backport upstream patches

2022-09-15 15:28:21 +08:00 · 2022-09-15 15:28:21 +08:00 · 80f2120e94
commit 80f2120e94
parent 6a4f2660d0
4 changed files with 207 additions and 1 deletions
--- a/backport-8021Qaz-check-for-rx-block-validity.patch
+++ b/backport-8021Qaz-check-for-rx-block-validity.patch
@ -0,0 +1,129 @@
+From dbbfdde4febf2f2ebb8522ff817f5fd169883dbc Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Wed, 25 Aug 2021 10:37:22 -0400
+Subject: [PATCH] 8021Qaz: check for rx block validity
+
+There is a slim but possible race in the 8021Qaz processing when handling
+TLVs during ifdown windows.  To address this, check for the rx block
+before dereferencing it.
+
+Conflict:NA
+Reference:https://github.com/openSUSE/lldpad/commit/dbbfdde4febf2f2ebb8522ff817f5fd169883dbc
+
+closes https://github.com/intel/openlldp/issues/78
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+---
+ lldp_8021qaz.c | 41 ++++++++++++++++++++++++++++-------------
+ 1 file changed, 28 insertions(+), 13 deletions(-)
+
+diff --git a/lldp_8021qaz.c b/lldp_8021qaz.c
+index 094676d..b684dbc 100644
+--- a/lldp_8021qaz.c
+++ b/lldp_8021qaz.c
+@@ -1557,48 +1557,63 @@ static bool unpack_ieee8021qaz_tlvs(struct port *port,
+ 	/* Process */
+ 	switch (tlv->info[OUI_SIZE]) {
+ 	case IEEE8021QAZ_ETSCFG_TLV:
+-		if (tlvs->rx->etscfg == NULL) {
+		if (tlvs->rx && tlvs->rx->etscfg == NULL) {
+ 			tlvs->ieee8021qazdu |= RCVD_IEEE8021QAZ_TLV_ETSCFG;
+ 			tlvs->rx->etscfg = tlv;
+-		} else {
+		} else if (tlvs->rx) {
+ 			LLDPAD_WARN("%s: %s: 802.1Qaz Duplicate ETSCFG TLV\n",
+ 				__func__, port->ifname);
+ 			agent->rx.dupTlvs |= DUP_IEEE8021QAZ_TLV_ETSCFG;
+ 			return false;
+		} else {
+			LLDPAD_INFO("%s: %s: 802.1Qaz port IFDOWN\n",
+				__func__, port->ifname);
+			return false;
+ 		}
+ 		break;
+ 	case IEEE8021QAZ_ETSREC_TLV:
+-		if (tlvs->rx->etsrec == NULL) {
+		if (tlvs->rx && tlvs->rx->etsrec == NULL) {
+ 			tlvs->ieee8021qazdu |= RCVD_IEEE8021QAZ_TLV_ETSREC;
+ 			tlvs->rx->etsrec = tlv;
+-		} else {
+		} else if (tlvs->rx) {
+ 			LLDPAD_WARN("%s: %s: 802.1Qaz Duplicate ETSREC TLV\n",
+ 				__func__, port->ifname);
+ 			agent->rx.dupTlvs |= DUP_IEEE8021QAZ_TLV_ETSREC;
+ 			return false;
+		} else {
+			LLDPAD_INFO("%s: %s: 802.1Qaz port IFDOWN\n",
+				__func__, port->ifname);
+			return false;
+ 		}
+ 		break;
+-
+ 	case IEEE8021QAZ_PFC_TLV:
+-		if (tlvs->rx->pfc == NULL) {
+		if (tlvs->rx && tlvs->rx->pfc == NULL) {
+ 			tlvs->ieee8021qazdu |= RCVD_IEEE8021QAZ_TLV_PFC;
+ 			tlvs->rx->pfc = tlv;
+-		} else {
+		} else if (tlvs->rx) {
+ 			LLDPAD_WARN("%s: %s: 802.1Qaz Duplicate PFC TLV\n",
+ 				__func__, port->ifname);
+ 			agent->rx.dupTlvs |= DUP_IEEE8021QAZ_TLV_PFC;
+ 			return false;
+		} else {
+			LLDPAD_INFO("%s: %s: 802.1Qaz port IFDOWN\n",
+				__func__, port->ifname);
+			return false;
+ 		}
+ 		break;
+ 	case IEEE8021QAZ_APP_TLV:
+-		if (tlvs->rx->app == NULL) {
+		if (tlvs->rx && tlvs->rx->app == NULL) {
+ 			tlvs->ieee8021qazdu |= RCVD_IEEE8021QAZ_TLV_APP;
+ 			tlvs->rx->app = tlv;
+-		} else {
+		} else if (tlvs->rx) {
+ 			LLDPAD_WARN("%s: %s: 802.1Qaz Duplicate APP TLV\n",
+ 				    __func__, port->ifname);
+ 			agent->rx.dupTlvs |= DUP_IEEE8021QAZ_TLV_APP;
+ 			return false;
+		} else {
+			LLDPAD_INFO("%s: %s: 802.1Qaz port IFDOWN\n",
+				__func__, port->ifname);
+			return false;
+ 		}
+ 		break;
+ 	default:
+@@ -1885,26 +1900,26 @@ static void ieee8021qaz_mibUpdateObjects(struct port *port)
+ 
+ 	tlvs = ieee8021qaz_data(port->ifname);
+ 
+-	if (tlvs->rx->etscfg) {
+	if (tlvs->rx && tlvs->rx->etscfg) {
+ 		process_ieee8021qaz_etscfg_tlv(port);
+ 	} else if (tlvs->ets->cfgr) {
+ 		free(tlvs->ets->cfgr);
+ 		tlvs->ets->cfgr = NULL;
+ 	}
+ 
+-	if (tlvs->rx->etsrec) {
+	if (tlvs->rx && tlvs->rx->etsrec) {
+ 		process_ieee8021qaz_etsrec_tlv(port);
+ 	} else if (tlvs->ets->recr) {
+ 		free(tlvs->ets->recr);
+ 		tlvs->ets->recr = NULL;
+ 	}
+ 
+-	if (tlvs->rx->pfc)
+	if (tlvs->rx && tlvs->rx->pfc)
+ 		process_ieee8021qaz_pfc_tlv(port);
+ 	else if (tlvs->pfc)
+ 		tlvs->pfc->remote_param = false;
+ 
+-	if (tlvs->rx->app)
+	if (tlvs->rx && tlvs->rx->app)
+ 		process_ieee8021qaz_app_tlv(port);
+ 	else
+ 		ieee8021qaz_app_reset(&tlvs->app_head);
+-- 
+2.33.0
+
--- a/backport-basman-use-return-address-when-pulling-address.patch
+++ b/backport-basman-use-return-address-when-pulling-address.patch
@ -0,0 +1,34 @@
+From 594c4e8257fbdc3c1608acde5419009a20f31650 Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Wed, 10 Nov 2021 16:40:20 -0500
+Subject: [PATCH] basman: use return address when pulling address
+
+The managed address pulling routine will fail to reset the return
+value from a previous attempt if no IPv4 and IPv6 addresses are
+available.  Use the return address of the hwaddr fetch.
+
+Conflict:NA
+Reference:https://github.com/openSUSE/lldpad/commit/594c4e8257fbdc3c1608acde5419009a20f31650
+
+Resolves: https://github.com/intel/openlldp/issues/82
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+---
+ lldp_basman.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lldp_basman.c b/lldp_basman.c
+index 824dd9a..bd25dcd 100644
+--- a/lldp_basman.c
+++ b/lldp_basman.c
+@@ -517,7 +517,7 @@ static int basman_bld_manaddr_tlv(struct basman_data *bd,
+ 	if (rc) {
+ 		rc = basman_get_manaddr_sub(bd, agent, MANADDR_IPV6);
+ 		if (rc)
+-			basman_get_manaddr_sub(bd, agent, MANADDR_ALL802);
+			rc = basman_get_manaddr_sub(bd, agent, MANADDR_ALL802);
+ 	}
+ out_err:
+ 	return rc;
+-- 
+2.33.0
+
--- a/backport-macvtap-fix-error-condition.patch
+++ b/backport-macvtap-fix-error-condition.patch
@ -0,0 +1,34 @@
+From 56b21ceb743fabe290ef7a8be8bbeecc55888a9e Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Wed, 25 Aug 2021 10:22:20 -0400
+Subject: [PATCH] macvtap: fix error condition
+
+If the socket() call fails, we will jump to out and pass a
+negative value to close() which is not allowed.
+
+Conflict:NA
+Reference:https://github.com/openSUSE/lldpad/commit/56b21ceb743fabe290ef7a8be8bbeecc55888a9e
+
+Fixes: d43abb0267f3 ("lldpad: do not use macv[tap/lan] interfaces as ports")
+closes https://github.com/intel/openlldp/issues/75
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+---
+ lldp_util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lldp_util.c b/lldp_util.c
+index f12d46b..95c419c 100644
+--- a/lldp_util.c
+++ b/lldp_util.c
+@@ -663,7 +663,7 @@ int is_macvtap(const char *ifname)
+ 	s = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE);
+ 
+ 	if (s < 0) {
+-		goto out;
+		return false;
+ 	}
+ 
+ 	nlh = malloc(NLMSG_SIZE);
+-- 
+2.33.0
+
--- a/lldpad.spec
+++ b/lldpad.spec
@ -4,7 +4,7 @@

