diff --git a/backport-Revert-bpf-replace-snprintf-with-asprintf-when-dealing-with-long-buffers.patch b/backport-Revert-bpf-replace-snprintf-with-asprintf-when-dealing-with-long-buffers.patch new file mode 100644 index 0000000..e07826b --- /dev/null +++ b/backport-Revert-bpf-replace-snprintf-with-asprintf-when-dealing-with-long-buffers.patch @@ -0,0 +1,337 @@ +From 358abfe004a30bf3ed353c7f5dbc6afaf4212ecf Mon Sep 17 00:00:00 2001 +From: Andrea Claudi +Date: Tue, 26 May 2020 18:04:10 +0200 +Subject: Revert "bpf: replace snprintf with asprintf when dealing with long + buffers" + +This reverts commit c0325b06382cb4f7ebfaf80c29c8800d74666fd9. +It introduces a segfault in bpf_make_custom_path() when custom pinning is used. + +This happens because asprintf allocates exactly the space needed to hold a +string in the buffer passed as its first argument, but if this buffer is later +used in strcat() or similar we have a buffer overrun. + +As the aim of commit c0325b06382c is simply to fix a compiler warning, it +seems safe and reasonable to revert it. + +Fixes: c0325b06382c ("bpf: replace snprintf with asprintf when dealing with long buffers") +Reported-by: Jamal Hadi Salim +Signed-off-by: Andrea Claudi +Signed-off-by: Stephen Hemminger +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=358abfe004a30bf3ed353c7f5dbc6afaf4212ecf +--- + lib/bpf.c | 155 ++++++++++++++++---------------------------------------------- + 1 file changed, 39 insertions(+), 116 deletions(-) + +diff --git a/lib/bpf.c b/lib/bpf.c +index 10cf9bf44..23cb0d96a 100644 +--- a/lib/bpf.c ++++ b/lib/bpf.c +@@ -406,21 +406,13 @@ static int bpf_derive_elf_map_from_fdinfo(int fd, struct bpf_elf_map *map, + struct bpf_map_ext *ext) + { + unsigned int val, owner_type = 0, owner_jited = 0; +- char *file = NULL; +- char buff[4096]; ++ char file[PATH_MAX], buff[4096]; + FILE *fp; +- int ret; + +- ret = asprintf(&file, "/proc/%d/fdinfo/%d", getpid(), fd); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- free(file); +- return ret; +- } ++ snprintf(file, sizeof(file), "/proc/%d/fdinfo/%d", getpid(), fd); + memset(map, 0, sizeof(*map)); + + fp = fopen(file, "r"); +- free(file); + if (!fp) { + fprintf(stderr, "No procfs support?!\n"); + return -EIO; +@@ -608,9 +600,8 @@ int bpf_trace_pipe(void) + 0, + }; + int fd_in, fd_out = STDERR_FILENO; +- char *tpipe = NULL; ++ char tpipe[PATH_MAX]; + const char *mnt; +- int ret; + + mnt = bpf_find_mntpt("tracefs", TRACEFS_MAGIC, tracefs_mnt, + sizeof(tracefs_mnt), tracefs_known_mnts); +@@ -619,15 +610,9 @@ int bpf_trace_pipe(void) + return -1; + } + +- ret = asprintf(&tpipe, "%s/trace_pipe", mnt); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- free(tpipe); +- return ret; +- } ++ snprintf(tpipe, sizeof(tpipe), "%s/trace_pipe", mnt); + + fd_in = open(tpipe, O_RDONLY); +- free(tpipe); + if (fd_in < 0) + return -1; + +@@ -648,50 +633,37 @@ int bpf_trace_pipe(void) + + static int bpf_gen_global(const char *bpf_sub_dir) + { +- char *bpf_glo_dir = NULL; ++ char bpf_glo_dir[PATH_MAX]; + int ret; + +- ret = asprintf(&bpf_glo_dir, "%s/%s/", bpf_sub_dir, BPF_DIR_GLOBALS); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- goto out; +- } ++ snprintf(bpf_glo_dir, sizeof(bpf_glo_dir), "%s/%s/", ++ bpf_sub_dir, BPF_DIR_GLOBALS); + + ret = mkdir(bpf_glo_dir, S_IRWXU); + if (ret && errno != EEXIST) { + fprintf(stderr, "mkdir %s failed: %s\n", bpf_glo_dir, + strerror(errno)); +- goto out; ++ return ret; + } + +- ret = 0; +-out: +- free(bpf_glo_dir); +- return ret; ++ return 0; + } + + static int bpf_gen_master(const char *base, const char *name) + { +- char *bpf_sub_dir = NULL; ++ char bpf_sub_dir[PATH_MAX + NAME_MAX + 1]; + int ret; + +- ret = asprintf(&bpf_sub_dir, "%s%s/", base, name); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- goto out; +- } ++ snprintf(bpf_sub_dir, sizeof(bpf_sub_dir), "%s%s/", base, name); + + ret = mkdir(bpf_sub_dir, S_IRWXU); + if (ret && errno != EEXIST) { + fprintf(stderr, "mkdir %s failed: %s\n", bpf_sub_dir, + strerror(errno)); +- goto out; ++ return ret; + } + +- ret = bpf_gen_global(bpf_sub_dir); +-out: +- free(bpf_sub_dir); +- return ret; ++ return bpf_gen_global(bpf_sub_dir); + } + + static int bpf_slave_via_bind_mnt(const char *full_name, +@@ -720,22 +692,13 @@ static int bpf_slave_via_bind_mnt(const char *full_name, + static int bpf_gen_slave(const char *base, const char *name, + const char *link) + { +- char *bpf_lnk_dir = NULL; +- char *bpf_sub_dir = NULL; ++ char bpf_lnk_dir[PATH_MAX + NAME_MAX + 1]; ++ char bpf_sub_dir[PATH_MAX + NAME_MAX]; + struct stat sb = {}; + int ret; + +- ret = asprintf(&bpf_lnk_dir, "%s%s/", base, link); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- goto out; +- } +- +- ret = asprintf(&bpf_sub_dir, "%s%s", base, name); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- goto out; +- } ++ snprintf(bpf_lnk_dir, sizeof(bpf_lnk_dir), "%s%s/", base, link); ++ snprintf(bpf_sub_dir, sizeof(bpf_sub_dir), "%s%s", base, name); + + ret = symlink(bpf_lnk_dir, bpf_sub_dir); + if (ret) { +@@ -743,30 +706,25 @@ static int bpf_gen_slave(const char *base, const char *name, + if (errno != EPERM) { + fprintf(stderr, "symlink %s failed: %s\n", + bpf_sub_dir, strerror(errno)); +- goto out; ++ return ret; + } + +- ret = bpf_slave_via_bind_mnt(bpf_sub_dir, bpf_lnk_dir); +- goto out; ++ return bpf_slave_via_bind_mnt(bpf_sub_dir, ++ bpf_lnk_dir); + } + + ret = lstat(bpf_sub_dir, &sb); + if (ret) { + fprintf(stderr, "lstat %s failed: %s\n", + bpf_sub_dir, strerror(errno)); +- goto out; ++ return ret; + } + +- if ((sb.st_mode & S_IFMT) != S_IFLNK) { +- ret = bpf_gen_global(bpf_sub_dir); +- goto out; +- } ++ if ((sb.st_mode & S_IFMT) != S_IFLNK) ++ return bpf_gen_global(bpf_sub_dir); + } + +-out: +- free(bpf_lnk_dir); +- free(bpf_sub_dir); +- return ret; ++ return 0; + } + + static int bpf_gen_hierarchy(const char *base) +@@ -784,7 +742,7 @@ static int bpf_gen_hierarchy(const char *base) + static const char *bpf_get_work_dir(enum bpf_prog_type type) + { + static char bpf_tmp[PATH_MAX] = BPF_DIR_MNT; +- static char *bpf_wrk_dir; ++ static char bpf_wrk_dir[PATH_MAX]; + static const char *mnt; + static bool bpf_mnt_cached; + const char *mnt_env = getenv(BPF_ENV_MNT); +@@ -823,12 +781,7 @@ static const char *bpf_get_work_dir(enum bpf_prog_type type) + } + } + +- ret = asprintf(&bpf_wrk_dir, "%s/", mnt); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- free(bpf_wrk_dir); +- goto out; +- } ++ snprintf(bpf_wrk_dir, sizeof(bpf_wrk_dir), "%s/", mnt); + + ret = bpf_gen_hierarchy(bpf_wrk_dir); + if (ret) { +@@ -1485,48 +1438,31 @@ static int bpf_probe_pinned(const char *name, const struct bpf_elf_ctx *ctx, + + static int bpf_make_obj_path(const struct bpf_elf_ctx *ctx) + { +- char *tmp = NULL; ++ char tmp[PATH_MAX]; + int ret; + +- ret = asprintf(&tmp, "%s/%s", bpf_get_work_dir(ctx->type), ctx->obj_uid); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- goto out; +- } ++ snprintf(tmp, sizeof(tmp), "%s/%s", bpf_get_work_dir(ctx->type), ++ ctx->obj_uid); + + ret = mkdir(tmp, S_IRWXU); + if (ret && errno != EEXIST) { + fprintf(stderr, "mkdir %s failed: %s\n", tmp, strerror(errno)); +- goto out; ++ return ret; + } + +- ret = 0; +-out: +- free(tmp); +- return ret; ++ return 0; + } + + static int bpf_make_custom_path(const struct bpf_elf_ctx *ctx, + const char *todo) + { +- char *tmp = NULL; +- char *rem = NULL; +- char *sub; ++ char tmp[PATH_MAX], rem[PATH_MAX], *sub; + int ret; + +- ret = asprintf(&tmp, "%s/../", bpf_get_work_dir(ctx->type)); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- goto