ip bridge: Set NETLINK_GET_STRICT_CHK on socket

iproute2 has been updated for the new strict policy in the kernel. Add a
helper to call setsockopt to enable the feature. Add a call to ip.c and
bridge.c

The setsockopt fails on older kernels and the error can be safely ignored
- any new fields or attributes are ignored by the older kernel.

Signed-off-by: David Ahern <dsahern@gmail.com>

bridge/bridge.c

@@ -97,6 +97,8 @@ static int batch(const char *name)
 		return EXIT_FAILURE;
 	}
 
+	rtnl_set_strict_dump(&rth);
+
 	cmdlineno = 0;
 	while (getcmdline(&line, &len, stdin) != -1) {
 		char *largv[100];
@@ -205,6 +207,8 @@ main(int argc, char **argv)
 	if (rtnl_open(&rth, 0) < 0)
 		exit(1);
 
+	rtnl_set_strict_dump(&rth);
+
 	if (argc > 1)
 		return do_cmd(argv[1], argc-1, argv+1);
 

include/libnetlink.h

@@ -46,6 +46,7 @@ int rtnl_open_byproto(struct rtnl_handle *rth, unsigned int subscriptions,
 	__attribute__((warn_unused_result));
 
 void rtnl_close(struct rtnl_handle *rth);
+void rtnl_set_strict_dump(struct rtnl_handle *rth);
 
 typedef int (*req_filter_fn_t)(struct nlmsghdr *nlh, int reqlen);
 

ip/ip.c

@@ -308,6 +308,8 @@ int main(int argc, char **argv)
 	if (rtnl_open(&rth, 0) < 0)
 		exit(1);
 
+	rtnl_set_strict_dump(&rth);
+
 	if (strlen(basename) > 2)
 		return do_cmd(basename+2, argc, argv);
 

lib/libnetlink.c

@@ -161,6 +161,15 @@ static int nl_dump_ext_ack_done(const struct nlmsghdr *nlh, int error)
 }
 #endif
 
+/* Older kernels may not support strict dump and filtering */
+void rtnl_set_strict_dump(struct rtnl_handle *rth)
+{
+	int one = 1;
+
+	setsockopt(rth->fd, SOL_NETLINK, NETLINK_GET_STRICT_CHK,
+		   &one, sizeof(one));
+}
+
 void rtnl_close(struct rtnl_handle *rth)
 {
 	if (rth->fd >= 0) {