42 #include <netlink-private/netlink.h> 43 #include <netlink/netlink.h> 44 #include <netlink/cache.h> 45 #include <netlink/object.h> 46 #include <netlink/xfrm/selector.h> 47 #include <netlink/xfrm/lifetime.h> 48 #include <netlink/xfrm/template.h> 49 #include <netlink/xfrm/sp.h> 52 #define XFRM_SP_ATTR_SEL 0x01 53 #define XFRM_SP_ATTR_LTIME_CFG 0x02 54 #define XFRM_SP_ATTR_LTIME_CUR 0x04 55 #define XFRM_SP_ATTR_PRIO 0x08 56 #define XFRM_SP_ATTR_INDEX 0x10 57 #define XFRM_SP_ATTR_DIR 0x20 58 #define XFRM_SP_ATTR_ACTION 0x40 59 #define XFRM_SP_ATTR_FLAGS 0x80 60 #define XFRM_SP_ATTR_SHARE 0x100 61 #define XFRM_SP_ATTR_POLTYPE 0x200 62 #define XFRM_SP_ATTR_SECCTX 0x400 63 #define XFRM_SP_ATTR_TMPL 0x800 64 #define XFRM_SP_ATTR_MARK 0x1000 66 static struct nl_cache_ops xfrmnl_sp_ops;
67 static struct nl_object_ops xfrm_sp_obj_ops;
70 static void xfrm_sp_alloc_data(
struct nl_object *c)
72 struct xfrmnl_sp* sp = nl_object_priv (c);
80 nl_init_list_head(&sp->usertmpl_list);
85 static void xfrm_sp_free_data(
struct nl_object *c)
87 struct xfrmnl_sp* sp = nl_object_priv (c);
88 struct xfrmnl_user_tmpl *utmpl, *tmp;
93 xfrmnl_sel_put (sp->sel);
94 xfrmnl_ltime_cfg_put (sp->lft);
101 nl_list_for_each_entry_safe(utmpl, tmp, &sp->usertmpl_list, utmpl_list) {
102 xfrmnl_sp_remove_usertemplate (sp, utmpl);
103 xfrmnl_user_tmpl_free (utmpl);
107 static int xfrm_sp_clone(
struct nl_object *_dst,
struct nl_object *_src)
109 struct xfrmnl_sp* dst = nl_object_priv(_dst);
110 struct xfrmnl_sp* src = nl_object_priv(_src);
112 struct xfrmnl_user_tmpl *utmpl, *
new;
124 len =
sizeof (
struct xfrmnl_user_sec_ctx) + src->sec_ctx->ctx_len;
125 if ((dst->sec_ctx = calloc (1, len)) == NULL)
127 memcpy ((
void *)dst->sec_ctx, (
void *)src->sec_ctx, len);
130 nl_init_list_head(&dst->usertmpl_list);
131 nl_list_for_each_entry(utmpl, &src->usertmpl_list, utmpl_list) {
136 xfrmnl_sp_add_usertemplate(dst,
new);
142 static uint64_t xfrm_sp_compare(
struct nl_object *_a,
struct nl_object *_b,
143 uint64_t attrs,
int flags)
145 struct xfrmnl_sp* a = (
struct xfrmnl_sp *) _a;
146 struct xfrmnl_sp* b = (
struct xfrmnl_sp *) _b;
147 struct xfrmnl_user_tmpl *tmpl_a, *tmpl_b;
150 #define XFRM_SP_DIFF(ATTR, EXPR) ATTR_DIFF(attrs, XFRM_SP_ATTR_##ATTR, a, b, EXPR) 153 diff |= XFRM_SP_DIFF(PRIO, a->priority != b->priority);
154 diff |= XFRM_SP_DIFF(INDEX, a->index != b->index);
155 diff |= XFRM_SP_DIFF(DIR, a->dir != b->dir);
156 diff |= XFRM_SP_DIFF(ACTION, a->action != b->action);
157 diff |= XFRM_SP_DIFF(FLAGS, a->flags != b->flags);
158 diff |= XFRM_SP_DIFF(SHARE, a->share != b->share);
159 diff |= XFRM_SP_DIFF(SECCTX,((a->sec_ctx->len != b->sec_ctx->len) ||
160 (a->sec_ctx->exttype != b->sec_ctx->exttype) ||
161 (a->sec_ctx->ctx_alg != b->sec_ctx->ctx_alg) ||
162 (a->sec_ctx->ctx_doi != b->sec_ctx->ctx_doi) ||
163 (a->sec_ctx->ctx_len != b->sec_ctx->ctx_len) ||
164 strcmp(a->sec_ctx->ctx, b->sec_ctx->ctx)));
165 diff |= XFRM_SP_DIFF(POLTYPE,(a->uptype.type != b->uptype.type));
166 diff |= XFRM_SP_DIFF(TMPL,(a->nr_user_tmpl != b->nr_user_tmpl));
167 diff |= XFRM_SP_DIFF(MARK,(a->mark.m != b->mark.m) ||
168 (a->mark.v != b->mark.v));
171 nl_list_for_each_entry(tmpl_b, &b->usertmpl_list, utmpl_list)
172 nl_list_for_each_entry(tmpl_a, &a->usertmpl_list, utmpl_list)
183 static const struct trans_tbl sp_attrs[] = {
184 __ADD(XFRM_SP_ATTR_SEL, selector),
185 __ADD(XFRM_SP_ATTR_LTIME_CFG, lifetime_cfg),
186 __ADD(XFRM_SP_ATTR_LTIME_CUR, lifetime_cur),
187 __ADD(XFRM_SP_ATTR_PRIO, priority),
188 __ADD(XFRM_SP_ATTR_INDEX, index),
189 __ADD(XFRM_SP_ATTR_DIR, direction),
190 __ADD(XFRM_SP_ATTR_ACTION, action),
191 __ADD(XFRM_SP_ATTR_FLAGS, flags),
192 __ADD(XFRM_SP_ATTR_SHARE, share),
193 __ADD(XFRM_SP_ATTR_POLTYPE, policy_type),
194 __ADD(XFRM_SP_ATTR_SECCTX, security_context),
195 __ADD(XFRM_SP_ATTR_TMPL, user_template),
196 __ADD(XFRM_SP_ATTR_MARK, mark),
199 static char* xfrm_sp_attrs2str(
int attrs,
char *buf,
size_t len)
201 return __flags2str (attrs, buf, len, sp_attrs, ARRAY_SIZE(sp_attrs));
209 static const struct trans_tbl sa_actions[] = {
210 __ADD(XFRM_POLICY_ALLOW, allow),
211 __ADD(XFRM_POLICY_BLOCK, block),
214 char* xfrmnl_sp_action2str(
int action,
char *buf,
size_t len)
216 return __type2str (action, buf, len, sa_actions, ARRAY_SIZE(sa_actions));
219 int xfrmnl_sp_str2action(
const char *name)
221 return __str2type (name, sa_actions, ARRAY_SIZE(sa_actions));