out; +- } +- +- ret = asprintf(&rem, "%s/", todo); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- goto out; +- } +- ++ snprintf(tmp, sizeof(tmp), "%s/../", bpf_get_work_dir(ctx->type)); ++ snprintf(rem, sizeof(rem), "%s/", todo); + sub = strtok(rem, "/"); ++ + while (sub) { + if (strlen(tmp) + strlen(sub) + 2 > PATH_MAX) + return -EINVAL; +@@ -1538,17 +1474,13 @@ static int bpf_make_custom_path(const struct bpf_elf_ctx *ctx, + if (ret && errno != EEXIST) { + fprintf(stderr, "mkdir %s failed: %s\n", tmp, + strerror(errno)); +- goto out; ++ return ret; + } + + sub = strtok(NULL, "/"); + } + +- ret = 0; +-out: +- free(rem); +- free(tmp); +- return ret; ++ return 0; + } + + static int bpf_place_pinned(int fd, const char *name, +@@ -2655,23 +2587,14 @@ struct bpf_jited_aux { + + static int bpf_derive_prog_from_fdinfo(int fd, struct bpf_prog_data *prog) + { +- char *file = NULL; +- char buff[4096]; ++ char file[PATH_MAX], buff[4096]; + unsigned int val; + FILE *fp; +- int ret; +- +- ret = asprintf(&file, "/proc/%d/fdinfo/%d", getpid(), fd); +- if (ret < 0) { +- fprintf(stderr, "asprintf failed: %s\n", strerror(errno)); +- free(file); +- return ret; +- } + ++ snprintf(file, sizeof(file), "/proc/%d/fdinfo/%d", getpid(), fd); + memset(prog, 0, sizeof(*prog)); + + fp = fopen(file, "r"); +- free(file); + if (!fp) { + fprintf(stderr, "No procfs support?!\n"); + return -EIO; +-- +cgit 1.2.3-korg + diff --git a/backport-addr-Fix-noprefixroute-and-autojoin-for-IPv4.patch b/backport-addr-Fix-noprefixroute-and-autojoin-for-IPv4.patch new file mode 100644 index 0000000..87a6357 --- /dev/null +++ b/backport-addr-Fix-noprefixroute-and-autojoin-for-IPv4.patch @@ -0,0 +1,43 @@ +From be1bea843234878a936fdf854e511053d528bf75 Mon Sep 17 00:00:00 2001 +From: Stephen Hemminger +Date: Tue, 6 Oct 2020 15:15:56 -0700 +Subject: addr: Fix noprefixroute and autojoin for IPv4 + +These were reported as IPv6-only and ignored: + + # ip address add 192.0.2.2/24 dev dummy5 noprefixroute + Warning: noprefixroute option can be set only for IPv6 addresses + # ip address add 224.1.1.10/24 dev dummy5 autojoin + Warning: autojoin option can be set only for IPv6 addresses + +This enables them back for IPv4. + +Fixes: 9d59c86e575b5 ("iproute2: ip addr: Organize flag properties structurally") +Signed-off-by: Adel Belhouane +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=be1bea843234878a936fdf854e511053d528bf75 + +--- + ip/ipaddress.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ip/ipaddress.c b/ip/ipaddress.c +index ccf67d1dd..2b4cb48a4 100644 +--- a/ip/ipaddress.c ++++ b/ip/ipaddress.c +@@ -1249,8 +1249,8 @@ static const struct ifa_flag_data_t { + { .name = "tentative", .mask = IFA_F_TENTATIVE, .readonly = true, .v6only = true}, + { .name = "permanent", .mask = IFA_F_PERMANENT, .readonly = true, .v6only = true}, + { .name = "mngtmpaddr", .mask = IFA_F_MANAGETEMPADDR, .readonly = false, .v6only = true}, +- { .name = "noprefixroute", .mask = IFA_F_NOPREFIXROUTE, .readonly = false, .v6only = true}, +- { .name = "autojoin", .mask = IFA_F_MCAUTOJOIN, .readonly = false, .v6only = true}, ++ { .name = "noprefixroute", .mask = IFA_F_NOPREFIXROUTE, .readonly = false, .v6only = false}, ++ { .name = "autojoin", .mask = IFA_F_MCAUTOJOIN, .readonly = false, .v6only = false}, + { .name = "stable-privacy", .mask = IFA_F_STABLE_PRIVACY, .readonly = true, .v6only = true}, + }; + +-- +cgit 1.2.3-korg + diff --git a/backport-bridge-report-correct-version.patch b/backport-bridge-report-correct-version.patch new file mode 100644 index 0000000..5fa891b --- /dev/null +++ b/backport-bridge-report-correct-version.patch @@ -0,0 +1,29 @@ +From 7a49ff9d7906858ec75b69e9ad05af2bfd9cab4d Mon Sep 17 00:00:00 2001 +From: Stephen Hemminger +Date: Sun, 15 Nov 2020 08:58:52 -0800 +Subject: bridge: report correct version + +Signed-off-by: Stephen Hemminger +Conflict: printf("bridge utility, 5.10.0\n"); +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=7a49ff9d7906858ec75b69e9ad05af2bfd9cab4d + +--- + bridge/bridge.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bridge/bridge.c b/bridge/bridge.c +index 453d68973..1f1c907bb 100644 +--- a/bridge/bridge.c ++++ b/bridge/bridge.c +@@ -141,7 +141,7 @@ main(int argc, char **argv) + if (matches(opt, "-help") == 0) { + usage(); + } else if (matches(opt, "-Version") == 0) { +- printf("bridge utility, 0.0\n"); ++ printf("bridge utility, 5.10.0\n"); + exit(0); + } else if (matches(opt, "-stats") == 0 || + matches(opt, "-statistics") == 0) { +-- +cgit 1.2.3-korg + diff --git a/backport-devlink-fix-infinite-loop-on-flash-update-for-drivers-without-status.patch b/backport-devlink-fix-infinite-loop-on-flash-update-for-drivers-without-status.patch new file mode 100644 index 0000000..278fad7 --- /dev/null +++ b/backport-devlink-fix-infinite-loop-on-flash-update-for-drivers-without-status.patch @@ -0,0 +1,92 @@ +From 954a0077c83b7981271809391ac0712d24a48314 Mon Sep 17 00:00:00 2001 +From: Jacob Keller +Date: Thu, 5 Aug 2021 16:44:59 -0700 +Subject: devlink: fix infinite loop on flash update for drivers without status + +When processing device flash update, cmd_dev_flash function waits until +the flash process has completed. This requires the following two +conditions to both be true: + +a) we've received an exit status from the child process +b) we've received the DEVLINK_CMD_FLASH_UPDATE_END *or* + we haven't received any status notifications from the driver. + +The original devlink flash status monitoring code in 9b13cddfe268 +("devlink: implement flash status monitoring") was written assuming that +a driver will either send no status updates, or it will send at least +one DEVLINK_CMD_FLASH_UPDATE_STATUS before DEVLINK_CMD_FLASH_UPDATE_END. + +Newer versions of the kernel since commit 52cc5f3a166a ("devlink: move flash +end and begin to core devlink") in v5.10 moved handling of the +DEVLINK_CMD_FLASH_UPDATE_END into the core stack, and will send this +regardless of whether or not the driver sends any of its own status +notifications. + +The handling of DEVLINK_CMD_FLASH_UPDATE_END in cmd_dev_flash_status_cb +has an additional condition that it must not be the first message. +Otherwise, it falls back to treating it like +a DEVLINK_CMD_FLASH_UPDATE_STATUS. + +This is wrong because it can lead to an infinite loop if a driver does +not send any status updates. + +In this case, the kernel will send DEVLINK_CMD_FLASH_UPDATE_END without +any DEVLINK_CMD_FLASH_UPDATE_STATUS. The devlink application will see +that ctx->not_first is false, and will treat this like any other status +message. Thus, ctx->not_first will be set to 1. + +The loop condition to exit flash update will thus never be true, since +we will wait forever, because ctx->not_first is true, and +ctx->received_end is false. + +This leads to the application appearing to process the flash update, but +it will never exit. + +Fix this by simply always treating DEVLINK_CMD_FLASH_UPDATE_END the same +regardless of whether its the first message or not. + +This is obviously the correct thing to do: once we've received the +DEVLINK_CMD_FLASH_UPDATE_END the flash update must be finished. For new +kernels this is always true, because we send this message in the core +stack after the driver flash update routine finishes. + +For older kernels, some drivers may not have sent any +DEVLINK_CMD_FLASH_UPDATE_STATUS or DEVLINK_CMD_FLASH_UPDATE_END. This is +handled by the while loop conditional that exits if we get a return +value from the child process without having received any status +notifications. + +An argument could be made that we should exit immediately when we get +either the DEVLINK_CMD_FLASH_UPDATE_END or an exit code from the child +process. However, at a minimum it makes no sense to ever process +DEVLINK_CMD_FLASH_UPDATE_END as if it were a DEVLINK_CMD_FLASH_UPDATE_STATUS. + +This is easy to test as it is triggered by the selftests for the +netdevsim driver, which has a test case for both with and without status +notifications. + +Fixes: 9b13cddfe268 ("devlink: implement flash status monitoring") +Signed-off-by: Jacob Keller +Signed-off-by: Stephen Hemminger +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=954a0077c83b7981271809391ac0712d24a48314 +--- + devlink/devlink.