struct xfrm_usersa_flush contains a single u8, thus sizeof(struct
xfrm_usersa_flush) == 1 as can be verified by running the following
code through go tool cgo -godefs:
package xfrm_test
// #include <linux/xfrm.h>
import "C"
const SizeofXfrmUsersaFlush = C.sizeof_struct_xfrm_usersa_flush
which results in
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs foo.go
package xfrm_test
const SizeofXfrmUsersaFlush = 0x1
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
There was something off with the math for the ServiceCurves. The set value was 8
times too large and the returned one was 8 times too small.
This is now fixed in `class.go` and `class_linux.go` so the user can just set the rate in bit and
it will match the tc show output.
For 4.20 and newer kernels VethPeerIndex() causes a stack corruption as
the kernel is copying more data to golang user space than originally
expected. This is due to a recent kernel commit where it extends veth
driver's ethtool stats for XDP:
https://git.kernel.org/torvalds/c/d397b9682c1c808344dd93b43de8750fa4d9f581
The VethPeerIndex()'s logic is utterly wrong to assume ethtool stats are
never extended in the driver. Unfortunately there is no other way around
in golang than to add serialize/deserialize helpers to have a dynamically
sized ethtoolStats with a uint64 data array that has the size of the previous
result from the ETHTOOL_GSSET_INFO query. This ensures we don't run into
a buffer overflow triggered by kernel's copy_to_user() in ETHTOOL_GSTATS
query (ethtool_get_stats() in kernel). Now, for the deserialize operation
we really only care about the peer's ifindex which is always stored in
the first uint64.
Fixes: 54ad9e3a4c ("Two new functions: LinkSetBondSlave and VethPeerIndex")
Reported-by: Jean Raby <jean@raby.sh>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Cc: phob0s <git@phob0s.pl>
It's not needed for retrieving the veth peer ifindex, and we already
get the set count via earlier ETHTOOL_GSSET_INFO call. Both are copying
veth_get_sset_count() up to user space in veth case (which is the only
user of this anyway).
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
This PR refers to PR@lebauce and add some changes.
- Added some tests to retrieve bond slave information.
- Link.BondSlave is changed to LinkSlave interface.
- BondSlaveState.String() returns UPPER case. (same as iproute2)
- BondSlaveMiiStatus.String() returns UPPER case. (same as iproute2)
When subscribing to neigh updates, the updates for all neigh
protocol families are received. However when listExisting is set,
the request is made with AF_UNSPEC family, this request does not
include AF_BRIDGE entries.
This patch add a second request for AF_BRIDGE entries.
Add test for existing AF_BRIDGE entry and make expectNeighUpdate
take a slice of expected updates
Creates a VXLAN interface for this test as its AF_BRIDGE entries
looks a lot like usual ones
Also add support for latest (2014+) neighbour attributes
NDA_MASTER was added back in 2014, it indicates whether a neigh
entry is linked to a master interface and index of this interface.
The other entries, namely NDA_LINK_NETNSID and NDA_SRC_VNI were
added later and will need extra handling.
Signed-off-by: Nicolas Belouin <nicolas.belouin@gandi.net>
- Add a new Link type, IPoIB, that exposes the following IPoIB attributes:
* IFLA_IPOIB_PKEY
* IFLA_IPOIB_MODE
* IFLA_IPOIB_UMCAST
- Suppport Deserialize for IPoIB link attributes in LinkDeserialize()
- Support IPoIB attributes in LinkAdd()
Today netlink package supports Get/Set of a VF's max TX rate
via IFLA_VF_TX_RATE netlink attribute.
This patch add support to Get/Set of a VFs min and max TX rate
via IFLA_VF_RATE netlink attribute.
- Add support to set min/max tx rate for VF via IFLA_VF_RATE
- Added IFLA_VF_RATE min/max tx rate attributes to netlink.VfInfo
including parsing support in netlink.parseVfInfo()
NOTE: According to [1] IFLA_VF_RATE takes precedence over
IFLA_VF_TX_RATE. Dealing with the co-existance of these
netlink attributes is left for the user to handle.
[1]https://lists.openwall.net/netdev/2014/05/22/42
iproute2's own netlink library asserts that the sockaddr sender pid
has to be the one of the kernel [0]. It also doesn't bail out on pid
mismatch but only skips the message instead. We've seen cases where
the latter had a pid 0; in such case we should skip to the next nl
message instead of hard bail out.
[0] https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/lib/libnetlink.c
rtnl_dump_filter_l(), __rtnl_talk_iov()
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
In order to support BPF_SYSCALL `PROG_GET_FD_BY_ID` -- the ID of the
eBPF must be available.
Add the additional enumerations and handle them when parsing the BPF
filter.
Add a function FilterReplace, which mirrors the behaviour of
QdiscReplace, etc. This makes it possible to swap out filters
with a single netlink message.
This deserializes the tx queue, and rx queue count on link
deserialization. We already supported it on serialization.
Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Add an API to change the RDMA subsystem network namespace mode as either
shared or exclusive similar to
$ rdma system set netns { shared | exclusive }
Signed-off-by: Parav Pandit <parav@mellanox.com>
RDMA subsystem can be running in shared or exclusive mode with regards
to sharing RDMA device sharing among multiple network namespaces.
Add and API to query such mode of kernel similar to iproute2 command
$ rdma system show netns
Signed-off-by: Parav Pandit <parav@mellanox.com>
For tuntap interfaces, return a TunTap Interface instead of
a Generic link when retrieving the interface.
Use netlink extended attributes to populate the Link attributes
for the tuntap link.
In case of older tun driver which does not provide these
attributes, use sysfs to retrieve these attributes.
This commit also adds Owner and Group attributes for the TunTap
Link.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
