diff --git a/backport-Add-get_long-utility-and-adapt-get_integer-accordingly.patch b/backport-Add-get_long-utility-and-adapt-get_integer-accordingly.patch deleted file mode 100644 index aad55f7fb7d942033f5529308a2e9a213b58e4c0..0000000000000000000000000000000000000000 --- a/backport-Add-get_long-utility-and-adapt-get_integer-accordingly.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 3a463c152a9a5503f9c37362b63acd6f72ecba6c Mon Sep 17 00:00:00 2001 -From: Mathieu Schroeter -Date: Tue, 8 Aug 2023 23:42:55 +0200 -Subject: [PATCH] Add get_long utility and adapt get_integer accordingly - -Conflict:contaxt adapt in include/utiles.h due to ebe23249ce1eeedb3610890e4c0c0f52fb8341fe -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=3a463c152a9a5503f9c37362b63acd6f72ecba6c - -Signed-off-by: Mathieu Schroeter -Signed-off-by: David Ahern ---- - include/utils.h | 1 + - lib/utils.c | 13 ++++++++++++- - 2 files changed, 13 insertions(+), 1 deletion(-) - -diff --git a/include/utils.h b/include/utils.h -index 3159dbab1..cf11174d9 100644 ---- a/include/utils.h -+++ b/include/utils.h -@@ -142,6 +142,7 @@ int get_addr_rta(inet_prefix *dst, const struct rtattr *rta, int family); - - int read_prop(const char *dev, char *prop, long *value); - int get_hex(char c); -+int get_long(long *val, const char *arg, int base); - int get_integer(int *val, const char *arg, int base); - int get_unsigned(unsigned *val, const char *arg, int base); - int get_time_rtt(unsigned *val, const char *arg, int *raw); -diff --git a/lib/utils.c b/lib/utils.c -index b1f273054..68f443038 100644 ---- a/lib/utils.c -+++ b/lib/utils.c -@@ -108,7 +108,7 @@ static int get_hex(char c) - return -1; - } - --int get_integer(int *val, const char *arg, int base) -+int get_long(long *val, const char *arg, int base) - { - long res; - char *ptr; -@@ -133,6 +133,17 @@ int get_integer(int *val, const char *arg, int base) - if ((res == LONG_MAX || res == LONG_MIN) && errno == ERANGE) - return -1; - -+ if (val) -+ *val = res; -+ return 0; -+} -+ -+int get_integer(int *val, const char *arg, int base) -+{ -+ long res; -+ -+ res = get_long(NULL, arg, base); -+ - /* Outside range of int */ - if (res < INT_MIN || res > INT_MAX) - return -1; diff --git a/backport-Add-utility-to-convert-an-unsigned-int-to-string.patch b/backport-Add-utility-to-convert-an-unsigned-int-to-string.patch deleted file mode 100644 index 9ad2776dc915f4115a9f018c63391b05862215b1..0000000000000000000000000000000000000000 --- a/backport-Add-utility-to-convert-an-unsigned-int-to-string.patch +++ /dev/null @@ -1,45 +0,0 @@ -From db7fb3f1965751444c3b743ba0253061fd7e3b44 Mon Sep 17 00:00:00 2001 -From: Mathieu Schroeter -Date: Tue, 8 Aug 2023 23:42:56 +0200 -Subject: [PATCH] Add utility to convert an unsigned int to string - -Conflict:contaxt adapt in include/utiles.h due to ebe23249ce1eeedb3610890e4c0c0f52fb8341fe -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=db7fb3f1965751444c3b743ba0253061fd7e3b44 - - -Signed-off-by: Mathieu Schroeter -Signed-off-by: David Ahern ---- - include/utils.h | 1 + - lib/utils.c | 6 ++++++ - 2 files changed, 7 insertions(+) - -diff --git a/include/utils.h b/include/utils.h -index cf11174d9..f26ed822f 100644 ---- a/include/utils.h -+++ b/include/utils.h -@@ -309,6 +309,7 @@ unsigned int print_name_and_link(const char *fmt, - int makeargs(char *line, char *argv[], int maxargs); - - char *int_to_str(int val, char *buf); -+char *uint_to_str(unsigned int val, char *buf); - int get_guid(__u64 *guid, const char *arg); - int get_real_family(int rtm_type, int rtm_family); - -diff --git a/lib/utils.c b/lib/utils.c -index 68f443038..efa01668d 100644 ---- a/lib/utils.c -+++ b/lib/utils.c -@@ -1409,6 +1409,12 @@ char *int_to_str(int val, char *buf) - return buf; - } - -+char *uint_to_str(unsigned int val, char *buf) -+{ -+ sprintf(buf, "%u", val); -+ return buf; -+} -+ - int get_guid(__u64 *guid, const char *arg) - { - unsigned long tmp; diff --git a/backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch b/backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch deleted file mode 100644 index aa25d0b760ea03a9af62d0f5d7892f433dcc75cd..0000000000000000000000000000000000000000 --- a/backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 6db01afd60748afbba114be2773be338c5be28ff Mon Sep 17 00:00:00 2001 -From: Benjamin Poirier -Date: Mon, 11 Jul 2022 08:52:51 +0900 -Subject: [PATCH] bridge: Fix memory leak when doing 'fdb get' - -With the following command sequence: - -ip link add br0 up type bridge -ip link add dummy0 up address 02:00:00:00:00:01 master br0 type dummy -bridge fdb get 02:00:00:00:00:01 br br0 - -when running the last command under valgrind, it reports - -32,768 bytes in 1 blocks are definitely lost in loss record 2 of 2 - at 0x483F7B5: malloc (vg_replace_malloc.c:381) - by 0x11C1EC: rtnl_recvmsg (libnetlink.c:838) - by 0x11C4D1: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040) - by 0x11D994: __rtnl_talk (libnetlink.c:1141) - by 0x11D994: rtnl_talk (libnetlink.c:1147) - by 0x10D336: fdb_get (fdb.c:652) - by 0x48907FC: (below main) (libc-start.c:332) - -Free the answer obtained from rtnl_talk(). - -Fixes: 4ed5ad7bd3c6 ("bridge: fdb get support") -Reported-by: Ido Schimmel -Reviewed-by: Ido Schimmel -Signed-off-by: Benjamin Poirier -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=6db01afd ---- - bridge/fdb.