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/devlink/devlink.c b/devlink/devlink.c +index b294fcd8f..9d3acc188 100644 +--- a/devlink/devlink.c ++++ b/devlink/devlink.c +@@ -3700,7 +3700,7 @@ static int cmd_dev_flash_status_cb(const struct nlmsghdr *nlh, void *data) + strcmp(dev_name, opts->dev_name)) + return MNL_CB_ERROR; + +- if (genl->cmd == DEVLINK_CMD_FLASH_UPDATE_END && ctx->not_first) { ++ if (genl->cmd == DEVLINK_CMD_FLASH_UPDATE_END) { + pr_out("\n"); + free(ctx->last_msg); + free(ctx->last_component); +-- +cgit 1.2.3-korg + diff --git a/backport-devlink-fix-memory-leak-in-cmd_dev_flash.patch b/backport-devlink-fix-memory-leak-in-cmd_dev_flash.patch new file mode 100644 index 0000000..ee09401 --- /dev/null +++ b/backport-devlink-fix-memory-leak-in-cmd_dev_flash.patch @@ -0,0 +1,63 @@ +From ec1346acbe9e5f0fe16242fc61b85d81f84ee592 Mon Sep 17 00:00:00 2001 +From: Andrea Claudi +Date: Fri, 11 Dec 2020 19:53:02 +0100 +Subject: devlink: fix memory leak in cmd_dev_flash() + +nlg_ntf is dinamically allocated in mnlg_socket_open(), and is freed on +the out: return path. However, some error paths do not free it, +resulting in memory leak. + +This commit fix this using mnlg_socket_close(), and reporting the +correct error number when required. + +Fixes: 9b13cddfe268 ("devlink: implement flash status monitoring") +Signed-off-by: Andrea Claudi +Signed-off-by: Stephen Hemminger +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=ec1346acbe9e5f0fe16242fc61b85d81f84ee592 +--- + devlink/devlink.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) + +diff --git a/devlink/devlink.c b/devlink/devlink.c +index ca99732ef..43549965c 100644 +--- a/devlink/devlink.c ++++ b/devlink/devlink.c +@@ -3371,19 +3371,21 @@ static int cmd_dev_flash(struct dl *dl) + + err = _mnlg_socket_group_add(nlg_ntf, DEVLINK_GENL_MCGRP_CONFIG_NAME); + if (err) +- return err; ++ goto err_socket; + + err = pipe(pipe_fds); +- if (err == -1) +- return -errno; ++ if (err == -1) { ++ err = -errno; ++ goto err_socket; ++ } + pipe_r = pipe_fds[0]; + pipe_w = pipe_fds[1]; + + pid = fork(); + if (pid == -1) { +- close(pipe_r); + close(pipe_w); +- return -errno; ++ err = -errno; ++ goto out; + } else if (!pid) { + /* In child, just execute the flash and pass returned + * value through pipe once it is done. +@@ -3412,6 +3414,7 @@ static int cmd_dev_flash(struct dl *dl) + err = _mnlg_socket_recv_run(dl->nlg, NULL, NULL); + out: + close(pipe_r); ++err_socket: + mnlg_socket_close(nlg_ntf); + return err; + } +-- +cgit 1.2.3-korg + diff --git a/backport-ipmonitor-Fix-recvmsg-with-ancillary-data.patch b/backport-ipmonitor-Fix-recvmsg-with-ancillary-data.patch new file mode 100644 index 0000000..c74fe0b --- /dev/null +++ b/backport-ipmonitor-Fix-recvmsg-with-ancillary-data.patch @@ -0,0 +1,60 @@ +From f760bff328316244b510986cf0ed7ee1c3c689ef Mon Sep 17 00:00:00 2001 +From: Lahav Schlesinger +Date: Thu, 15 Jul 2021 17:38:56 +0300 +Subject: ipmonitor: Fix recvmsg with ancillary data + +A successful call to recvmsg() causes msg.msg_controllen to contain the length +of the received ancillary data. However, the current code in the 'ip' utility +doesn't reset this value after each recvmsg(). + +This means that if a call to recvmsg() doesn't have ancillary data, then +'msg.msg_controllen' will be set to 0, causing future recvmsg() which do +contain ancillary data to get MSG_CTRUNC set in msg.msg_flags. + +This fixes 'ip monitor' running with the all-nsid option - With this option the +kernel passes the nsid as ancillary data. If while 'ip monitor' is running an +even on the current netns is received, then no ancillary data will be sent, +causing 'msg.msg_controllen' to be set to 0, which causes 'ip monitor' to +indefinitely print "[nsid current]" instead of the real nsid. + +Fixes: 449b824ad196 ("ipmonitor: allows to monitor in several netns") +Cc: Nicolas Dichtel +Signed-off-by: Lahav Schlesinger +Acked-by: Nicolas Dichtel +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=f760bff328316244b510986cf0ed7ee1c3c689ef +--- + lib/libnetlink.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/lib/libnetlink.c b/lib/libnetlink.c +index 6836c21c9..7e977a676 100644 +--- a/lib/libnetlink.c ++++ b/lib/libnetlink.c +@@ -1175,16 +1175,16 @@ int rtnl_listen(struct rtnl_handle *rtnl, + char buf[16384]; + char cmsgbuf[BUFSIZ]; + +- if (rtnl->flags & RTNL_HANDLE_F_LISTEN_ALL_NSID) { +- msg.msg_control = &cmsgbuf; +- msg.msg_controllen = sizeof(cmsgbuf); +- } +- + iov.iov_base = buf; + while (1) { + struct rtnl_ctrl_data ctrl; + struct cmsghdr *cmsg; + ++ if (rtnl->flags & RTNL_HANDLE_F_LISTEN_ALL_NSID) { ++ msg.msg_control = &cmsgbuf; ++ msg.msg_controllen = sizeof(cmsgbuf); ++ } ++ + iov.iov_len = sizeof(buf); + status = recvmsg(rtnl->fd, &msg, 0); + +-- +cgit 1.2.3-korg + diff --git a/backport-iproute2-fix-MPLS-label-parsing.patch b/backport-iproute2-fix-MPLS-label-parsing.patch new file mode 100644 index 0000000..bb1dede --- /dev/null +++ b/backport-iproute2-fix-MPLS-label-parsing.patch @@ -0,0 +1,58 @@ +From 72cc0bafb9f8af217283f7757397242cb7ca8b2d Mon Sep 17 00:00:00 2001 +From: Guillaume Nault +Date: Wed, 11 Mar 2020 16:16:36 +0100 +Subject: iproute2: fix MPLS label parsing + +The initial value of "label" in parse_mpls() is 0xffffffff. Therefore +we should test for this value, and not 0, to detect if a label has been +provided. The "!label" test not only fails to detect a missing label +parameter, it also prevents the use of the IPv4 explicit NULL label, +which actually equals 0. + +Reproducer: + $ ip link add name dm0 type dummy + $ tc qdisc add dev dm0 ingress + + $ tc filter add dev dm0 parent ffff: matchall action mpls push + Error: act_mpls: Label is required for MPLS push. + We have an error talking to the kernel + --> Filter was pushed to the kernel, where it got rejected. + + $ tc filter add dev dm0 parent ffff: matchall action mpls push label 0 + Error: argument "label" is required + --> Label 0 was rejected by iproute2. + +Expected result: + $ tc filter add dev dm0 parent ffff: matchall action mpls push + Error: argument "label" is required + --> Filter was directly rejected by iproute2. + + $ tc filter add dev dm0 parent ffff: matchall action mpls push label 0 + --> Filter is accepted. + +Signed-off-by: Guillaume Nault +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=72cc0bafb9f8af217283f7757397242cb7ca8b2d + +--- + tc/m_mpls.