| /* GIO - GLib Input, Output and Streaming Library |
| * |
| * Copyright 2011 Red Hat, Inc. |
| * |
| * SPDX-License-Identifier: LGPL-2.1-or-later |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2.1 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General |
| * Public License along with this library; if not, see <http://www.gnu.org/licenses/>. |
| */ |
| |
| #include "config.h" |
| |
| #include <errno.h> |
| #include <string.h> |
| #include <unistd.h> |
| |
| #include "gnetworkmonitornetlink.h" |
| #include "gcredentials.h" |
| #include "ginetaddressmask.h" |
| #include "ginitable.h" |
| #include "giomodule-priv.h" |
| #include "glibintl.h" |
| #include "glib/gstdio.h" |
| #include "gnetworkingprivate.h" |
| #include "gnetworkmonitor.h" |
| #include "gsocket.h" |
| #include "gunixcredentialsmessage.h" |
| |
| /* must come at the end to pick system includes from |
| * gnetworkingprivate.h */ |
| #include <linux/netlink.h> |
| #include <linux/rtnetlink.h> |
| |
| static GInitableIface *initable_parent_iface; |
| static void g_network_monitor_netlink_iface_init (GNetworkMonitorInterface *iface); |
| static void g_network_monitor_netlink_initable_iface_init (GInitableIface *iface); |
| |
| struct _GNetworkMonitorNetlinkPrivate |
| { |
| GSocket *sock; |
| GSource *source, *dump_source; |
| GMainContext *context; |
| |
| GPtrArray *dump_networks; |
| }; |
| |
| static gboolean read_netlink_messages (GNetworkMonitorNetlink *nl, |
| GError **error); |
| static gboolean read_netlink_messages_callback (GSocket *socket, |
| GIOCondition condition, |
| gpointer user_data); |
| static gboolean request_dump (GNetworkMonitorNetlink *nl, |
| GError **error); |
| |
| #define g_network_monitor_netlink_get_type _g_network_monitor_netlink_get_type |
| G_DEFINE_TYPE_WITH_CODE (GNetworkMonitorNetlink, g_network_monitor_netlink, G_TYPE_NETWORK_MONITOR_BASE, |
| G_ADD_PRIVATE (GNetworkMonitorNetlink) |
| G_IMPLEMENT_INTERFACE (G_TYPE_NETWORK_MONITOR, |
| g_network_monitor_netlink_iface_init) |
| G_IMPLEMENT_INTERFACE (G_TYPE_INITABLE, |
| g_network_monitor_netlink_initable_iface_init) |
| _g_io_modules_ensure_extension_points_registered (); |
| g_io_extension_point_implement (G_NETWORK_MONITOR_EXTENSION_POINT_NAME, |
| g_define_type_id, |
| "netlink", |
| 20)) |
| |
| static void |
| g_network_monitor_netlink_init (GNetworkMonitorNetlink *nl) |
| { |
| nl->priv = g_network_monitor_netlink_get_instance_private (nl); |
| } |
| |
| static gboolean |
| g_network_monitor_netlink_initable_init (GInitable *initable, |
| GCancellable *cancellable, |
| GError **error) |
| { |
| GNetworkMonitorNetlink *nl = G_NETWORK_MONITOR_NETLINK (initable); |
| gint sockfd; |
| struct sockaddr_nl snl; |
| |
| /* We create the socket the old-school way because sockaddr_netlink |
| * can't be represented as a GSocketAddress |
| */ |
| sockfd = g_socket (PF_NETLINK, SOCK_RAW, NETLINK_ROUTE, NULL); |
| if (sockfd == -1) |
| { |
| int errsv = errno; |
| g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errsv), |
| _("Could not create network monitor: %s"), |
| g_strerror (errsv)); |
| return FALSE; |
| } |
| |
| snl.nl_family = AF_NETLINK; |
| snl.nl_pid = snl.nl_pad = 0; |
| snl.nl_groups = RTMGRP_IPV4_ROUTE | RTMGRP_IPV6_ROUTE; |
| if (bind (sockfd, (struct sockaddr *)&snl, sizeof (snl)) != 0) |
| { |
| int errsv = errno; |
| g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errsv), |
| _("Could not create network monitor: %s"), |
| g_strerror (errsv)); |
| (void) g_close (sockfd, NULL); |
