[PATCH v3 net-next 1/4] rtnetlink: enable alt_ifname for setlink/newlink

[PATCH v3 net-next 1/4] rtnetlink: enable alt_ifname for setlink/newlink

[Florent Fourcot]

buffer called "ifname" given in function rtnl_dev_get
is always valid when called by setlink/newlink,
but contains only empty string when IFLA_IFNAME is not given. So
IFLA_ALT_IFNAME is always ignored

This patch fixes rtnl_dev_get function with a remove of ifname argument,
and move ifname copy in do_setlink when required.

It extends feature of commit 76c9ac0ee878,
"net: rtnetlink: add possibility to use alternative names as message
handle""

Changes in v2:
 * Remove ifname argument in rtnl_dev_get/do_setlink
   functions (simplify code)

Changes in v3:
 * Simplify rtnl_dev_get signature

CC: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>
---
 net/core/rtnetlink.c | 69 +++++++++++++++++++-------------------------
 1 file changed, 29 insertions(+), 40 deletions(-)

diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 159c9c61e6af..6a5764745288 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -2607,17 +2607,23 @@ static int do_set_proto_down(struct net_device *dev,
 static int do_setlink(const struct sk_buff *skb,
 		      struct net_device *dev, struct ifinfomsg *ifm,
 		      struct netlink_ext_ack *extack,
-		      struct nlattr **tb, char *ifname, int status)
+		      struct nlattr **tb, int status)
 {
 	const struct net_device_ops *ops = dev->netdev_ops;
+	char ifname[IFNAMSIZ];
 	int err;
 
 	err = validate_linkmsg(dev, tb, extack);
 	if (err < 0)
 		return err;
 
+	if (tb[IFLA_IFNAME])
+		nla_strscpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
+	else
+		ifname[0] = '\0';
+
 	if (tb[IFLA_NET_NS_PID] || tb[IFLA_NET_NS_FD] || tb[IFLA_TARGET_NETNSID]) {
-		const char *pat = ifname && ifname[0] ? ifname : NULL;
+		const char *pat = ifname[0] ? ifname : NULL;
 		struct net *net;
 		int new_ifindex;
 
@@ -2973,21 +2979,16 @@ static int do_setlink(const struct sk_buff *skb,
 }
 
 static struct net_device *rtnl_dev_get(struct net *net,
-				       struct nlattr *ifname_attr,
-				       struct nlattr *altifname_attr,
-				       char *ifname)
-{
-	char buffer[ALTIFNAMSIZ];
-
-	if (!ifname) {
-		ifname = buffer;
-		if (ifname_attr)
-			nla_strscpy(ifname, ifname_attr, IFNAMSIZ);
-		else if (altifname_attr)
-			nla_strscpy(ifname, altifname_attr, ALTIFNAMSIZ);
-		else
-			return NULL;
-	}
+				       struct nlattr *tb[])
+{
+	char ifname[ALTIFNAMSIZ];
+
+	if (tb[IFLA_IFNAME])
+		nla_strscpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
+	else if (tb[IFLA_ALT_IFNAME])
+		nla_strscpy(ifname, tb[IFLA_ALT_IFNAME], ALTIFNAMSIZ);
+	else
+		return NULL;
 
 	return __dev_get_by_name(net, ifname);
 }
@@ -3000,7 +3001,6 @@ static int rtnl_setlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	struct net_device *dev;
 	int err;
 	struct nlattr *tb[IFLA_MAX+1];
-	char ifname[IFNAMSIZ];
 
 	err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFLA_MAX,
 				     ifla_policy, extack);
@@ -3011,17 +3011,12 @@ static int rtnl_setlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	if (err < 0)
 		goto errout;
 