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tc/m_mpls.c b/tc/m_mpls.c +index 6f3a39f43..50eba01cb 100644 +--- a/tc/m_mpls.c ++++ b/tc/m_mpls.c +@@ -156,7 +156,7 @@ static int parse_mpls(struct action_util *a, int *argc_p, char ***argv_p, + } + } + +- if (action == TCA_MPLS_ACT_PUSH && !label) ++ if (action == TCA_MPLS_ACT_PUSH && label == 0xffffffff) + missarg("label"); + + if (action == TCA_MPLS_ACT_PUSH && proto && +-- +cgit 1.2.3-korg + diff --git a/backport-iproute2-ip-addr-Organize-flag-properties-structurally.patch b/backport-iproute2-ip-addr-Organize-flag-properties-structurally.patch new file mode 100644 index 0000000..dd3c26b --- /dev/null +++ b/backport-iproute2-ip-addr-Organize-flag-properties-structurally.patch @@ -0,0 +1,194 @@ +From 9d59c86e575b5373d73f021f569ae520bc229ec5 Mon Sep 17 00:00:00 2001 +From: "Ian K. Coolidge" +Date: Wed, 27 May 2020 11:03:45 -0700 +Subject: iproute2: ip addr: Organize flag properties structurally + +This creates a nice systematic way to check that the various flags are +mutable from userspace and that the address family is valid. + +Mutability properties are preserved to avoid introducing any behavioral +change in this CL. However, previously, immutable flags were ignored and +fell through to this confusing error: + +Error: either "local" is duplicate, or "dadfailed" is a garbage. + +But now, they just warn more explicitly: + +Warning: dadfailed option is not mutable from userspace +Signed-off-by: David Ahern + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=9d59c86e575b5373d73f021f569ae520bc229ec5 + +--- + ip/ipaddress.c | 112 ++++++++++++++++++++++++++++----------------------------- + 1 file changed, 55 insertions(+), 57 deletions(-) + +diff --git a/ip/ipaddress.c b/ip/ipaddress.c +index 80d27ce27..403f70109 100644 +--- a/ip/ipaddress.c ++++ b/ip/ipaddress.c +@@ -1233,52 +1233,63 @@ static unsigned int get_ifa_flags(struct ifaddrmsg *ifa, + ifa->ifa_flags; + } + +-/* Mapping from argument to address flag mask */ +-static const struct { ++/* Mapping from argument to address flag mask and attributes */ ++static const struct ifa_flag_data_t { + const char *name; +- unsigned long value; +-} ifa_flag_names[] = { +- { "secondary", IFA_F_SECONDARY }, +- { "temporary", IFA_F_SECONDARY }, +- { "nodad", IFA_F_NODAD }, +- { "optimistic", IFA_F_OPTIMISTIC }, +- { "dadfailed", IFA_F_DADFAILED }, +- { "home", IFA_F_HOMEADDRESS }, +- { "deprecated", IFA_F_DEPRECATED }, +- { "tentative", IFA_F_TENTATIVE }, +- { "permanent", IFA_F_PERMANENT }, +- { "mngtmpaddr", IFA_F_MANAGETEMPADDR }, +- { "noprefixroute", IFA_F_NOPREFIXROUTE }, +- { "autojoin", IFA_F_MCAUTOJOIN }, +- { "stable-privacy", IFA_F_STABLE_PRIVACY }, ++ unsigned long mask; ++ bool readonly; ++ bool v6only; ++} ifa_flag_data[] = { ++ { .name = "secondary", .mask = IFA_F_SECONDARY, .readonly = true, .v6only = false}, ++ { .name = "temporary", .mask = IFA_F_SECONDARY, .readonly = true, .v6only = false}, ++ { .name = "nodad", .mask = IFA_F_NODAD, .readonly = false, .v6only = true}, ++ { .name = "optimistic", .mask = IFA_F_OPTIMISTIC, .readonly = true, .v6only = true}, ++ { .name = "dadfailed", .mask = IFA_F_DADFAILED, .readonly = true, .v6only = true}, ++ { .name = "home", .mask = IFA_F_HOMEADDRESS, .readonly = false, .v6only = true}, ++ { .name = "deprecated", .mask = IFA_F_DEPRECATED, .readonly = true, .v6only = true}, ++ { .name = "tentative", .mask = IFA_F_TENTATIVE, .readonly = true, .v6only = true}, ++ { .name = "permanent", .mask = IFA_F_PERMANENT, .readonly = true, .v6only = true}, ++ { .name = "mngtmpaddr", .mask = IFA_F_MANAGETEMPADDR, .readonly = false, .v6only = true}, ++ { .name = "noprefixroute", .mask = IFA_F_NOPREFIXROUTE, .readonly = false, .v6only = true}, ++ { .name = "autojoin", .mask = IFA_F_MCAUTOJOIN, .readonly = false, .v6only = true}, ++ { .name = "stable-privacy", .mask = IFA_F_STABLE_PRIVACY, .readonly = true, .v6only = true}, + }; + ++/* Returns a pointer to the data structure for a particular interface flag, or null if no flag could be found */ ++static const struct ifa_flag_data_t* lookup_flag_data_by_name(const char* flag_name) { ++ for (int i = 0; i < ARRAY_SIZE(ifa_flag_data); ++i) { ++ if (strcmp(flag_name, ifa_flag_data[i].name) == 0) ++ return &ifa_flag_data[i]; ++ } ++ return NULL; ++} ++ + static void print_ifa_flags(FILE *fp, const struct ifaddrmsg *ifa, + unsigned int flags) + { + unsigned int i; + +- for (i = 0; i < ARRAY_SIZE(ifa_flag_names); i++) { +- unsigned long mask = ifa_flag_names[i].value; ++ for (i = 0; i < ARRAY_SIZE(ifa_flag_data); i++) { ++ const struct ifa_flag_data_t* flag_data = &ifa_flag_data[i]; + +- if (mask == IFA_F_PERMANENT) { +- if (!(flags & mask)) ++ if (flag_data->mask == IFA_F_PERMANENT) { ++ if (!(flags & flag_data->mask)) + print_bool(PRINT_ANY, + "dynamic", "dynamic ", true); +- } else if (flags & mask) { +- if (mask == IFA_F_SECONDARY && ++ } else if (flags & flag_data->mask) { ++ if (flag_data->mask == IFA_F_SECONDARY && + ifa->ifa_family == AF_INET6) { + print_bool(PRINT_ANY, + "temporary", "temporary ", true); + } else { + print_string(PRINT_FP, NULL, +- "%s ", ifa_flag_names[i].name); ++ "%s ", flag_data->name); + print_bool(PRINT_JSON, +- ifa_flag_names[i].name, NULL, true); ++ flag_data->name, NULL, true); + } + } + +- flags &= ~mask; ++ flags &= ~flag_data->mask; + } + + if (flags) { +@@ -1297,7 +1308,6 @@ static void print_ifa_flags(FILE *fp, const struct ifaddrmsg *ifa, + static int get_filter(const char *arg) + { + bool inv = false; +- unsigned int i; + + if (arg[0] == '-') { + inv = true; +@@ -1313,18 +1323,16 @@ static int get_filter(const char *arg) + arg = "secondary"; + } + +- for (i = 0; i < ARRAY_SIZE(ifa_flag_names); i++) { +- if (strcmp(arg, ifa_flag_names[i].name)) +- continue; ++ const struct ifa_flag_data_t* flag_data = lookup_flag_data_by_name(arg); ++ if (flag_data == NULL) ++ return -1; + +- if (inv) +- filter.flags &= ~ifa_flag_names[i].value; +- else +- filter.flags |= ifa_flag_names[i].value; +- filter.flagmask |= ifa_flag_names[i].value; +- return 0; +- } +- return -1; ++ if (inv) ++ filter.flags &= ~flag_data->mask; ++ else ++ filter.flags |= flag_data->mask; ++ filter.flagmask |= flag_data->mask; ++ return 0; + } + + static int ifa_label_match_rta(int ifindex, const struct rtattr *rta) +@@ -2330,25 +2338,15 @@ static int ipaddr_modify(int cmd, int flags, int argc, char **argv) + preferred_lftp = *argv; + if (set_lifetime(&preferred_lft, *argv)) + invarg("preferred_lft value", *argv); +- } else if (strcmp(*argv, "home") == 0) { +- if (req.ifa.ifa_family == AF_INET6) +- ifa_flags |= IFA_F_HOMEADDRESS; +- else +- fprintf(stderr, "Warning: home option can be set only for IPv6 addresses\n"); +- } else if (strcmp(*argv, "nodad") == 0) { +- if (req.ifa.ifa_family == AF_INET6) +- ifa_flags |= IFA_F_NODAD; +- else +- fprintf(stderr, "Warning: nodad option can be set only for IPv6 addresses\n"); +- } else if (strcmp(*argv, "mngtmpaddr") == 0) { +- if (req.ifa.ifa_family == AF_INET6) +- ifa_flags |= IFA_F_MANAGETEMPADDR; +- else +- fprintf(stderr, "Warning: mngtmpaddr option can be set only for IPv6 addresses\n"); +- } else if (strcmp(*argv, "noprefixroute") == 0) { +- ifa_flags |= IFA_F_NOPREFIXROUTE; +- } else if (strcmp(*argv, "autojoin") == 0) { +- ifa_flags |= IFA_F_MCAUTOJOIN; ++ } else if (lookup_flag_data_by_name(*argv)) { ++ const struct ifa_flag_data_t* flag_data = lookup_flag_data_by_name(*argv); ++ if (flag_data->readonly) { ++ fprintf(stderr, "Warning: %s option is not mutable from userspace\n", flag_data->name); ++ } else if (flag_data->v6only && req.ifa.ifa_family != AF_INET6) { ++ fprintf(stderr, "Warning: %s option can be set only for IPv6 addresses\n", flag_data->name); ++ } else { ++ ifa_flags |= flag_data->mask; ++ } + } else { + if (strcmp(*argv, "local") == 0) + NEXT_ARG(); +-- +cgit 1.2.3-korg + diff --git a/backport-iproute2-ip-maddress-Check-multiaddr-length.patch b/backport-iproute2-ip-maddress-Check-multiaddr-length.patch new file mode 100644 index 0000000..011c363 --- /dev/null +++ b/backport-iproute2-ip-maddress-Check-multiaddr-length.patch @@ -0,0 +1,61 @@ +From 7e7a1d107b7f2bb729836de25c4983f9615a2aa1 Mon Sep 17 00:00:00 2001 +From: Sascha Hauer +Date: Mon, 17 Aug 2020 13:25:19 +0200 +Subject: iproute2: ip maddress: Check multiaddr length + +ip maddress add|del takes a MAC address as argument, so insist on +getting a length of ETH_ALEN bytes. This makes sure the passed argument +is actually a MAC address and especially not an IPv4 address which +was previously accepted and silently taken as a MAC address. + +While at it, do not print *argv in the error path as this has been +modified by ll_addr_a2n() and doesn't contain the full string anymore, +which can lead to misleading error messages. + +Also while at it, replace the hardcoded buffer size with the actual +buffer size using sizeof(). + +Signed-off-by: Sascha Hauer +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=7e7a1d107b7f2bb729836de25c4983f9615a2aa1 + +--- + ip/ipmaddr.c | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/ip/ipmaddr.c b/ip/ipmaddr.c +index 3400e055a..d41ac63a7 100644 +--- a/ip/ipmaddr.c ++++ b/ip/ipmaddr.c +@@ -291,7 +291,7 @@ static int multiaddr_modify(int cmd, int argc, char **argv) + { + struct ifreq ifr = {}; + int family; +- int fd; ++ int fd, len; + + if (cmd == RTM_NEWADDR) + cmd = SIOCADDMULTI; +@@ -313,9 +313,14 @@ static int multiaddr_modify(int cmd, int argc, char **argv) + usage(); + if (ifr.ifr_hwaddr.sa_data[0]) + duparg("address", *argv); +- if (ll_addr_a2n(ifr.ifr_hwaddr.sa_data, +- 14, *argv) < 0) { +- fprintf(stderr, "Error: \"%s\" is not a legal ll address.\n", *argv); ++ len = ll_addr_a2n(ifr.ifr_hwaddr.sa_data, ++ sizeof(ifr.ifr_hwaddr.sa_data), ++ *argv); ++ if (len < 0) ++ exit(1); ++ ++ if (len != ETH_ALEN) { ++ fprintf(stderr, "Error: Invalid address length %d - must be %d bytes\n", len, ETH_ALEN); + exit(1); + } + } +-- +cgit 1.2.3-korg + diff --git a/backport-lnstat-fix-buffer-overflow-in-header-output.patch b/backport-lnstat-fix-buffer-overflow-in-header-output.patch new file mode 100644 index 0000000..12a1c3d --- /dev/null +++ b/backport-lnstat-fix-buffer-overflow-in-header-output.patch @@ -0,0 +1,39 @@ +From be31c2648487596f23096278dacd86bf88305a14 Mon Sep 17 00:00:00 2001 +From: jiangheng" +Date: Wed, 17 Nov 2021 13:41:10 -0800 +Subject: lnstat: fix buffer overflow in header output + +Running lnstat will cause core dump from reading past end of array. + +Segmentation fault (core dumped) + +The maximum value of th.num_lines is HDR_LINES(10), h should not be equal to th.num_lines, array th.hdr may be out of bounds. + +Signed-off-by jiangheng +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=be31c2648487596f23096278dacd86bf88305a14 + +--- + misc/lnstat.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/misc/lnstat.c b/misc/lnstat.c +index 89cb0e7e2..98904d45e 100644 +--- a/misc/lnstat.c ++++ b/misc/lnstat.c +@@ -210,8 +210,9 @@ static struct table_hdr *build_hdr_string(struct lnstat_file *lnstat_files, + } + ofs += width+1; + } ++ + /* fill in spaces */ +- for (h = 1; h <= th.num_lines; h++) { ++ for (h = 1; h < th.num_lines; h++) { + for (i = 0; i < ofs; i++) { + if (th.hdr[h][i] == '\0') + th.hdr[h][i] = ' '; +-- +cgit 1.2.3-korg + diff --git a/backport-nexthop-fix-error-reporting-in-filter-dump.patch b/backport-nexthop-fix-error-reporting-in-filter-dump.patch new file mode 100644 index 0000000..97742c3 --- /dev/null +++ b/backport-nexthop-fix-error-reporting-in-filter-dump.patch @@ -0,0 +1,43 @@ +From d9b868436a6fce8986560178c6d1a78072e21861 Mon Sep 17 00:00:00 2001 +From: Andrea Claudi +Date: Tue, 10 Mar 2020 13:15:17 +0100 +Subject: nexthop: fix error reporting in filter dump + +nh_dump_filter is missing a return value check in two cases. +Fix this simply adding an assignment to the proper variable. + +Fixes: 63df8e8543b03 ("Add support for nexthop objects") +Signed-off-by: Andrea Claudi +Reviewed-by: David Ahern +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=d9b868436a6fce8986560178c6d1a78072e21861 + +--- + ip/ipnexthop.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ip/ipnexthop.c b/ip/ipnexthop.c +index 9f860c8ce..99f89630e 100644 +--- a/ip/ipnexthop.c ++++ b/ip/ipnexthop.c +@@ -59,13 +59,13 @@ static int nh_dump_filter(struct nlmsghdr *nlh, int reqlen) + } + + if (filter.groups) { +- addattr_l(nlh, reqlen, NHA_GROUPS, NULL, 0); ++ err = addattr_l(nlh, reqlen, NHA_GROUPS, NULL, 0); + if (err) + return err; + } + + if (filter.master) { +- addattr32(nlh, reqlen, NHA_MASTER, filter.master); ++ err = addattr32(nlh, reqlen, NHA_MASTER, filter.master); + if (err) + return err; + } +-- +cgit 1.2.3-korg + diff --git a/backport-nstat-print-useful-error-messages-in-abort-cases.patch b/backport-nstat-print-useful-error-messages-in-abort-cases.patch new file mode 100644 index 0000000..3aa9cfc --- /dev/null +++ b/backport-nstat-print-useful-error-messages-in-abort-cases.patch @@ -0,0 +1,117 @@ +From 2c7056ac26412fe99443a283f0c1261cb81ccea2 Mon Sep 17 00:00:00 2001 +From: Andrea Claudi +Date: Mon, 17 Feb 2020 14:46:18 +0100 +Subject: nstat: print useful error messages in abort() cases +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When nstat temporary file is corrupted or in some other corner cases, +nstat use abort() to stop its execution. This can puzzle some users, +wondering what is the reason for the crash. + +This commit replaces abort() with some meaningful error messages and exit() + +Reported-by: Renaud Métrich +Signed-off-by: Andrea Claudi +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=2c7056ac26412fe99443a283f0c1261cb81ccea2 + +--- + misc/nstat.c | 47 +++++++++++++++++++++++++++++++++-------------- + 1 file changed, 33 insertions(+), 14 deletions(-) + +diff --git a/misc/nstat.c b/misc/nstat.c +index 23113b223..425e75ef4 100644 +--- a/misc/nstat.c ++++ b/misc/nstat.c +@@ -142,14 +142,19 @@ static void load_good_table(FILE *fp) + } + /* idbuf is as big as buf, so this is safe */ + nr = sscanf(buf, "%s%llu%lg", idbuf, &val, &rate); +- if (nr < 2) +- abort(); ++ if (nr < 2) { ++ fprintf(stderr, "%s:%d: error parsing history file\n", ++ __FILE__, __LINE__); ++ exit(-2); ++ } + if (nr < 3) + rate = 0; + if (useless_number(idbuf)) + continue; +- if ((n = malloc(sizeof(*n))) == NULL) +- abort(); ++ if ((n = malloc(sizeof(*n))) == NULL) { ++ perror("nstat: malloc"); ++ exit(-1); ++ } + n->id = strdup(idbuf); + n->val = val; + n->rate = rate; +@@ -190,8 +195,11 @@ static void load_ugly_table(FILE *fp) + int count1, count2, skip = 0; + + p = strchr(buf, ':'); +- if (!p) +- abort(); ++ if (!p) { ++ fprintf(stderr, "%s:%d: error parsing history file\n", ++ __FILE__, __LINE__); ++ exit(-2); ++ } + count1 = count_spaces(buf); + *p = 0; + idbuf[0] = 0; +@@ -211,8 +219,10 @@ static void load_ugly_table(FILE *fp) + strncat(idbuf, p, sizeof(idbuf) - off - 1); + } + n = malloc(sizeof(*n)); +- if (!n) +- abort(); ++ if (!n) { ++ perror("nstat: malloc"); ++ exit(-1); ++ } + n->id = strdup(idbuf); + n->rate = 0; + n->next = db; +@@ -221,18 +231,27 @@ static void load_ugly_table(FILE *fp) + } + n = db; + nread = getline(&buf, &buflen, fp); +- if (nread == -1) +- abort(); ++ if (nread == -1) { ++ fprintf(stderr, "%s:%d: error parsing history file\n", ++ __FILE__, __LINE__); ++ exit(-2); ++ } + count2 = count_spaces(buf); + if (count2 > count1) + skip = count2 - count1; + do { + p = strrchr(buf, ' '); +- if (!p) +- abort(); ++ if (!p) { ++ fprintf(stderr, "%s:%d: error parsing history file\n", ++ __FILE__, __LINE__); ++ exit(-2); ++ } + *p = 0; +- if (sscanf(p+1, "%llu", &n->val) != 1) +- abort(); ++ if (sscanf(p+1, "%llu", &n->val) != 1) { ++ fprintf(stderr, "%s:%d: error parsing history file\n", ++ __FILE__, __LINE__); ++ exit(-2); ++ } + /* Trick to skip "dummy" trailing ICMP MIB in 2.4 */ + if (skip) + skip--; +-- +cgit 1.2.3-korg + diff --git a/backport-q_cake-Make-fwmark-uint-instead-of-int.patch b/backport-q_cake-Make-fwmark-uint-instead-of-int.patch new file mode 100644 index 0000000..e8841a6 --- /dev/null +++ b/backport-q_cake-Make-fwmark-uint-instead-of-int.patch @@ -0,0 +1,72 @@ +From 6f883f168cf9e1f3be208a10d671a54d781e75a5 Mon Sep 17 00:00:00 2001 +From: Odin Ugedal +Date: Wed, 15 Apr 2020 16:39:34 +0200 +Subject: q_cake: Make fwmark uint instead of int +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This will help avoid overflow, since setting it to 0xffffffff would +result in -1 when converted to integer, resulting in being "-1", setting +the fwmark to 0x00. + +Signed-off-by: Odin Ugedal +Acked-by: Toke Høiland-Jørgensen +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=6f883f168cf9e1f3be208a10d671a54d781e75a5 + +--- + tc/q_cake.c | 9 +++------ + 1 file changed, 3 insertions(+), 6 deletions(-) + +diff --git a/tc/q_cake.c b/tc/q_cake.c +index 3c78b1767..9ebb270c1 100644 +--- a/tc/q_cake.c ++++ b/tc/q_cake.c +@@ -97,6 +97,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, + unsigned int interval = 0; + unsigned int diffserv = 0; + unsigned int memlimit = 0; ++ unsigned int fwmark = 0; + unsigned int target = 0; + __u64 bandwidth = 0; + int ack_filter = -1; +@@ -107,7 +108,6 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, + int autorate = -1; + int ingress = -1; + int overhead = 0; +- int fwmark = -1; + int wash = -1; + int nat = -1; + int atm = -1; +@@ -335,15 +335,12 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, + return -1; + } + } else if (strcmp(*argv, "fwmark") == 0) { +- unsigned int fwm; +- + NEXT_ARG(); +- if (get_u32(&fwm, *argv, 0)) { ++ if (get_u32(&fwmark, *argv, 0)) { + fprintf(stderr, + "Illegal value for \"fwmark\": \"%s\"\n", *argv); + return -1; + } +- fwmark = fwm; + } else if (strcmp(*argv, "help") == 0) { + explain(); + return -1; +@@ -388,7 +385,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, + if (memlimit) + addattr_l(n, 1024, TCA_CAKE_MEMORY, &memlimit, + sizeof(memlimit)); +- if (fwmark != -1) ++ if (fwmark) + addattr_l(n, 1024, TCA_CAKE_FWMARK, &fwmark, + sizeof(fwmark)); + if (nat != -1) +-- +cgit 1.2.3-korg + diff --git a/backport-q_cake-allow-changing-to-diffserv3.patch b/backport-q_cake-allow-changing-to-diffserv3.patch index f7fd6f8..cdf6a6d 100644 --- a/backport-q_cake-allow-changing-to-diffserv3.patch +++ b/backport-q_cake-allow-changing-to-diffserv3.patch @@ -18,12 +18,13 @@ Acked-by: Toke Høiland-Jørgensen Signed-off-by: Stephen Hemminger Conflict: remove fwmark variable declaration Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=eb4206ecd0342ff92b1a85b7dae3d4fd1b5be1c6 + --- tc/q_cake.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tc/q_cake.c b/tc/q_cake.c -index 4cfc1c0..c438b76 100644 +index c791428..cf630c8 100644 --- a/tc/q_cake.c +++ b/tc/q_cake.c @@ -95,7 +95,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, @@ -33,9 +34,9 @@ index 4cfc1c0..c438b76 100644 - unsigned int diffserv = 0; + int diffserv = -1; unsigned int memlimit = 0; + unsigned int fwmark = 0; unsigned int target = 0; - __u64 bandwidth = 0; -@@ -360,7 +360,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, +@@ -357,7 +357,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, if (bandwidth || unlimited) addattr_l(n, 1024, TCA_CAKE_BASE_RATE64, &bandwidth, sizeof(bandwidth)); @@ -45,5 +46,5 @@ index 4cfc1c0..c438b76 100644 sizeof(diffserv)); if (atm != -1) -- -1.8.3.1 +2.23.0 diff --git a/backport-tc-m_action-check-cookie-hex-string-len.patch b/backport-tc-m_action-check-cookie-hex-string-len.patch new file mode 100644 index 0000000..e883bbc --- /dev/null +++ b/backport-tc-m_action-check-cookie-hex-string-len.patch @@ -0,0 +1,36 @@ +From 0149dabf2a1bad2f210ca2d987b29083247b7bd0 Mon Sep 17 00:00:00 2001 +From: Jiri Pirko +Date: Mon, 27 Apr 2020 08:10:55 +0200 +Subject: tc: m_action: check cookie hex string len + +Check the cookie hex string len is dividable by 2 as the valid hex +string always should be. + +Reported-by: Alex Kushnarov +Signed-off-by: Jiri Pirko +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=0149dabf2a1bad2f210ca2d987b29083247b7bd0 + +--- + tc/m_action.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tc/m_action.c b/tc/m_action.c +index 108329db2..b41782de9 100644 +--- a/tc/m_action.c ++++ b/tc/m_action.c +@@ -291,7 +291,8 @@ done0: + invarg(cookie_err_m, *argv); + } + +- if (hex2mem(*argv, act_ck, slen / 2) < 0) ++ if (slen % 2 || ++ hex2mem(*argv, act_ck, slen / 2) < 0) + invarg("cookie must be a hex string\n", + *argv); + +-- +cgit 1.2.3-korg + diff --git a/backport-tc-m_estimator-Print-proper-value-for-estimator-interval-in-raw.patch b/backport-tc-m_estimator-Print-proper-value-for-estimator-interval-in-raw.patch new file mode 100644 index 0000000..3277724 --- /dev/null +++ b/backport-tc-m_estimator-Print-proper-value-for-estimator-interval-in-raw.patch @@ -0,0 +1,46 @@ +From 66702fb9baf277b2eb6d44a7983d5333ca2a0a2c Mon Sep 17 00:00:00 2001 +From: Jamie Gloudon +Date: Fri, 17 Jul 2020 11:05:30 -0400 +Subject: tc/m_estimator: Print proper value for estimator interval in raw. + +While looking at the estimator code, I noticed an incorrect interval +number printed in raw for the handles. This patch fixes the formatting. + +Before patch: + +root@bytecenter.fr:~# tc -r filter add dev eth0 ingress estimator +250ms 999ms matchall action police avrate 12mbit conform-exceed drop +[estimator i=4294967294 e=2] + +After patch: + +root@bytecenter.fr:~# tc -r filter add dev eth0 ingress estimator +250ms 999ms matchall action police avrate 12mbit conform-exceed drop +[estimator i=-2 e=2] + +Signed-off-by: Jamie Gloudon +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=66702fb9baf277b2eb6d44a7983d5333ca2a0a2c + +--- + tc/m_estimator.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tc/m_estimator.c b/tc/m_estimator.c +index ef62e1bba..b5f4c860c 100644 +--- a/tc/m_estimator.c ++++ b/tc/m_estimator.c +@@ -57,7 +57,7 @@ int parse_estimator(int *p_argc, char ***p_argv, struct tc_estimator *est) + return -1; + } + if (show_raw) +- fprintf(stderr, "[estimator i=%u e=%u]\n", est->interval, est->ewma_log); ++ fprintf(stderr, "[estimator i=%hhd e=%u]\n", est->interval, est->ewma_log); + *p_argc = argc; + *p_argv = argv; + return 0; +-- +cgit 1.2.3-korg + diff --git a/backport-tc-u32-Fix-key-folding-in-sample-option.patch b/backport-tc-u32-Fix-key-folding-in-sample-option.patch new file mode 100644 index 0000000..5de023e --- /dev/null +++ b/backport-tc-u32-Fix-key-folding-in-sample-option.patch @@ -0,0 +1,58 @@ +From 9b7ea92b9e3feff2876f772ace01148b7406839c Mon Sep 17 00:00:00 2001 +From: Phil Sutter +Date: Wed, 4 Aug 2021 11:18:28 +0200 +Subject: tc: u32: Fix key folding in sample option + +In between Linux kernel 2.4 and 2.6, key folding for hash tables changed +in kernel space. When iproute2 dropped support for the older algorithm, +the wrong code was removed and kernel 2.4 folding method remained in +place. To get things functional for recent kernels again, restoring the +old code alone was not sufficient - additional byteorder fixes were +needed. + +While being at it, make use of ffs() and thereby align the code with how +kernel determines the shift width. + +Fixes: 267480f55383c ("Backout the 2.4 utsname hash patch.") +Signed-off-by: Phil Sutter +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=9b7ea92b9e3feff2876f772ace01148b7406839c + +--- + tc/f_u32.