Skip to content

Commit 653ef6a

Browse files
Girish Moodalbaildavem330
Girish Moodalbail
authored and
davem330
committed
vxlan: change vxlan_[config_]validate() to use netlink_ext_ack for error reporting
The kernel log is not where users expect error messages for netlink requests; as we have extended acks now, we can replace pr_debug() with NL_SET_ERR_MSG_ATTR(). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> Signed-off-by: Girish Moodalbail <girish.moodalbail@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent cc8f1a3 commit 653ef6a

File tree

1 file changed

+73
-26
lines changed

1 file changed

+73
-26
lines changed

drivers/net/vxlan.c

Lines changed: 73 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -2729,40 +2729,51 @@ static int vxlan_validate(struct nlattr *tb[], struct nlattr *data[],
27292729
{
27302730
if (tb[IFLA_ADDRESS]) {
27312731
if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN) {
2732-
pr_debug("invalid link address (not ethernet)\n");
2732+
NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_ADDRESS],
2733+
"Provided link layer address is not Ethernet");
27332734
return -EINVAL;
27342735
}
27352736

27362737
if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS]))) {
2737-
pr_debug("invalid all zero ethernet address\n");
2738+
NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_ADDRESS],
2739+
"Provided Ethernet address is not unicast");
27382740
return -EADDRNOTAVAIL;
27392741
}
27402742
}
27412743

27422744
if (tb[IFLA_MTU]) {
27432745
u32 mtu = nla_get_u32(tb[IFLA_MTU]);
27442746

2745-
if (mtu < ETH_MIN_MTU || mtu > ETH_MAX_MTU)
2747+
if (mtu < ETH_MIN_MTU || mtu > ETH_MAX_MTU) {
2748+
NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_MTU],
2749+
"MTU must be between 68 and 65535");
27462750
return -EINVAL;
2751+
}
27472752
}
27482753

2749-
if (!data)
2754+
if (!data) {
2755+
NL_SET_ERR_MSG(extack,
2756+
"Required attributes not provided to perform the operation");
27502757
return -EINVAL;
2758+
}
27512759

27522760
if (data[IFLA_VXLAN_ID]) {
27532761
u32 id = nla_get_u32(data[IFLA_VXLAN_ID]);
27542762

2755-
if (id >= VXLAN_N_VID)
2763+
if (id >= VXLAN_N_VID) {
2764+
NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_VXLAN_ID],
2765+
"VXLAN ID must be lower than 16777216");
27562766
return -ERANGE;
2767+
}
27572768
}
27582769

27592770
if (data[IFLA_VXLAN_PORT_RANGE]) {
27602771
const struct ifla_vxlan_port_range *p
27612772
= nla_data(data[IFLA_VXLAN_PORT_RANGE]);
27622773

27632774
if (ntohs(p->high) < ntohs(p->low)) {
2764-
pr_debug("port range %u .. %u not valid\n",
2765-
ntohs(p->low), ntohs(p->high));
2775+
NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_VXLAN_PORT_RANGE],
2776+
"Invalid source port range");
27662777
return -EINVAL;
27672778
}
27682779
}
@@ -2919,7 +2930,8 @@ static int vxlan_sock_add(struct vxlan_dev *vxlan)
29192930

29202931
static int vxlan_config_validate(struct net *src_net, struct vxlan_config *conf,
29212932
struct net_device **lower,
2922-
struct vxlan_dev *old)
2933+
struct vxlan_dev *old,
2934+
struct netlink_ext_ack *extack)
29232935
{
29242936
struct vxlan_net *vn = net_generic(src_net, vxlan_net_id);
29252937
struct vxlan_dev *tmp;
@@ -2933,6 +2945,8 @@ static int vxlan_config_validate(struct net *src_net, struct vxlan_config *conf,
29332945
*/
29342946
if ((conf->flags & ~VXLAN_F_ALLOWED_GPE) ||
29352947
!(conf->flags & VXLAN_F_COLLECT_METADATA)) {
2948+
NL_SET_ERR_MSG(extack,
2949+
"VXLAN GPE does not support this combination of attributes");
29362950
return -EINVAL;
29372951
}
29382952
}
@@ -2947,15 +2961,23 @@ static int vxlan_config_validate(struct net *src_net, struct vxlan_config *conf,
29472961
conf->saddr.sa.sa_family = conf->remote_ip.sa.sa_family;
29482962
}
29492963