-	if (tb[IFLA_IFNAME])
-		nla_strscpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
-	else
-		ifname[0] = '\0';
-
 	err = -EINVAL;
 	ifm = nlmsg_data(nlh);
 	if (ifm->ifi_index > 0)
 		dev = __dev_get_by_index(net, ifm->ifi_index);
 	else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME])
-		dev = rtnl_dev_get(net, NULL, tb[IFLA_ALT_IFNAME], ifname);
+		dev = rtnl_dev_get(net, tb);
 	else
 		goto errout;
 
@@ -3030,7 +3025,7 @@ static int rtnl_setlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 		goto errout;
 	}
 
-	err = do_setlink(skb, dev, ifm, extack, tb, ifname, 0);
+	err = do_setlink(skb, dev, ifm, extack, tb, 0);
 errout:
 	return err;
 }
@@ -3119,8 +3114,7 @@ static int rtnl_dellink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	if (ifm->ifi_index > 0)
 		dev = __dev_get_by_index(tgt_net, ifm->ifi_index);
 	else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME])
-		dev = rtnl_dev_get(net, tb[IFLA_IFNAME],
-				   tb[IFLA_ALT_IFNAME], NULL);
+		dev = rtnl_dev_get(net, tb);
 	else if (tb[IFLA_GROUP])
 		err = rtnl_group_dellink(tgt_net, nla_get_u32(tb[IFLA_GROUP]));
 	else
@@ -3262,7 +3256,7 @@ static int rtnl_group_changelink(const struct sk_buff *skb,
 
 	for_each_netdev_safe(net, dev, aux) {
 		if (dev->group == group) {
-			err = do_setlink(skb, dev, ifm, extack, tb, NULL, 0);
+			err = do_setlink(skb, dev, ifm, extack, tb, 0);
 			if (err < 0)
 				return err;
 		}
@@ -3303,16 +3297,11 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	if (err < 0)
 		return err;
 
-	if (tb[IFLA_IFNAME])
-		nla_strscpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
-	else
-		ifname[0] = '\0';
-
 	ifm = nlmsg_data(nlh);
 	if (ifm->ifi_index > 0)
 		dev = __dev_get_by_index(net, ifm->ifi_index);
 	else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME])
-		dev = rtnl_dev_get(net, NULL, tb[IFLA_ALT_IFNAME], ifname);
+		dev = rtnl_dev_get(net, tb);
 	else
 		dev = NULL;
 
@@ -3413,7 +3402,7 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 			status |= DO_SETLINK_NOTIFY;
 		}
 
-		return do_setlink(skb, dev, ifm, extack, tb, ifname, status);
+		return do_setlink(skb, dev, ifm, extack, tb, status);
 	}
 
 	if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
@@ -3445,7 +3434,9 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	if (!ops->alloc && !ops->setup)
 		return -EOPNOTSUPP;
 
-	if (!ifname[0]) {
+	if (tb[IFLA_IFNAME]) {
+		nla_strscpy(ifname, tb[IFLA_IFNAME], IFNAMSIZ);
+	} else {
 		snprintf(ifname, IFNAMSIZ, "%s%%d", ops->kind);
 		name_assign_type = NET_NAME_ENUM;
 	}
@@ -3617,8 +3608,7 @@ static int rtnl_getlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	if (ifm->ifi_index > 0)
 		dev = __dev_get_by_index(tgt_net, ifm->ifi_index);
 	else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME])
-		dev = rtnl_dev_get(tgt_net, tb[IFLA_IFNAME],
-				   tb[IFLA_ALT_IFNAME], NULL);
+		dev = rtnl_dev_get(tgt_net, tb);
 	else
 		goto out;
 
@@ -3713,8 +3703,7 @@ static int rtnl_linkprop(int cmd, struct sk_buff *skb, struct nlmsghdr *nlh,
 	if (ifm->ifi_index > 0)
 		dev = __dev_get_by_index(net, ifm->ifi_index);
 	else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME])
-		dev = rtnl_dev_get(net, tb[IFLA_IFNAME],
-				   tb[IFLA_ALT_IFNAME], NULL);
+		dev = rtnl_dev_get(net, tb);
 	else
 		return -EINVAL;
 
