netlink

Commit Graph

Author	SHA1	Message	Date
Daniel Borkmann	b1e9859792	netlink: enforce similar pid checks as in iproute2 iproute2's own netlink library asserts that the sockaddr sender pid has to be the one of the kernel [0]. It also doesn't bail out on pid mismatch but only skips the message instead. We've seen cases where the latter had a pid 0; in such case we should skip to the next nl message instead of hard bail out. [0] https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/lib/libnetlink.c rtnl_dump_filter_l(), __rtnl_talk_iov() Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>	2019-07-18 17:26:53 -07:00
Ian Bishop	0e3b74dbe2	replace syscall with golang.org/x/sys/unix	2017-10-26 09:45:08 -07:00
Martynas Pumputis	9a7970b3b6	Add XfrmMonitor The implementation subscribes only to XFRMNLGRP_EXPIRE.	2017-02-02 12:58:44 -08:00

Author

SHA1

Message

Date

Daniel Borkmann

b1e9859792

netlink: enforce similar pid checks as in iproute2

iproute2's own netlink library asserts that the sockaddr sender pid
has to be the one of the kernel [0]. It also doesn't bail out on pid
mismatch but only skips the message instead. We've seen cases where
the latter had a pid 0; in such case we should skip to the next nl
message instead of hard bail out.

  [0] https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/lib/libnetlink.c
      rtnl_dump_filter_l(), __rtnl_talk_iov()

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

2019-07-18 17:26:53 -07:00

Ian Bishop

0e3b74dbe2

replace syscall with golang.org/x/sys/unix

2017-10-26 09:45:08 -07:00

Martynas Pumputis

9a7970b3b6

Add XfrmMonitor

The implementation subscribes only to XFRMNLGRP_EXPIRE.

2017-02-02 12:58:44 -08:00

3 Commits