229 static const struct trans_tbl sp_flags[] = {
230 __ADD(XFRM_POLICY_LOCALOK, allow policy
override by user),
231 __ADD(XFRM_POLICY_ICMP,
auto include ICMP in policy),
234 char* xfrmnl_sp_flags2str(
int flags,
char *buf,
size_t len)
236 return __flags2str (flags, buf, len, sp_flags, ARRAY_SIZE(sp_flags));
239 int xfrmnl_sp_str2flag(
const char *name)
241 return __str2flags(name, sp_flags, ARRAY_SIZE(sp_flags));
249 static const struct trans_tbl sp_types[] = {
250 __ADD(XFRM_POLICY_TYPE_MAIN, main),
251 __ADD(XFRM_POLICY_TYPE_SUB, sub),
252 __ADD(XFRM_POLICY_TYPE_MAX, max),
253 __ADD(XFRM_POLICY_TYPE_ANY, any),
256 char* xfrmnl_sp_type2str(
int type,
char *buf,
size_t len)
258 return __type2str(type, buf, len, sp_types, ARRAY_SIZE(sp_types));
261 int xfrmnl_sp_str2type(
const char *name)
263 return __str2type(name, sp_types, ARRAY_SIZE(sp_types));
271 static const struct trans_tbl sp_dir[] = {
272 __ADD(XFRM_POLICY_IN, in),
273 __ADD(XFRM_POLICY_OUT, out),
274 __ADD(XFRM_POLICY_FWD, fwd),
275 __ADD(XFRM_POLICY_MASK, mask),
278 char* xfrmnl_sp_dir2str(
int dir,
char *buf,
size_t len)
280 return __type2str (dir, buf, len, sp_dir, ARRAY_SIZE(sp_dir));
283 int xfrmnl_sp_str2dir(
const char *name)
285 return __str2type (name, sp_dir, ARRAY_SIZE(sp_dir));
288 int xfrmnl_sp_index2dir (
unsigned int index)
298 static const struct trans_tbl sp_share[] = {
299 __ADD(XFRM_SHARE_ANY, any),
300 __ADD(XFRM_SHARE_SESSION, session),
301 __ADD(XFRM_SHARE_USER, user),
302 __ADD(XFRM_SHARE_UNIQUE, unique),
305 char* xfrmnl_sp_share2str(
int share,
char *buf,
size_t len)
307 return __type2str (share, buf, len, sp_share, ARRAY_SIZE(sp_share));
310 int xfrmnl_sp_str2share(
const char *name)
312 return __str2type (name, sp_share, ARRAY_SIZE(sp_share));
316 static void xfrm_sp_dump_line(
struct nl_object *a,
struct nl_dump_params *p)
318 struct xfrmnl_sp* sp = (
struct xfrmnl_sp *) a;
319 char dir[32], action[32], share[32], flags[32];
320 char dst[INET6_ADDRSTRLEN+5], src[INET6_ADDRSTRLEN+5];
321 time_t add_time, use_time;
322 struct tm *add_time_tm, *use_time_tm;
324 nl_addr2str(xfrmnl_sel_get_saddr (sp->sel), src,
sizeof(src));
325 nl_addr2str (xfrmnl_sel_get_daddr (sp->sel), dst, sizeof (dst));
326 nl_af2str (xfrmnl_sel_get_family (sp->sel), dir, 32);
327 nl_dump_line(p,
"src %s dst %s family: %s\n", src, dst, dir);
328 nl_dump_line (p,
"src port/mask: %d/%d dst port/mask: %d/%d\n",
329 xfrmnl_sel_get_dport (sp->sel), xfrmnl_sel_get_dportmask (sp->sel),
330 xfrmnl_sel_get_sport (sp->sel), xfrmnl_sel_get_sportmask (sp->sel));
331 nl_dump_line (p,
"protocol: %s ifindex: %u uid: %u\n",
332 nl_ip_proto2str (xfrmnl_sel_get_proto (sp->sel), dir,
sizeof(dir)),
333 xfrmnl_sel_get_ifindex (sp->sel),
334 xfrmnl_sel_get_userid (sp->sel));
336 xfrmnl_sp_dir2str (sp->dir, dir, 32);
337 xfrmnl_sp_action2str (sp->action, action, 32);
338 xfrmnl_sp_share2str (sp->share, share, 32);
339 xfrmnl_sp_flags2str (sp->flags, flags, 32);
340 nl_dump_line(p,
"\tdir: %s action: %s index: %u priority: %u share: %s flags: %s(0x%x) \n",
341 dir, action, sp->index, sp->priority, share, flags, sp->flags);
343 nl_dump_line(p,
"\tlifetime configuration: \n");
344 if (sp->lft->soft_byte_limit == XFRM_INF)
345 sprintf (dir,
"INF");
347 sprintf (dir,
"%" PRIu64, sp->lft->soft_byte_limit);
348 if (sp->lft->soft_packet_limit == XFRM_INF)
349 sprintf (action,
"INF");
351 sprintf (action,
"%" PRIu64, sp->lft->soft_packet_limit);
352 if (sp->lft->hard_byte_limit == XFRM_INF)
353 sprintf (flags,
"INF");
355 sprintf (flags,
"%" PRIu64, sp->lft->hard_byte_limit);
356 if (sp->lft->hard_packet_limit == XFRM_INF)
357 sprintf (share,
"INF");
359 sprintf (share,
"%" PRIu64, sp->lft->hard_packet_limit);
360 nl_dump_line(p,
"\t\tsoft limit: %s (bytes), %s (packets) \n", dir, action);
361 nl_dump_line(p,
"\t\thard limit: %s (bytes), %s (packets) \n", flags, share);
362 nl_dump_line(p,
"\t\tsoft add_time: %llu (seconds), soft use_time: %llu (seconds) \n",
363 sp->lft->soft_add_expires_seconds, sp->lft->soft_use_expires_seconds);
364 nl_dump_line(p,
"\t\thard add_time: %llu (seconds), hard use_time: %llu (seconds) \n",
365 sp->lft->hard_add_expires_seconds, sp->lft->hard_use_expires_seconds);
367 nl_dump_line(p,
"\tlifetime current: \n");
368 nl_dump_line(p,
"\t\t%llu bytes, %llu packets\n", sp->curlft.bytes, sp->curlft.packets);
370 if (sp->curlft.add_time != 0)
372 add_time = sp->curlft.add_time;
