Dispatch getsockname/sendto/recvfrom on netlink sockets#56
Open
chenhunghan wants to merge 2 commits into
Open
Conversation
Go's route package (vishvananda/netlink, used by the Kubernetes node-IP
detection path) talks to NETLINK_ROUTE via sendto(2)/recvfrom(2) and queries
the bound port id with getsockname(2). Only sendmsg/recvmsg/read were
dispatched to the netlink emulation, so these calls fell through to the host
socket fd and failed with ENOTSOCK ("netlinkrib: socket operation on
non-socket"), forcing callers onto a 127.0.0.1 fallback and breaking real
interface and SAN detection.
Add three netlink entry points and dispatch FD_NETLINK to them from
sys_getsockname/sys_sendto/sys_recvfrom:
- netlink_send: process a flat (non-msghdr) RTM_GET* request buffer.
- netlink_recv: drain whole buffered messages and write back sockaddr_nl.
- netlink_getsockname: report the bound or auto-assigned port id.
Also honor the RTM_GETLINK request filter: parse the ifinfomsg ifi_index and
an optional IFLA_IFNAME attribute and emit only the matching link, so
LinkByName/LinkByIndex see exactly one reply instead of erroring with "more
than one link found". The sendmsg and send paths share a single
nl_process_request dispatcher so both honor the filter.
Validated with make check and make test-matrix on Apple Silicon; the k0s
controller now detects the real host IP instead of the loopback fallback.
(cherry picked from commit 31d29d184be83d4700f21d156b76739893fe1412)
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Max042004
suggested changes
May 29, 2026
Collaborator
Max042004
left a comment
Max042004
left a comment
There was a problem hiding this comment.
make check not cover new three syscall. It is better to implements a simple test so that in future we can catch whether has regression for this.
make check did not exercise the getsockname/sendto/recvfrom paths that the netlink emulation now handles, so a regression reverting them to the host socket fd (ENOTSOCK) would pass unnoticed. Add tests/test-netlink.c and register it in the manifest. The test drives each dispatched syscall directly against a NETLINK_ROUTE socket: getsockname must report an AF_NETLINK address and a non-zero port id, a flat RTM_GETLINK dump request must be accepted by sendto, and recvfrom must drain at least one RTM_NEWLINK message with an AF_NETLINK source. It then runs glibc getifaddrs(), the end-to-end call from issue sysprog21#53 that originally failed with ENOTSOCK. Only implementation-independent netlink semantics are asserted, so the same static binary passes under a real kernel as well as the emulation. Validated with make check on Apple Silicon (9/9 checks pass); the same binary run against an elfuse built from main reproduces the bug with 7 ENOTSOCK failures, confirming the test catches the regression.
Max042004
suggested changes
May 30, 2026
| #include <unistd.h> | ||
|
|
||
| #include <sys/socket.h> | ||
| #include <net/if.h> |
Collaborator
There was a problem hiding this comment.
net/if.h not used. Can delete
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #53.
Dispatches
getsockname/sendto/recvfromto the AF_NETLINK emulation (they previously fell through to the host socket calls on the netlink pipe fd and returned ENOTSOCK), and makesRTM_GETLINKhonor theifi_index/IFLA_IFNAMErequest filter so a single-link lookup returns exactly one link. Full rationale in the commit message.Validation on Apple Silicon:
make elfuse,make check, andmake test-matrixpass; glibcgetifaddrs()now succeeds where it previously failed with ENOTSOCK (errno 88). (Hosted CI builds + lints only; the runtime tests require an HVF host, so those results are local.)Summary by cubic
Dispatches netlink getsockname/sendto/recvfrom and honors RTM_GETLINK name/index filters to return a single link when requested. Fixes ENOTSOCK fallthroughs and unblocks clients using flat send/recv and port ID via getsockname.
FD_NETLINKinsys_getsockname/sys_sendto/sys_recvfromtonetlink_getsockname/netlink_send/netlink_recv, fixing ENOTSOCK on host fds.ifi_indexandIFLA_IFNAMEinRTM_GETLINKand return only the matching link; share dispatch vianl_process_requestsosendmsgand flatsenduse the same filters.tests/test-netlink.cand register it intests/manifest.txtto exercise these paths and thegetifaddrs()flow.Written for commit f2704fa. Summary will update on new commits.