packages/iproute
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

backport upstream patches

Browse Source
This commit is contained in:
gaoxingwang 2023-12-26 10:02:03 +08:00
parent cc4d42f870
commit 500856e80d
23 changed files with 1608 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

337
backport-Revert-bpf-replace-snprintf-with-asprintf-when-dealing-with-long-buffers.patch Normal file
View File

@ -0,0 +1,337 @@
From 358abfe004a30bf3ed353c7f5dbc6afaf4212ecf Mon Sep 17 00:00:00 2001
From: Andrea Claudi <aclaudi@redhat.com>
Date: Tue, 26 May 2020 18:04:10 +0200
Subject: Revert "bpf: replace snprintf with asprintf when dealing with long
buffers"
This reverts commit c0325b06382cb4f7ebfaf80c29c8800d74666fd9.
It introduces a segfault in bpf_make_custom_path() when custom pinning is used.
This happens because asprintf allocates exactly the space needed to hold a
string in the buffer passed as its first argument, but if this buffer is later
used in strcat() or similar we have a buffer overrun.
As the aim of commit c0325b06382c is simply to fix a compiler warning, it
seems safe and reasonable to revert it.
Fixes: c0325b06382c ("bpf: replace snprintf with asprintf when dealing with long buffers")
Reported-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=358abfe004a30bf3ed353c7f5dbc6afaf4212ecf
---
lib/bpf.c | 155 ++++++++++++++++----------------------------------------------
1 file changed, 39 insertions(+), 116 deletions(-)
diff --git a/lib/bpf.c b/lib/bpf.c
index 10cf9bf44..23cb0d96a 100644
--- a/lib/bpf.c
+++ b/lib/bpf.c
@@ -406,21 +406,13 @@ static int bpf_derive_elf_map_from_fdinfo(int fd, struct bpf_elf_map *map,
struct bpf_map_ext *ext)
{
unsigned int val, owner_type = 0, owner_jited = 0;
- char *file = NULL;
- char buff[4096];
+ char file[PATH_MAX], buff[4096];
FILE *fp;
- int ret;
- ret = asprintf(&file, "/proc/%d/fdinfo/%d", getpid(), fd);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- free(file);
- return ret;
- }
+ snprintf(file, sizeof(file), "/proc/%d/fdinfo/%d", getpid(), fd);
memset(map, 0, sizeof(*map));
fp = fopen(file, "r");
- free(file);
if (!fp) {
fprintf(stderr, "No procfs support?!\n");
return -EIO;
@@ -608,9 +600,8 @@ int bpf_trace_pipe(void)
0,
};
int fd_in, fd_out = STDERR_FILENO;
- char *tpipe = NULL;
+ char tpipe[PATH_MAX];
const char *mnt;
- int ret;
mnt = bpf_find_mntpt("tracefs", TRACEFS_MAGIC, tracefs_mnt,
sizeof(tracefs_mnt), tracefs_known_mnts);
@@ -619,15 +610,9 @@ int bpf_trace_pipe(void)
return -1;
}
- ret = asprintf(&tpipe, "%s/trace_pipe", mnt);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- free(tpipe);
- return ret;
- }
+ snprintf(tpipe, sizeof(tpipe), "%s/trace_pipe", mnt);
fd_in = open(tpipe, O_RDONLY);
- free(tpipe);
if (fd_in < 0)
return -1;
@@ -648,50 +633,37 @@ int bpf_trace_pipe(void)
static int bpf_gen_global(const char *bpf_sub_dir)
{
- char *bpf_glo_dir = NULL;
+ char bpf_glo_dir[PATH_MAX];
int ret;
- ret = asprintf(&bpf_glo_dir, "%s/%s/", bpf_sub_dir, BPF_DIR_GLOBALS);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- goto out;
- }
+ snprintf(bpf_glo_dir, sizeof(bpf_glo_dir), "%s/%s/",
+ bpf_sub_dir, BPF_DIR_GLOBALS);
ret = mkdir(bpf_glo_dir, S_IRWXU);
if (ret && errno != EEXIST) {
fprintf(stderr, "mkdir %s failed: %s\n", bpf_glo_dir,
strerror(errno));
- goto out;
+ return ret;
}
- ret = 0;
-out:
- free(bpf_glo_dir);
- return ret;
+ return 0;
}
static int bpf_gen_master(const char *base, const char *name)
{
- char *bpf_sub_dir = NULL;
+ char bpf_sub_dir[PATH_MAX + NAME_MAX + 1];
int ret;
- ret = asprintf(&bpf_sub_dir, "%s%s/", base, name);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- goto out;
- }
+ snprintf(bpf_sub_dir, sizeof(bpf_sub_dir), "%s%s/", base, name);
ret = mkdir(bpf_sub_dir, S_IRWXU);
if (ret && errno != EEXIST) {
fprintf(stderr, "mkdir %s failed: %s\n", bpf_sub_dir,
strerror(errno));
- goto out;
+ return ret;
}
- ret = bpf_gen_global(bpf_sub_dir);
-out:
- free(bpf_sub_dir);
- return ret;
+ return bpf_gen_global(bpf_sub_dir);
}
static int bpf_slave_via_bind_mnt(const char *full_name,
@@ -720,22 +692,13 @@ static int bpf_slave_via_bind_mnt(const char *full_name,
static int bpf_gen_slave(const char *base, const char *name,
const char *link)
{
- char *bpf_lnk_dir = NULL;
- char *bpf_sub_dir = NULL;
+ char bpf_lnk_dir[PATH_MAX + NAME_MAX + 1];
+ char bpf_sub_dir[PATH_MAX + NAME_MAX];
struct stat sb = {};
int ret;
- ret = asprintf(&bpf_lnk_dir, "%s%s/", base, link);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- goto out;
- }
-
- ret = asprintf(&bpf_sub_dir, "%s%s", base, name);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- goto out;
- }
+ snprintf(bpf_lnk_dir, sizeof(bpf_lnk_dir), "%s%s/", base, link);
+ snprintf(bpf_sub_dir, sizeof(bpf_sub_dir), "%s%s", base, name);
ret = symlink(bpf_lnk_dir, bpf_sub_dir);
if (ret) {
@@ -743,30 +706,25 @@ static int bpf_gen_slave(const char *base, const char *name,
if (errno != EPERM) {
fprintf(stderr, "symlink %s failed: %s\n",
bpf_sub_dir, strerror(errno));
- goto out;
+ return ret;
}
- ret = bpf_slave_via_bind_mnt(bpf_sub_dir, bpf_lnk_dir);
- goto out;
+ return bpf_slave_via_bind_mnt(bpf_sub_dir,
+ bpf_lnk_dir);
}
ret = lstat(bpf_sub_dir, &sb);
if (ret) {
fprintf(stderr, "lstat %s failed: %s\n",
bpf_sub_dir, strerror(errno));
- goto out;
+ return ret;
}
- if ((sb.st_mode & S_IFMT) != S_IFLNK) {
- ret = bpf_gen_global(bpf_sub_dir);
- goto out;
- }
+ if ((sb.st_mode & S_IFMT) != S_IFLNK)
+ return bpf_gen_global(bpf_sub_dir);
}
-out:
- free(bpf_lnk_dir);
- free(bpf_sub_dir);
- return ret;
+ return 0;
}
static int bpf_gen_hierarchy(const char *base)
@@ -784,7 +742,7 @@ static int bpf_gen_hierarchy(const char *base)
static const char *bpf_get_work_dir(enum bpf_prog_type type)
{
static char bpf_tmp[PATH_MAX] = BPF_DIR_MNT;
- static char *bpf_wrk_dir;
+ static char bpf_wrk_dir[PATH_MAX];
static const char *mnt;
static bool bpf_mnt_cached;
const char *mnt_env = getenv(BPF_ENV_MNT);
@@ -823,12 +781,7 @@ static const char *bpf_get_work_dir(enum bpf_prog_type type)
}
}
- ret = asprintf(&bpf_wrk_dir, "%s/", mnt);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- free(bpf_wrk_dir);
- goto out;
- }
+ snprintf(bpf_wrk_dir, sizeof(bpf_wrk_dir), "%s/", mnt);
ret = bpf_gen_hierarchy(bpf_wrk_dir);
if (ret) {
@@ -1485,48 +1438,31 @@ static int bpf_probe_pinned(const char *name, const struct bpf_elf_ctx *ctx,
static int bpf_make_obj_path(const struct bpf_elf_ctx *ctx)
{
- char *tmp = NULL;
+ char tmp[PATH_MAX];
int ret;
- ret = asprintf(&tmp, "%s/%s", bpf_get_work_dir(ctx->type), ctx->obj_uid);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- goto out;
- }
+ snprintf(tmp, sizeof(tmp), "%s/%s", bpf_get_work_dir(ctx->type),
+ ctx->obj_uid);
ret = mkdir(tmp, S_IRWXU);
if (ret && errno != EEXIST) {
fprintf(stderr, "mkdir %s failed: %s\n", tmp, strerror(errno));
- goto out;
+ return ret;
}
- ret = 0;
-out:
- free(tmp);
- return ret;
+ return 0;
}
static int bpf_make_custom_path(const struct bpf_elf_ctx *ctx,
const char *todo)
{
- char *tmp = NULL;
- char *rem = NULL;
- char *sub;
+ char tmp[PATH_MAX], rem[PATH_MAX], *sub;
int ret;
- ret = asprintf(&tmp, "%s/../", bpf_get_work_dir(ctx->type));
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- goto out;
- }
-
- ret = asprintf(&rem, "%s/", todo);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- goto out;
- }
-
+ snprintf(tmp, sizeof(tmp), "%s/../", bpf_get_work_dir(ctx->type));
+ snprintf(rem, sizeof(rem), "%s/", todo);
sub = strtok(rem, "/");
+
while (sub) {
if (strlen(tmp) + strlen(sub) + 2 > PATH_MAX)
return -EINVAL;
@@ -1538,17 +1474,13 @@ static int bpf_make_custom_path(const struct bpf_elf_ctx *ctx,
if (ret && errno != EEXIST) {
fprintf(stderr, "mkdir %s failed: %s\n", tmp,
strerror(errno));
- goto out;
+ return ret;
}
sub = strtok(NULL, "/");
}
- ret = 0;
-out:
- free(rem);
- free(tmp);
- return ret;
+ return 0;
}
static int bpf_place_pinned(int fd, const char *name,
@@ -2655,23 +2587,14 @@ struct bpf_jited_aux {
static int bpf_derive_prog_from_fdinfo(int fd, struct bpf_prog_data *prog)
{
- char *file = NULL;
- char buff[4096];
+ char file[PATH_MAX], buff[4096];
unsigned int val;
FILE *fp;
- int ret;
-
- ret = asprintf(&file, "/proc/%d/fdinfo/%d", getpid(), fd);
- if (ret < 0) {
- fprintf(stderr, "asprintf failed: %s\n", strerror(errno));
- free(file);
- return ret;
- }
+ snprintf(file, sizeof(file), "/proc/%d/fdinfo/%d", getpid(), fd);
memset(prog, 0, sizeof(*prog));
fp = fopen(file, "r");
- free(file);
if (!fp) {
fprintf(stderr, "No procfs support?!\n");
return -EIO;
--
cgit 1.2.3-korg