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/tc/f_u32.c b/tc/f_u32.c +index 2ed5254a4..a5747f671 100644 +--- a/tc/f_u32.c ++++ b/tc/f_u32.c +@@ -978,6 +978,13 @@ show_k: + goto show_k; + } + ++static __u32 u32_hash_fold(struct tc_u32_key *key) ++{ ++ __u8 fshift = key->mask ? ffs(ntohl(key->mask)) - 1 : 0; ++ ++ return ntohl(key->val & key->mask) >> fshift; ++} ++ + static int u32_parse_opt(struct filter_util *qu, char *handle, + int argc, char **argv, struct nlmsghdr *n) + { +@@ -1110,9 +1117,7 @@ static int u32_parse_opt(struct filter_util *qu, char *handle, + } + NEXT_ARG(); + } +- hash = sel2.sel.keys[0].val & sel2.sel.keys[0].mask; +- hash ^= hash >> 16; +- hash ^= hash >> 8; ++ hash = u32_hash_fold(&sel2.keys[0]); + htid = ((hash % divisor) << 12) | (htid & 0xFFF00000); + sample_ok = 1; + continue; +-- +cgit 1.2.3-korg + diff --git a/backport-tc_util-detect-overflow-in-get_size.patch b/backport-tc_util-detect-overflow-in-get_size.patch new file mode 100644 index 0000000..f12fe77 --- /dev/null +++ b/backport-tc_util-detect-overflow-in-get_size.patch @@ -0,0 +1,44 @@ +From e07c57e94e27d2f15bfb9de4db7ca3ab9d9368ed Mon Sep 17 00:00:00 2001 +From: Odin Ugedal +Date: Thu, 16 Apr 2020 16:08:14 +0200 +Subject: tc_util: detect overflow in get_size + +This detects overflow during parsing of value using get_size: + +eg. running: + +$ tc qdisc add dev lo root cake memlimit 11gb + +currently gives a memlimit of "3072Mb", while with this patch it errors +with 'illegal value for "memlimit": "11gb"', since memlinit is an +unsigned integer. + +Signed-off-by: Odin Ugedal +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=e07c57e94e27d2f15bfb9de4db7ca3ab9d9368ed + +--- + tc/tc_util.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tc/tc_util.c b/tc/tc_util.c +index 5f13d729b..68938fb0c 100644 +--- a/tc/tc_util.c ++++ b/tc/tc_util.c +@@ -385,6 +385,11 @@ int get_size(unsigned int *size, const char *str) + } + + *size = sz; ++ ++ /* detect if an overflow happened */ ++ if (*size != floor(sz)) ++ return -1; ++ + return 0; + } + +-- +cgit 1.2.3-korg + diff --git a/backport-tipc-bail-out-if-algname-is-abnormally-long.patch b/backport-tipc-bail-out-if-algname-is-abnormally-long.patch new file mode 100644 index 0000000..d1526d1 --- /dev/null +++ b/backport-tipc-bail-out-if-algname-is-abnormally-long.patch @@ -0,0 +1,49 @@ +From 93c267bfb49267fd94f68c3d014fc5909645de06 Mon Sep 17 00:00:00 2001 +From: Andrea Claudi +Date: Sat, 1 May 2021 18:32:29 +0200 +Subject: tipc: bail out if algname is abnormally long + +tipc segfaults when called with an abnormally long algname: + +$ tipc node set key 0x1234 algname supercalifragilistichespiralidososupercalifragilistichespiralidoso +*** buffer overflow detected ***: terminated + +Fix this returning an error if provided algname is longer than +TIPC_AEAD_ALG_NAME. + +Fixes: 24bee3bf9752 ("tipc: add new commands to set TIPC AEAD key") +Signed-off-by: Andrea Claudi +Signed-off-by: David Ahern + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=93c267bfb49267fd94f68c3d014fc5909645de06 + +--- + tipc/node.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/tipc/node.c b/tipc/node.c +index ae75bfff7..bf592a074 100644 +--- a/tipc/node.c ++++ b/tipc/node.c +@@ -236,10 +236,15 @@ get_ops: + + /* Get algorithm name, default: "gcm(aes)" */ + opt_algname = get_opt(opts, "algname"); +- if (!opt_algname) ++ if (!opt_algname) { + strcpy(input.key.alg_name, "gcm(aes)"); +- else ++ } else { ++ if (strlen(opt_algname->val) > TIPC_AEAD_ALG_NAME) { ++ fprintf(stderr, "error, invalid algname\n"); ++ return -EINVAL; ++ } + strcpy(input.key.alg_name, opt_algname->val); ++ } + + /* Get node identity */ + opt_nodeid = get_opt(opts, "nodeid"); +-- +cgit 1.2.3-korg + diff --git a/backport-tipc-bail-out-if-key-is-abnormally-long.patch b/backport-tipc-bail-out-if-key-is-abnormally-long.patch new file mode 100644 index 0000000..98331ff --- /dev/null +++ b/backport-tipc-bail-out-if-key-is-abnormally-long.patch @@ -0,0 +1,41 @@ +From 28ee49e5153b02698f100ad4e390fe700f7bcf32 Mon Sep 17 00:00:00 2001 +From: Andrea Claudi +Date: Sat, 1 May 2021 18:32:30 +0200 +Subject: tipc: bail out if key is abnormally long + +tipc segfaults when called with an abnormally long key: + +$ tipc node set key 0123456789abcdef0123456789abcdef0123456789abcdef +*** buffer overflow detected ***: terminated + +Fix this returning an error if key length is longer than +TIPC_AEAD_KEYLEN_MAX. + +Fixes: 24bee3bf9752 ("tipc: add new commands to set TIPC AEAD key") +Signed-off-by: Andrea Claudi +Signed-off-by: David Ahern + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=28ee49e5153b02698f100ad4e390fe700f7bcf32 + +--- + tipc/misc.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/tipc/misc.c b/tipc/misc.c +index 1daf3072a..909975d8b 100644 +--- a/tipc/misc.c ++++ b/tipc/misc.c +@@ -113,6 +113,9 @@ int str2key(char *str, struct tipc_aead_key *key) + } + } + ++ if (len > TIPC_AEAD_KEYLEN_MAX) ++ return -1; ++ + /* Obtain key: */ + if (!ishex) { + key->keylen = len; +-- +cgit 1.2.3-korg + diff --git a/backport-utils-Fix-BIT-to-support-up-to-64-bits-on-all-architectures.patch b/backport-utils-Fix-BIT-to-support-up-to-64-bits-on-all-architectures.patch new file mode 100644 index 0000000..38a80e1 --- /dev/null +++ b/backport-utils-Fix-BIT-to-support-up-to-64-bits-on-all-architectures.patch @@ -0,0 +1,45 @@ +From 4ac0383a598d4bddf13cbd8272f0ea7711614b79 Mon Sep 17 00:00:00 2001 +From: Ben Hutchings +Date: Tue, 29 Jun 2021 01:24:46 +0200 +Subject: utils: Fix BIT() to support up to 64 bits on all architectures + +devlink and vdpa use BIT() together with 64-bit flag fields. devlink +is already using bit numbers greater than 31 and so does not work +correctly on 32-bit architectures. + +Fix this by making BIT() use uint64_t instead of unsigned long. + +Signed-off-by: Ben Hutchings +Signed-off-by: Stephen Hemminger + +Conflict:NA +Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=4ac0383a598d4bddf13cbd8272f0ea7711614b79 + +--- + include/utils.h | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/include/utils.h b/include/utils.h +index 187444d52..70db9f609 100644 +--- a/include/utils.h ++++ b/include/utils.h +@@ -8,6 +8,7 @@ + #include + #include + #include ++#include + + #ifdef HAVE_LIBBSD + #include +@@ -264,7 +265,7 @@ void print_nlmsg_timestamp(FILE *fp, const struct nlmsghdr *n); + unsigned int print_name_and_link(const char *fmt, + const char *name, struct rtattr *tb[]); + +-#define BIT(nr) (1UL << (nr)) ++#define BIT(nr) (UINT64_C(1) << (nr)) + + #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) + +-- +cgit 1.2.3-korg + diff --git a/huawei-lnstat-fix-buffer-overflow-in-lnstat-command.patch b/huawei-lnstat-fix-buffer-overflow-in-lnstat-command.patch deleted file mode 100644 index b0f94a1..0000000 --- a/huawei-lnstat-fix-buffer-overflow-in-lnstat-command.patch +++ /dev/null @@ -1,32 +0,0 @@ -From d95b3d070009dc557d60ead60ab6d820fe8e7e7f Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 16 Nov 2021 14:32:46 +0800 -Subject: [PATCH] lnstat: fix buffer overflow in lnstat command - -segfults when called the following command: -[root@localhost ~]lnstat -w 1 -Segmentation fault (core dumped) - -The maximum value of th.num_lines is HDR_LINES(10), -h should not be equal to th.num_lines, array th.hdr may -be out of bounds. ---- - misc/lnstat.