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/bridge/fdb.c b/bridge/fdb.c -index 8912f092..08f6c72b 100644 ---- a/bridge/fdb.c -+++ b/bridge/fdb.c -@@ -571,6 +571,7 @@ static int fdb_get(int argc, char **argv) - char *addr = NULL; - short vlan = -1; - char *endptr; -+ int ret; - - while (argc > 0) { - if ((strcmp(*argv, "brport") == 0) || strcmp(*argv, "dev") == 0) { -@@ -657,13 +658,15 @@ static int fdb_get(int argc, char **argv) - * if -json was specified. - */ - new_json_obj(json); -+ ret = 0; - if (print_fdb(answer, stdout) < 0) { - fprintf(stderr, "An error :-)\n"); -- return -1; -+ ret = -1; - } - delete_json_obj(); -+ free(answer); - -- return 0; -+ return ret; - } - - int do_fdb(int argc, char **argv) --- -2.23.0 - diff --git a/backport-devlink-fix-devlink-health-dump-command-without-arg.patch b/backport-devlink-fix-devlink-health-dump-command-without-arg.patch deleted file mode 100644 index 2c4133655dedd9431442896cfcb83ecff0db06b4..0000000000000000000000000000000000000000 --- a/backport-devlink-fix-devlink-health-dump-command-without-arg.patch +++ /dev/null @@ -1,68 +0,0 @@ -From e81fd551a1a0ffa7983d25f5e756a5c5b6cb4a9a Mon Sep 17 00:00:00 2001 -From: Jiri Pirko -Date: Tue, 19 Apr 2022 19:15:11 +0200 -Subject: [PATCH] devlink: fix "devlink health dump" command without arg - -Fix bug when user calls "devlink health dump" without "show" or "clear": -$ devlink health dump -Command "(null)" not found - -Put the dump command into a separate helper as it is usual in the rest -of the code. Also, treat no cmd as "show", as it is common for other -devlink objects. - -Fixes: 041e6e651a8e ("devlink: Add devlink health dump show command") -Signed-off-by: Jiri Pirko -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=e81fd551a1a ---- - devlink/devlink.c | 25 ++++++++++++++++++------- - 1 file changed, 18 insertions(+), 7 deletions(-) - -diff --git a/devlink/devlink.c b/devlink/devlink.c -index da9f9778..aab739f7 100644 ---- a/devlink/devlink.c -+++ b/devlink/devlink.c -@@ -8526,6 +8526,23 @@ static void cmd_health_help(void) - pr_err(" [ auto_dump { true | false } ]\n"); - } - -+static int cmd_health_dump(struct dl *dl) -+{ -+ if (dl_argv_match(dl, "help")) { -+ cmd_health_help(); -+ return 0; -+ } else if (dl_argv_match(dl, "show") || -+ dl_argv_match(dl, "list") || dl_no_arg(dl)) { -+ dl_arg_inc(dl); -+ return cmd_health_dump_show(dl); -+ } else if (dl_argv_match(dl, "clear")) { -+ dl_arg_inc(dl); -+ return cmd_health_dump_clear(dl); -+ } -+ pr_err("Command \"%s\" not found\n", dl_argv(dl)); -+ return -ENOENT; -+} -+ - static int cmd_health(struct dl *dl) - { - if (dl_argv_match(dl, "help")) { -@@ -8546,13 +8563,7 @@ static int cmd_health(struct dl *dl) - return cmd_health_test(dl); - } else if (dl_argv_match(dl, "dump")) { - dl_arg_inc(dl); -- if (dl_argv_match(dl, "show")) { -- dl_arg_inc(dl); -- return cmd_health_dump_show(dl); -- } else if (dl_argv_match(dl, "clear")) { -- dl_arg_inc(dl); -- return cmd_health_dump_clear(dl); -- } -+ return cmd_health_dump(dl); - } else if (dl_argv_match(dl, "set")) { - dl_arg_inc(dl); - return cmd_health_set_params(dl); --- -2.23.0 - diff --git a/backport-f_flower-Treat-port-0-as-valid.patch b/backport-f_flower-Treat-port-0-as-valid.patch deleted file mode 100644 index 8642defd4af084e976be7618f6a4276279de2884..0000000000000000000000000000000000000000 --- a/backport-f_flower-Treat-port-0-as-valid.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 61695c493ec14a63740bbb81e0564f753bd054dd Mon Sep 17 00:00:00 2001 -From: Ido Schimmel -Date: Tue, 11 Jul 2023 09:59:03 +0300 -Subject: f_flower: Treat port 0 as valid - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=61695c493ec14a63740bbb81e0564f753bd054dd - -It is not currently possible to add a filter matching on port 0 despite -it being a valid port number. This is caused by cited commit which -treats a value of 0 as an indication that the port was not specified. - -Instead of inferring that a port range was specified by checking that both -the minimum and the maximum ports are non-zero, simply add a boolean -argument to parse_range() and set it after parsing a port range. - -Before: - - # tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass - Illegal "src_port" - - # tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass - Illegal "dst_port" - - # tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass - Illegal "src_port" - - # tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass - Illegal "dst_port" - -After: - - # tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass - - # tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass - - # tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass - - # tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass - - # tc filter show dev swp1 ingress | grep _port - src_port 0 - dst_port 0 - src_port 0-100 - dst_port 0-100 - -Fixes: 767b6fd620dd ("tc: flower: fix port value truncation") -Signed-off-by: Ido Schimmel -Reviewed-by: Petr Machata -Reviewed-by: Simon Horman -Signed-off-by: Stephen Hemminger ---- - tc/f_flower.c | 13 +++++++------ - 1 file changed, 7 insertions(+), 6 deletions(-) - -diff --git a/tc/f_flower.c b/tc/f_flower.c -index c71394f75..737df199a 100644 ---- a/tc/f_flower.c -+++ b/tc/f_flower.c -@@ -735,7 +735,7 @@ static int flower_port_range_attr_type(__u8 ip_proto, enum flower_endpoint type, - } - - /* parse range args in format 10-20 */ --static int parse_range(char *str, __be16 *min, __be16 *max) -+static int parse_range(char *str, __be16 *min, __be16 *max, bool *p_is_range) - { - char *sep; - -@@ -748,6 +748,8 @@ static int parse_range(char *str, __be16 *min, __be16 *max) - - if (get_be16(max, sep + 1, 10)) - return -1; -+ -+ *p_is_range = true; - } else { - if (get_be16(min, str, 10)) - return -1; -@@ -759,19 +761,20 @@ static int flower_parse_port(char *str, __u8 ip_proto, - enum flower_endpoint endpoint, - struct nlmsghdr *n) - { -+ bool is_range = false; - char *slash = NULL; - __be16 min = 0; - __be16 max = 0; - int ret; - -- ret = parse_range(str, &min, &max); -+ ret = parse_range(str, &min, &max, &is_range); - if (ret) { - slash = strchr(str, '/'); - if (!slash) - return -1; - } - -- if (min && max) { -+ if (is_range) { - __be16 min_port_type, max_port_type; - - if (ntohs(max) <= ntohs(min)) { -@@ -784,7 +787,7 @@ static int flower_parse_port(char *str, __u8 ip_proto, - - addattr16(n, MAX_MSG, min_port_type, min); - addattr16(n, MAX_MSG, max_port_type, max); -- } else if (slash || (min && !max)) { -+ } else { - int type; - - type = flower_port_attr_type(ip_proto, endpoint); -@@ -802,8 +805,6 @@ static int flower_parse_port(char *str, __u8 ip_proto, - return -1; - return flower_parse_u16(str, type, mask_type, n, true); - } -- } else { -- return -1; - } - return 0; - } --- -cgit - diff --git a/backport-ip-Fix-size_columns-for-very-large-values.patch b/backport-ip-Fix-size_columns-for-very-large-values.patch deleted file mode 100644 index d3910fe3b8eea5f57a1de315382679b38681a827..0000000000000000000000000000000000000000 --- a/backport-ip-Fix-size_columns-for-very-large-values.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 024103923a5c826e40c993be4ee2ada5536cb66a Mon Sep 17 00:00:00 2001 -From: Petr Machata -Date: Mon, 27 Jun 2022 15:18:21 +0200 -Subject: [PATCH] ip: Fix size_columns() for very large values - -For values near the 64-bit boundary, the iterative application of -powi *= 10 causes powi to overflow without the termination condition of -powi >= val having ever been satisfied. Instead, when determining the -length of the number, iterate val /= 10 and terminate when it's a single -digit. - -Fixes: 49437375b6c1 ("ip: dynamically size columns when printing stats") -CC: Tariq Toukan -CC: Itay Aveksis -Signed-off-by: Petr Machata -Signed-off-by: Stephen Hemminger -Conflict: void size_columns to static void size_colunms -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=024103923a5 ---- - ip/ipaddress.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/ip/ipaddress.c b/ip/ipaddress.c -index 17341d28..5a3b1cae 100644 ---- a/ip/ipaddress.c -+++ b/ip/ipaddress.c -@@ -549,7 +549,7 @@ static void print_vfinfo(FILE *fp, struct ifinfomsg *ifi, struct rtattr *vfinfo) - static void size_columns(unsigned int cols[], unsigned int n, ...) - { - unsigned int i, len; -- uint64_t val, powi; -+ uint64_t val; - va_list args; - - va_start(args, n); -@@ -560,7 +560,7 @@ void size_columns(unsigned int cols[], unsigned int n, ...) - if (human_readable) - continue; - -- for (len = 1, powi = 10; powi < val; len++, powi *= 10) -+ for (len = 1; val > 9; len++, val /= 10) - /* nothing */; - if (len > cols[i]) - cols[i] = len; --- -2.23.0 - diff --git a/backport-ip-Fix-size_columns-invocation-that-passes-a-32-bit-.patch b/backport-ip-Fix-size_columns-invocation-that-passes-a-32-bit-.patch deleted file mode 100644 index cd91ce1b08cd39119e57af6f14b2be004aca8017..0000000000000000000000000000000000000000 --- a/backport-ip-Fix-size_columns-invocation-that-passes-a-32-bit-.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 329fda1861560b06e60a7bd1004647bb65708295 Mon Sep 17 00:00:00 2001 -From: Petr Machata -Date: Tue, 28 Jun 2022 12:17:31 +0200 -Subject: [PATCH] ip: Fix size_columns() invocation that passes a 32-bit - quantity - -In print_stats64(), the last size_columns() invocation passes number of -carrier changes as one of the arguments. The value is decoded as a 32-bit -quantity, but size_columns() expects a 64-bit one. This is undefined -behavior. - -The reason valgrind does not cite this is that the previous size_columns() -invocations prime the ABI area used for the value transfer. When these -other invocations are commented away, valgrind does complain that -"conditional jump or move depends on uninitialised value", as would be -expected. - -Fixes: 49437375b6c1 ("ip: dynamically size columns when printing stats") -Signed-off-by: Petr Machata -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=329fda18615 ---- - ip/ipaddress.c | 10 ++++++---- - 1 file changed, 6 insertions(+), 4 deletions(-) - -diff --git a/ip/ipaddress.c b/ip/ipaddress.c -index 5a3b1cae..a288341c 100644 ---- a/ip/ipaddress.c -+++ b/ip/ipaddress.c -@@ -783,13 +783,15 @@ void print_stats64(FILE *fp, struct rtnl_link_stats64 *s, - s->tx_bytes, s->tx_packets, s->tx_errors, - s->tx_dropped, s->tx_carrier_errors, - s->collisions, s->tx_compressed); -- if (show_stats > 1) -+ if (show_stats > 1) { -+ uint64_t cc = carrier_changes ? -+ rta_getattr_u32(carrier_changes) : 0; -+ - size_columns(cols, ARRAY_SIZE(cols), 0, 0, - s->tx_aborted_errors, s->tx_fifo_errors, - s->tx_window_errors, -- s->tx_heartbeat_errors, -- carrier_changes ? -- rta_getattr_u32(carrier_changes) : 0); -+ s->tx_heartbeat_errors, cc); -+ } - - /* RX stats */ - fprintf(fp, " RX: %*s %*s %*s %*s %*s %*s %*s%s", --- -2.23.0 - diff --git a/backport-ip-address-Fix-memory-leak-when-specifying-device.patch b/backport-ip-address-Fix-memory-leak-when-specifying-device.patch deleted file mode 100644 index 44df524b6cbffedcfade6634d2b49acf71c575f3..0000000000000000000000000000000000000000 --- a/backport-ip-address-Fix-memory-leak-when-specifying-device.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 1d540336b026ed5bfe10eefac383db7f434d842f Mon Sep 17 00:00:00 2001 -From: Benjamin Poirier -Date: Mon, 11 Jul 2022 08:52:50 +0900 -Subject: [PATCH] ip address: Fix memory leak when specifying device - -Running a command like `ip addr show dev lo` under valgrind informs us that - -32,768 bytes in 1 blocks are definitely lost in loss record 4 of 4 - at 0x483577F: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) - by 0x16CBE2: rtnl_recvmsg (libnetlink.c:775) - by 0x16CF04: __rtnl_talk_iov (libnetlink.c:954) - by 0x16E257: __rtnl_talk (libnetlink.c:1059) - by 0x16E257: rtnl_talk (libnetlink.c:1065) - by 0x115CB1: ipaddr_link_get (ipaddress.c:1833) - by 0x11A0D1: ipaddr_list_flush_or_save (ipaddress.c:2030) - by 0x1152EB: do_cmd (ip.c:115) - by 0x114D6F: main (ip.c:321) - -After calling store_nlmsg(), the original buffer should be freed. That is -the pattern used elsewhere through the rtnl_dump_filter() call chain. - -Fixes: 884709785057 ("ip address: Set device index in dump request") -Reported-by: Binu Gopalakrishnapillai -Reviewed-by: Ido Schimmel -Signed-off-by: Benjamin Poirier -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=1d540336 ---- - ip/ipaddress.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/ip/ipaddress.c b/ip/ipaddress.c -index a288341c..59ef1e4b 100644 ---- a/ip/ipaddress.c -+++ b/ip/ipaddress.c -@@ -2030,8 +2030,10 @@ static int ipaddr_link_get(int index, struct nlmsg_chain *linfo) - - if (store_nlmsg(answer, linfo) < 0) { - fprintf(stderr, "Failed to process link information\n"); -+ free(answer); - return 1; - } -+ free(answer); - - return 0; - } --- -2.23.0 - diff --git a/backport-ip-error-out-if-iplink-does-not-consume-all-options.patch b/backport-ip-error-out-if-iplink-does-not-consume-all-options.patch deleted file mode 100644 index f5b1616051c5b0ef6405b532edb7e9f4aa7d9086..0000000000000000000000000000000000000000 --- a/backport-ip-error-out-if-iplink-does-not-consume-all-options.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 84ffffeb0a2ff69e36bd972d57699f9e3bb29a48 Mon Sep 17 00:00:00 2001 -From: Jakub Kicinski -Date: Mon, 31 Jul 2023 09:19:20 -0700 -Subject: ip: error out if iplink does not consume all options - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=84ffffeb0a2ff69e36bd972d57699f9e3bb29a48 - -dummy does not define .parse_opt, which make ip ignore all -trailing arguments, for example: - - # ip link add type dummy a b c d e f name cheese - -will work just fine (and won't call the device "cheese"). -Error out in this case with a clear error message: - - # ip link add type dummy a b c d e f name cheese - Garbage instead of arguments "a ...". Try "ip link help". - -Signed-off-by: Jakub Kicinski -Signed-off-by: Stephen Hemminger ---- - ip/iplink.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/ip/iplink.c b/ip/iplink.c -index 6c5d13d53..9a548dd35 100644 ---- a/ip/iplink.c -+++ b/ip/iplink.c -@@ -1112,13 +1112,12 @@ static int iplink_modify(int cmd, unsigned int flags, int argc, char **argv) - argc -= ret; - argv += ret; - -- if (lu && argc) { -+ if (lu && lu->parse_opt && argc) { - struct rtattr *data; - - data = addattr_nest(&req.n, sizeof(req), iflatype); - -- if (lu->parse_opt && -- lu->parse_opt(lu, argc, argv, &req.n)) -+ if (lu->parse_opt(lu, argc, argv, &req.n)) - return -1; - - addattr_nest_end(&req.n, data); --- -cgit - diff --git a/backport-ip-neigh-Fix-memory-leak-when-doing-get.patch b/backport-ip-neigh-Fix-memory-leak-when-doing-get.patch deleted file mode 100644 index 61bdffdd0761697add13538a552f66ebd446a467..0000000000000000000000000000000000000000 --- a/backport-ip-neigh-Fix-memory-leak-when-doing-get.patch +++ /dev/null @@ -1,54 +0,0 @@ -From c5433c4b7a57d380f4cb351316f5ba5ebae9538e Mon Sep 17 00:00:00 2001 -From: Benjamin Poirier -Date: Mon, 11 Jul 2022 08:52:54 +0900 -Subject: [PATCH] ip neigh: Fix memory leak when doing 'get' - -With the following command sequence: - -ip link add dummy0 type dummy -ip neigh add 192.168.0.1 dev dummy0 -ip neigh get 192.168.0.1 dev dummy0 - -when running the last command under valgrind, it reports - -32,768 bytes in 1 blocks are definitely lost in loss record 2 of 2 - at 0x483F7B5: malloc (vg_replace_malloc.c:381) - by 0x17A0EC: rtnl_recvmsg (libnetlink.c:838) - by 0x17A3D1: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040) - by 0x17B894: __rtnl_talk (libnetlink.c:1141) - by 0x17B894: rtnl_talk (libnetlink.c:1147) - by 0x12E49B: ipneigh_get (ipneigh.c:728) - by 0x1174CB: do_cmd (ip.c:136) - by 0x116F7C: main (ip.c:324) - -Free the answer obtained from rtnl_talk(). - -Fixes: 62842362370b ("ipneigh: neigh get support") -Suggested-by: Ido Schimmel -Reviewed-by: Ido Schimmel -Signed-off-by: Benjamin Poirier -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=c5433c4b ---- - ip/ipneigh.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/ip/ipneigh.c b/ip/ipneigh.c -index 7facc399..61b0a4a2 100644 ---- a/ip/ipneigh.c -+++ b/ip/ipneigh.c -@@ -731,8 +731,10 @@ static int ipneigh_get(int argc, char **argv) - ipneigh_reset_filter(0); - if (print_neigh(answer, stdout) < 0) { - fprintf(stderr, "An error :-)\n"); -+ free(answer); - return -1; - } -+ free(answer); - - return 0; - } --- -2.23.0 - diff --git a/backport-iplink_bridge-fix-incorrect-root-id-dump.patch b/backport-iplink_bridge-fix-incorrect-root-id-dump.patch deleted file mode 100644 index d85c700cf5e579a227cc0a31192841abab9360b8..0000000000000000000000000000000000000000 --- a/backport-iplink_bridge-fix-incorrect-root-id-dump.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 3181d4e14964d7845ca9730ec6b4d7b72f3712c5 Mon Sep 17 00:00:00 2001 -From: Hangbin Liu -Date: Fri, 1 Sep 2023 16:02:26 +0800 -Subject: iplink_bridge: fix incorrect root id dump - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=3181d4e14964d7845ca9730ec6b4d7b72f3712c5 - -Fix the typo when dump root_id. - -Fixes: 70dfb0b8836d ("iplink: bridge: export bridge_id and designated_root") -Signed-off-by: Hangbin Liu -Acked-by: Nikolay Aleksandrov -Signed-off-by: Stephen Hemminger ---- - ip/iplink_bridge.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ip/iplink_bridge.c b/ip/iplink_bridge.c -index 7e4e62c81..462075295 100644 ---- a/ip/iplink_bridge.c -+++ b/ip/iplink_bridge.c -@@ -499,7 +499,7 @@ static void bridge_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[]) - if (tb[IFLA_BR_ROOT_ID]) { - char root_id[32]; - -- br_dump_bridge_id(RTA_DATA(tb[IFLA_BR_BRIDGE_ID]), root_id, -+ br_dump_bridge_id(RTA_DATA(tb[IFLA_BR_ROOT_ID]), root_id, - sizeof(root_id)); - print_string(PRINT_ANY, - "root_id", --- -cgit - diff --git a/backport-ipmaddr-fix-dereference-of-NULL-on-malloc-failure.patch b/backport-ipmaddr-fix-dereference-of-NULL-on-malloc-failure.patch deleted file mode 100644 index 34e633cf463a8152bd898261e657a58b2a6533b7..0000000000000000000000000000000000000000 --- a/backport-ipmaddr-fix-dereference-of-NULL-on-malloc-failure.patch +++ /dev/null @@ -1,317 +0,0 @@ -From 8cda7a24a971170b833009f392579cfea87711bf Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 19:02:20 -0700 -Subject: [PATCH] ipmaddr: fix dereference of NULL on malloc() failure -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Found by -fanalyzer. This is a bug since beginning of initial -versions of ip multicast support (pre git). - -ipmaddr.c: In function ‘read_dev_mcast’: -ipmaddr.c:105:25: warning: dereference of possibly-NULL ‘ma’ [CWE-690] [-Wanalyzer-possible-null-dereference] - 105 | memcpy(ma, &m, sizeof(m)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~ - ‘do_multiaddr’: events 1-4 - | - | 354 | int do_multiaddr(int argc, char **argv) - | | ^~~~~~~~~~~~ - | | | - | | (1) entry to ‘do_multiaddr’ - | 355 | { - | 356 | if (argc < 1) - | | ~ - | | | - | | (2) following ‘true’ branch (when ‘argc <= 0’)... - | 357 | return multiaddr_list(0, NULL); - | | ~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (3) ...to here - | | (4) calling ‘multiaddr_list’ from ‘do_multiaddr’ - | - +--> ‘multiaddr_list’: events 5-10 - | - | 255 | static int multiaddr_list(int argc, char **argv) - | | ^~~~~~~~~~~~~~ - | | | - | | (5) entry to ‘multiaddr_list’ - |...... - | 262 | while (argc > 0) { - | | ~~~~~~~~ - | | | - | | (6) following ‘false’ branch (when ‘argc <= 0’)... - |...... - | 275 | if (!filter.family || filter.family == AF_PACKET) - | | ~ ~~~~~~~~~~~~~ - | | | | - | | | (7) ...to here - | | (8) following ‘true’ branch... - | 276 | read_dev_mcast(&list); - | | ~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (9) ...to here - | | (10) calling ‘read_dev_mcast’ from ‘multiaddr_list’ - | - +--> ‘read_dev_mcast’: events 11-12 - | - | 82 | static void read_dev_mcast(struct ma_info **result_p) - | | ^~~~~~~~~~~~~~ - | | | - | | (11) entry to ‘read_dev_mcast’ - |...... - | 87 | if (!fp) - | | ~ - | | | - | | (12) following ‘false’ branch (when ‘fp’ is non-NULL)... - | - ‘read_dev_mcast’: event 13 - | - |cc1: - | (13): ...to here - | - ‘read_dev_mcast’: events 