| return FALSE; |
| } |
| |
| nl->priv->sock = g_socket_new_from_fd (sockfd, error); |
| if (!nl->priv->sock) |
| { |
| g_prefix_error (error, "%s", _("Could not create network monitor: ")); |
| (void) g_close (sockfd, NULL); |
| return FALSE; |
| } |
| |
| if (!g_socket_set_option (nl->priv->sock, SOL_SOCKET, SO_PASSCRED, |
| TRUE, NULL)) |
| { |
| int errsv = errno; |
| g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errsv), |
| _("Could not create network monitor: %s"), |
| g_strerror (errsv)); |
| return FALSE; |
| } |
| |
| /* Request the current state */ |
| if (!request_dump (nl, error)) |
| return FALSE; |
| |
| /* And read responses; since we haven't yet marked the socket |
| * non-blocking, each call will block until a message is received. |
| */ |
| while (nl->priv->dump_networks) |
| { |
| GError *local_error = NULL; |
| if (!read_netlink_messages (nl, &local_error)) |
| { |
| g_warning ("%s", local_error->message); |
| g_clear_error (&local_error); |
| break; |
| } |
| } |
| |
| g_socket_set_blocking (nl->priv->sock, FALSE); |
| nl->priv->context = g_main_context_ref_thread_default (); |
| nl->priv->source = g_socket_create_source (nl->priv->sock, G_IO_IN, NULL); |
| g_source_set_callback (nl->priv->source, |
| (GSourceFunc) read_netlink_messages_callback, nl, NULL); |
| g_source_attach (nl->priv->source, nl->priv->context); |
| |
| return initable_parent_iface->init (initable, cancellable, error); |
| } |
| |
| static gboolean |
| request_dump (GNetworkMonitorNetlink *nl, |
| GError **error) |
| { |
| struct nlmsghdr *n; |
| struct rtgenmsg *gen; |
| gchar buf[NLMSG_SPACE (sizeof (*gen))]; |
| |
| memset (buf, 0, sizeof (buf)); |
| n = (struct nlmsghdr*) buf; |
| n->nlmsg_len = NLMSG_LENGTH (sizeof (*gen)); |
| n->nlmsg_type = RTM_GETROUTE; |
| n->nlmsg_flags = NLM_F_REQUEST | NLM_F_DUMP; |
| n->nlmsg_pid = 0; |
| gen = NLMSG_DATA (n); |
| gen->rtgen_family = AF_UNSPEC; |
| |
| if (g_socket_send (nl->priv->sock, buf, sizeof (buf), |
| NULL, error) < 0) |
| { |
| g_prefix_error (error, "%s", _("Could not get network status: ")); |
| return FALSE; |
| } |
| |
| nl->priv->dump_networks = g_ptr_array_new_with_free_func (g_object_unref); |
| return TRUE; |
| } |
| |
| static gboolean |
| timeout_request_dump (gpointer user_data) |
| { |
| GNetworkMonitorNetlink *nl = user_data; |
| |
| g_source_destroy (nl->priv->dump_source); |
| g_source_unref (nl->priv->dump_source); |
| nl->priv->dump_source = NULL; |
| |
| request_dump (nl, NULL); |
| |
| return FALSE; |
| } |
| |
| static void |
| queue_request_dump (GNetworkMonitorNetlink *nl) |
| { |
| if (nl->priv->dump_networks) |
| return; |
| |
| if (nl->priv->dump_source) |
| { |
| g_source_destroy (nl->priv->dump_source); |
| g_source_unref (nl->priv->dump_source); |
| } |
| |
| nl->priv->dump_source = g_timeout_source_new_seconds (1); |
| g_source_set_callback (nl->priv->dump_source, |
| (GSourceFunc) timeout_request_dump, nl, NULL); |
| g_source_attach (nl->priv->dump_source, nl->priv->context); |
| } |
| |
| static GInetAddressMask * |
| create_inet_address_mask (GSocketFamily family, |
| const guint8 *dest, |
| gsize dest_len) |
| { |
| GInetAddress *dest_addr; |
| GInetAddressMask *network; |
| |
| if (dest) |
| dest_addr = g_inet_address_new_from_bytes (dest, family); |
| else |
| dest_addr = g_inet_address_new_any (family); |
| network = g_inet_address_mask_new (dest_addr, dest_len, NULL); |
| g_object_unref (dest_addr); |
| |
| return network; |
| } |
| |
| static void |
| add_network (GNetworkMonitorNetlink *nl, |
