From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202508 header.b=LAaWLKpD; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id 908825A0271 for ; Mon, 08 Sep 2025 05:09:37 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202508; t=1757300974; bh=fYBPmWPrYEH0q8dPibf1UFfZhTsug0OuqJV17GFgpJU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=LAaWLKpDHYlww3HI0af1HHGE08NKgWRZvzRuJicCxA4jbHnG82t4tOXakqgxW+KqB CDanxW0Iy70+3cdFw5w/S0ZARdCyuM2AL3kGumU0+Lx75xgeaPoNqAjOVDzmyOFIqP PnByQphkNObCv5oyeP0Q9LB5YmxaTckv7yEsL/ETmNqJ/SXumYnV+btbz+dn7Yey0q 3sXHYHjrpzlYz/zRKSUAtsHT6y+AFwQ4h4xT9s85XQZU2ZI5zW9QVap7y+oGx+memJ W8qBEMXW9Q/QIXIScZ4fpzpK3mSIuLLG/lfdpaDKGK8xlv7xZL9h/aViDiscBOY9f1 CH427zHZiG4zQ== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4cKsPV4cH5z4w9q; Mon, 8 Sep 2025 13:09:34 +1000 (AEST) Date: Mon, 8 Sep 2025 12:12:31 +1000 From: David Gibson To: Jon Maloy Subject: Re: [PATCH v5 01/10] netlink: add function to extract MAC addresses from NDP/ARP table Message-ID: References: <20250906021154.2760611-1-jmaloy@redhat.com> <20250906021154.2760611-2-jmaloy@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="iOyjdEAnWLAUksyE" Content-Disposition: inline In-Reply-To: <20250906021154.2760611-2-jmaloy@redhat.com> Message-ID-Hash: NTKFCDFG2N2HPERUSFUZAOPMNK7U7QAT X-Message-ID-Hash: NTKFCDFG2N2HPERUSFUZAOPMNK7U7QAT X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: sbrivio@redhat.com, dgibson@redhat.com, passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --iOyjdEAnWLAUksyE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Sep 05, 2025 at 10:11:45PM -0400, Jon Maloy wrote: > The solution to bug https://bugs.passt.top/show_bug.cgi?id=3D120 > requires the ability to translate from an IP address to its > corresponding MAC address in cases where those are present in > the ARP/NDP table. >=20 > We add this feature here. >=20 > Signed-off-by: Jon Maloy Reviewed-by: David Gibson > --- > v3: - Added an attribute contianing NDA_DST to sent message, so > that we let the kernel do the filtering of the IP address > and return only one entry. > - Added interface index to the call signature. Since the only > interface we know is the template interface, this limits > the number of hosts that will be seen as 'network segment > local' from a PASST viewpoint. > v4: - Made loop independent of attribute order. > - Ignoring L2 addresses which are not of size ETH_ALEN. > v5: - Changed return value of new function, so caller can know if > a MAC address really was found. > --- > netlink.c | 84 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ > netlink.h | 2 ++ > 2 files changed, 86 insertions(+) >=20 > diff --git a/netlink.c b/netlink.c > index 8f82e73..1ca2c9a 100644 > --- a/netlink.c > +++ b/netlink.c > @@ -800,6 +800,90 @@ int nl_addr_get(int s, unsigned int ifi, sa_family_t= af, > return status; > } > =20 > +/** > + * nl_neigh_mac_get() - Get neighbor MAC address from the kernel neigh t= able > + * @s: Netlink socket fd > + * @addr: IPv4 or IPv6 address > + * @ifi: Interface index > + * @mac: Buffer for Ethernet MAC, left unchanged if not found/usable > + * > + * Return: true if a valid address was found, false otherwise. > + */ > +bool nl_neigh_mac_get(int s, const union inany_addr *addr, > + int ifi, unsigned char *mac) > +{ > + const void *ip =3D inany_v4(addr); > + struct req_t { > + struct nlmsghdr nlh; > + struct ndmsg ndm; > + struct rtattr rta; > + char