2950-
if (conf->saddr.sa.sa_family != conf->remote_ip.sa.sa_family)
2964+
if (conf->saddr.sa.sa_family != conf->remote_ip.sa.sa_family) {
2965+
NL_SET_ERR_MSG(extack,
2966+
"Local and remote address must be from the same family");
29512967
return -EINVAL;
2968+
}
29522969

2953-
if (vxlan_addr_multicast(&conf->saddr))
2970+
if (vxlan_addr_multicast(&conf->saddr)) {
2971+
NL_SET_ERR_MSG(extack, "Local address cannot be multicast");
29542972
return -EINVAL;
2973+
}
29552974

29562975
if (conf->saddr.sa.sa_family == AF_INET6) {
2957-
if (!IS_ENABLED(CONFIG_IPV6))
2976+
if (!IS_ENABLED(CONFIG_IPV6)) {
2977+
NL_SET_ERR_MSG(extack,
2978+
"IPv6 support not enabled in the kernel");
29582979
return -EPFNOSUPPORT;
2980+
}
29592981
use_ipv6 = true;
29602982
conf->flags |= VXLAN_F_IPV6;
29612983

@@ -2967,46 +2989,68 @@ static int vxlan_config_validate(struct net *src_net, struct vxlan_config *conf,
29672989

29682990
if (local_type & IPV6_ADDR_LINKLOCAL) {
29692991
if (!(remote_type & IPV6_ADDR_LINKLOCAL) &&
2970-
(remote_type != IPV6_ADDR_ANY))
2992+
(remote_type != IPV6_ADDR_ANY)) {
2993+
NL_SET_ERR_MSG(extack,
2994+
"Invalid combination of local and remote address scopes");
29712995
return -EINVAL;
2996+
}
29722997

29732998
conf->flags |= VXLAN_F_IPV6_LINKLOCAL;
29742999
} else {
29753000
if (remote_type ==
2976-
(IPV6_ADDR_UNICAST | IPV6_ADDR_LINKLOCAL))
3001+
(IPV6_ADDR_UNICAST | IPV6_ADDR_LINKLOCAL)) {
3002+
NL_SET_ERR_MSG(extack,
3003+
"Invalid combination of local and remote address scopes");
29773004
return -EINVAL;
3005+
}
29783006

29793007
conf->flags &= ~VXLAN_F_IPV6_LINKLOCAL;
29803008
}
29813009
}
29823010
}
29833011

2984-
if (conf->label && !use_ipv6)
3012+
if (conf->label && !use_ipv6) {
3013+
NL_SET_ERR_MSG(extack,
3014+
"Label attribute only applies to IPv6 VXLAN devices");
29853015
return -EINVAL;
3016+
}
29863017

29873018
if (conf->remote_ifindex) {
29883019
struct net_device *lowerdev;
29893020

29903021
lowerdev = __dev_get_by_index(src_net, conf->remote_ifindex);
2991-
if (!lowerdev)
3022+
if (!lowerdev) {
3023+
NL_SET_ERR_MSG(extack,
3024+
"Invalid local interface, device not found");
29923025
return -ENODEV;
3026+
}
29933027

29943028
#if IS_ENABLED(CONFIG_IPV6)
29953029
if (use_ipv6) {
29963030
struct inet6_dev *idev = __in6_dev_get(lowerdev);
2997-
if (idev && idev->cnf.disable_ipv6)
3031+
if (idev && idev->cnf.disable_ipv6) {
3032+
NL_SET_ERR_MSG(extack,
3033+
"IPv6 support disabled by administrator");
29983034
return -EPERM;
3035+
}
29993036
}
30003037
#endif
30013038