-- 
2.30.2

[PATCH v3 net-next 2/4] rtnetlink: return ENODEV when IFLA_ALT_IFNAME is used in dellink

[Florent Fourcot]

If IFLA_ALT_IFNAME is set and given interface is not found,
we should return ENODEV and be consistent with IFLA_IFNAME
behaviour
This commit extends feature of commit 76c9ac0ee878,
"net: rtnetlink: add possibility to use alternative names as message handle"

CC: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>
---
 net/core/rtnetlink.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 6a5764745288..33dbeed7e531 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -3121,7 +3121,7 @@ static int rtnl_dellink(struct sk_buff *skb, struct nlmsghdr *nlh,
 		goto out;
 
 	if (!dev) {
-		if (tb[IFLA_IFNAME] || ifm->ifi_index > 0)
+		if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME] || ifm->ifi_index > 0)
 			err = -ENODEV;
 
 		goto out;
-- 
2.30.2

[PATCH v3 net-next 3/4] rtnetlink: return ENODEV when ifname does not exist and group is given

[Florent Fourcot]

When the interface does not exist, and a group is given, the given
parameters are being set to all interfaces of the given group. The given
IFNAME/ALT_IF_NAME are being ignored in that case.

That can be dangerous since a typo (or a deleted interface) can produce
weird side effects for caller:

Case 1:

 IFLA_IFNAME=valid_interface
 IFLA_GROUP=1
 MTU=1234

Case 1 will update MTU and group of the given interface "valid_interface".

Case 2:

 IFLA_IFNAME=doesnotexist
 IFLA_GROUP=1
 MTU=1234

Case 2 will update MTU of all interfaces in group 1. IFLA_IFNAME is
ignored in this case

This behaviour is not consistent and dangerous. In order to fix this issue,
we now return ENODEV when the given IFNAME does not exist.

Changes in v3:
  * Use a boolean to have condition duplication

Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>
---
 net/core/rtnetlink.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 33dbeed7e531..e93f4058cf08 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -3279,6 +3279,7 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	struct net *dest_net, *link_net;
 	struct nlattr **slave_data;
 	char kind[MODULE_NAME_LEN];
+	bool link_lookup = false;
 	struct net_device *dev;
 	struct ifinfomsg *ifm;
 	char ifname[IFNAMSIZ];
@@ -3298,12 +3299,15 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 		return err;
 
 	ifm = nlmsg_data(nlh);
-	if (ifm->ifi_index > 0)
+	if (ifm->ifi_index > 0) {
+		link_lookup = true;
 		dev = __dev_get_by_index(net, ifm->ifi_index);
-	else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME])
+	} else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME]) {
+		link_lookup = true;
 		dev = rtnl_dev_get(net, tb);
-	else
+	} else {
 		dev = NULL;
+	}
 
 	master_dev = NULL;
 	m_ops = NULL;
@@ -3405,8 +3409,14 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 		return do_setlink(skb, dev, ifm, extack, tb, status);
 	}
 
+
 	if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
-		if (ifm->ifi_index == 0 && tb[IFLA_GROUP])
+		/* No dev found and NLM_F_CREATE not set. Requested dev does not exist,
+		 * or it's for a group
+		*/
+		if (link_lookup)
+			return -ENODEV;
+		if (tb[IFLA_GROUP])
 			return rtnl_group_changelink(skb, net,
 						nla_get_u32(tb[IFLA_GROUP]),
 						ifm, extack, tb);
-- 
2.30.2

Re: [PATCH v3 net-next 3/4] rtnetlink: return ENODEV when ifname does not exist and group is given

[Jakub Kicinski]