43
backport-addr-Fix-noprefixroute-and-autojoin-for-IPv4.patch Normal file
View File

@ -0,0 +1,43 @@
From be1bea843234878a936fdf854e511053d528bf75 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen@networkplumber.org>
Date: Tue, 6 Oct 2020 15:15:56 -0700
Subject: addr: Fix noprefixroute and autojoin for IPv4
These were reported as IPv6-only and ignored:
# ip address add 192.0.2.2/24 dev dummy5 noprefixroute
Warning: noprefixroute option can be set only for IPv6 addresses
# ip address add 224.1.1.10/24 dev dummy5 autojoin
Warning: autojoin option can be set only for IPv6 addresses
This enables them back for IPv4.
Fixes: 9d59c86e575b5 ("iproute2: ip addr: Organize flag properties structurally")
Signed-off-by: Adel Belhouane <bugs.a.b@free.fr>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=be1bea843234878a936fdf854e511053d528bf75
---
ip/ipaddress.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ip/ipaddress.c b/ip/ipaddress.c
index ccf67d1dd..2b4cb48a4 100644
--- a/ip/ipaddress.c
+++ b/ip/ipaddress.c
@@ -1249,8 +1249,8 @@ static const struct ifa_flag_data_t {
{ .name = "tentative", .mask = IFA_F_TENTATIVE, .readonly = true, .v6only = true},
{ .name = "permanent", .mask = IFA_F_PERMANENT, .readonly = true, .v6only = true},
{ .name = "mngtmpaddr", .mask = IFA_F_MANAGETEMPADDR, .readonly = false, .v6only = true},
- { .name = "noprefixroute", .mask = IFA_F_NOPREFIXROUTE, .readonly = false, .v6only = true},
- { .name = "autojoin", .mask = IFA_F_MCAUTOJOIN, .readonly = false, .v6only = true},
+ { .name = "noprefixroute", .mask = IFA_F_NOPREFIXROUTE, .readonly = false, .v6only = false},
+ { .name = "autojoin", .mask = IFA_F_MCAUTOJOIN, .readonly = false, .v6only = false},
{ .name = "stable-privacy", .mask = IFA_F_STABLE_PRIVACY, .readonly = true, .v6only = true},
};
--
cgit 1.2.3-korg

29
backport-bridge-report-correct-version.patch Normal file
View File

@ -0,0 +1,29 @@
From 7a49ff9d7906858ec75b69e9ad05af2bfd9cab4d Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen@networkplumber.org>
Date: Sun, 15 Nov 2020 08:58:52 -0800
Subject: bridge: report correct version
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict: printf("bridge utility, 5.10.0\n");
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=7a49ff9d7906858ec75b69e9ad05af2bfd9cab4d
---
bridge/bridge.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bridge/bridge.c b/bridge/bridge.c
index 453d68973..1f1c907bb 100644
--- a/bridge/bridge.c
+++ b/bridge/bridge.c
@@ -141,7 +141,7 @@ main(int argc, char **argv)
if (matches(opt, "-help") == 0) {
usage();
} else if (matches(opt, "-Version") == 0) {
- printf("bridge utility, 0.0\n");
+ printf("bridge utility, 5.10.0\n");
exit(0);
} else if (matches(opt, "-stats") == 0 ||
matches(opt, "-statistics") == 0) {
--
cgit 1.2.3-korg

92
backport-devlink-fix-infinite-loop-on-flash-update-for-drivers-without-status.patch Normal file
View File

@ -0,0 +1,92 @@
From 954a0077c83b7981271809391ac0712d24a48314 Mon Sep 17 00:00:00 2001
From: Jacob Keller <jacob.e.keller@intel.com>
Date: Thu, 5 Aug 2021 16:44:59 -0700
Subject: devlink: fix infinite loop on flash update for drivers without status
When processing device flash update, cmd_dev_flash function waits until
the flash process has completed. This requires the following two
conditions to both be true:
a) we've received an exit status from the child process
b) we've received the DEVLINK_CMD_FLASH_UPDATE_END *or*
we haven't received any status notifications from the driver.
The original devlink flash status monitoring code in 9b13cddfe268
("devlink: implement flash status monitoring") was written assuming that
a driver will either send no status updates, or it will send at least
one DEVLINK_CMD_FLASH_UPDATE_STATUS before DEVLINK_CMD_FLASH_UPDATE_END.
Newer versions of the kernel since commit 52cc5f3a166a ("devlink: move flash
end and begin to core devlink") in v5.10 moved handling of the
DEVLINK_CMD_FLASH_UPDATE_END into the core stack, and will send this
regardless of whether or not the driver sends any of its own status
notifications.
The handling of DEVLINK_CMD_FLASH_UPDATE_END in cmd_dev_flash_status_cb
has an additional condition that it must not be the first message.
Otherwise, it falls back to treating it like
a DEVLINK_CMD_FLASH_UPDATE_STATUS.
This is wrong because it can lead to an infinite loop if a driver does
not send any status updates.
In this case, the kernel will send DEVLINK_CMD_FLASH_UPDATE_END without
any DEVLINK_CMD_FLASH_UPDATE_STATUS. The devlink application will see
that ctx->not_first is false, and will treat this like any other status
message. Thus, ctx->not_first will be set to 1.
The loop condition to exit flash update will thus never be true, since
we will wait forever, because ctx->not_first is true, and
ctx->received_end is false.
This leads to the application appearing to process the flash update, but
it will never exit.
Fix this by simply always treating DEVLINK_CMD_FLASH_UPDATE_END the same
regardless of whether its the first message or not.
This is obviously the correct thing to do: once we've received the
DEVLINK_CMD_FLASH_UPDATE_END the flash update must be finished. For new
kernels this is always true, because we send this message in the core
stack after the driver flash update routine finishes.
For older kernels, some drivers may not have sent any
DEVLINK_CMD_FLASH_UPDATE_STATUS or DEVLINK_CMD_FLASH_UPDATE_END. This is
handled by the while loop conditional that exits if we get a return
value from the child process without having received any status
notifications.
An argument could be made that we should exit immediately when we get
either the DEVLINK_CMD_FLASH_UPDATE_END or an exit code from the child
process. However, at a minimum it makes no sense to ever process
DEVLINK_CMD_FLASH_UPDATE_END as if it were a DEVLINK_CMD_FLASH_UPDATE_STATUS.
This is easy to test as it is triggered by the selftests for the
netdevsim driver, which has a test case for both with and without status
notifications.
Fixes: 9b13cddfe268 ("devlink: implement flash status monitoring")
Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=954a0077c83b7981271809391ac0712d24a48314
---
devlink/devlink.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/devlink/devlink.c b/devlink/devlink.c
index b294fcd8f..9d3acc188 100644
--- a/devlink/devlink.c
+++ b/devlink/devlink.c
@@ -3700,7 +3700,7 @@ static int cmd_dev_flash_status_cb(const struct nlmsghdr *nlh, void *data)
strcmp(dev_name, opts->dev_name))
return MNL_CB_ERROR;
- if (genl->cmd == DEVLINK_CMD_FLASH_UPDATE_END && ctx->not_first) {
+ if (genl->cmd == DEVLINK_CMD_FLASH_UPDATE_END) {
pr_out("\n");
free(ctx->last_msg);
free(ctx->last_component);
--
cgit 1.2.3-korg