373 add_time_tm = gmtime (&add_time);
374 strftime (dst, INET6_ADDRSTRLEN+5,
"%Y-%m-%d %H-%M-%S", add_time_tm);
378 sprintf (dst,
"%s",
"-");
381 if (sp->curlft.use_time != 0)
383 use_time = sp->curlft.use_time;
384 use_time_tm = gmtime (&use_time);
385 strftime (src, INET6_ADDRSTRLEN+5,
"%Y-%m-%d %H-%M-%S", use_time_tm);
389 sprintf (src,
"%s",
"-");
391 nl_dump_line(p,
"\t\tadd_time: %s, use_time: %s\n", dst, src);
393 if (sp->ce_mask & XFRM_SP_ATTR_SECCTX)
395 nl_dump_line(p,
"\tUser security context: \n");
396 nl_dump_line(p,
"\t\tlen: %d exttype: %d Algo: %d DOI: %d ctxlen: %d\n",
397 sp->sec_ctx->len, sp->sec_ctx->exttype,
398 sp->sec_ctx->ctx_alg, sp->sec_ctx->ctx_doi, sp->sec_ctx->ctx_len);
399 nl_dump_line (p,
"\t\tctx: %s \n", sp->sec_ctx->ctx);
402 xfrmnl_sp_type2str (sp->uptype.type, flags, 32);
403 if (sp->ce_mask & XFRM_SP_ATTR_POLTYPE)
404 nl_dump_line(p,
"\tUser policy type: %s\n", flags);
406 if (sp->ce_mask & XFRM_SP_ATTR_TMPL)
408 struct xfrmnl_user_tmpl* utmpl;
410 nl_dump_line(p,
"\tUser template: \n");
412 nl_list_for_each_entry(utmpl, &sp->usertmpl_list, utmpl_list)
413 xfrmnl_user_tmpl_dump (utmpl, p);
416 if (sp->ce_mask & XFRM_SP_ATTR_MARK)
417 nl_dump_line(p,
"\tMark mask: 0x%x Mark value: 0x%x\n", sp->mark.m, sp->mark.v);
422 static void xfrm_sp_dump_details(
struct nl_object *a,
struct nl_dump_params *p)
424 xfrm_sp_dump_line(a, p);
427 static void xfrm_sp_dump_stats(
struct nl_object *a,
struct nl_dump_params *p)
429 xfrm_sp_dump_details(a, p);
439 struct xfrmnl_sp* xfrmnl_sp_alloc(
void)
444 void xfrmnl_sp_put(
struct xfrmnl_sp* sp)
466 int xfrmnl_sp_alloc_cache(
struct nl_sock *sock,
struct nl_cache **result)
478 struct xfrmnl_sp* xfrmnl_sp_get(
struct nl_cache* cache,
unsigned int index,
unsigned int dir)
480 struct xfrmnl_sp *sp;
487 if (sp->index == index && sp->dir == dir)
501 static struct nla_policy xfrm_sp_policy[XFRMA_MAX+1] = {
502 [XFRMA_POLICY] = { .
minlen =
sizeof(
struct xfrm_userpolicy_info)},
503 [XFRMA_SEC_CTX] = { .minlen =
sizeof(
struct xfrm_sec_ctx) },
504 [XFRMA_TMPL] = { .minlen =
sizeof(
struct xfrm_user_tmpl) },
505 [XFRMA_POLICY_TYPE] = { .minlen =
sizeof(
struct xfrm_userpolicy_type)},
506 [XFRMA_MARK] = { .minlen =
sizeof(
struct xfrm_mark) },
509 static int xfrm_sp_request_update(
struct nl_cache *c,
struct nl_sock *h)
511 struct xfrm_userpolicy_id sp_id;
513 memset (&sp_id, 0,
sizeof (sp_id));
515 &sp_id,
sizeof (sp_id));
518 int xfrmnl_sp_parse(
struct nlmsghdr *n,
struct xfrmnl_sp **result)
520 struct xfrmnl_sp *sp;
521 struct nlattr *tb[XFRMA_MAX + 1];
522 struct xfrm_userpolicy_info *sp_info;
524 struct nl_addr* addr;
526 sp = xfrmnl_sp_alloc();
532 sp->ce_msgtype = n->nlmsg_type;
533 if (n->nlmsg_type == XFRM_MSG_DELPOLICY)
535 sp_info = (
struct xfrm_userpolicy_info*)((
char *)
nlmsg_data(n) +
sizeof (
struct xfrm_userpolicy_id) + NLA_HDRLEN);
542 err =
nlmsg_parse(n,
sizeof(
struct xfrm_userpolicy_info), tb, XFRMA_MAX, xfrm_sp_policy);
545 printf (
"parse error: %d \n", err);
549 if (sp_info->sel.family == AF_INET)
550 addr =
nl_addr_build (sp_info->sel.family, &sp_info->sel.daddr.a4, sizeof (sp_info->sel.daddr.a4));
552 addr =
nl_addr_build (sp_info->sel.family, &sp_info->sel.daddr.a6, sizeof (sp_info->sel.daddr.a6));
554 xfrmnl_sel_set_daddr (sp->sel, addr);
555 xfrmnl_sel_set_prefixlen_d (sp->sel, sp_info->sel.prefixlen_d);
557 if (sp_info->sel.family == AF_INET)
558 addr =
nl_addr_build (sp_info->sel.family, &sp_info->sel.saddr.a4, sizeof (sp_info->sel.saddr.a4));
560 addr =
nl_addr_build (sp_info->sel.family, &sp_info->sel.saddr.a6, sizeof (sp_info->sel.saddr.a6));
562 xfrmnl_sel_set_saddr (sp->sel, addr);
563 xfrmnl_sel_set_prefixlen_s (sp->sel, sp_info->sel.prefixlen_s);
565 xfrmnl_sel_set_dport (sp->sel, ntohs (sp_info->sel.dport));
566 xfrmnl_sel_set_dportmask (sp->sel, ntohs (sp_info->sel.dport_mask));
567 xfrmnl_sel_set_sport (sp->sel, ntohs (sp_info->sel.sport));
568 xfrmnl_sel_set_sportmask (sp->sel, ntohs (sp_info->sel.sport_mask));
569 xfrmnl_sel_set_family (sp->sel, sp_info->sel.family);
570 xfrmnl_sel_set_proto (sp->sel, sp_info->sel.proto);
571 xfrmnl_sel_set_ifindex (sp->sel, sp_info->sel.ifindex);
572 xfrmnl_sel_set_userid (sp->sel, sp_info->sel.user);
573 sp->ce_mask |= XFRM_SP_ATTR_SEL;
575 sp->lft->soft_byte_limit = sp_info->lft.soft_byte_limit;
576 sp->lft->hard_byte_limit = sp_info->lft.hard_byte_limit;
577 sp->lft->soft_packet_limit = sp_info->lft.soft_packet_limit;