On Tue,  5 Apr 2022 15:42:36 +0200 Florent Fourcot wrote:
> Changes in v3:
>   * Use a boolean to have condition duplication
> 
> Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
> Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>
> ---
>  net/core/rtnetlink.c | 18 ++++++++++++++----
>  1 file changed, 14 insertions(+), 4 deletions(-)
> 
> diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> index 33dbeed7e531..e93f4058cf08 100644
> --- a/net/core/rtnetlink.c
> +++ b/net/core/rtnetlink.c
> @@ -3279,6 +3279,7 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
>  	struct net *dest_net, *link_net;
>  	struct nlattr **slave_data;
>  	char kind[MODULE_NAME_LEN];
> +	bool link_lookup = false;

link_specified ? Somehow link_lookup does not speak to me.

>  	struct net_device *dev;
>  	struct ifinfomsg *ifm;
>  	char ifname[IFNAMSIZ];
> @@ -3298,12 +3299,15 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
>  		return err;
>  
>  	ifm = nlmsg_data(nlh);
> -	if (ifm->ifi_index > 0)
> +	if (ifm->ifi_index > 0) {
> +		link_lookup = true;
>  		dev = __dev_get_by_index(net, ifm->ifi_index);
> -	else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME])
> +	} else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME]) {
> +		link_lookup = true;
>  		dev = rtnl_dev_get(net, tb);
> -	else
> +	} else {
>  		dev = NULL;

maybe set it to false here and don't do the initialization.
It doesn't matter in practice but the function has a "retry"
goto which skips the init.

> +	}
>  
>  	master_dev = NULL;
>  	m_ops = NULL;
> @@ -3405,8 +3409,14 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
>  		return do_setlink(skb, dev, ifm, extack, tb, status);
>  	}
>  
> +

spurious new line

>  	if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
> -		if (ifm->ifi_index == 0 && tb[IFLA_GROUP])
> +		/* No dev found and NLM_F_CREATE not set. Requested dev does not exist,
> +		 * or it's for a group
> +		*/
> +		if (link_lookup)
> +			return -ENODEV;
> +		if (tb[IFLA_GROUP])

[PATCH v3 net-next 4/4] rtnetlink: return EINVAL when request cannot succeed

[Florent Fourcot]

A request without interface name/interface index/interface group cannot
work. We should return EINVAL

Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>
---
 net/core/rtnetlink.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index e93f4058cf08..690324479cf5 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -3420,7 +3420,7 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 			return rtnl_group_changelink(skb, net,
 						nla_get_u32(tb[IFLA_GROUP]),
 						ifm, extack, tb);
-		return -ENODEV;
+		return -EINVAL;
 	}
 
 	if (tb[IFLA_MAP] || tb[IFLA_PROTINFO])
-- 
2.30.2

Re: [PATCH v3 net-next 4/4] rtnetlink: return EINVAL when request cannot succeed

[Saeed Mahameed]

On 05 Apr 15:42, Florent Fourcot wrote:
>A request without interface name/interface index/interface group cannot
>work. We should return EINVAL
>
>Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
>Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>
>---
> net/core/rtnetlink.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
>index e93f4058cf08..690324479cf5 100644
>--- a/net/core/rtnetlink.c
>+++ b/net/core/rtnetlink.c
>@@ -3420,7 +3420,7 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
> 			return rtnl_group_changelink(skb, net,
> 						nla_get_u32(tb[IFLA_GROUP]),
> 						ifm, extack, tb);
>-		return -ENODEV;
>+		return -EINVAL;
> 	}

This introduced a regression iproute2->iplink_have_newlink() checks this
return value to determine if newlink is supported by kernel, if the
returned value is -EINVAL iproute2 falls back to ioctl mode, any value
other than -EINVAL or -EOPNOTSUPP should be ok here to not break compatibility
with iproute2.