63
backport-devlink-fix-memory-leak-in-cmd_dev_flash.patch Normal file
View File

@ -0,0 +1,63 @@
From ec1346acbe9e5f0fe16242fc61b85d81f84ee592 Mon Sep 17 00:00:00 2001
From: Andrea Claudi <aclaudi@redhat.com>
Date: Fri, 11 Dec 2020 19:53:02 +0100
Subject: devlink: fix memory leak in cmd_dev_flash()
nlg_ntf is dinamically allocated in mnlg_socket_open(), and is freed on
the out: return path. However, some error paths do not free it,
resulting in memory leak.
This commit fix this using mnlg_socket_close(), and reporting the
correct error number when required.
Fixes: 9b13cddfe268 ("devlink: implement flash status monitoring")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=ec1346acbe9e5f0fe16242fc61b85d81f84ee592
---
devlink/devlink.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/devlink/devlink.c b/devlink/devlink.c
index ca99732ef..43549965c 100644
--- a/devlink/devlink.c
+++ b/devlink/devlink.c
@@ -3371,19 +3371,21 @@ static int cmd_dev_flash(struct dl *dl)
err = _mnlg_socket_group_add(nlg_ntf, DEVLINK_GENL_MCGRP_CONFIG_NAME);
if (err)
- return err;
+ goto err_socket;
err = pipe(pipe_fds);
- if (err == -1)
- return -errno;
+ if (err == -1) {
+ err = -errno;
+ goto err_socket;
+ }
pipe_r = pipe_fds[0];
pipe_w = pipe_fds[1];
pid = fork();
if (pid == -1) {
- close(pipe_r);
close(pipe_w);
- return -errno;
+ err = -errno;
+ goto out;
} else if (!pid) {
/* In child, just execute the flash and pass returned
* value through pipe once it is done.
@@ -3412,6 +3414,7 @@ static int cmd_dev_flash(struct dl *dl)
err = _mnlg_socket_recv_run(dl->nlg, NULL, NULL);
out:
close(pipe_r);
+err_socket:
mnlg_socket_close(nlg_ntf);
return err;
}
--
cgit 1.2.3-korg

60
backport-ipmonitor-Fix-recvmsg-with-ancillary-data.patch Normal file
View File

@ -0,0 +1,60 @@
From f760bff328316244b510986cf0ed7ee1c3c689ef Mon Sep 17 00:00:00 2001
From: Lahav Schlesinger <lschlesinger@drivenets.com>
Date: Thu, 15 Jul 2021 17:38:56 +0300
Subject: ipmonitor: Fix recvmsg with ancillary data
A successful call to recvmsg() causes msg.msg_controllen to contain the length
of the received ancillary data. However, the current code in the 'ip' utility
doesn't reset this value after each recvmsg().
This means that if a call to recvmsg() doesn't have ancillary data, then
'msg.msg_controllen' will be set to 0, causing future recvmsg() which do
contain ancillary data to get MSG_CTRUNC set in msg.msg_flags.
This fixes 'ip monitor' running with the all-nsid option - With this option the
kernel passes the nsid as ancillary data. If while 'ip monitor' is running an
even on the current netns is received, then no ancillary data will be sent,
causing 'msg.msg_controllen' to be set to 0, which causes 'ip monitor' to
indefinitely print "[nsid current]" instead of the real nsid.
Fixes: 449b824ad196 ("ipmonitor: allows to monitor in several netns")
Cc: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Lahav Schlesinger <lschlesinger@drivenets.com>
Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=f760bff328316244b510986cf0ed7ee1c3c689ef
---
lib/libnetlink.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/lib/libnetlink.c b/lib/libnetlink.c
index 6836c21c9..7e977a676 100644
--- a/lib/libnetlink.c
+++ b/lib/libnetlink.c
@@ -1175,16 +1175,16 @@ int rtnl_listen(struct rtnl_handle *rtnl,
char buf[16384];
char cmsgbuf[BUFSIZ];
- if (rtnl->flags & RTNL_HANDLE_F_LISTEN_ALL_NSID) {
- msg.msg_control = &cmsgbuf;
- msg.msg_controllen = sizeof(cmsgbuf);
- }
-
iov.iov_base = buf;
while (1) {
struct rtnl_ctrl_data ctrl;
struct cmsghdr *cmsg;
+ if (rtnl->flags & RTNL_HANDLE_F_LISTEN_ALL_NSID) {
+ msg.msg_control = &cmsgbuf;
+ msg.msg_controllen = sizeof(cmsgbuf);
+ }
+
iov.iov_len = sizeof(buf);
status = recvmsg(rtnl->fd, &msg, 0);
--
cgit 1.2.3-korg

58
backport-iproute2-fix-MPLS-label-parsing.patch Normal file
View File

@ -0,0 +1,58 @@
From 72cc0bafb9f8af217283f7757397242cb7ca8b2d Mon Sep 17 00:00:00 2001
From: Guillaume Nault <gnault@redhat.com>
Date: Wed, 11 Mar 2020 16:16:36 +0100
Subject: iproute2: fix MPLS label parsing
The initial value of "label" in parse_mpls() is 0xffffffff. Therefore
we should test for this value, and not 0, to detect if a label has been
provided. The "!label" test not only fails to detect a missing label
parameter, it also prevents the use of the IPv4 explicit NULL label,
which actually equals 0.
Reproducer:
$ ip link add name dm0 type dummy
$ tc qdisc add dev dm0 ingress
$ tc filter add dev dm0 parent ffff: matchall action mpls push
Error: act_mpls: Label is required for MPLS push.
We have an error talking to the kernel
--> Filter was pushed to the kernel, where it got rejected.
$ tc filter add dev dm0 parent ffff: matchall action mpls push label 0
Error: argument "label" is required
--> Label 0 was rejected by iproute2.
Expected result:
$ tc filter add dev dm0 parent ffff: matchall action mpls push
Error: argument "label" is required
--> Filter was directly rejected by iproute2.
$ tc filter add dev dm0 parent ffff: matchall action mpls push label 0
--> Filter is accepted.
Signed-off-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=72cc0bafb9f8af217283f7757397242cb7ca8b2d
---
tc/m_mpls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/m_mpls.c b/tc/m_mpls.c
index 6f3a39f43..50eba01cb 100644
--- a/tc/m_mpls.c
+++ b/tc/m_mpls.c
@@ -156,7 +156,7 @@ static int parse_mpls(struct action_util *a, int *argc_p, char ***argv_p,
}
}
- if (action == TCA_MPLS_ACT_PUSH && !label)
+ if (action == TCA_MPLS_ACT_PUSH && label == 0xffffffff)
missarg("label");
if (action == TCA_MPLS_ACT_PUSH && proto &&
--
cgit 1.2.3-korg

