platform: enable strict check on netlink socket dumps

In the future we might want to specify filters when requesting netlink dumps; this requires that strict check is enabled on the socket. When enabling strict check, we need to pass a full struct in the netlink message, otherwise kernel ignores it. This commit doesn't change behavior.
2024-09-29 21:04:22 +00:00 · 2024-04-28 23:22:56 +02:00 · 2024-04-28 23:22:56 +02:00 · 185932a1a2
parent 2b8d8fe92a
commit 185932a1a2
2 changed files with 32 additions and 6 deletions
--- a/src/libnm-platform/nm-linux-platform.c
+++ b/src/libnm-platform/nm-linux-platform.c
@ -7789,17 +7789,42 @@ _nl_msg_new_dump_rtnl(NMPObjectType obj_type, int preferred_addr_family)
            g_return_val_if_reached(NULL);
    } break;
    case NMP_OBJECT_TYPE_LINK:
+    {
+        struct ifinfomsg ifm = {};
+
+        if (nlmsg_append_struct(nlmsg, &ifm) < 0)
+            g_return_val_if_reached(NULL);
+        break;
+    }
    case NMP_OBJECT_TYPE_IP4_ADDRESS:
    case NMP_OBJECT_TYPE_IP6_ADDRESS:
-    case NMP_OBJECT_TYPE_IP4_ROUTE:
-    case NMP_OBJECT_TYPE_IP6_ROUTE:
-    case NMP_OBJECT_TYPE_ROUTING_RULE:
    {
-        const struct rtgenmsg gmsg = {
-            .rtgen_family = preferred_addr_family,
+        struct ifaddrmsg ifm = {
+            .ifa_family = preferred_addr_family,
        };

-        if (nlmsg_append_struct(nlmsg, &gmsg) < 0)
+        if (nlmsg_append_struct(nlmsg, &ifm) < 0)
+            g_return_val_if_reached(NULL);
+        break;
+    }
+    case NMP_OBJECT_TYPE_IP4_ROUTE:
+    case NMP_OBJECT_TYPE_IP6_ROUTE:
+    {
+        struct rtmsg rtm = {
+            .rtm_family = preferred_addr_family,
+        };
+
+        if (nlmsg_append_struct(nlmsg, &rtm) < 0)
+            g_return_val_if_reached(NULL);
+        break;
+    }
+    case NMP_OBJECT_TYPE_ROUTING_RULE:
+    {
+        struct fib_rule_hdr frh = {
+            .family = preferred_addr_family,
+        };
+
+        if (nlmsg_append_struct(nlmsg, &frh) < 0)
            g_return_val_if_reached(NULL);
    } break;
    default:
--- a/src/libnm-platform/nm-netlink.c
+++ b/src/libnm-platform/nm-netlink.c
@ -1152,6 +1152,7 @@ nl_socket_new(struct nl_sock **out_sk,

    i_val = 1;
    (void) setsockopt(sk->s_fd, SOL_NETLINK, NETLINK_EXT_ACK, &i_val, sizeof(i_val));
+    (void) setsockopt(sk->s_fd, SOL_NETLINK, NETLINK_GET_STRICT_CHK, &i_val, sizeof(i_val));

    if (NM_FLAGS_HAS(flags, NL_SOCKET_FLAGS_PASSCRED)) {
        err = nl_socket_set_passcred(sk, 1);