578 sp->lft->hard_packet_limit = sp_info->lft.hard_packet_limit;
579 sp->lft->soft_add_expires_seconds = sp_info->lft.soft_add_expires_seconds;
580 sp->lft->hard_add_expires_seconds = sp_info->lft.hard_add_expires_seconds;
581 sp->lft->soft_use_expires_seconds = sp_info->lft.soft_use_expires_seconds;
582 sp->lft->hard_use_expires_seconds = sp_info->lft.hard_use_expires_seconds;
583 sp->ce_mask |= XFRM_SP_ATTR_LTIME_CFG;
585 sp->curlft.bytes = sp_info->curlft.bytes;
586 sp->curlft.packets = sp_info->curlft.packets;
587 sp->curlft.add_time = sp_info->curlft.add_time;
588 sp->curlft.use_time = sp_info->curlft.use_time;
589 sp->ce_mask |= XFRM_SP_ATTR_LTIME_CUR;
591 sp->priority = sp_info->priority;
592 sp->index = sp_info->index;
593 sp->dir = sp_info->dir;
594 sp->action = sp_info->action;
595 sp->flags = sp_info->flags;
596 sp->share = sp_info->share;
597 sp->ce_mask |= (XFRM_SP_ATTR_PRIO | XFRM_SP_ATTR_INDEX |
598 XFRM_SP_ATTR_DIR | XFRM_SP_ATTR_ACTION |
599 XFRM_SP_ATTR_FLAGS | XFRM_SP_ATTR_SHARE);
601 if (tb[XFRMA_SEC_CTX]) {
602 struct xfrm_user_sec_ctx* ctx =
nla_data(tb[XFRMA_SEC_CTX]);
603 len =
sizeof (
struct xfrmnl_user_sec_ctx) + ctx->ctx_len;
604 if ((sp->sec_ctx = calloc (1, len)) == NULL)
609 memcpy ((
void *)sp->sec_ctx, (
void *)ctx, len);
610 sp->ce_mask |= XFRM_SP_ATTR_SECCTX;
613 if (tb[XFRMA_POLICY_TYPE]) {
614 struct xfrm_userpolicy_type* up =
nla_data(tb[XFRMA_POLICY_TYPE]);
615 memcpy ((
void *)&sp->uptype, (
void *)up, sizeof (
struct xfrm_userpolicy_type));
616 sp->ce_mask |= XFRM_SP_ATTR_POLTYPE;
619 if (tb[XFRMA_TMPL]) {
620 struct xfrm_user_tmpl* tmpl =
nla_data(tb[XFRMA_TMPL]);
621 struct xfrmnl_user_tmpl* sputmpl;
623 uint32_t num_tmpls =
nla_len(tb[XFRMA_TMPL]) /
sizeof (*tmpl);
624 struct nl_addr* addr;
626 for (i = 0; (i < num_tmpls) && (tmpl); i ++, tmpl++)
634 if (tmpl->family == AF_INET)
635 addr =
nl_addr_build(tmpl->family, &tmpl->id.daddr.a4, sizeof (tmpl->id.daddr.a4));
637 addr =
nl_addr_build(tmpl->family, &tmpl->id.daddr.a6, sizeof (tmpl->id.daddr.a6));
638 xfrmnl_user_tmpl_set_daddr (sputmpl, addr);
639 xfrmnl_user_tmpl_set_spi (sputmpl, ntohl(tmpl->id.spi));
640 xfrmnl_user_tmpl_set_proto (sputmpl, tmpl->id.proto);
641 xfrmnl_user_tmpl_set_family (sputmpl, tmpl->family);
643 if (tmpl->family == AF_INET)
644 addr =
nl_addr_build(tmpl->family, &tmpl->saddr.a4, sizeof (tmpl->saddr.a4));
646 addr =
nl_addr_build(tmpl->family, &tmpl->saddr.a6, sizeof (tmpl->saddr.a6));
647 xfrmnl_user_tmpl_set_saddr (sputmpl, addr);
649 xfrmnl_user_tmpl_set_reqid (sputmpl, tmpl->reqid);
650 xfrmnl_user_tmpl_set_mode (sputmpl, tmpl->mode);
651 xfrmnl_user_tmpl_set_share (sputmpl, tmpl->share);
652 xfrmnl_user_tmpl_set_optional (sputmpl, tmpl->optional);
653 xfrmnl_user_tmpl_set_aalgos (sputmpl, tmpl->aalgos);
654 xfrmnl_user_tmpl_set_ealgos (sputmpl, tmpl->ealgos);
655 xfrmnl_user_tmpl_set_calgos (sputmpl, tmpl->calgos);
656 xfrmnl_sp_add_usertemplate (sp, sputmpl);
658 sp->ce_mask |= XFRM_SP_ATTR_TMPL;
662 if (tb[XFRMA_MARK]) {
663 struct xfrm_mark* m =
nla_data(tb[XFRMA_MARK]);
666 sp->ce_mask |= XFRM_SP_ATTR_MARK;
677 static int xfrm_sp_msg_parser(
struct nl_cache_ops *ops,
struct sockaddr_nl *who,
678 struct nlmsghdr *n,
struct nl_parser_param *pp)
680 struct xfrmnl_sp* sp;
683 if ((err = xfrmnl_sp_parse(n, &sp)) < 0)
685 printf (
"received error: %d \n", err);
689 err = pp->pp_cb((
struct nl_object *) sp, pp);
700 int xfrmnl_sp_build_get_request(
unsigned int index,
unsigned int dir,
unsigned int mark_v,
unsigned int mark_m,
struct nl_msg **result)
703 struct xfrm_userpolicy_id spid;
704 struct xfrm_mark mark;
706 memset(&spid, 0,
sizeof(spid));
713 if (
nlmsg_append(msg, &spid,
sizeof(spid), NLMSG_ALIGNTO) < 0)
714 goto nla_put_failure;
716 if ((mark_m & mark_v) != 0)
718 memset(&mark, 0,
sizeof(
struct xfrm_mark));
722 NLA_PUT (msg, XFRMA_MARK,
sizeof (
struct xfrm_mark), &mark);
733 int xfrmnl_sp_get_kernel(
struct nl_sock* sock,
unsigned int index,
unsigned int dir,
unsigned int mark_v,
unsigned int mark_m,
struct xfrmnl_sp** result)
735 struct nl_msg *msg = NULL;
736 struct nl_object *obj;
739 if ((err = xfrmnl_sp_build_get_request(index, dir, mark_m, mark_v, &msg)) < 0)
747 if ((err =
nl_pickup(sock, &xfrm_sp_msg_parser, &obj)) < 0)
751 *result = (
struct xfrmnl_sp *) obj;
762 static int build_xfrm_sp_message(
struct xfrmnl_sp *tmpl,
int cmd,
int flags,
struct nl_msg **result)