194
backport-iproute2-ip-addr-Organize-flag-properties-structurally.patch Normal file
View File

@ -0,0 +1,194 @@
From 9d59c86e575b5373d73f021f569ae520bc229ec5 Mon Sep 17 00:00:00 2001
From: "Ian K. Coolidge" <icoolidge@google.com>
Date: Wed, 27 May 2020 11:03:45 -0700
Subject: iproute2: ip addr: Organize flag properties structurally
This creates a nice systematic way to check that the various flags are
mutable from userspace and that the address family is valid.
Mutability properties are preserved to avoid introducing any behavioral
change in this CL. However, previously, immutable flags were ignored and
fell through to this confusing error:
Error: either "local" is duplicate, or "dadfailed" is a garbage.
But now, they just warn more explicitly:
Warning: dadfailed option is not mutable from userspace
Signed-off-by: David Ahern <dsahern@gmail.com>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=9d59c86e575b5373d73f021f569ae520bc229ec5
---
ip/ipaddress.c | 112 ++++++++++++++++++++++++++++-----------------------------
1 file changed, 55 insertions(+), 57 deletions(-)
diff --git a/ip/ipaddress.c b/ip/ipaddress.c
index 80d27ce27..403f70109 100644
--- a/ip/ipaddress.c
+++ b/ip/ipaddress.c
@@ -1233,52 +1233,63 @@ static unsigned int get_ifa_flags(struct ifaddrmsg *ifa,
ifa->ifa_flags;
}
-/* Mapping from argument to address flag mask */
-static const struct {
+/* Mapping from argument to address flag mask and attributes */
+static const struct ifa_flag_data_t {
const char *name;
- unsigned long value;
-} ifa_flag_names[] = {
- { "secondary", IFA_F_SECONDARY },
- { "temporary", IFA_F_SECONDARY },
- { "nodad", IFA_F_NODAD },
- { "optimistic", IFA_F_OPTIMISTIC },
- { "dadfailed", IFA_F_DADFAILED },
- { "home", IFA_F_HOMEADDRESS },
- { "deprecated", IFA_F_DEPRECATED },
- { "tentative", IFA_F_TENTATIVE },
- { "permanent", IFA_F_PERMANENT },
- { "mngtmpaddr", IFA_F_MANAGETEMPADDR },
- { "noprefixroute", IFA_F_NOPREFIXROUTE },
- { "autojoin", IFA_F_MCAUTOJOIN },
- { "stable-privacy", IFA_F_STABLE_PRIVACY },
+ unsigned long mask;
+ bool readonly;
+ bool v6only;
+} ifa_flag_data[] = {
+ { .name = "secondary", .mask = IFA_F_SECONDARY, .readonly = true, .v6only = false},
+ { .name = "temporary", .mask = IFA_F_SECONDARY, .readonly = true, .v6only = false},
+ { .name = "nodad", .mask = IFA_F_NODAD, .readonly = false, .v6only = true},
+ { .name = "optimistic", .mask = IFA_F_OPTIMISTIC, .readonly = true, .v6only = true},
+ { .name = "dadfailed", .mask = IFA_F_DADFAILED, .readonly = true, .v6only = true},
+ { .name = "home", .mask = IFA_F_HOMEADDRESS, .readonly = false, .v6only = true},
+ { .name = "deprecated", .mask = IFA_F_DEPRECATED, .readonly = true, .v6only = true},
+ { .name = "tentative", .mask = IFA_F_TENTATIVE, .readonly = true, .v6only = true},
+ { .name = "permanent", .mask = IFA_F_PERMANENT, .readonly = true, .v6only = true},
+ { .name = "mngtmpaddr", .mask = IFA_F_MANAGETEMPADDR, .readonly = false, .v6only = true},
+ { .name = "noprefixroute", .mask = IFA_F_NOPREFIXROUTE, .readonly = false, .v6only = true},
+ { .name = "autojoin", .mask = IFA_F_MCAUTOJOIN, .readonly = false, .v6only = true},
+ { .name = "stable-privacy", .mask = IFA_F_STABLE_PRIVACY, .readonly = true, .v6only = true},
};
+/* Returns a pointer to the data structure for a particular interface flag, or null if no flag could be found */
+static const struct ifa_flag_data_t* lookup_flag_data_by_name(const char* flag_name) {
+ for (int i = 0; i < ARRAY_SIZE(ifa_flag_data); ++i) {
+ if (strcmp(flag_name, ifa_flag_data[i].name) == 0)
+ return &ifa_flag_data[i];
+ }
+ return NULL;
+}
+
static void print_ifa_flags(FILE *fp, const struct ifaddrmsg *ifa,
unsigned int flags)
{
unsigned int i;
- for (i = 0; i < ARRAY_SIZE(ifa_flag_names); i++) {
- unsigned long mask = ifa_flag_names[i].value;
+ for (i = 0; i < ARRAY_SIZE(ifa_flag_data); i++) {
+ const struct ifa_flag_data_t* flag_data = &ifa_flag_data[i];
- if (mask == IFA_F_PERMANENT) {
- if (!(flags & mask))
+ if (flag_data->mask == IFA_F_PERMANENT) {
+ if (!(flags & flag_data->mask))
print_bool(PRINT_ANY,
"dynamic", "dynamic ", true);
- } else if (flags & mask) {
- if (mask == IFA_F_SECONDARY &&
+ } else if (flags & flag_data->mask) {
+ if (flag_data->mask == IFA_F_SECONDARY &&
ifa->ifa_family == AF_INET6) {
print_bool(PRINT_ANY,
"temporary", "temporary ", true);
} else {
print_string(PRINT_FP, NULL,
- "%s ", ifa_flag_names[i].name);
+ "%s ", flag_data->name);
print_bool(PRINT_JSON,
- ifa_flag_names[i].name, NULL, true);
+ flag_data->name, NULL, true);
}
}
- flags &= ~mask;
+ flags &= ~flag_data->mask;
}
if (flags) {
@@ -1297,7 +1308,6 @@ static void print_ifa_flags(FILE *fp, const struct ifaddrmsg *ifa,
static int get_filter(const char *arg)
{
bool inv = false;
- unsigned int i;
if (arg[0] == '-') {
inv = true;
@@ -1313,18 +1323,16 @@ static int get_filter(const char *arg)
arg = "secondary";
}
- for (i = 0; i < ARRAY_SIZE(ifa_flag_names); i++) {
- if (strcmp(arg, ifa_flag_names[i].name))
- continue;
+ const struct ifa_flag_data_t* flag_data = lookup_flag_data_by_name(arg);
+ if (flag_data == NULL)
+ return -1;
- if (inv)
- filter.flags &= ~ifa_flag_names[i].value;
- else
- filter.flags |= ifa_flag_names[i].value;
- filter.flagmask |= ifa_flag_names[i].value;
- return 0;
- }
- return -1;
+ if (inv)
+ filter.flags &= ~flag_data->mask;
+ else
+ filter.flags |= flag_data->mask;
+ filter.flagmask |= flag_data->mask;
+ return 0;
}
static int ifa_label_match_rta(int ifindex, const struct rtattr *rta)
@@ -2330,25 +2338,15 @@ static int ipaddr_modify(int cmd, int flags, int argc, char **argv)
preferred_lftp = *argv;
if (set_lifetime(&preferred_lft, *argv))
invarg("preferred_lft value", *argv);
- } else if (strcmp(*argv, "home") == 0) {
- if (req.ifa.ifa_family == AF_INET6)
- ifa_flags |= IFA_F_HOMEADDRESS;
- else
- fprintf(stderr, "Warning: home option can be set only for IPv6 addresses\n");
- } else if (strcmp(*argv, "nodad") == 0) {
- if (req.ifa.ifa_family == AF_INET6)
- ifa_flags |= IFA_F_NODAD;
- else
- fprintf(stderr, "Warning: nodad option can be set only for IPv6 addresses\n");
- } else if (strcmp(*argv, "mngtmpaddr") == 0) {
- if (req.ifa.ifa_family == AF_INET6)
- ifa_flags |= IFA_F_MANAGETEMPADDR;
- else
- fprintf(stderr, "Warning: mngtmpaddr option can be set only for IPv6 addresses\n");
- } else if (strcmp(*argv, "noprefixroute") == 0) {
- ifa_flags |= IFA_F_NOPREFIXROUTE;
- } else if (strcmp(*argv, "autojoin") == 0) {
- ifa_flags |= IFA_F_MCAUTOJOIN;
+ } else if (lookup_flag_data_by_name(*argv)) {
+ const struct ifa_flag_data_t* flag_data = lookup_flag_data_by_name(*argv);
+ if (flag_data->readonly) {
+ fprintf(stderr, "Warning: %s option is not mutable from userspace\n", flag_data->name);
+ } else if (flag_data->v6only && req.ifa.ifa_family != AF_INET6) {
+ fprintf(stderr, "Warning: %s option can be set only for IPv6 addresses\n", flag_data->name);
+ } else {
+ ifa_flags |= flag_data->mask;
+ }
} else {
if (strcmp(*argv, "local") == 0)
NEXT_ARG();
--
cgit 1.2.3-korg