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/misc/lnstat.c b/misc/lnstat.c -index e3c8421..7bfb8e6 100644 ---- a/misc/lnstat.c -+++ b/misc/lnstat.c -@@ -210,7 +210,7 @@ static struct table_hdr *build_hdr_string(struct lnstat_file *lnstat_files, - ofs += width+1; - } - /* fill in spaces */ -- for (h = 1; h <= th.num_lines; h++) { -+ for (h = 1; h < th.num_lines; h++) { - for (i = 0; i < ofs; i++) { - if (th.hdr[h][i] == '\0') - th.hdr[h][i] = ' '; --- -1.8.3.1 - diff --git a/iproute.spec b/iproute.spec index 5714d19..ea6daab 100644 --- a/iproute.spec +++ b/iproute.spec @@ -1,7 +1,7 @@ #needsrootforbuild Name: iproute Version: 5.5.0 -Release: 16 +Release: 17 Summary: Linux network configuration utilities License: GPLv2+ and Public Domain URL: https://kernel.org/pub/linux/utils/net/iproute2/ @@ -9,35 +9,58 @@ Source0: https://mirrors.edge.kernel.org/pub/linux/utils/net/iproute2/iproute2-% Patch1: bugfix-iproute2-3.10.0-fix-maddr-show.patch Patch2: bugfix-iproute2-change-proc-to-ipnetnsproc-which-is-private.patch -Patch3: backport-lib-fs-avoid-double-call-to-mkdir-on-make_path.patch -Patch4: backport-devlink-always-check-strslashrsplit-return-value.patch -Patch5: backport-nexthop-fix-memory-leak-in-add_nh_group_attr.patch -Patch6: backport-rdma-stat-fix-return-code.patch -Patch7: backport-ip-drop-2-char-command-assumption.patch -Patch8: backport-ip-netns-fix-missing-netns-close-on-some-error-paths.patch -Patch9: backport-lib-bpf_legacy-fix-missing-socket-close-when-connect.patch -Patch10: backport-tc-e_bpf-fix-memory-leak-in-parse_bpf.patch -Patch11: backport-bugfix-iproute2-lib-bpf-fix-bpffs-mount-when-sys-fs-bpf-exist.patch -Patch12: backport-bugfix-iproute2-tc-f_flower-fix-port-range-parsing.patch -Patch13: backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch -Patch14: backport-q_cake-allow-changing-to-diffserv3.patch -Patch9002: feature-iproute-limit-operation-ip-netns-del.patch -Patch9003: feature-iproute-add-support-for-ipvlan-l2e-mode.patch -Patch9004: feature-peer_notify_delay-renamed-to-peer_notif_delay.patch -Patch9005: bugfix-iproute-support-assume-default-route.patch -Patch9006: huawei-lnstat-fix-buffer-overflow-in-lnstat-command.patch -Patch9007: bugfix-iproute2-cancel-some-test-cases.patch +Patch6000: backport-nexthop-fix-error-reporting-in-filter-dump.patch +Patch6001: backport-bridge-report-correct-version.patch +Patch6002: backport-q_cake-Make-fwmark-uint-instead-of-int.patch +Patch6003: backport-tc-m_action-check-cookie-hex-string-len.patch +Patch6004: backport-iproute2-fix-MPLS-label-parsing.patch +Patch6005: backport-tc_util-detect-overflow-in-get_size.patch +Patch6006: backport-Revert-bpf-replace-snprintf-with-asprintf-when-dealing-with-long-buffers.patch +Patch6007: backport-tc-m_estimator-Print-proper-value-for-estimator-interval-in-raw.patch +Patch6008: backport-iproute2-ip-maddress-Check-multiaddr-length.patch +Patch6009: backport-iproute2-ip-addr-Organize-flag-properties-structurally.patch +Patch6010: backport-addr-Fix-noprefixroute-and-autojoin-for-IPv4.patch +Patch6011: backport-devlink-fix-memory-leak-in-cmd_dev_flash.patch +Patch6012: backport-lib-fs-avoid-double-call-to-mkdir-on-make_path.patch +Patch6013: backport-devlink-always-check-strslashrsplit-return-value.patch +Patch6014: backport-nexthop-fix-memory-leak-in-add_nh_group_attr.patch +Patch6015: backport-rdma-stat-fix-return-code.patch +Patch6016: backport-ip-drop-2-char-command-assumption.patch +Patch6017: backport-ip-netns-fix-missing-netns-close-on-some-error-paths.patch +Patch6018: backport-lib-bpf_legacy-fix-missing-socket-close-when-connect.patch +Patch6019: backport-tc-e_bpf-fix-memory-leak-in-parse_bpf.patch +Patch6020: backport-tipc-bail-out-if-algname-is-abnormally-long.patch +Patch6021: backport-tipc-bail-out-if-key-is-abnormally-long.patch +Patch6022: backport-utils-Fix-BIT-to-support-up-to-64-bits-on-all-architectures.patch +Patch6023: backport-ipmonitor-Fix-recvmsg-with-ancillary-data.patch +Patch6024: backport-devlink-fix-infinite-loop-on-flash-update-for-drivers-without-status.patch +Patch6025: backport-tc-u32-Fix-key-folding-in-sample-option.patch + +Patch6026: backport-bugfix-iproute2-lib-bpf-fix-bpffs-mount-when-sys-fs-bpf-exist.patch +Patch6027: backport-bugfix-iproute2-tc-f_flower-fix-port-range-parsing.patch +Patch6028: backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch +Patch6029: backport-lnstat-fix-buffer-overflow-in-header-output.patch +Patch6030: backport-q_cake-allow-changing-to-diffserv3.patch + +Patch9002: feature-iproute-limit-operation-ip-netns-del.patch +Patch9003: feature-iproute-add-support-for-ipvlan-l2e-mode.patch +Patch9004: feature-peer_notify_delay-renamed-to-peer_notif_delay.patch +Patch9005: bugfix-iproute-support-assume-default-route.patch +Patch9006: bugfix-iproute2-cancel-some-test-cases.patch + +Patch6031: backport-devlink-fix-devlink-health-dump-command-without-arg.patch +Patch6032: backport-l2tp-fix-typo-in-AF_INET6-checksum-JSON-print.patch +Patch6033: backport-tc-em_u32-fix-offset-parsing.patch +Patch6034: backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch +Patch6035: backport-ip-address-Fix-memory-leak-when-specifying-device.patch +Patch6036: backport-ip-neigh-Fix-memory-leak-when-doing-get.patch +Patch6037: backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch +Patch6038: backport-lnstat-fix-strdup-leak-in-w-argument-parsing.patch +Patch6039: backport-libnetlink-fix-socket-leak-in-rtnl_open_byproto.patch + +Patch6040: backport-nstat-print-useful-error-messages-in-abort-cases.patch -Patch6000: backport-devlink-fix-devlink-health-dump-command-without-arg.patch -Patch6001: backport-l2tp-fix-typo-in-AF_INET6-checksum-JSON-print.patch -Patch6002: backport-tc-em_u32-fix-offset-parsing.patch -Patch6003: backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch -Patch6004: backport-ip-address-Fix-memory-leak-when-specifying-device.patch -Patch6005: backport-ip-neigh-Fix-memory-leak-when-doing-get.patch -Patch6006: backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch -Patch6007: backport-lnstat-fix-strdup-leak-in-w-argument-parsing.patch -Patch6008: backport-libnetlink-fix-socket-leak-in-rtnl_open_byproto.patch BuildRequires: gcc bison elfutils-libelf-devel flex iptables-devel BuildRequires: libmnl-devel libselinux-devel pkgconfig git make sudo @@ -113,6 +136,31 @@ install -m 0644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a %{_mandir}/* %changelog +* Wed Dec 27 2023 liubo - 5.5.0-17 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:nexthop: fix error reporting in filter dump + bridge: report correct version + q_cake: Make fwmark uint instead of int + tc: m_action: check cookie hex string len + iproute2: fix MPLS label parsing + tc_util: detect overflow in get_size + Revert "bpf: replace snprintf with asprintf when dealing with long buffers" + tc/m_estimator: Print proper value for estimator interval in raw. + iproute2: ip maddress: Check multiaddr length + iproute2: ip addr: Organize flag properties structurally + addr: Fix noprefixroute and autojoin for IPv4 + devlink: fix memory leak in cmd_dev_flash() + tipc: bail out if algname is abnormally long + tipc: bail out if key is abnormally long + utils: Fix BIT() to support up to 64 bits on all architectures + ipmonitor: Fix recvmsg with ancillary data + devlink: fix infinite loop on flash update for drivers without status + tc: u32: Fix key folding in sample option + lnstat: fix buffer overflow in header output + nstat: print useful error messages in abort() cases + * Thu Dec 14 2023 liubo - 5.5.0-16 - Type:bugfix - ID:NA