ip[RTA_ALIGN(sizeof(struct in6_addr))]; > + } req; > + struct nlmsghdr *nh; > + char buf[NLBUFSIZ]; > + bool found =3D false; > + ssize_t status; > + uint32_t seq; > + int msglen; > + int iplen; > + > + memset(&req, 0, sizeof(req)); > + req.ndm.ndm_ifindex =3D ifi; > + req.rta.rta_type =3D NDA_DST; > + > + if (ip) { > + req.ndm.ndm_family =3D AF_INET; > + iplen =3D sizeof(struct in_addr); > + } else { > + req.ndm.ndm_family =3D AF_INET6; > + ip =3D &addr; > + iplen =3D sizeof(struct in6_addr); > + } > + > + req.rta.rta_len =3D RTA_LENGTH(iplen); > + memcpy(RTA_DATA(&req.rta), ip, iplen); > + msglen =3D NLMSG_ALIGN(sizeof(req.nlh) + sizeof(req.ndm) + RTA_LENGTH(i= plen)); > + seq =3D nl_send(s, &req, RTM_GETNEIGH, 0, msglen); > + > + /* Drain all RTM_NEWNEIGH replies for this seq */ > + nl_foreach_oftype(nh, status, s, buf, seq, RTM_NEWNEIGH) { > + struct ndmsg *ndm =3D NLMSG_DATA(nh); > + struct rtattr *rta =3D (struct rtattr *)(ndm + 1); > + const uint8_t *lladdr =3D NULL; > + size_t na =3D RTM_PAYLOAD(nh); > + const void *dst =3D NULL; > + size_t lladdr_len =3D 0; > + size_t dstlen =3D 0; > + > + for (; RTA_OK(rta, na); rta =3D RTA_NEXT(rta, na)) { > + switch (rta->rta_type) { > + case NDA_DST: > + dst =3D RTA_DATA(rta); > + dstlen =3D RTA_PAYLOAD(rta); > + break; > + case NDA_LLADDR: > + lladdr =3D RTA_DATA(rta); > + lladdr_len =3D RTA_PAYLOAD(rta); > + break; > + default: > + break; > + } > + } > + > + if (dst && dstlen =3D=3D (size_t)iplen && memcmp(dst, ip, iplen) =3D= =3D 0) { > + /* Only copy Ethernet-style addresses; leave unchanged otherwise */ > + if (lladdr && lladdr_len =3D=3D ETH_ALEN) { > + memcpy(mac, lladdr, ETH_ALEN); > + found =3D true; > + } > + } > + } > + if (status < 0) > + warn("netlink: RTM_NEWNEIGH failed: %s", strerror_(-status)); > + > + return found; > +} > + > /** > * nl_addr_get_ll() - Get first IPv6 link-local address for a given inte= rface > * @s: Netlink socket > diff --git a/netlink.h b/netlink.h > index b51e99c..1dbe1db 100644 > --- a/netlink.h > +++ b/netlink.h > @@ -17,6 +17,8 @@ int nl_route_dup(int s_src, unsigned int ifi_src, > int s_dst, unsigned int ifi_dst, sa_family_t af); > int nl_addr_get(int s, unsigned int ifi, sa_family_t af, > void *addr, int *prefix_len, void *addr_l); > +bool nl_neigh_mac_get(int s, const union inany_addr *addr, int ifi, > + unsigned char *mac); > int nl_addr_set(int s, unsigned int ifi, sa_family_t af, > const void *addr, int prefix_len); > int nl_addr_get_ll(int s, unsigned int ifi, struct in6_addr *addr); > --=20 > 2.50.1 >=20 --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --iOyjdEAnWLAUksyE Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmi+O48ACgkQzQJF27ox 2GeLLQ//e0F7VuwiuSRXS+N/HxdLizD8kS5VWT/9QkwP2SgFM7yG6CY1d3ENSjB+ k0lxdyzsB0oekELXtlXdDMj2BPX/UsQszlHXsbXscg2GewsPFtOmPSPcfb8SA0Ls 4iLIpH97aYXtrHUaQbt2mByBRmcNKl9iLa6uXzxMJ/V3XuqLdQg9zqrQzs6/UWoR 6TpcoaD3jqEuxJsPNPxvBAwOphCEaiQkeZS8MPBRe/2zwoMxEqKwepB9lV1+SJ9p XZk7Fx/kIUnaWaay4s5jLh6jHF1bRBRYrqp/X4D9KyInHOdWt4cAzdL2z9GbnkuP +FasD9LwJ0+oouoa/1cpvIlEs7PT7jVBPsIM+1nGdjWexaR1TLX8UNz3AjZVo/c1 zccTovi+5AR4UcD9b+wjg6iguDuB3+AHpaCHoct7dAB8a7cumcMA8ekMuhTN5vOh ZE/5G8DA2GFEgDDwnVhFbsmGeZIjyGNZ09nZpZ71XZDSCzhnTdiwakj893M+RJiB JCMAcrspZYDUqQEVMD9K4gJ76i/lJ/AdAhIaXGrEZcOrv1CmGIWhz3sBoNyfe8mA 8bj6FqZe6R6uETgpUU9LDsWN1Kz8cFL9YjLorPmc1ojkK77w3r/RBnkyUAQnN2uk YlFs/L/uB1ly6nmrPty6cv+S7shKEVtVCs1nY0P9oYrMBhhevK0= =1u2k -----END PGP SIGNATURE----- --iOyjdEAnWLAUksyE--