| GSocketFamily family, |
| const guint8 *dest, |
| gsize dest_len) |
| { |
| GInetAddressMask *network = create_inet_address_mask (family, dest, dest_len); |
| g_return_if_fail (network != NULL); |
| |
| if (nl->priv->dump_networks) |
| g_ptr_array_add (nl->priv->dump_networks, g_object_ref (network)); |
| else |
| g_network_monitor_base_add_network (G_NETWORK_MONITOR_BASE (nl), network); |
| |
| g_object_unref (network); |
| } |
| |
| static void |
| remove_network (GNetworkMonitorNetlink *nl, |
| GSocketFamily family, |
| const guint8 *dest, |
| gsize dest_len) |
| { |
| GInetAddressMask *network = create_inet_address_mask (family, dest, dest_len); |
| g_return_if_fail (network != NULL); |
| |
| if (nl->priv->dump_networks) |
| { |
| GInetAddressMask **dump_networks = (GInetAddressMask **)nl->priv->dump_networks->pdata; |
| guint i; |
| |
| for (i = 0; i < nl->priv->dump_networks->len; i++) |
| { |
| if (g_inet_address_mask_equal (network, dump_networks[i])) |
| g_ptr_array_remove_index_fast (nl->priv->dump_networks, i--); |
| } |
| } |
| else |
| { |
| g_network_monitor_base_remove_network (G_NETWORK_MONITOR_BASE (nl), network); |
| } |
| |
| g_object_unref (network); |
| } |
| |
| static void |
| finish_dump (GNetworkMonitorNetlink *nl) |
| { |
| g_network_monitor_base_set_networks (G_NETWORK_MONITOR_BASE (nl), |
| (GInetAddressMask **)nl->priv->dump_networks->pdata, |
| nl->priv->dump_networks->len); |
| g_ptr_array_free (nl->priv->dump_networks, TRUE); |
| nl->priv->dump_networks = NULL; |
| } |
| |
| static gboolean |
| read_netlink_messages (GNetworkMonitorNetlink *nl, |
| GError **error) |
| { |
| GInputVector iv; |
| gssize len; |
| gint flags; |
| GError *local_error = NULL; |
| GSocketAddress *addr = NULL; |
| struct nlmsghdr *msg; |
| struct rtmsg *rtmsg; |
| struct rtattr *attr; |
| struct sockaddr_nl source_sockaddr; |
| gsize attrlen; |
| guint8 *dest, *gateway, *oif; |
| gboolean retval = TRUE; |
| |
| iv.buffer = NULL; |
| iv.size = 0; |
| |
| flags = MSG_PEEK | MSG_TRUNC; |
| len = g_socket_receive_message (nl->priv->sock, NULL, &iv, 1, |
| NULL, NULL, &flags, NULL, &local_error); |
| if (len < 0) |
| { |
| retval = FALSE; |
| goto done; |
| } |
| |
| iv.buffer = g_malloc (len); |
| iv.size = len; |
| len = g_socket_receive_message (nl->priv->sock, &addr, &iv, 1, |
| NULL, NULL, NULL, NULL, &local_error); |
| if (len < 0) |
| { |
| retval = FALSE; |
| goto done; |
| } |
| |
| if (!g_socket_address_to_native (addr, &source_sockaddr, sizeof (source_sockaddr), &local_error)) |
| { |
| retval = FALSE; |
| goto done; |
| } |
| |
| /* If the sender port id is 0 (not fakeable) then the message is from the kernel */ |
| if (source_sockaddr.nl_pid != 0) |
| goto done; |
| |
| msg = (struct nlmsghdr *) iv.buffer; |
| for (; len > 0; msg = NLMSG_NEXT (msg, len)) |
| { |
| if (!NLMSG_OK (msg, (size_t) len)) |
| { |
| g_set_error_literal (&local_error, |
| G_IO_ERROR, |
| G_IO_ERROR_PARTIAL_INPUT, |
| "netlink message was truncated; shouldn't happen..."); |
| retval = FALSE; |
| goto done; |
| } |
| |
| switch (msg->nlmsg_type) |
| { |
| case RTM_NEWROUTE: |
| case RTM_DELROUTE: |
| rtmsg = NLMSG_DATA (msg); |
| |
| if (rtmsg->rtm_family != AF_INET && rtmsg->rtm_family != AF_INET6) |
| continue; |
| if (rtmsg->rtm_type == RTN_UNREACHABLE) |
| continue; |
| |
| attrlen = NLMSG_PAYLOAD (msg, sizeof (struct rtmsg)); |
| attr = RTM_RTA (rtmsg); |
| dest = gateway = oif = NULL; |
| while (RTA_OK (attr, attrlen)) |
| { |
| if (attr->rta_type == RTA_DST) |