61
backport-iproute2-ip-maddress-Check-multiaddr-length.patch Normal file
View File

@ -0,0 +1,61 @@
From 7e7a1d107b7f2bb729836de25c4983f9615a2aa1 Mon Sep 17 00:00:00 2001
From: Sascha Hauer <s.hauer@pengutronix.de>
Date: Mon, 17 Aug 2020 13:25:19 +0200
Subject: iproute2: ip maddress: Check multiaddr length
ip maddress add|del takes a MAC address as argument, so insist on
getting a length of ETH_ALEN bytes. This makes sure the passed argument
is actually a MAC address and especially not an IPv4 address which
was previously accepted and silently taken as a MAC address.
While at it, do not print *argv in the error path as this has been
modified by ll_addr_a2n() and doesn't contain the full string anymore,
which can lead to misleading error messages.
Also while at it, replace the hardcoded buffer size with the actual
buffer size using sizeof().
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=7e7a1d107b7f2bb729836de25c4983f9615a2aa1
---
ip/ipmaddr.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/ip/ipmaddr.c b/ip/ipmaddr.c
index 3400e055a..d41ac63a7 100644
--- a/ip/ipmaddr.c
+++ b/ip/ipmaddr.c
@@ -291,7 +291,7 @@ static int multiaddr_modify(int cmd, int argc, char **argv)
{
struct ifreq ifr = {};
int family;
- int fd;
+ int fd, len;
if (cmd == RTM_NEWADDR)
cmd = SIOCADDMULTI;
@@ -313,9 +313,14 @@ static int multiaddr_modify(int cmd, int argc, char **argv)
usage();
if (ifr.ifr_hwaddr.sa_data[0])
duparg("address", *argv);
- if (ll_addr_a2n(ifr.ifr_hwaddr.sa_data,
- 14, *argv) < 0) {
- fprintf(stderr, "Error: \"%s\" is not a legal ll address.\n", *argv);
+ len = ll_addr_a2n(ifr.ifr_hwaddr.sa_data,
+ sizeof(ifr.ifr_hwaddr.sa_data),
+ *argv);
+ if (len < 0)
+ exit(1);
+
+ if (len != ETH_ALEN) {
+ fprintf(stderr, "Error: Invalid address length %d - must be %d bytes\n", len, ETH_ALEN);
exit(1);
}
}
--
cgit 1.2.3-korg

39
backport-lnstat-fix-buffer-overflow-in-header-output.patch Normal file
View File

@ -0,0 +1,39 @@
From be31c2648487596f23096278dacd86bf88305a14 Mon Sep 17 00:00:00 2001
From: jiangheng" <jiangheng12@huawei.com>
Date: Wed, 17 Nov 2021 13:41:10 -0800
Subject: lnstat: fix buffer overflow in header output
Running lnstat will cause core dump from reading past end of array.
Segmentation fault (core dumped)
The maximum value of th.num_lines is HDR_LINES(10), h should not be equal to th.num_lines, array th.hdr may be out of bounds.
Signed-off-by jiangheng <jiangheng12@huawei.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=be31c2648487596f23096278dacd86bf88305a14
---
misc/lnstat.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/misc/lnstat.c b/misc/lnstat.c
index 89cb0e7e2..98904d45e 100644
--- a/misc/lnstat.c
+++ b/misc/lnstat.c
@@ -210,8 +210,9 @@ static struct table_hdr *build_hdr_string(struct lnstat_file *lnstat_files,
}
ofs += width+1;
}
+
/* fill in spaces */
- for (h = 1; h <= th.num_lines; h++) {
+ for (h = 1; h < th.num_lines; h++) {
for (i = 0; i < ofs; i++) {
if (th.hdr[h][i] == '\0')
th.hdr[h][i] = ' ';
--
cgit 1.2.3-korg

43
backport-nexthop-fix-error-reporting-in-filter-dump.patch Normal file
View File

@ -0,0 +1,43 @@
From d9b868436a6fce8986560178c6d1a78072e21861 Mon Sep 17 00:00:00 2001
From: Andrea Claudi <aclaudi@redhat.com>
Date: Tue, 10 Mar 2020 13:15:17 +0100
Subject: nexthop: fix error reporting in filter dump
nh_dump_filter is missing a return value check in two cases.
Fix this simply adding an assignment to the proper variable.
Fixes: 63df8e8543b03 ("Add support for nexthop objects")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Reviewed-by: David Ahern <dsahern@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=d9b868436a6fce8986560178c6d1a78072e21861
---
ip/ipnexthop.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ip/ipnexthop.c b/ip/ipnexthop.c
index 9f860c8ce..99f89630e 100644
--- a/ip/ipnexthop.c
+++ b/ip/ipnexthop.c
@@ -59,13 +59,13 @@ static int nh_dump_filter(struct nlmsghdr *nlh, int reqlen)
}
if (filter.groups) {
- addattr_l(nlh, reqlen, NHA_GROUPS, NULL, 0);
+ err = addattr_l(nlh, reqlen, NHA_GROUPS, NULL, 0);
if (err)
return err;
}
if (filter.master) {
- addattr32(nlh, reqlen, NHA_MASTER, filter.master);
+ err = addattr32(nlh, reqlen, NHA_MASTER, filter.master);
if (err)
return err;
}
--
cgit 1.2.3-korg

117
backport-nstat-print-useful-error-messages-in-abort-cases.patch Normal file
View File

@ -0,0 +1,117 @@
From 2c7056ac26412fe99443a283f0c1261cb81ccea2 Mon Sep 17 00:00:00 2001
From: Andrea Claudi <aclaudi@redhat.com>
Date: Mon, 17 Feb 2020 14:46:18 +0100
Subject: nstat: print useful error messages in abort() cases
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When nstat temporary file is corrupted or in some other corner cases,
nstat use abort() to stop its execution. This can puzzle some users,
wondering what is the reason for the crash.
This commit replaces abort() with some meaningful error messages and exit()
Reported-by: Renaud Métrich <rmetrich@redhat.com>
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=2c7056ac26412fe99443a283f0c1261cb81ccea2
---
misc/nstat.c | 47 +++++++++++++++++++++++++++++++++--------------
1 file changed, 33 insertions(+), 14 deletions(-)
diff --git a/misc/nstat.c b/misc/nstat.c
index 23113b223..425e75ef4 100644
--- a/misc/nstat.c
+++ b/misc/nstat.c
@@ -142,14 +142,19 @@ static void load_good_table(FILE *fp)
}
/* idbuf is as big as buf, so this is safe */
nr = sscanf(buf, "%s%llu%lg", idbuf, &val, &rate);
- if (nr < 2)
- abort();
+ if (nr < 2) {
+ fprintf(stderr, "%s:%d: error parsing history file\n",
+ __FILE__, __LINE__);
+ exit(-2);
+ }
if (nr < 3)
rate = 0;
if (useless_number(idbuf))
continue;
- if ((n = malloc(sizeof(*n))) == NULL)
- abort();
+ if ((n = malloc(sizeof(*n))) == NULL) {
+ perror("nstat: malloc");
+ exit(-1);
+ }
n->id = strdup(idbuf);
n->val = val;
n->rate = rate;
@@ -190,8 +195,11 @@ static void load_ugly_table(FILE *fp)
int count1, count2, skip = 0;
p = strchr(buf, ':');
- if (!p)
- abort();
+ if (!p) {
+ fprintf(stderr, "%s:%d: error parsing history file\n",
+ __FILE__, __LINE__);
+ exit(-2);
+ }
count1 = count_spaces(buf);
*p = 0;
idbuf[0] = 0;
@@ -211,8 +219,10 @@ static void load_ugly_table(FILE *fp)
strncat(idbuf, p, sizeof(idbuf) - off - 1);
}
n = malloc(sizeof(*n));
- if (!n)
- abort();
+ if (!n) {
+ perror("nstat: malloc");
+ exit(-1);
+ }
n->id = strdup(idbuf);
n->rate = 0;
n->next = db;
@@ -221,18 +231,27 @@ static void load_ugly_table(FILE *fp)
}
n = db;
nread = getline(&buf, &buflen, fp);
- if (nread == -1)
- abort();
+ if (nread == -1) {
+ fprintf(stderr, "%s:%d: error parsing history file\n",
+ __FILE__, __LINE__);
+ exit(-2);
+ }
count2 = count_spaces(buf);
if (count2 > count1)
skip = count2 - count1;
do {
p = strrchr(buf, ' ');
- if (!p)
- abort();
+ if (!p) {
+ fprintf(stderr, "%s:%d: error parsing history file\n",
+ __FILE__, __LINE__);
+ exit(-2);
+ }
*p = 0;
- if (sscanf(p+1, "%llu", &n->val) != 1)
- abort();
+ if (sscanf(p+1, "%llu", &n->val) != 1) {
+ fprintf(stderr, "%s:%d: error parsing history file\n",
+ __FILE__, __LINE__);
+ exit(-2);
+ }
/* Trick to skip "dummy" trailing ICMP MIB in 2.4 */
if (skip)
skip--;
--
cgit 1.2.3-korg

