; |
| } else { |
| // an ACK |
| if (err->error == 0) { |
| QUIC_VLOG(3) << "Netlink sent an ACK"; |
| return true; |
| } |
| QUIC_LOG(INFO) << "netlink_message ERROR: " << err->error; |
| } |
| return false; |
| } |
| |
| parser->Run(netlink_message); |
| } |
| } |
| } |
| |
| } // namespace quic |