30023039
*lower = lowerdev;
30033040
} else {
3004-
if (vxlan_addr_multicast(&conf->remote_ip))
3041+
if (vxlan_addr_multicast(&conf->remote_ip)) {
3042+
NL_SET_ERR_MSG(extack,
3043+
"Local interface required for multicast remote destination");
3044+
30053045
return -EINVAL;
3046+
}
30063047

30073048
#if IS_ENABLED(CONFIG_IPV6)
3008-
if (conf->flags & VXLAN_F_IPV6_LINKLOCAL)
3049+
if (conf->flags & VXLAN_F_IPV6_LINKLOCAL) {
3050+
NL_SET_ERR_MSG(extack,
3051+
"Local interface required for link-local local/remote addresses");
30093052
return -EINVAL;
3053+
}
30103054
#endif
30113055

30123056
*lower = NULL;
@@ -3038,6 +3082,8 @@ static int vxlan_config_validate(struct net *src_net, struct vxlan_config *conf,
30383082
tmp->cfg.remote_ifindex != conf->remote_ifindex)
30393083
continue;
30403084

3085+
NL_SET_ERR_MSG(extack,
3086+
"A VXLAN device with the specified VNI already exists");
30413087
return -EEXIST;
30423088
}
30433089

@@ -3097,14 +3143,14 @@ static void vxlan_config_apply(struct net_device *dev,
30973143
}
30983144

30993145
static int vxlan_dev_configure(struct net *src_net, struct net_device *dev,
3100-
struct vxlan_config *conf,
3101-
bool changelink)
3146+
struct vxlan_config *conf, bool changelink,
3147+
struct netlink_ext_ack *extack)
31023148
{
31033149
struct vxlan_dev *vxlan = netdev_priv(dev);
31043150
struct net_device *lowerdev;
31053151
int ret;
31063152

3107-
ret = vxlan_config_validate(src_net, conf, &lowerdev, vxlan);
3153+
ret = vxlan_config_validate(src_net, conf, &lowerdev, vxlan, extack);
31083154
if (ret)
31093155
return ret;
31103156

@@ -3114,13 +3160,14 @@ static int vxlan_dev_configure(struct net *src_net, struct net_device *dev,
31143160
}
31153161

31163162
static int __vxlan_dev_create(struct net *net, struct net_device *dev,
3117-
struct vxlan_config *conf)
3163+
struct vxlan_config *conf,
3164+
struct netlink_ext_ack *extack)
31183165
{
31193166
struct vxlan_net *vn = net_generic(net, vxlan_net_id);
31203167
struct vxlan_dev *vxlan = netdev_priv(dev);
31213168
int err;
31223169

3123-
err = vxlan_dev_configure(net, dev, conf, false);
3170+
err = vxlan_dev_configure(net, dev, conf, false, extack);
31243171
if (err)
31253172
return err;
31263173

@@ -3366,7 +3413,7 @@ static int vxlan_newlink(struct net *src_net, struct net_device *dev,
33663413
if (err)
33673414
return err;
33683415

3369-
return __vxlan_dev_create(src_net, dev, &conf);
3416+
return __vxlan_dev_create(src_net, dev, &conf, extack);
33703417
}
33713418

33723419
static int vxlan_changelink(struct net_device *dev, struct nlattr *tb[],
@@ -3386,7 +3433,7 @@ static int vxlan_changelink(struct net_device *dev, struct nlattr *tb[],
33863433

33873434
memcpy(&old_dst, dst, sizeof(struct vxlan_rdst));
33883435

3389-
err = vxlan_dev_configure(vxlan->net, dev, &conf, true);
3436+
err = vxlan_dev_configure(vxlan->net, dev, &conf, true, extack);
33903437
if (err)
33913438
return err;
33923439

@@ -3592,7 +3639,7 @@ struct net_device *vxlan_dev_create(struct net *net, const char *name,
35923639
if (IS_ERR(dev))
35933640
return dev;
35943641

3595-
err = __vxlan_dev_create(net, dev, conf);
3642+
err = __vxlan_dev_create(net, dev, conf, NULL);
35963643
if (err < 0) {
35973644
free_netdev(dev);
35983645
return ERR_PTR(err);

0 commit comments

Comments
 (0)