passt: Relicense to GPL 2.0, or any later version
In practical terms, passt doesn't benefit from the additional
protection offered by the AGPL over the GPL, because it's not
suitable to be executed over a computer network.
Further, restricting the distribution under the version 3 of the GPL
wouldn't provide any practical advantage either, as long as the passt
codebase is concerned, and might cause unnecessary compatibility
dilemmas.
Change licensing terms to the GNU General Public License Version 2,
or any later version, with written permission from all current and
past contributors, namely: myself, David Gibson, Laine Stump, Andrea
Bolognani, Paul Holzinger, Richard W.M. Jones, Chris Kuhn, Florian
Weimer, Giuseppe Scrivano, Stefan Hajnoczi, and Vasiliy Ulyanov.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-05 20:11:44 +02:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-or-later
|
2021-10-19 12:43:28 +02:00
|
|
|
* Copyright (c) 2021 Red Hat GmbH
|
|
|
|
* Author: Stefano Brivio <sbrivio@redhat.com>
|
|
|
|
*/
|
|
|
|
|
2022-03-26 00:05:31 +01:00
|
|
|
#ifndef NETLINK_H
|
|
|
|
#define NETLINK_H
|
|
|
|
|
2023-08-03 17:19:44 +10:00
|
|
|
extern int nl_sock;
|
|
|
|
extern int nl_sock_ns;
|
|
|
|
|
conf: Bind inbound ports with CAP_NET_BIND_SERVICE before isolate_user()
Even if CAP_NET_BIND_SERVICE is granted, we'll lose the capability in
the target user namespace as we isolate the process, which means
we're unable to bind to low ports at that point.
Bind inbound ports, and only those, before isolate_user(). Keep the
handling of outbound ports (for pasta mode only) after the setup of
the namespace, because that's where we'll bind them.
To this end, initialise the netlink socket for the init namespace
before isolate_user() as well, as we actually need to know the
addresses of the upstream interface before binding ports, in case
they're not explicitly passed by the user.
As we now call nl_sock_init() twice, checking its return code from
conf() twice looks a bit heavy: make it exit(), instead, as we
can't do much if we don't have netlink sockets.
While at it:
- move the v4_only && v6_only options check just after the first
option processing loop, as this is more strictly related to
option parsing proper
- update the man page, explaining that CAP_NET_BIND_SERVICE is
*not* the preferred way to bind ports, because passt and pasta
can be abused to allow other processes to make effective usage
of it. Add a note about the recommended sysctl instead
- simplify nl_sock_init_do() now that it's called once for each
case
Reported-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2022-10-13 18:21:27 +02:00
|
|
|
void nl_sock_init(const struct ctx *c, bool ns);
|
2023-08-03 17:19:44 +10:00
|
|
|
unsigned int nl_get_ext_if(int s, sa_family_t af);
|
2023-08-03 17:19:55 +10:00
|
|
|
int nl_route_get_def(int s, unsigned int ifi, sa_family_t af, void *gw);
|
2023-08-03 17:19:53 +10:00
|
|
|
int nl_route_set_def(int s, unsigned int ifi, sa_family_t af, void *gw);
|
2023-08-03 17:19:56 +10:00
|
|
|
int nl_route_dup(int s_src, unsigned int ifi_src,
|
|
|
|
int s_dst, unsigned int ifi_dst, sa_family_t af);
|
2023-08-03 17:19:55 +10:00
|
|
|
int nl_addr_get(int s, unsigned int ifi, sa_family_t af,
|
|
|
|
void *addr, int *prefix_len, void *addr_l);
|
2023-08-03 17:19:53 +10:00
|
|
|
int nl_addr_set(int s, unsigned int ifi, sa_family_t af,
|
|
|
|
void *addr, int prefix_len);
|
2023-08-03 17:19:56 +10:00
|
|
|
int nl_addr_dup(int s_src, unsigned int ifi_src,
|
|
|
|
int s_dst, unsigned int ifi_dst, sa_family_t af);
|
2023-08-03 17:19:55 +10:00
|
|
|
int nl_link_get_mac(int s, unsigned int ifi, void *mac);
|
2023-08-03 17:19:53 +10:00
|
|
|
int nl_link_set_mac(int s, unsigned int ifi, void *mac);
|
|
|
|
int nl_link_up(int s, unsigned int ifi, int mtu);
|
2022-03-26 00:05:31 +01:00
|
|
|
|
|
|
|
#endif /* NETLINK_H */
|