14-17 - | - | 90 | while (fgets(buf, sizeof(buf), fp)) { - | | ^~~~~ - | | | - | | (14) following ‘true’ branch... - | 91 | char hexa[256]; - | 92 | struct ma_info m = { .addr.family = AF_PACKET }; - | | ~ - | | | - | | (15) ...to here - |...... - | 103 | struct ma_info *ma = malloc(sizeof(m)); - | | ~~~~~~~~~~~~~~~~~ - | | | - | | (16) this call could return NULL - | 104 | - | 105 | memcpy(ma, &m, sizeof(m)); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (17) ‘ma’ could be NULL: unchecked value from (16) - | -ipmaddr.c: In function ‘read_igmp’: -ipmaddr.c:152:17: warning: dereference of possibly-NULL ‘ma’ [CWE-690] [-Wanalyzer-possible-null-dereference] - 152 | memcpy(ma, &m, sizeof(m)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~ - ‘do_multiaddr’: events 1-4 - | - | 354 | int do_multiaddr(int argc, char **argv) - | | ^~~~~~~~~~~~ - | | | - | | (1) entry to ‘do_multiaddr’ - | 355 | { - | 356 | if (argc < 1) - | | ~ - | | | - | | (2) following ‘true’ branch (when ‘argc <= 0’)... - | 357 | return multiaddr_list(0, NULL); - | | ~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (3) ...to here - | | (4) calling ‘multiaddr_list’ from ‘do_multiaddr’ - | - +--> ‘multiaddr_list’: events 5-10 - | - | 255 | static int multiaddr_list(int argc, char **argv) - | | ^~~~~~~~~~~~~~ - | | | - | | (5) entry to ‘multiaddr_list’ - |...... - | 262 | while (argc > 0) { - | | ~~~~~~~~ - | | | - | | (6) following ‘false’ branch (when ‘argc <= 0’)... - |...... - | 275 | if (!filter.family || filter.family == AF_PACKET) - | | ~~~~~~~~~~~~~ - | | | - | | (7) ...to here - | 276 | read_dev_mcast(&list); - | 277 | if (!filter.family || filter.family == AF_INET) - | | ~ - | | | - | | (8) following ‘true’ branch... - | 278 | read_igmp(&list); - | | ~~~~~~~~~~~~~~~~ - | | | - | | (9) ...to here - | | (10) calling ‘read_igmp’ from ‘multiaddr_list’ - | - +--> ‘read_igmp’: events 11-14 - | - | 116 | static void read_igmp(struct ma_info **result_p) - | | ^~~~~~~~~ - | | | - | | (11) entry to ‘read_igmp’ - |...... - | 126 | if (!fp) - | | ~ - | | | - | | (12) following ‘false’ branch (when ‘fp’ is non-NULL)... - | 127 | return; - | 128 | if (!fgets(buf, sizeof(buf), fp)) { - | | ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | | - | | | (13) ...to here - | | (14) following ‘false’ branch... - | - ‘read_igmp’: event 15 - | - |cc1: - | (15): ...to here - | - ‘read_igmp’: events 16-19 - | - | 133 | while (fgets(buf, sizeof(buf), fp)) { - | | ^~~~~ - | | | - | | (16) following ‘true’ branch... - |...... - | 136 | if (buf[0] != '\t') { - | | ~~~~~~ - | | | - | | (17) ...to here - |...... - | 151 | ma = malloc(sizeof(m)); - | | ~~~~~~~~~~~~~~~~~ - | | | - | | (18) this call could return NULL - | 152 | memcpy(ma, &m, sizeof(m)); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (19) ‘ma’ could be NULL: unchecked value from (18) - | -ipmaddr.c: In function ‘read_igmp6’: -ipmaddr.c:181:25: warning: dereference of possibly-NULL ‘ma’ [CWE-690] [-Wanalyzer-possible-null-dereference] - 181 | memcpy(ma, &m, sizeof(m)); - | ^~~~~~~~~~~~~~~~~~~~~~~~~ - ‘do_multiaddr’: events 1-4 - | - | 354 | int do_multiaddr(int argc, char **argv) - | | ^~~~~~~~~~~~ - | | | - | | (1) entry to ‘do_multiaddr’ - | 355 | { - | 356 | if (argc < 1) - | | ~ - | | | - | | (2) following ‘true’ branch (when ‘argc <= 0’)... - | 357 | return multiaddr_list(0, NULL); - | | ~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (3) ...to here - | | (4) calling ‘multiaddr_list’ from ‘do_multiaddr’ - | - +--> ‘multiaddr_list’: events 5-10 - | - | 255 | static int multiaddr_list(int argc, char **argv) - | | ^~~~~~~~~~~~~~ - | | | - | | (5) entry to ‘multiaddr_list’ - |...... - | 262 | while (argc > 0) { - | | ~~~~~~~~ - | | | - | | (6) following ‘false’ branch (when ‘argc <= 0’)... - |...... - | 275 | if (!filter.family || filter.family == AF_PACKET) - | | ~~~~~~~~~~~~~ - | | | - | | (7) ...to here - |...... - | 279 | if (!filter.family || filter.family == AF_INET6) - | | ~ - | | | - | | (8) following ‘true’ branch... - | 280 | read_igmp6(&list); - | | ~~~~~~~~~~~~~~~~~ - | | | - | | (9) ...to here - | | (10) calling ‘read_igmp6’ from ‘multiaddr_list’ - | - +--> ‘read_igmp6’: events 11-12 - | - | 159 | static void read_igmp6(struct ma_info **result_p) - | | ^~~~~~~~~~ - | | | - | | (11) entry to ‘read_igmp6’ - |...... - | 164 | if (!fp) - | | ~ - | | | - | | (12) following ‘false’ branch (when ‘fp’ is non-NULL)... - | - ‘read_igmp6’: event 13 - | - |cc1: - | (13): ...to here - | - ‘read_igmp6’: events 14-17 - | - | 167 | while (fgets(buf, sizeof(buf), fp)) { - | | ^~~~~ - | | | - | | (14) following ‘true’ branch... - | 168 | char hexa[256]; - | 169 | struct ma_info m = { .addr.family = AF_INET6 }; - | | ~ - | | | - | | (15) ...to here - |...... - | 179 | struct ma_info *ma = malloc(sizeof(m)); - | | ~~~~~~~~~~~~~~~~~ - | | | - | | (16) this call could return NULL - | 180 | - | 181 | memcpy(ma, &m, sizeof(m)); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (17) ‘ma’ could be NULL: unchecked value from (16) - | - -Signed-off-by: Stephen Hemminger ---- - ip/ipmaddr.