765 struct xfrm_userpolicy_info sp_info;
767 struct nl_addr* addr;
769 if (!(tmpl->ce_mask & XFRM_SP_ATTR_DIR) ||
770 (!(tmpl->ce_mask & XFRM_SP_ATTR_INDEX) &&
771 !(tmpl->ce_mask & XFRM_SP_ATTR_SEL)))
772 return -NLE_MISSING_ATTR;
774 memset ((
void*)&sp_info, 0,
sizeof (sp_info));
775 if (tmpl->ce_mask & XFRM_SP_ATTR_SEL)
777 addr = xfrmnl_sel_get_daddr (tmpl->sel);
779 addr = xfrmnl_sel_get_saddr (tmpl->sel);
781 sp_info.sel.dport = htons (xfrmnl_sel_get_dport (tmpl->sel));
782 sp_info.sel.dport_mask = htons (xfrmnl_sel_get_dportmask (tmpl->sel));
783 sp_info.sel.sport = htons (xfrmnl_sel_get_sport (tmpl->sel));
784 sp_info.sel.sport_mask = htons (xfrmnl_sel_get_sportmask (tmpl->sel));
785 sp_info.sel.family = xfrmnl_sel_get_family (tmpl->sel);
786 sp_info.sel.prefixlen_d = xfrmnl_sel_get_prefixlen_d (tmpl->sel);
787 sp_info.sel.prefixlen_s = xfrmnl_sel_get_prefixlen_s (tmpl->sel);
788 sp_info.sel.proto = xfrmnl_sel_get_proto (tmpl->sel);
789 sp_info.sel.ifindex = xfrmnl_sel_get_ifindex (tmpl->sel);
790 sp_info.sel.user = xfrmnl_sel_get_userid (tmpl->sel);
793 if (tmpl->ce_mask & XFRM_SP_ATTR_LTIME_CFG)
795 sp_info.lft.soft_byte_limit = xfrmnl_ltime_cfg_get_soft_bytelimit (tmpl->lft);
796 sp_info.lft.hard_byte_limit = xfrmnl_ltime_cfg_get_hard_bytelimit (tmpl->lft);
797 sp_info.lft.soft_packet_limit = xfrmnl_ltime_cfg_get_soft_packetlimit (tmpl->lft);
798 sp_info.lft.hard_packet_limit = xfrmnl_ltime_cfg_get_hard_packetlimit (tmpl->lft);
799 sp_info.lft.soft_add_expires_seconds = xfrmnl_ltime_cfg_get_soft_addexpires (tmpl->lft);
800 sp_info.lft.hard_add_expires_seconds = xfrmnl_ltime_cfg_get_hard_addexpires (tmpl->lft);
801 sp_info.lft.soft_use_expires_seconds = xfrmnl_ltime_cfg_get_soft_useexpires (tmpl->lft);
802 sp_info.lft.hard_use_expires_seconds = xfrmnl_ltime_cfg_get_hard_useexpires (tmpl->lft);
807 if (tmpl->ce_mask & XFRM_SP_ATTR_PRIO)
808 sp_info.priority = tmpl->priority;
810 if (tmpl->ce_mask & XFRM_SP_ATTR_INDEX)
811 sp_info.index = tmpl->index;
813 if (tmpl->ce_mask & XFRM_SP_ATTR_DIR)
814 sp_info.dir = tmpl->dir;
816 if (tmpl->ce_mask & XFRM_SP_ATTR_ACTION)
817 sp_info.action = tmpl->action;
819 if (tmpl->ce_mask & XFRM_SP_ATTR_FLAGS)
820 sp_info.flags = tmpl->flags;
822 if (tmpl->ce_mask & XFRM_SP_ATTR_SHARE)
823 sp_info.share = tmpl->share;
829 if (
nlmsg_append(msg, &sp_info,
sizeof(sp_info), NLMSG_ALIGNTO) < 0)
830 goto nla_put_failure;
832 if (tmpl->ce_mask & XFRM_SP_ATTR_SECCTX) {
833 len = (
sizeof (
struct xfrm_user_sec_ctx)) + tmpl->sec_ctx->ctx_len;
834 NLA_PUT (msg, XFRMA_SEC_CTX, len, tmpl->sec_ctx);
837 if (tmpl->ce_mask & XFRM_SP_ATTR_POLTYPE) {
838 len =
sizeof (
struct xfrm_userpolicy_type);
839 NLA_PUT (msg, XFRMA_POLICY_TYPE, len, &tmpl->uptype);
842 if (tmpl->ce_mask & XFRM_SP_ATTR_TMPL) {
843 struct nlattr* tmpls;
844 struct xfrmnl_user_tmpl* utmpl;
845 struct nl_addr* addr;
848 goto nla_put_failure;
850 nl_list_for_each_entry(utmpl, &tmpl->usertmpl_list, utmpl_list) {
851 struct xfrm_user_tmpl* tmpl;
855 goto nla_put_failure;
856 addr = xfrmnl_user_tmpl_get_daddr (utmpl);
859 tmpl->id.spi = htonl(xfrmnl_user_tmpl_get_spi (utmpl));
860 tmpl->id.proto = xfrmnl_user_tmpl_get_proto (utmpl);
861 tmpl->family = xfrmnl_user_tmpl_get_family (utmpl);
862 addr = xfrmnl_user_tmpl_get_saddr (utmpl);
865 tmpl->reqid = xfrmnl_user_tmpl_get_reqid (utmpl);
866 tmpl->mode = xfrmnl_user_tmpl_get_mode (utmpl);
867 tmpl->share = xfrmnl_user_tmpl_get_share (utmpl);
868 tmpl->optional = xfrmnl_user_tmpl_get_optional (utmpl);
869 tmpl->aalgos = xfrmnl_user_tmpl_get_aalgos (utmpl);
870 tmpl->ealgos = xfrmnl_user_tmpl_get_ealgos (utmpl);
871 tmpl->calgos = xfrmnl_user_tmpl_get_calgos (utmpl);
876 if (tmpl->ce_mask & XFRM_SP_ATTR_MARK) {
877 NLA_PUT (msg, XFRMA_MARK,
sizeof (
struct xfrm_mark), &tmpl->mark);
893 int xfrmnl_sp_build_add_request(
struct xfrmnl_sp* tmpl,
int flags,
struct nl_msg **result)
895 return build_xfrm_sp_message (tmpl, XFRM_MSG_NEWPOLICY, flags, result);
898 int xfrmnl_sp_add(
struct nl_sock* sk,
struct xfrmnl_sp* tmpl,
int flags)
903 if ((err = xfrmnl_sp_build_add_request(tmpl, flags, &msg)) < 0)
919 int xfrmnl_sp_build_update_request(
struct xfrmnl_sp* tmpl,
int flags,
struct nl_msg **result)
921 return build_xfrm_sp_message (tmpl, XFRM_MSG_UPDPOLICY, flags, result);
924 int xfrmnl_sp_update(
struct nl_sock* sk,
struct xfrmnl_sp* tmpl,
int flags)
929 if ((err = xfrmnl_sp_build_update_request(tmpl, flags, &msg)) < 0)