Re: [PATCH v3 net-next 4/4] rtnetlink: return EINVAL when request cannot succeed

[Eric Dumazet]

On Thu, Apr 21, 2022 at 8:50 PM Saeed Mahameed <saeed@kernel.org> wrote:
>
> On 05 Apr 15:42, Florent Fourcot wrote:
> >A request without interface name/interface index/interface group cannot
> >work. We should return EINVAL
> >
> >Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
> >Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>
> >---
> > net/core/rtnetlink.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> >diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> >index e93f4058cf08..690324479cf5 100644
> >--- a/net/core/rtnetlink.c
> >+++ b/net/core/rtnetlink.c
> >@@ -3420,7 +3420,7 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
> >                       return rtnl_group_changelink(skb, net,
> >                                               nla_get_u32(tb[IFLA_GROUP]),
> >                                               ifm, extack, tb);
> >-              return -ENODEV;
> >+              return -EINVAL;
> >       }
>
> This introduced a regression iproute2->iplink_have_newlink() checks this
> return value to determine if newlink is supported by kernel, if the
> returned value is -EINVAL iproute2 falls back to ioctl mode, any value
> other than -EINVAL or -EOPNOTSUPP should be ok here to not break compatibility
> with iproute2.
>

Yep, but apparently network maintainers are MIA

https://patchwork.kernel.org/project/netdevbpf/patch/20220419125151.15589-1-florent.fourcot@wifirst.fr/

Re: [PATCH v3 net-next 1/4] rtnetlink: enable alt_ifname for setlink/newlink

[Jakub Kicinski]

On Tue,  5 Apr 2022 15:42:34 +0200 Florent Fourcot wrote:
> buffer called "ifname" given in function rtnl_dev_get
> is always valid when called by setlink/newlink,
> but contains only empty string when IFLA_IFNAME is not given. So
> IFLA_ALT_IFNAME is always ignored
> 
> This patch fixes rtnl_dev_get function with a remove of ifname argument,
> and move ifname copy in do_setlink when required.
> 
> It extends feature of commit 76c9ac0ee878,
> "net: rtnetlink: add possibility to use alternative names as message
> handle""
> 
> Changes in v2:
>  * Remove ifname argument in rtnl_dev_get/do_setlink
>    functions (simplify code)
> 
> Changes in v3:
>  * Simplify rtnl_dev_get signature
> 
> CC: Jiri Pirko <jiri@mellanox.com>
> Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
> Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>

This patch needs to be after patch 3, AFAICT. Otherwise someone running
a bisection and landing in between the two will have a buggy build.

Please provide a cover letter for the series, now that it's 4 patches.

Re: [PATCH v3 net-next 1/4] rtnetlink: enable alt_ifname for setlink/newlink

[Florent Fourcot]

Hello,

> 
> This patch needs to be after patch 3, AFAICT. Otherwise someone running
> a bisection and landing in between the two will have a buggy build.
> 

I double checked and this patch compiles perfectly fine when applied 
first, at least with my .config.
Could you be more specific on what I'm missing?

> Please provide a cover letter for the series, now that it's 4 patches.

Thank you, done. I made a typo on it (v3 instead of v4) so do not 
hesitate to tell me if I should resubmit again.

Best regards,

-- 
Florent.

Re: [PATCH v3 net-next 1/4] rtnetlink: enable alt_ifname for setlink/newlink

[Jakub Kicinski]

On Thu, 7 Apr 2022 14:34:33 +0200 Florent Fourcot wrote:
> > This patch needs to be after patch 3, AFAICT. Otherwise someone running
> > a bisection and landing in between the two will have a buggy build.
> 
> I double checked and this patch compiles perfectly fine when applied 
> first, at least with my .config.
> Could you be more specific on what I'm missing?

rtnl_group_changelink() was passing NULL as ifname, but with just 
this patch applied we'll start using tb[IFLA_IFNAME] directly. 

It's better to have your patch which rejects group settings with
tb[IFLA_IFNAME] first, to avoid changing the group + IFLA_IFNAME
behavior subtly multiple times.