72
backport-q_cake-Make-fwmark-uint-instead-of-int.patch Normal file
View File

@ -0,0 +1,72 @@
From 6f883f168cf9e1f3be208a10d671a54d781e75a5 Mon Sep 17 00:00:00 2001
From: Odin Ugedal <odin@ugedal.com>
Date: Wed, 15 Apr 2020 16:39:34 +0200
Subject: q_cake: Make fwmark uint instead of int
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This will help avoid overflow, since setting it to 0xffffffff would
result in -1 when converted to integer, resulting in being "-1", setting
the fwmark to 0x00.
Signed-off-by: Odin Ugedal <odin@ugedal.com>
Acked-by: Toke Høiland-Jørgensen <toke@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=6f883f168cf9e1f3be208a10d671a54d781e75a5
---
tc/q_cake.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/tc/q_cake.c b/tc/q_cake.c
index 3c78b1767..9ebb270c1 100644
--- a/tc/q_cake.c
+++ b/tc/q_cake.c
@@ -97,6 +97,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
unsigned int interval = 0;
unsigned int diffserv = 0;
unsigned int memlimit = 0;
+ unsigned int fwmark = 0;
unsigned int target = 0;
__u64 bandwidth = 0;
int ack_filter = -1;
@@ -107,7 +108,6 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
int autorate = -1;
int ingress = -1;
int overhead = 0;
- int fwmark = -1;
int wash = -1;
int nat = -1;
int atm = -1;
@@ -335,15 +335,12 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
return -1;
}
} else if (strcmp(*argv, "fwmark") == 0) {
- unsigned int fwm;
-
NEXT_ARG();
- if (get_u32(&fwm, *argv, 0)) {
+ if (get_u32(&fwmark, *argv, 0)) {
fprintf(stderr,
"Illegal value for \"fwmark\": \"%s\"\n", *argv);
return -1;
}
- fwmark = fwm;
} else if (strcmp(*argv, "help") == 0) {
explain();
return -1;
@@ -388,7 +385,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
if (memlimit)
addattr_l(n, 1024, TCA_CAKE_MEMORY, &memlimit,
sizeof(memlimit));
- if (fwmark != -1)
+ if (fwmark)
addattr_l(n, 1024, TCA_CAKE_FWMARK, &fwmark,
sizeof(fwmark));
if (nat != -1)
--
cgit 1.2.3-korg

9
backport-q_cake-allow-changing-to-diffserv3.patch
View File

@ -18,12 +18,13 @@ Acked-by: Toke Høiland-Jørgensen <toke@toke.dk>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict: remove fwmark variable declaration
Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=eb4206ecd0342ff92b1a85b7dae3d4fd1b5be1c6
---
tc/q_cake.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tc/q_cake.c b/tc/q_cake.c
index 4cfc1c0..c438b76 100644
index c791428..cf630c8 100644
--- a/tc/q_cake.c
+++ b/tc/q_cake.c
@@ -95,7 +95,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
@ -33,9 +34,9 @@ index 4cfc1c0..c438b76 100644
- unsigned int diffserv = 0;
+ int diffserv = -1;
unsigned int memlimit = 0;
unsigned int fwmark = 0;
unsigned int target = 0;
__u64 bandwidth = 0;
@@ -360,7 +360,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
@@ -357,7 +357,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv,
if (bandwidth || unlimited)
addattr_l(n, 1024, TCA_CAKE_BASE_RATE64, &bandwidth,
sizeof(bandwidth));
@ -45,5 +46,5 @@ index 4cfc1c0..c438b76 100644
sizeof(diffserv));
if (atm != -1)
--
1.8.3.1
2.23.0

36
backport-tc-m_action-check-cookie-hex-string-len.patch Normal file
View File

@ -0,0 +1,36 @@
From 0149dabf2a1bad2f210ca2d987b29083247b7bd0 Mon Sep 17 00:00:00 2001
From: Jiri Pirko <jiri@mellanox.com>
Date: Mon, 27 Apr 2020 08:10:55 +0200
Subject: tc: m_action: check cookie hex string len
Check the cookie hex string len is dividable by 2 as the valid hex
string always should be.
Reported-by: Alex Kushnarov <alexanderk@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=0149dabf2a1bad2f210ca2d987b29083247b7bd0
---
tc/m_action.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tc/m_action.c b/tc/m_action.c
index 108329db2..b41782de9 100644
--- a/tc/m_action.c
+++ b/tc/m_action.c
@@ -291,7 +291,8 @@ done0:
invarg(cookie_err_m, *argv);
}
- if (hex2mem(*argv, act_ck, slen / 2) < 0)
+ if (slen % 2 ||
+ hex2mem(*argv, act_ck, slen / 2) < 0)
invarg("cookie must be a hex string\n",
*argv);
--
cgit 1.2.3-korg

46
backport-tc-m_estimator-Print-proper-value-for-estimator-interval-in-raw.patch Normal file
View File

@ -0,0 +1,46 @@
From 66702fb9baf277b2eb6d44a7983d5333ca2a0a2c Mon Sep 17 00:00:00 2001
From: Jamie Gloudon <jamie.gloudon@gmx.fr>
Date: Fri, 17 Jul 2020 11:05:30 -0400
Subject: tc/m_estimator: Print proper value for estimator interval in raw.
While looking at the estimator code, I noticed an incorrect interval
number printed in raw for the handles. This patch fixes the formatting.
Before patch:
root@bytecenter.fr:~# tc -r filter add dev eth0 ingress estimator
250ms 999ms matchall action police avrate 12mbit conform-exceed drop
[estimator i=4294967294 e=2]
After patch:
root@bytecenter.fr:~# tc -r filter add dev eth0 ingress estimator
250ms 999ms matchall action police avrate 12mbit conform-exceed drop
[estimator i=-2 e=2]
Signed-off-by: Jamie Gloudon <jamie.gloudon@gmx.fr>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=66702fb9baf277b2eb6d44a7983d5333ca2a0a2c
---
tc/m_estimator.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/m_estimator.c b/tc/m_estimator.c
index ef62e1bba..b5f4c860c 100644
--- a/tc/m_estimator.c
+++ b/tc/m_estimator.c
@@ -57,7 +57,7 @@ int parse_estimator(int *p_argc, char ***p_argv, struct tc_estimator *est)
return -1;
}
if (show_raw)
- fprintf(stderr, "[estimator i=%u e=%u]\n", est->interval, est->ewma_log);
+ fprintf(stderr, "[estimator i=%hhd e=%u]\n", est->interval, est->ewma_log);
*p_argc = argc;
*p_argv = argv;
return 0;
--
cgit 1.2.3-korg