955 static int build_xfrm_sp_delete_message(
struct xfrmnl_sp *tmpl,
int cmd,
int flags,
struct nl_msg **result)
958 struct xfrm_userpolicy_id spid;
959 struct nl_addr* addr;
962 if (!(tmpl->ce_mask & XFRM_SP_ATTR_DIR) ||
963 (!(tmpl->ce_mask & XFRM_SP_ATTR_INDEX) &&
964 !(tmpl->ce_mask & XFRM_SP_ATTR_SEL)))
965 return -NLE_MISSING_ATTR;
967 memset(&spid, 0,
sizeof(spid));
968 spid.dir = tmpl->dir;
969 if(tmpl->ce_mask & XFRM_SP_ATTR_INDEX)
970 spid.index = tmpl->index;
972 if (tmpl->ce_mask & XFRM_SP_ATTR_SEL)
974 addr = xfrmnl_sel_get_daddr (tmpl->sel);
976 addr = xfrmnl_sel_get_saddr (tmpl->sel);
978 spid.sel.dport = htons (xfrmnl_sel_get_dport (tmpl->sel));
979 spid.sel.dport_mask = htons (xfrmnl_sel_get_dportmask (tmpl->sel));
980 spid.sel.sport = htons (xfrmnl_sel_get_sport (tmpl->sel));
981 spid.sel.sport_mask = htons (xfrmnl_sel_get_sportmask (tmpl->sel));
982 spid.sel.family = xfrmnl_sel_get_family (tmpl->sel);
983 spid.sel.prefixlen_d = xfrmnl_sel_get_prefixlen_d (tmpl->sel);
984 spid.sel.prefixlen_s = xfrmnl_sel_get_prefixlen_s (tmpl->sel);
985 spid.sel.proto = xfrmnl_sel_get_proto (tmpl->sel);
986 spid.sel.ifindex = xfrmnl_sel_get_ifindex (tmpl->sel);
987 spid.sel.user = xfrmnl_sel_get_userid (tmpl->sel);
994 if (
nlmsg_append(msg, &spid,
sizeof(spid), NLMSG_ALIGNTO) < 0)
995 goto nla_put_failure;
997 if (tmpl->ce_mask & XFRM_SP_ATTR_SECCTX) {
998 len = (
sizeof (
struct xfrm_user_sec_ctx)) + tmpl->sec_ctx->ctx_len;
999 NLA_PUT (msg, XFRMA_SEC_CTX, len, tmpl->sec_ctx);
1002 if (tmpl->ce_mask & XFRM_SP_ATTR_MARK) {
1003 len =
sizeof (
struct xfrm_mark);
1004 NLA_PUT (msg, XFRMA_MARK, len, &tmpl->mark);
1012 return -NLE_MSGSIZE;
1020 int xfrmnl_sp_build_delete_request(
struct xfrmnl_sp* tmpl,
int flags,
struct nl_msg **result)
1022 return build_xfrm_sp_delete_message (tmpl, XFRM_MSG_DELPOLICY, flags, result);
1025 int xfrmnl_sp_delete(
struct nl_sock* sk,
struct xfrmnl_sp* tmpl,
int flags)
1030 if ((err = xfrmnl_sp_build_delete_request(tmpl, flags, &msg)) < 0)
1049 struct xfrmnl_sel* xfrmnl_sp_get_sel (
struct xfrmnl_sp* sp)
1051 if (sp->ce_mask & XFRM_SP_ATTR_SEL)
1057 int xfrmnl_sp_set_sel (
struct xfrmnl_sp* sp,
struct xfrmnl_sel* sel)
1061 xfrmnl_sel_put (sp->sel);
1064 xfrmnl_sel_get (sel);
1066 sp->ce_mask |= XFRM_SP_ATTR_SEL;
1071 struct xfrmnl_ltime_cfg* xfrmnl_sp_get_lifetime_cfg (
struct xfrmnl_sp* sp)
1073 if (sp->ce_mask & XFRM_SP_ATTR_LTIME_CFG)
1079 int xfrmnl_sp_set_lifetime_cfg (
struct xfrmnl_sp* sp,
struct xfrmnl_ltime_cfg* ltime)
1083 xfrmnl_ltime_cfg_put (sp->lft);
1086 xfrmnl_ltime_cfg_get (ltime);
1088 sp->ce_mask |= XFRM_SP_ATTR_LTIME_CFG;
1093 int xfrmnl_sp_get_curlifetime (
struct xfrmnl_sp* sa,
unsigned long long int* curr_bytes,
1094 unsigned long long int* curr_packets,
unsigned long long int* curr_add_time,
unsigned long long int* curr_use_time)
1096 if (sa == NULL || curr_bytes == NULL || curr_packets == NULL || curr_add_time == NULL || curr_use_time == NULL)
1099 *curr_bytes = sa->curlft.bytes;
1100 *curr_packets = sa->curlft.packets;
1101 *curr_add_time = sa->curlft.add_time;
1102 *curr_use_time = sa->curlft.use_time;
1107 int xfrmnl_sp_get_priority (
struct xfrmnl_sp* sp)
1109 if (sp->ce_mask & XFRM_SP_ATTR_PRIO)
1110 return sp->priority;
1115 int xfrmnl_sp_set_priority (
struct xfrmnl_sp* sp,
unsigned int prio)
1117 sp->priority = prio;
1118 sp->ce_mask |= XFRM_SP_ATTR_PRIO;
1123 int xfrmnl_sp_get_index (
struct xfrmnl_sp* sp)
1125 if (sp->ce_mask & XFRM_SP_ATTR_INDEX)
1131 int xfrmnl_sp_set_index (
struct xfrmnl_sp* sp,
unsigned int index)
1134 sp->ce_mask |= XFRM_SP_ATTR_INDEX;
1139 int xfrmnl_sp_get_dir (
struct xfrmnl_sp* sp)
1141 if (sp->ce_mask & XFRM_SP_ATTR_DIR)
1147 int xfrmnl_sp_set_dir (
struct xfrmnl_sp* sp,
unsigned int dir)
1150 sp->ce_mask |= XFRM_SP_ATTR_DIR;
1155 int xfrmnl_sp_get_action (
struct xfrmnl_sp* sp)
1157 if (sp->ce_mask & XFRM_SP_ATTR_ACTION)
1163 int xfrmnl_sp_set_action (
struct xfrmnl_sp* sp,
unsigned int action)
1165 sp->action = action;
1166 sp->ce_mask |= XFRM_SP_ATTR_ACTION;
1171 int xfrmnl_sp_get_flags (
struct xfrmnl_sp* sp)
1173 if (sp->ce_mask & XFRM_SP_ATTR_FLAGS)
1179 int xfrmnl_sp_set_flags (
struct xfrmnl_sp* sp,
unsigned int flags)
1182 sp->ce_mask |= XFRM_SP_ATTR_FLAGS;
1187 int xfrmnl_sp_get_share (
struct xfrmnl_sp* sp)
1189 if (sp->ce_mask & XFRM_SP_ATTR_SHARE)
1195 int xfrmnl_sp_set_share (
struct xfrmnl_sp* sp,
