From nobody Mon Jan 23 22:12:23 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P148m2MRWz2t0qL; Mon, 23 Jan 2023 22:12:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4P148l65Dnz3MfW; Mon, 23 Jan 2023 22:12:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674511943; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DFMiG/ysPE5mGedDeplw35mjpXPcmmwa60q6DJOoDAI=; b=xNmbyH6VPjK9df6OZSW3bs7SMZFHQH2LetiLqdhLvzfUUhpl1WaYK9y4YTcgqPkymskbrv zG1XVbKLolLJ6JTTSiAvxm1qVwKG2bf98WHuOtMMrO33SdwQGAhiSmgu5m0dqXo26zqlmb zrdSa2YQHjTy/TnzxGLBr8SmSyvd4B4/oW1Fe48p/brNxoBL0LgglycZUaPTw2ttYorIgY SvM0znyRR4jkNS+qLsnM5U+nH9G1tlnWAbmyXo0Ik/W2vU/XLplVRuD8QAN2dVydZkyk9N bs0WXurcwDkjKf1ZvN91moX2NsupSdaOxwBtNKrarzUQz458tkDj4K9ux83mhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674511943; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DFMiG/ysPE5mGedDeplw35mjpXPcmmwa60q6DJOoDAI=; b=HslRmkgxxSCbjSggJY8wh7Lci9/n27b75xk04Z17+WLdbfRo25NCTrR+Q4th/71up7t1R/ zi8wXVky+P8nt1KTp9KfMgWCbhGriW5iu5nRigFu3kCQpJ6j3mZfop2FcT9qZtycvizBB3 5T9G/kN6U84SqPmpqt9mYHBFTAiOFpER7dN/Yt2HpXBYNRFnJKkWFj2vTshXEBbypHrNYC vY9959oXVmPvIb0yxyGXfFMf/kgiQaYXai489qWEYxzJIwgtG+TbBMP5ccx4XyTnJf2eVX 8xuRDesA7Q+uY/3siNpt1eWDhgmxy+7oLOMMYlkHcMtHJFgDbBCoNXLKfLPTkg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1674511943; a=rsa-sha256; cv=none; b=fA31xenVM+FkWIuNCe1p1Oip1Nh84Kx/qzIwKePLhKaePwFBmqgoAVz0HJ0i+gDrj8AT41 eZDOMJyiZPk/wL7anvyk5Ea+HKk4pYSBzTpKZanB6gLNNwzRILgGXkKBn/Ox4GNrPBgFwP 3jrGe+lfQABURkDAUx2shMdqsiHdLv8sp1IpR5Cxl8GdmzE2NzbZ+s9ylg+D7xCbEz8mHW hsLsoOhbqGVWov5+fy7Pu6fmmg1pQcO17iksdm5pSqXiu2T2n7oeHtrFc4jsi2dDuFaHKx Hfuq3T8v0p3cHxbeLssS/MBOBel8ivX71EbaujHkXOo2tacYlrfmtZMGLkqZXg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4P148l5BB6zlC6; Mon, 23 Jan 2023 22:12:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 30NMCNRo017388; Mon, 23 Jan 2023 22:12:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 30NMCNVG017387; Mon, 23 Jan 2023 22:12:23 GMT (envelope-from git) Date: Mon, 23 Jan 2023 22:12:23 GMT Message-Id: <202301232212.30NMCNVG017387@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: "Alexander V. Chernikov" Subject: git: 92d8e0f13657 - stable/13 - netlink: fix compatibility with older netlink applications. List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: melifaro X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 92d8e0f136576d8a57e374fa4e460fc8903b68b6 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by melifaro: URL: https://cgit.FreeBSD.org/src/commit/?id=92d8e0f136576d8a57e374fa4e460fc8903b68b6 commit 92d8e0f136576d8a57e374fa4e460fc8903b68b6 Author: Alexander V. Chernikov AuthorDate: 2023-01-16 12:14:35 +0000 Commit: Alexander V. Chernikov CommitDate: 2023-01-23 22:09:05 +0000 netlink: fix compatibility with older netlink applications. Some apps try to provide only the non-zero part of the required message header instead of the full one. It happens when fetching routes or interface addresses, where the first header byte is the family. This behavior is "illegal" under the "strict" Netlink