| dest = RTA_DATA (attr); |
| else if (attr->rta_type == RTA_GATEWAY) |
| gateway = RTA_DATA (attr); |
| else if (attr->rta_type == RTA_OIF) |
| oif = RTA_DATA (attr); |
| attr = RTA_NEXT (attr, attrlen); |
| } |
| |
| if (dest || gateway || oif) |
| { |
| /* Unless we're processing the results of a dump, ignore |
| * IPv6 link-local multicast routes, which are added and |
| * removed all the time for some reason. |
| */ |
| #define UNALIGNED_IN6_IS_ADDR_MC_LINKLOCAL(a) \ |
| ((a[0] == 0xff) && ((a[1] & 0xf) == 0x2)) |
| |
| if (!nl->priv->dump_networks && |
| rtmsg->rtm_family == AF_INET6 && |
| rtmsg->rtm_dst_len != 0 && |
| (dest && UNALIGNED_IN6_IS_ADDR_MC_LINKLOCAL (dest))) |
| continue; |
| |
| if (msg->nlmsg_type == RTM_NEWROUTE) |
| add_network (nl, rtmsg->rtm_family, dest, rtmsg->rtm_dst_len); |
| else |
| remove_network (nl, rtmsg->rtm_family, dest, rtmsg->rtm_dst_len); |
| queue_request_dump (nl); |
| } |
| break; |
| |
| case NLMSG_DONE: |
| finish_dump (nl); |
| goto done; |
| |
| case NLMSG_ERROR: |
| { |
| struct nlmsgerr *e = NLMSG_DATA (msg); |
| |
| g_set_error (&local_error, |
| G_IO_ERROR, |
| g_io_error_from_errno (-e->error), |
| "netlink error: %s", |
| g_strerror (-e->error)); |
| } |
| retval = FALSE; |
| goto done; |
| |
| default: |
| g_set_error (&local_error, |
| G_IO_ERROR, |
| G_IO_ERROR_INVALID_DATA, |
| "unexpected netlink message %d", |
| msg->nlmsg_type); |
| retval = FALSE; |
| goto done; |
| } |
| } |
| |
| done: |
| g_free (iv.buffer); |
| g_clear_object (&addr); |
| |
| if (!retval && nl->priv->dump_networks) |
| finish_dump (nl); |
| |
| if (local_error) |
| g_propagate_prefixed_error (error, local_error, "Error on netlink socket: "); |
| |
| return retval; |
| } |
| |
| static void |
| g_network_monitor_netlink_finalize (GObject *object) |
| { |
| GNetworkMonitorNetlink *nl = G_NETWORK_MONITOR_NETLINK (object); |
| |
| if (nl->priv->source) |
| { |
| g_source_destroy (nl->priv->source); |
| g_source_unref (nl->priv->source); |
| } |
| |
| if (nl->priv->dump_source) |
| { |
| g_source_destroy (nl->priv->dump_source); |
| g_source_unref (nl->priv->dump_source); |
| } |
| |
| if (nl->priv->sock) |
| { |
| g_socket_close (nl->priv->sock, NULL); |
| g_object_unref (nl->priv->sock); |
| } |
| |
| g_clear_pointer (&nl->priv->context, g_main_context_unref); |
| g_clear_pointer (&nl->priv->dump_networks, g_ptr_array_unref); |
| |
| G_OBJECT_CLASS (g_network_monitor_netlink_parent_class)->finalize (object); |
| } |
| |
| static gboolean |
| read_netlink_messages_callback (GSocket *socket, |
| GIOCondition condition, |
| gpointer user_data) |
| { |
| GError *error = NULL; |
| GNetworkMonitorNetlink *nl = G_NETWORK_MONITOR_NETLINK (user_data); |
| |
| if (!read_netlink_messages (nl, &error)) |
| { |
| g_warning ("Error reading netlink message: %s", error->message); |
| g_clear_error (&error); |
| return FALSE; |
| } |
| |
| return TRUE; |
| } |
| |
| static void |
| g_network_monitor_netlink_class_init (GNetworkMonitorNetlinkClass *nl_class) |
| { |
| GObjectClass *gobject_class = G_OBJECT_CLASS (nl_class); |
| |
| gobject_class->finalize = g_network_monitor_netlink_finalize; |
| } |
| |
| static void |
| g_network_monitor_netlink_iface_init (GNetworkMonitorInterface *monitor_iface) |
| { |
| } |
| |
| static void |
| g_network_monitor_netlink_initable_iface_init (GInitableIface *iface) |
| { |
| initable_parent_iface = g_type_interface_peek_parent (iface); |
| |
| iface->init = g_network_monitor_netlink_initable_init; |
| } |