unsigned int share)
1198 sp->ce_mask |= XFRM_SP_ATTR_SHARE;
1224 int xfrmnl_sp_get_sec_ctx (
struct xfrmnl_sp* sp,
unsigned int* len,
unsigned int* exttype,
unsigned int* alg,
unsigned int* doi,
unsigned int* ctx_len,
char* ctx_str)
1226 if (sp->ce_mask & XFRM_SP_ATTR_SECCTX)
1229 *len =
sizeof (
struct xfrmnl_user_sec_ctx) + sp->sec_ctx->ctx_len;
1231 *exttype = sp->sec_ctx->exttype;
1233 *alg = sp->sec_ctx->ctx_alg;
1235 *doi = sp->sec_ctx->ctx_doi;
1237 *ctx_len = sp->sec_ctx->ctx_len;
1239 memcpy ((
void *)ctx_str, (
void *)sp->sec_ctx->ctx, sp->sec_ctx->ctx_len);
1259 int xfrmnl_sp_set_sec_ctx (
struct xfrmnl_sp* sp,
unsigned int len __attribute__((unused)),
unsigned int exttype,
unsigned int alg,
unsigned int doi,
unsigned int ctx_len,
char* ctx_str)
1264 if ((sp->sec_ctx = calloc (1,
sizeof (
struct xfrmnl_user_sec_ctx) + 1 + ctx_len)) == NULL)
1268 sp->sec_ctx->len =
sizeof (
struct xfrmnl_user_sec_ctx) + ctx_len;
1269 sp->sec_ctx->exttype = exttype;
1270 sp->sec_ctx->ctx_alg = alg;
1271 sp->sec_ctx->ctx_doi = doi;
1272 sp->sec_ctx->ctx_len = ctx_len;
1273 memcpy ((
void *)sp->sec_ctx->ctx, (
void *)ctx_str, ctx_len);
1274 sp->sec_ctx->ctx[ctx_len] =
'\0';
1276 sp->ce_mask |= XFRM_SP_ATTR_SECCTX;
1281 int xfrmnl_sp_get_userpolicy_type (
struct xfrmnl_sp* sp)
1283 if (sp->ce_mask & XFRM_SP_ATTR_POLTYPE)
1284 return sp->uptype.type;
1289 int xfrmnl_sp_set_userpolicy_type (
struct xfrmnl_sp* sp,
unsigned int type)
1291 sp->uptype.type = type;
1292 sp->ce_mask |= XFRM_SP_ATTR_POLTYPE;
1297 void xfrmnl_sp_add_usertemplate(
struct xfrmnl_sp *sp,
struct xfrmnl_user_tmpl *utmpl)
1299 nl_list_add_tail(&utmpl->utmpl_list, &sp->usertmpl_list);
1301 sp->ce_mask |= XFRM_SP_ATTR_TMPL;
1304 void xfrmnl_sp_remove_usertemplate(
struct xfrmnl_sp *sp,
struct xfrmnl_user_tmpl *utmpl)
1306 if (sp->ce_mask & XFRM_SP_ATTR_TMPL) {
1308 nl_list_del(&utmpl->utmpl_list);
1312 struct nl_list_head *xfrmnl_sp_get_usertemplates(
struct xfrmnl_sp *sp)
1314 if (sp->ce_mask & XFRM_SP_ATTR_TMPL)
1315 return &sp->usertmpl_list;
1320 int xfrmnl_sp_get_nusertemplates(
struct xfrmnl_sp *sp)
1322 if (sp->ce_mask & XFRM_SP_ATTR_TMPL)
1323 return sp->nr_user_tmpl;
1328 void xfrmnl_sp_foreach_usertemplate(
struct xfrmnl_sp *r,
1329 void (*cb)(
struct xfrmnl_user_tmpl *,
void *),
1332 struct xfrmnl_user_tmpl *utmpl;
1334 if (r->ce_mask & XFRM_SP_ATTR_TMPL) {
1335 nl_list_for_each_entry(utmpl, &r->usertmpl_list, utmpl_list) {
1341 struct xfrmnl_user_tmpl *xfrmnl_sp_usertemplate_n(
struct xfrmnl_sp *r,
int n)
1343 struct xfrmnl_user_tmpl *utmpl;
1346 if (r->ce_mask & XFRM_SP_ATTR_TMPL && r->nr_user_tmpl > n) {
1348 nl_list_for_each_entry(utmpl, &r->usertmpl_list, utmpl_list) {
1349 if (i == n)
return utmpl;
1356 int xfrmnl_sp_get_mark (
struct xfrmnl_sp* sp,
unsigned int* mark_mask,
unsigned int* mark_value)
1358 if (mark_mask == NULL || mark_value == NULL)
1361 if (sp->ce_mask & XFRM_SP_ATTR_MARK)
1363 *mark_mask = sp->mark.m;
1364 *mark_value = sp->mark.v;
1372 int xfrmnl_sp_set_mark (
struct xfrmnl_sp* sp,
unsigned int value,
unsigned int mask)
1376 sp->ce_mask |= XFRM_SP_ATTR_MARK;
1383 static struct nl_object_ops xfrm_sp_obj_ops = {
1384 .oo_name =
"xfrm/sp",
1385 .oo_size =
sizeof(
struct xfrmnl_sp),
1386 .oo_constructor = xfrm_sp_alloc_data,
1387 .oo_free_data = xfrm_sp_free_data,
1388 .oo_clone = xfrm_sp_clone,
1394 .oo_compare = xfrm_sp_compare,
1395 .oo_attrs2str = xfrm_sp_attrs2str,
1396 .oo_id_attrs = (XFRM_SP_ATTR_SEL | XFRM_SP_ATTR_INDEX | XFRM_SP_ATTR_DIR),
1399 static struct nl_af_group xfrm_sp_groups[] = {
1400 { AF_UNSPEC, XFRMNLGRP_POLICY },
1401 { END_OF_GROUP_LIST },
1404 static struct nl_cache_ops xfrmnl_sp_ops = {
1405 .co_name =
"xfrm/sp",
1406 .co_hdrsize =
sizeof(
struct xfrm_userpolicy_info),
1408 { XFRM_MSG_NEWPOLICY, NL_ACT_NEW,
"new" },
1409 { XFRM_MSG_DELPOLICY, NL_ACT_DEL,
"del" },
1410 { XFRM_MSG_GETPOLICY, NL_ACT_GET,
"get" },
1411 { XFRM_MSG_UPDPOLICY, NL_ACT_NEW,
"update" },
1412 END_OF_MSGTYPES_LIST,
1414 .co_protocol = NETLINK_XFRM,
1415 .co_groups = xfrm_sp_groups,
1416 .co_request_update = xfrm_sp_request_update,
1417 .co_msg_parser = xfrm_sp_msg_parser,
1418 .co_obj_ops = &xfrm_sp_obj_ops,
1426 static void __attribute__ ((constructor)) xfrm_sp_init(
void)
1431 static void __attribute__ ((destructor)) xfrm_sp_exit(
void)
int nl_send_auto_complete(struct nl_sock *sk, struct nl_msg *msg)
Dump object briefly on one line.