58
backport-tc-u32-Fix-key-folding-in-sample-option.patch Normal file
View File

@ -0,0 +1,58 @@
From 9b7ea92b9e3feff2876f772ace01148b7406839c Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Wed, 4 Aug 2021 11:18:28 +0200
Subject: tc: u32: Fix key folding in sample option
In between Linux kernel 2.4 and 2.6, key folding for hash tables changed
in kernel space. When iproute2 dropped support for the older algorithm,
the wrong code was removed and kernel 2.4 folding method remained in
place. To get things functional for recent kernels again, restoring the
old code alone was not sufficient - additional byteorder fixes were
needed.
While being at it, make use of ffs() and thereby align the code with how
kernel determines the shift width.
Fixes: 267480f55383c ("Backout the 2.4 utsname hash patch.")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=9b7ea92b9e3feff2876f772ace01148b7406839c
---
tc/f_u32.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/tc/f_u32.c b/tc/f_u32.c
index 2ed5254a4..a5747f671 100644
--- a/tc/f_u32.c
+++ b/tc/f_u32.c
@@ -978,6 +978,13 @@ show_k:
goto show_k;
}
+static __u32 u32_hash_fold(struct tc_u32_key *key)
+{
+ __u8 fshift = key->mask ? ffs(ntohl(key->mask)) - 1 : 0;
+
+ return ntohl(key->val & key->mask) >> fshift;
+}
+
static int u32_parse_opt(struct filter_util *qu, char *handle,
int argc, char **argv, struct nlmsghdr *n)
{
@@ -1110,9 +1117,7 @@ static int u32_parse_opt(struct filter_util *qu, char *handle,
}
NEXT_ARG();
}
- hash = sel2.sel.keys[0].val & sel2.sel.keys[0].mask;
- hash ^= hash >> 16;
- hash ^= hash >> 8;
+ hash = u32_hash_fold(&sel2.keys[0]);
htid = ((hash % divisor) << 12) | (htid & 0xFFF00000);
sample_ok = 1;
continue;
--
cgit 1.2.3-korg

44
backport-tc_util-detect-overflow-in-get_size.patch Normal file
View File

@ -0,0 +1,44 @@
From e07c57e94e27d2f15bfb9de4db7ca3ab9d9368ed Mon Sep 17 00:00:00 2001
From: Odin Ugedal <odin@ugedal.com>
Date: Thu, 16 Apr 2020 16:08:14 +0200
Subject: tc_util: detect overflow in get_size
This detects overflow during parsing of value using get_size:
eg. running:
$ tc qdisc add dev lo root cake memlimit 11gb
currently gives a memlimit of "3072Mb", while with this patch it errors
with 'illegal value for "memlimit": "11gb"', since memlinit is an
unsigned integer.
Signed-off-by: Odin Ugedal <odin@ugedal.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=e07c57e94e27d2f15bfb9de4db7ca3ab9d9368ed
---
tc/tc_util.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tc/tc_util.c b/tc/tc_util.c
index 5f13d729b..68938fb0c 100644
--- a/tc/tc_util.c
+++ b/tc/tc_util.c
@@ -385,6 +385,11 @@ int get_size(unsigned int *size, const char *str)
}
*size = sz;
+
+ /* detect if an overflow happened */
+ if (*size != floor(sz))
+ return -1;
+
return 0;
}
--
cgit 1.2.3-korg

49
backport-tipc-bail-out-if-algname-is-abnormally-long.patch Normal file
View File

@ -0,0 +1,49 @@
From 93c267bfb49267fd94f68c3d014fc5909645de06 Mon Sep 17 00:00:00 2001
From: Andrea Claudi <aclaudi@redhat.com>
Date: Sat, 1 May 2021 18:32:29 +0200
Subject: tipc: bail out if algname is abnormally long
tipc segfaults when called with an abnormally long algname:
$ tipc node set key 0x1234 algname supercalifragilistichespiralidososupercalifragilistichespiralidoso
*** buffer overflow detected ***: terminated
Fix this returning an error if provided algname is longer than
TIPC_AEAD_ALG_NAME.
Fixes: 24bee3bf9752 ("tipc: add new commands to set TIPC AEAD key")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=93c267bfb49267fd94f68c3d014fc5909645de06
---
tipc/node.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/tipc/node.c b/tipc/node.c
index ae75bfff7..bf592a074 100644
--- a/tipc/node.c
+++ b/tipc/node.c
@@ -236,10 +236,15 @@ get_ops:
/* Get algorithm name, default: "gcm(aes)" */
opt_algname = get_opt(opts, "algname");
- if (!opt_algname)
+ if (!opt_algname) {
strcpy(input.key.alg_name, "gcm(aes)");
- else
+ } else {
+ if (strlen(opt_algname->val) > TIPC_AEAD_ALG_NAME) {
+ fprintf(stderr, "error, invalid algname\n");
+ return -EINVAL;
+ }
strcpy(input.key.alg_name, opt_algname->val);
+ }
/* Get node identity */
opt_nodeid = get_opt(opts, "nodeid");
--
cgit 1.2.3-korg

41
backport-tipc-bail-out-if-key-is-abnormally-long.patch Normal file
View File

@ -0,0 +1,41 @@
From 28ee49e5153b02698f100ad4e390fe700f7bcf32 Mon Sep 17 00:00:00 2001
From: Andrea Claudi <aclaudi@redhat.com>
Date: Sat, 1 May 2021 18:32:30 +0200
Subject: tipc: bail out if key is abnormally long
tipc segfaults when called with an abnormally long key:
$ tipc node set key 0123456789abcdef0123456789abcdef0123456789abcdef
*** buffer overflow detected ***: terminated
Fix this returning an error if key length is longer than
TIPC_AEAD_KEYLEN_MAX.
Fixes: 24bee3bf9752 ("tipc: add new commands to set TIPC AEAD key")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=28ee49e5153b02698f100ad4e390fe700f7bcf32
---
tipc/misc.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tipc/misc.c b/tipc/misc.c
index 1daf3072a..909975d8b 100644
--- a/tipc/misc.c
+++ b/tipc/misc.c
@@ -113,6 +113,9 @@ int str2key(char *str, struct tipc_aead_key *key)
}
}
+ if (len > TIPC_AEAD_KEYLEN_MAX)
+ return -1;
+
/* Obtain key: */
if (!ishex) {
key->keylen = len;
--
cgit 1.2.3-korg

45
backport-utils-Fix-BIT-to-support-up-to-64-bits-on-all-architectures.patch Normal file
View File

@ -0,0 +1,45 @@
From 4ac0383a598d4bddf13cbd8272f0ea7711614b79 Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben.hutchings@mind.be>
Date: Tue, 29 Jun 2021 01:24:46 +0200
Subject: utils: Fix BIT() to support up to 64 bits on all architectures
devlink and vdpa use BIT() together with 64-bit flag fields. devlink
is already using bit numbers greater than 31 and so does not work
correctly on 32-bit architectures.
Fix this by making BIT() use uint64_t instead of unsigned long.
Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Conflict:NA
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=4ac0383a598d4bddf13cbd8272f0ea7711614b79
---
include/utils.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/utils.h b/include/utils.h
index 187444d52..70db9f609 100644
--- a/include/utils.h
+++ b/include/utils.h
@@ -8,6 +8,7 @@
#include <stdlib.h>
#include <stdbool.h>
#include <time.h>
+#include <stdint.h>
#ifdef HAVE_LIBBSD
#include <bsd/string.h>
@@ -264,7 +265,7 @@ void print_nlmsg_timestamp(FILE *fp, const struct nlmsghdr *n);
unsigned int print_name_and_link(const char *fmt,
const char *name, struct rtattr *tb[]);
-#define BIT(nr) (1UL << (nr))
+#define BIT(nr) (UINT64_C(1) << (nr))
#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
--
cgit 1.2.3-korg

32
huawei-lnstat-fix-buffer-overflow-in-lnstat-command.patch
View File

@ -1,32 +0,0 @@
From d95b3d070009dc557d60ead60ab6d820fe8e7e7f Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 16 Nov 2021 14:32:46 +0800
Subject: [PATCH] lnstat: fix buffer overflow in lnstat command
segfults when called the following command:
[root@localhost ~]lnstat -w 1
Segmentation fault (core dumped)
The maximum value of th.num_lines is HDR_LINES(10),
h should not be equal to th.num_lines, array th.hdr may
be out of bounds.
---
misc/lnstat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/misc/lnstat.c b/misc/lnstat.c
index e3c8421..7bfb8e6 100644
--- a/misc/lnstat.c
+++ b/misc/lnstat.c
@@ -210,7 +210,7 @@ static struct table_hdr *build_hdr_string(struct lnstat_file *lnstat_files,
ofs += width+1;
}
/* fill in spaces */
- for (h = 1; h <= th.num_lines; h++) {
+ for (h = 1; h < th.num_lines; h++) {
for (i = 0; i < ofs; i++) {
if (th.hdr[h][i] == '\0')
th.hdr[h][i] = ' ';
--
1.8.3.1