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/ip/ipmaddr.c b/ip/ipmaddr.c -index f8d6b992..a8ef20ec 100644 ---- a/ip/ipmaddr.c -+++ b/ip/ipmaddr.c -@@ -102,6 +102,8 @@ static void read_dev_mcast(struct ma_info **result_p) - if (len >= 0) { - struct ma_info *ma = malloc(sizeof(m)); - -+ if (ma == NULL) -+ break; - memcpy(ma, &m, sizeof(m)); - ma->addr.bytelen = len; - ma->addr.bitlen = len<<3; -@@ -149,6 +151,9 @@ static void read_igmp(struct ma_info **result_p) - sscanf(buf, "%08x%d", (__u32 *)&m.addr.data, &m.users); - - ma = malloc(sizeof(m)); -+ if (ma == NULL) -+ break; -+ - memcpy(ma, &m, sizeof(m)); - maddr_ins(result_p, ma); - } -@@ -178,8 +183,10 @@ static void read_igmp6(struct ma_info **result_p) - if (len >= 0) { - struct ma_info *ma = malloc(sizeof(m)); - -- memcpy(ma, &m, sizeof(m)); -+ if (ma == NULL) -+ break; - -+ memcpy(ma, &m, sizeof(m)); - ma->addr.bytelen = len; - ma->addr.bitlen = len<<3; - maddr_ins(result_p, ma); --- -2.27.0 - diff --git a/backport-ipnetns-fix-fd-leak-with-ip-netns-set.patch b/backport-ipnetns-fix-fd-leak-with-ip-netns-set.patch deleted file mode 100644 index d60d04f6376e38e3c5b1f349205b7f8355ebce54..0000000000000000000000000000000000000000 --- a/backport-ipnetns-fix-fd-leak-with-ip-netns-set.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 465e87a89c134d28a7fae540d26b27e6a2e1d6c0 Mon Sep 17 00:00:00 2001 -From: Nicolas Dichtel -Date: Thu, 11 May 2023 16:42:24 +0200 -Subject: [PATCH] ipnetns: fix fd leak with 'ip netns set' - -There is no reason to open this netns file. set_netnsid_from_name() uses -netns_get_fd() for this purpose and uses the returned fd. - -Reported-by: Stephen Hemminger -Fixes: d182ee1307c7 ("ipnetns: allow to get and set netns ids") -Signed-off-by: Nicolas Dichtel -Signed-off-by: Stephen Hemminger ---- - ip/ipnetns.c | 11 +---------- - 1 file changed, 1 insertion(+), 10 deletions(-) - -diff --git a/ip/ipnetns.c b/ip/ipnetns.c -index 12035349..9d996832 100644 ---- a/ip/ipnetns.c -+++ b/ip/ipnetns.c -@@ -967,9 +967,8 @@ int set_netnsid_from_name(const char *name, int nsid) - - static int netns_set(int argc, char **argv) - { -- char netns_path[PATH_MAX]; - const char *name; -- int netns, nsid; -+ int nsid; - - if (argc < 1) { - fprintf(stderr, "No netns name specified\n"); -@@ -988,14 +987,6 @@ static int netns_set(int argc, char **argv) - else if (nsid < 0) - invarg("\"netnsid\" value should be >= 0", argv[1]); - -- snprintf(netns_path, sizeof(netns_path), "%s/%s", NETNS_RUN_DIR, name); -- netns = open(netns_path, O_RDONLY | O_CLOEXEC); -- if (netns < 0) { -- fprintf(stderr, "Cannot open network namespace \"%s\": %s\n", -- name, strerror(errno)); -- return -1; -- } -- - return set_netnsid_from_name(name, nsid); - } - --- -2.27.0 - diff --git a/backport-iproute2-optimize-code-and-fix-some-mem-leak-risk.patch b/backport-iproute2-optimize-code-and-fix-some-mem-leak-risk.patch deleted file mode 100644 index dc611713f065517d4a09d925324ffe1d90129e88..0000000000000000000000000000000000000000 --- a/backport-iproute2-optimize-code-and-fix-some-mem-leak-risk.patch +++ /dev/null @@ -1,309 +0,0 @@ -From 7e8cdfa2eac57c8c1c469681d5ee016fc432ee4d Mon Sep 17 00:00:00 2001 -From: zhaoshuang -Date: Thu, 11 May 2023 08:37:26 +0800 -Subject: [PATCH] iproute2: optimize code and fix some mem-leak risk - -Conflict:contaxt adapt in devlink/devlink.c ip/ipnexthop.c,and remove modify in tc/tc_class.c because it -does not have leak -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=7e8cdfa2eac57c8c1c469681d5ee016fc432ee4d - -Signed-off-by: zhaoshuang -Reviewed-by: Pawel Chmielewski -Signed-off-by: Stephen Hemminger ---- - bridge/mdb.c | 4 ++++ - devlink/devlink.c | 21 +++++++++------------ - ip/ipaddrlabel.c | 1 + - ip/ipfou.c | 1 + - ip/ipila.c | 1 + - ip/ipnetconf.c | 1 + - ip/ipnexthop.c | 4 ++++ - ip/iproute.c | 6 ++++++ - ip/iprule.c | 1 + - ip/iptuntap.c | 1 + - ip/tunnel.c | 2 ++ - tc/tc_filter.c | 1 + - tc/tc_qdisc.c | 1 + - 13 files changed, 33 insertions(+), 12 deletions(-) - -diff --git a/bridge/mdb.c b/bridge/mdb.c -index b427d87..c5f23d0 100644 ---- a/bridge/mdb.c -+++ b/bridge/mdb.c -@@ -423,12 +423,14 @@ static int mdb_show(int argc, char **argv) - /* get mdb entries */ - if (rtnl_mdbdump_req(&rth, PF_BRIDGE) < 0) { - perror("Cannot send dump request"); -+ delete_json_obj(); - return -1; - } - - open_json_array(PRINT_JSON, "mdb"); - if (rtnl_dump_filter(&rth, print_mdbs, stdout) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return -1; - } - close_json_array(PRINT_JSON, NULL); -@@ -436,12 +438,14 @@ static int mdb_show(int argc, char **argv) - /* get router ports */ - if (rtnl_mdbdump_req(&rth, PF_BRIDGE) < 0) { - perror("Cannot send dump request"); -+ delete_json_obj(); - return -1; - } - - open_json_object("router"); - if (rtnl_dump_filter(&rth, print_rtrs, stdout) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return -1; - } - close_json_object(); -diff --git a/devlink/devlink.c b/devlink/devlink.c -index 765e90d..9275ee5 100644 ---- a/devlink/devlink.c -+++ b/devlink/devlink.c -@@ -209,6 +209,14 @@ struct ifname_map { - char *ifname; - }; - -+static