void nl_addr_set_prefixlen(struct nl_addr *addr, int prefixlen)
Set the prefix length of an abstract address.
void nlmsg_free(struct nl_msg *msg)
Release a reference from an netlink message.
int nlmsg_parse(struct nlmsghdr *nlh, int hdrlen, struct nlattr *tb[], int maxtype, const struct nla_policy *policy)
parse attributes of a netlink message
void * nlmsg_data(const struct nlmsghdr *nlh)
Return pointer to message payload.
struct nl_object * nl_object_alloc(struct nl_object_ops *ops)
Allocate a new object of kind specified by the operations handle.
void * nlmsg_reserve(struct nl_msg *n, size_t len, int pad)
Reserve room for additional data in a netlink message.
int nl_cache_mngt_unregister(struct nl_cache_ops *ops)
Unregister a set of cache operations.
Attribute validation policy.
void nl_object_get(struct nl_object *obj)
Acquire a reference on a object.
struct nl_addr * nl_addr_build(int family, const void *buf, size_t size)
Allocate abstract address based on a binary address.
int nl_pickup(struct nl_sock *sk, int(*parser)(struct nl_cache_ops *, struct sockaddr_nl *, struct nlmsghdr *, struct nl_parser_param *), struct nl_object **result)
Pickup netlink answer, parse is and return object.
struct xfrmnl_ltime_cfg * xfrmnl_ltime_cfg_clone(struct xfrmnl_ltime_cfg *ltime)
Clone existing lifetime config object.
Dump all attributes but no statistics.
int nla_nest_end(struct nl_msg *msg, struct nlattr *start)
Finalize nesting of attributes.
int nl_cache_mngt_register(struct nl_cache_ops *ops)
Register a set of cache operations.
#define NLA_PUT(msg, attrtype, attrlen, data)
Add unspecific attribute to netlink message.
void * nla_data(const struct nlattr *nla)
Return pointer to the payload section.
int xfrmnl_sel_cmp(struct xfrmnl_sel *a, struct xfrmnl_sel *b)
Compares two selector objects.
int nla_len(const struct nlattr *nla)
Return length of the payload .
uint16_t minlen
Minimal length of payload required.
int nl_send_simple(struct nl_sock *sk, int type, int flags, void *buf, size_t size)
Construct and transmit a Netlink message.
struct nl_object * nl_cache_get_next(struct nl_object *obj)
Return the next element in the cache.
int nlmsg_append(struct nl_msg *n, void *data, size_t len, int pad)
Append data to tail of a netlink message.
int nl_wait_for_ack(struct nl_sock *sk)
Wait for ACK.
void nl_object_put(struct nl_object *obj)
Release a reference from an object.
struct nl_msg * nlmsg_alloc_simple(int nlmsgtype, int flags)
Allocate a new netlink message.
struct xfrmnl_sel * xfrmnl_sel_alloc()
Allocate new selector object.
struct xfrmnl_sel * xfrmnl_sel_clone(struct xfrmnl_sel *sel)
Clone existing selector object.
struct xfrmnl_ltime_cfg * xfrmnl_ltime_cfg_alloc()
Allocate new lifetime config object.
struct xfrmnl_user_tmpl * xfrmnl_user_tmpl_clone(struct xfrmnl_user_tmpl *utmpl)
Clone existing user template object.
struct xfrmnl_user_tmpl * xfrmnl_user_tmpl_alloc()
Allocate new user template object.
int xfrmnl_ltime_cfg_cmp(struct xfrmnl_ltime_cfg *a, struct xfrmnl_ltime_cfg *b)
Compares two lifetime config objects.
void nl_dump(struct nl_dump_params *params, const char *fmt,...)
Dump a formatted character string.
int xfrmnl_user_tmpl_cmp(struct xfrmnl_user_tmpl *a, struct xfrmnl_user_tmpl *b)
Compares two user template objects.
int nl_send_auto(struct nl_sock *sk, struct nl_msg *msg)
Finalize and transmit Netlink message.
unsigned int nl_addr_get_len(const struct nl_addr *addr)
Get length of binary address of abstract address object.
Dump all attributes including statistics.
struct nl_object * nl_cache_get_first(struct nl_cache *cache)
Return the first element in the cache.
void * nl_addr_get_binary_addr(const struct nl_addr *addr)
Get binary address of abstract address object.
int nl_cache_alloc_and_fill(struct nl_cache_ops *ops, struct nl_sock *sock, struct nl_cache **result)
Allocate new cache and fill it.
struct nlattr * nla_nest_start(struct nl_msg *msg, int attrtype)
Start a new level of nested attributes.
char * nl_addr2str(const struct nl_addr *addr, char *buf, size_t size)
Convert abstract address object to character string.