104
iproute.spec
View File

@ -1,7 +1,7 @@
#needsrootforbuild
Name: iproute
Version: 5.5.0
Release: 16
Release: 17
Summary: Linux network configuration utilities
License: GPLv2+ and Public Domain
URL: https://kernel.org/pub/linux/utils/net/iproute2/
@ -9,35 +9,58 @@ Source0: https://mirrors.edge.kernel.org/pub/linux/utils/net/iproute2/iproute2-%
Patch1: bugfix-iproute2-3.10.0-fix-maddr-show.patch
Patch2: bugfix-iproute2-change-proc-to-ipnetnsproc-which-is-private.patch
Patch3: backport-lib-fs-avoid-double-call-to-mkdir-on-make_path.patch
Patch4: backport-devlink-always-check-strslashrsplit-return-value.patch
Patch5: backport-nexthop-fix-memory-leak-in-add_nh_group_attr.patch
Patch6: backport-rdma-stat-fix-return-code.patch
Patch7: backport-ip-drop-2-char-command-assumption.patch
Patch8: backport-ip-netns-fix-missing-netns-close-on-some-error-paths.patch
Patch9: backport-lib-bpf_legacy-fix-missing-socket-close-when-connect.patch
Patch10: backport-tc-e_bpf-fix-memory-leak-in-parse_bpf.patch
Patch11: backport-bugfix-iproute2-lib-bpf-fix-bpffs-mount-when-sys-fs-bpf-exist.patch
Patch12: backport-bugfix-iproute2-tc-f_flower-fix-port-range-parsing.patch
Patch13: backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch
Patch14: backport-q_cake-allow-changing-to-diffserv3.patch
Patch9002: feature-iproute-limit-operation-ip-netns-del.patch
Patch9003: feature-iproute-add-support-for-ipvlan-l2e-mode.patch
Patch9004: feature-peer_notify_delay-renamed-to-peer_notif_delay.patch
Patch9005: bugfix-iproute-support-assume-default-route.patch
Patch9006: huawei-lnstat-fix-buffer-overflow-in-lnstat-command.patch
Patch9007: bugfix-iproute2-cancel-some-test-cases.patch
Patch6000: backport-nexthop-fix-error-reporting-in-filter-dump.patch
Patch6001: backport-bridge-report-correct-version.patch
Patch6002: backport-q_cake-Make-fwmark-uint-instead-of-int.patch
Patch6003: backport-tc-m_action-check-cookie-hex-string-len.patch
Patch6004: backport-iproute2-fix-MPLS-label-parsing.patch
Patch6005: backport-tc_util-detect-overflow-in-get_size.patch
Patch6006: backport-Revert-bpf-replace-snprintf-with-asprintf-when-dealing-with-long-buffers.patch
Patch6007: backport-tc-m_estimator-Print-proper-value-for-estimator-interval-in-raw.patch
Patch6008: backport-iproute2-ip-maddress-Check-multiaddr-length.patch
Patch6009: backport-iproute2-ip-addr-Organize-flag-properties-structurally.patch
Patch6010: backport-addr-Fix-noprefixroute-and-autojoin-for-IPv4.patch
Patch6011: backport-devlink-fix-memory-leak-in-cmd_dev_flash.patch
Patch6012: backport-lib-fs-avoid-double-call-to-mkdir-on-make_path.patch
Patch6013: backport-devlink-always-check-strslashrsplit-return-value.patch
Patch6014: backport-nexthop-fix-memory-leak-in-add_nh_group_attr.patch
Patch6015: backport-rdma-stat-fix-return-code.patch
Patch6016: backport-ip-drop-2-char-command-assumption.patch
Patch6017: backport-ip-netns-fix-missing-netns-close-on-some-error-paths.patch
Patch6018: backport-lib-bpf_legacy-fix-missing-socket-close-when-connect.patch
Patch6019: backport-tc-e_bpf-fix-memory-leak-in-parse_bpf.patch
Patch6020: backport-tipc-bail-out-if-algname-is-abnormally-long.patch
Patch6021: backport-tipc-bail-out-if-key-is-abnormally-long.patch
Patch6022: backport-utils-Fix-BIT-to-support-up-to-64-bits-on-all-architectures.patch
Patch6023: backport-ipmonitor-Fix-recvmsg-with-ancillary-data.patch
Patch6024: backport-devlink-fix-infinite-loop-on-flash-update-for-drivers-without-status.patch
Patch6025: backport-tc-u32-Fix-key-folding-in-sample-option.patch
Patch6026: backport-bugfix-iproute2-lib-bpf-fix-bpffs-mount-when-sys-fs-bpf-exist.patch
Patch6027: backport-bugfix-iproute2-tc-f_flower-fix-port-range-parsing.patch
Patch6028: backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch
Patch6029: backport-lnstat-fix-buffer-overflow-in-header-output.patch
Patch6030: backport-q_cake-allow-changing-to-diffserv3.patch
Patch9002: feature-iproute-limit-operation-ip-netns-del.patch
Patch9003: feature-iproute-add-support-for-ipvlan-l2e-mode.patch
Patch9004: feature-peer_notify_delay-renamed-to-peer_notif_delay.patch
Patch9005: bugfix-iproute-support-assume-default-route.patch
Patch9006: bugfix-iproute2-cancel-some-test-cases.patch
Patch6031: backport-devlink-fix-devlink-health-dump-command-without-arg.patch
Patch6032: backport-l2tp-fix-typo-in-AF_INET6-checksum-JSON-print.patch
Patch6033: backport-tc-em_u32-fix-offset-parsing.patch
Patch6034: backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch
Patch6035: backport-ip-address-Fix-memory-leak-when-specifying-device.patch
Patch6036: backport-ip-neigh-Fix-memory-leak-when-doing-get.patch
Patch6037: backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch
Patch6038: backport-lnstat-fix-strdup-leak-in-w-argument-parsing.patch
Patch6039: backport-libnetlink-fix-socket-leak-in-rtnl_open_byproto.patch
Patch6040: backport-nstat-print-useful-error-messages-in-abort-cases.patch
Patch6000: backport-devlink-fix-devlink-health-dump-command-without-arg.patch
Patch6001: backport-l2tp-fix-typo-in-AF_INET6-checksum-JSON-print.patch
Patch6002: backport-tc-em_u32-fix-offset-parsing.patch
Patch6003: backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch
Patch6004: backport-ip-address-Fix-memory-leak-when-specifying-device.patch
Patch6005: backport-ip-neigh-Fix-memory-leak-when-doing-get.patch
Patch6006: backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch
Patch6007: backport-lnstat-fix-strdup-leak-in-w-argument-parsing.patch
Patch6008: backport-libnetlink-fix-socket-leak-in-rtnl_open_byproto.patch
BuildRequires: gcc bison elfutils-libelf-devel flex iptables-devel
BuildRequires: libmnl-devel libselinux-devel pkgconfig git make sudo
@ -113,6 +136,31 @@ install -m 0644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a
%{_mandir}/*
%changelog
* Wed Dec 27 2023 liubo <liubo335@huawei.com> - 5.5.0-17
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:nexthop: fix error reporting in filter dump
bridge: report correct version
q_cake: Make fwmark uint instead of int
tc: m_action: check cookie hex string len
iproute2: fix MPLS label parsing
tc_util: detect overflow in get_size
Revert "bpf: replace snprintf with asprintf when dealing with long buffers"
tc/m_estimator: Print proper value for estimator interval in raw.
iproute2: ip maddress: Check multiaddr length
iproute2: ip addr: Organize flag properties structurally
addr: Fix noprefixroute and autojoin for IPv4
devlink: fix memory leak in cmd_dev_flash()
tipc: bail out if algname is abnormally long
tipc: bail out if key is abnormally long
utils: Fix BIT() to support up to 64 bits on all architectures
ipmonitor: Fix recvmsg with ancillary data
devlink: fix infinite loop on flash update for drivers without status
tc: u32: Fix key folding in sample option
lnstat: fix buffer overflow in header output
nstat: print useful error messages in abort() cases
* Thu Dec 14 2023 liubo <liubo335@huawei.com> - 5.5.0-16
- Type:bugfix
- ID:NA