socket option, however there are many applications out there doing things in the "old" way. Support this usecase by copying the provided bytes into the temporary zero-filled header and running the parser on this header instead. Reported by: Goran Mekić (cherry picked from commit 228c632ab3f6245df4a08d8692d49c8e12aacc27) --- sys/netlink/netlink_message_parser.h | 16 +++++++++++++--- tests/sys/netlink/test_rtnl_ifaddr.py | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+), 3 deletions(-) diff --git a/sys/netlink/netlink_message_parser.h b/sys/netlink/netlink_message_parser.h index 96fd1c7337b7..3f64c1967f09 100644 --- a/sys/netlink/netlink_message_parser.h +++ b/sys/netlink/netlink_message_parser.h @@ -213,9 +213,19 @@ nl_parse_header(void *hdr, int len, const struct nlhdr_parser *parser, int error; if (__predict_false(len < parser->nl_hdr_off)) { - nlmsg_report_err_msg(npt, "header too short: expected %d, got %d", - parser->nl_hdr_off, len); - return (EINVAL); + if (npt->strict) { + nlmsg_report_err_msg(npt, "header too short: expected %d, got %d", + parser->nl_hdr_off, len); + return (EINVAL); + } + + /* Compat with older applications: pretend there's a full header */ + void *tmp_hdr = npt_alloc(npt, parser->nl_hdr_off); + if (tmp_hdr == NULL) + return (EINVAL); + memcpy(tmp_hdr, hdr, len); + hdr = tmp_hdr; + len = parser->nl_hdr_off; } if (npt->strict && parser->sp != NULL && !parser->sp(hdr, npt)) diff --git a/tests/sys/netlink/test_rtnl_ifaddr.py b/tests/sys/netlink/test_rtnl_ifaddr.py index bd1c55e268e7..ec349fcd6fde 100644 --- a/tests/sys/netlink/test_rtnl_ifaddr.py +++ b/tests/sys/netlink/test_rtnl_ifaddr.py @@ -8,6 +8,7 @@ from atf_python.sys.net.netlink import NetlinkTestTemplate from atf_python.sys.net.netlink import NlConst from atf_python.sys.net.netlink import NlHelper from atf_python.sys.net.netlink import NlmBaseFlags +from atf_python.sys.net.netlink import Nlmsghdr from atf_python.sys.net.netlink import NlMsgType from atf_python.sys.net.netlink import NlRtMsgType from atf_python.sys.net.netlink import Nlsock @@ -68,6 +69,25 @@ class TestRtNlIfaddr(NetlinkTestTemplate, SingleVnetTestTemplate): assert len([r for r in ret if r[0] == ifname and r[1] == socket.AF_INET6]) == 2 assert len(ret) == 3 + def test_46_filter_family_compat(self): + """Tests that family filtering works with the stripped header""" + + hdr = Nlmsghdr( + nlmsg_len=17, + nlmsg_type=NlRtMsgType.RTM_GETADDR.value, + nlmsg_flags=NlmBaseFlags.NLM_F_ACK.value | NlmBaseFlags.NLM_F_REQUEST.value, + nlmsg_seq=self.helper.get_seq() + ) + data = bytes(hdr) + struct.pack("@B", socket.AF_INET) + self.nlsock.write_data(data) + + ret = [] + for rx_msg in self.read_msg_list(hdr.nlmsg_seq, NlRtMsgType.RTM_NEWADDR): + ifname = socket.if_indextoname(rx_msg.base_hdr.ifa_index) + family = rx_msg.base_hdr.ifa_family + ret.append((ifname, family, rx_msg)) + assert len(ret) == 2 + def filter_iface_family(self, family, num_items): """Tests that listing outputs IPv4 for the specific interface""" epair_ifname = self.vnet.iface_alias_map["if1"].name