 Name:               lldpad
 Version:            1.0.1
-Release:            15
+Release:            16
 Summary:            Intel LLDP Agent
 License:            GPLv2
 URL:                https://www.open-lldp.org
@ -38,6 +38,9 @@ Patch26:	    open-lldp-v1.0.1-26-lldpad-system-capability-incorrect-advertised-a
 Patch27:	    open-lldp-v1.0.1-27-fix-build-warnings.patch
 Patch28:	    CVE-2018-10932.patch
 Patch29:            open-lldp-ecp-allow-for-failure-to-create.patch
+Patch30:            backport-8021Qaz-check-for-rx-block-validity.patch
+Patch31:            backport-basman-use-return-address-when-pulling-address.patch
+Patch32:            backport-macvtap-fix-error-condition.patch

 BuildRequires:      automake autoconf libtool flex kernel-headers libconfig-devel
 BuildRequires:      libnl3-devel readline-devel systemd git
@ -112,6 +115,12 @@ make check
 %{_mandir}/man*/*

 %changelog
+* Thu Sep 15 2022 yanglu<yanglu72@h-partners.com> - 1.0.1-16
+- Type:bugfix
+- Id:NA
+- SUG:NA
+- DESC:backport upstream patches
+
 * Tue Jan 26 2021 zengwefeng<zwfeng@huawei.com> - 1.0.1-15
 - Type:bugfix
 - Id:NA