From c6b647205d5cd56f24f6e4189d607dd0e80f3960 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Mon, 8 Oct 2018 21:08:10 +0200
Subject: [PATCH] netns_ifaddrs: check for NETLINK_DUMP_STRICT_CHK

Make use of the new socket option, NETLINK_DUMP_STRICT_CHK, that
userspace can use via setsockopt to request strict checking of headers
and attributes on dump requests.

To get dump features such as kernel side filtering based on data in
the header or attributes appended to the dump request, userspace
must call setsockopt() for NETLINK_DUMP_STRICT_CHK and a non-zero
value. This is necessary to make use of the IFA_TARGET_NETNSID property.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/include/netns_ifaddrs.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/include/netns_ifaddrs.c b/src/include/netns_ifaddrs.c
index cc672a7fd..fc0ffc167 100644
--- a/src/include/netns_ifaddrs.c
+++ b/src/include/netns_ifaddrs.c
@@ -477,6 +477,14 @@ static int __rtnl_enumerate(int link_af, int addr_af, __s32 netns_id,
 	if (fd < 0)
 		return -1;
 
+	r = setsockopt(fd, SOL_NETLINK, NETLINK_DUMP_STRICT_CHK, &(int){1},
+		       sizeof(int));
+	if (r < 0 && netns_id >= 0) {
+		close(fd);
+		*netnsid_aware = false;
+		return -1;
+	}
+
 	r = __ifaddrs_netlink_recv(fd, 1, RTM_GETLINK, link_af, netns_id,
 				   &getlink_netnsid_aware, cb, ctx);
 	if (!r)