[PATCH v3 net-next 0/4] rtnetlink: improve ALT_IFNAME config and fix dangerous GROUP usage

[Florent Fourcot]

The primary goal of this patchset is to fix/improve IFLA_ALT_IFNAME
attribute, since previous code was never working for newlink/setlink.
ip-link command is probably getting interface index before, and was not
using this feature.

Third commit forbids dangerous calls when both IFNAME and GROUP are
given, since it can introduce unexpected behaviour when IFNAME does not
match any interface.

Changes in v2:
  * Remove ifname argument in rtnl_dev_get/do_setlink
    functions (simplify code)
  * Use a boolean to avoid condition duplication in __rtnl_newlink

Changes in v3:
  * Simplify rtnl_dev_get signature

Changes in v4:
  * Rename link_lookup to link_specified


Florent Fourcot (4):
  rtnetlink: enable alt_ifname for setlink/newlink
  rtnetlink: return ENODEV when IFLA_ALT_IFNAME is used in dellink
  rtnetlink: return ENODEV when ifname does not exist and group is given
  rtnetlink: return EINVAL when request cannot succeed

 net/core/rtnetlink.c | 91 ++++++++++++++++++++++----------------------
 1 file changed, 45 insertions(+), 46 deletions(-)

-- 
2.30.2

[PATCH v3 net-next 3/4] rtnetlink: return ENODEV when ifname does not exist and group is given

[Florent Fourcot]

When the interface does not exist, and a group is given, the given
parameters are being set to all interfaces of the given group. The given
IFNAME/ALT_IF_NAME are being ignored in that case.

That can be dangerous since a typo (or a deleted interface) can produce
weird side effects for caller:

Case 1:

 IFLA_IFNAME=valid_interface
 IFLA_GROUP=1
 MTU=1234

Case 1 will update MTU and group of the given interface "valid_interface".

Case 2:

 IFLA_IFNAME=doesnotexist
 IFLA_GROUP=1
 MTU=1234

Case 2 will update MTU of all interfaces in group 1. IFLA_IFNAME is
ignored in this case

This behaviour is not consistent and dangerous. In order to fix this issue,
we now return ENODEV when the given IFNAME does not exist.

Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr>
Signed-off-by: Brian Baboch <brian.baboch@wifirst.fr>
---
 net/core/rtnetlink.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 33dbeed7e531..d2164bc635d3 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -3283,6 +3283,7 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	struct ifinfomsg *ifm;
 	char ifname[IFNAMSIZ];
 	struct nlattr **data;
+	bool link_specified;
 	int err;
 
 #ifdef CONFIG_MODULES
@@ -3298,12 +3299,16 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 		return err;
 
 	ifm = nlmsg_data(nlh);
-	if (ifm->ifi_index > 0)
+	if (ifm->ifi_index > 0) {
+		link_specified = true;
 		dev = __dev_get_by_index(net, ifm->ifi_index);
-	else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME])
+	} else if (tb[IFLA_IFNAME] || tb[IFLA_ALT_IFNAME]) {
+		link_specified = true;
 		dev = rtnl_dev_get(net, tb);
-	else
+	} else {
+		link_specified = false;
 		dev = NULL;
+	}
 
 	master_dev = NULL;
 	m_ops = NULL;
@@ -3406,7 +3411,12 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
 	}
 
 	if (!(nlh->nlmsg_flags & NLM_F_CREATE)) {
-		if (ifm->ifi_index == 0 && tb[IFLA_GROUP])
+		/* No dev found and NLM_F_CREATE not set. Requested dev does not exist,
+		 * or it's for a group
+		*/
+		if (link_specified)
+			return -ENODEV;
+		if (tb[IFLA_GROUP])
 			return rtnl_group_changelink(skb, net,
 						nla_get_u32(tb[IFLA_GROUP]),
 						ifm, extack, tb);
-- 
2.30.2