platform: enable strict check on netlink socket dumps

Next commits will start to specify filters when requesting netlink dumps; this requires that strict check is enabled on the socket. When enabling strict check, we need to pass full structs in the netlink message, otherwise kernel ignores it. This commit doesn't change behavior.
2024-10-01 13:55:36 +00:00 · 2024-04-28 23:22:56 +02:00 · 2024-04-28 23:22:56 +02:00 · e11e8b2bc6
parent e234fad821
commit e11e8b2bc6
2 changed files with 33 additions and 7 deletions
--- a/src/libnm-platform/nm-linux-platform.c
+++ b/src/libnm-platform/nm-linux-platform.c
@ -7772,17 +7772,42 @@ _nl_msg_new_dump_rtnl(NMPObjectType obj_type, int preferred_addr_family)
            g_return_val_if_reached(NULL);
    } break;
    case NMP_OBJECT_TYPE_LINK:
+    {
+        struct ifinfomsg ifm = {};
+
+        if (nlmsg_append_struct(nlmsg, &ifm) < 0)
+            g_return_val_if_reached(NULL);
+        break;
+    }
    case NMP_OBJECT_TYPE_IP4_ADDRESS:
    case NMP_OBJECT_TYPE_IP6_ADDRESS:
-    case NMP_OBJECT_TYPE_IP4_ROUTE:
-    case NMP_OBJECT_TYPE_IP6_ROUTE:
-    case NMP_OBJECT_TYPE_ROUTING_RULE:
    {
-        const struct rtgenmsg gmsg = {
-            .rtgen_family = preferred_addr_family,
+        struct ifaddrmsg ifm = {
+            .ifa_family = preferred_addr_family,
        };

-        if (nlmsg_append_struct(nlmsg, &gmsg) < 0)
+        if (nlmsg_append_struct(nlmsg, &ifm) < 0)
+            g_return_val_if_reached(NULL);
+        break;
+    }
+    case NMP_OBJECT_TYPE_IP4_ROUTE:
+    case NMP_OBJECT_TYPE_IP6_ROUTE:
+    {
+        struct rtmsg rtm = {
+            .rtm_family = preferred_addr_family,
+        };
+
+        if (nlmsg_append_struct(nlmsg, &rtm) < 0)
+            g_return_val_if_reached(NULL);
+        break;
+    }
+    case NMP_OBJECT_TYPE_ROUTING_RULE:
+    {
+        struct fib_rule_hdr frh = {
+            .family = preferred_addr_family,
+        };
+
+        if (nlmsg_append_struct(nlmsg, &frh) < 0)
            g_return_val_if_reached(NULL);
    } break;
    default:
@ -10295,7 +10320,7 @@ ip_route_get(NMPlatform   *platform,
            .r.rtm_family  = addr_family,
            .r.rtm_tos     = 0,
            .r.rtm_dst_len = IS_IPv4 ? 32 : 128,
-            .r.rtm_flags   = IPS_IPv4 ? RTM_F_LOOKUP_TABLE : 0,
+            .r.rtm_flags   = IS_IPv4 ? RTM_F_LOOKUP_TABLE : 0,
        };

        nm_clear_pointer(&route, nmp_object_unref);
--- a/src/libnm-platform/nm-netlink.c
+++ b/src/libnm-platform/nm-netlink.c
@ -1152,6 +1152,7 @@ nl_socket_new(struct nl_sock **out_sk,

    i_val = 1;
    (void) setsockopt(sk->s_fd, SOL_NETLINK, NETLINK_EXT_ACK, &i_val, sizeof(i_val));
+    (void) setsockopt(sk->s_fd, SOL_NETLINK, NETLINK_GET_STRICT_CHK, &i_val, sizeof(i_val));

    if (NM_FLAGS_HAS(flags, NL_SOCKET_FLAGS_PASSCRED)) {
        err = nl_socket_set_passcred(sk, 1);