void ifname_map_free(struct ifname_map *ifname_map) -+{ -+ free(ifname_map->ifname); -+ free(ifname_map->dev_name); -+ free(ifname_map->bus_name); -+ free(ifname_map); -+} -+ - static struct ifname_map *ifname_map_alloc(const char *bus_name, - const char *dev_name, - uint32_t port_index, -@@ -225,23 +233,12 @@ static struct ifname_map *ifname_map_alloc(const char *bus_name, - ifname_map->ifname = strdup(ifname); - if (!ifname_map->bus_name || !ifname_map->dev_name || - !ifname_map->ifname) { -- free(ifname_map->ifname); -- free(ifname_map->dev_name); -- free(ifname_map->bus_name); -- free(ifname_map); -+ ifname_map_free(ifname_map); - return NULL; - } - return ifname_map; - } - --static void ifname_map_free(struct ifname_map *ifname_map) --{ -- free(ifname_map->ifname); -- free(ifname_map->dev_name); -- free(ifname_map->bus_name); -- free(ifname_map); --} -- - #define DL_OPT_HANDLE BIT(0) - #define DL_OPT_HANDLEP BIT(1) - #define DL_OPT_PORT_TYPE BIT(2) -diff --git a/ip/ipaddrlabel.c b/ip/ipaddrlabel.c -index beb08da..9e468b0 100644 ---- a/ip/ipaddrlabel.c -+++ b/ip/ipaddrlabel.c -@@ -127,6 +127,7 @@ static int ipaddrlabel_list(int argc, char **argv) - new_json_obj(json); - if (rtnl_dump_filter(&rth, print_addrlabel, stdout) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return 1; - } - delete_json_obj(); -diff --git a/ip/ipfou.c b/ip/ipfou.c -index 9c69777..5db137d 100644 ---- a/ip/ipfou.c -+++ b/ip/ipfou.c -@@ -322,6 +322,7 @@ static int do_show(int argc, char **argv) - new_json_obj(json); - if (rtnl_dump_filter(&genl_rth, print_fou_mapping, stdout) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return 1; - } - delete_json_obj(); -diff --git a/ip/ipila.c b/ip/ipila.c -index 475c35b..cbc3dd3 100644 ---- a/ip/ipila.c -+++ b/ip/ipila.c -@@ -154,6 +154,7 @@ static int do_list(int argc, char **argv) - new_json_obj(json); - if (rtnl_dump_filter(&genl_rth, print_ila_mapping, stdout) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return 1; - } - delete_json_obj(); -diff --git a/ip/ipnetconf.c b/ip/ipnetconf.c -index bb0ebe1..f5ebb1a 100644 ---- a/ip/ipnetconf.c -+++ b/ip/ipnetconf.c -@@ -214,6 +214,7 @@ dump: - */ - if (errno == EOPNOTSUPP && - filter.family == AF_UNSPEC) { -+ delete_json_obj(); - filter.family = AF_INET; - goto dump; - } -diff --git a/ip/ipnexthop.c b/ip/ipnexthop.c -index 9478aa5..36dafa1 100644 ---- a/ip/ipnexthop.c -+++ b/ip/ipnexthop.c -@@ -732,6 +732,7 @@ static int ipnh_get_id(__u32 id) - new_json_obj(json); - - if (print_nexthop(answer, (void *)stdout) < 0) { -+ delete_json_obj(); - free(answer); - return -1; - } -@@ -817,6 +818,7 @@ static int ipnh_list_flush(int argc, char **argv, int action) - new_json_obj(json); - - if (rtnl_dump_filter(&rth, print_nexthop, stdout) < 0) { -+ delete_json_obj(); - fprintf(stderr, "Dump terminated\n"); - return -2; - } -@@ -892,6 +894,7 @@ static int ipnh_bucket_list(int argc, char **argv) - new_json_obj(json); - - if (rtnl_dump_filter(&rth, print_nexthop_bucket, stdout) < 0) { -+ delete_json_obj(); - fprintf(stderr, "Dump terminated\n"); - return -2; - } -@@ -932,6 +935,7 @@ static int ipnh_bucket_get_id(__u32 id, __u16 bucket_index) - new_json_obj(json); - - if (print_nexthop_bucket(answer, (void *)stdout) < 0) { -+ delete_json_obj(); - free(answer); - return -1; - } -diff --git a/ip/iproute.c b/ip/iproute.c -index 9922cb0..6e359fa 100644 ---- a/ip/iproute.c -+++ b/ip/iproute.c -@@ -1962,6 +1962,7 @@ static int iproute_list_flush_or_save(int argc, char **argv, int action) - if (rtnl_dump_filter_errhndlr(&rth, filter_fn, stdout, - save_route_errhndlr, NULL) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return -2; - } - -@@ -2157,18 +2158,21 @@ static int iproute_get(int argc, char **argv) - - if (print_route(answer, (void *)stdout) < 0) { - fprintf(stderr, "An error :-)\n"); -+ delete_json_obj(); - free(answer); - return -1; - } - - if (answer->nlmsg_type != RTM_NEWROUTE) { - fprintf(stderr, "Not a route?\n"); -+ delete_json_obj(); - free(answer); - return -1; - } - len -= NLMSG_LENGTH(sizeof(*r)); - if (len < 0) { - fprintf(stderr, "Wrong len %d\n", len); -+ delete_json_obj(); - free(answer); - return -1; - } -@@ -2180,6 +2184,7 @@ static int iproute_get(int argc, char **argv) - r->rtm_src_len = 8*RTA_PAYLOAD(tb[RTA_PREFSRC]); - } else if (!tb[RTA_SRC]) { - fprintf(stderr, "Failed to connect the route\n"); -+ delete_json_obj(); - free(answer); - return -1; - } -@@ -2202,6 +2207,7 @@ static int iproute_get(int argc, char **argv) - - if (print_route(answer, (void *)stdout) < 0) { - fprintf(stderr, "An error :-)\n"); -+ delete_json_obj(); - free(answer); - return -1; - } -diff --git a/ip/iprule.c b/ip/iprule.c -index 4166073..7307908 100644 ---- a/ip/iprule.c -+++ b/ip/iprule.c -@@ -718,6 +718,7 @@ static int iprule_list_flush_or_save(int argc, char **argv, int action) - new_json_obj(json); - if (rtnl_dump_filter(&rth, filter_fn, stdout) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return 1; - } - delete_json_obj(); -diff --git a/ip/iptuntap.c b/ip/iptuntap.c -index 385d2bd..ff88844 100644 ---- a/ip/iptuntap.c -+++ b/ip/iptuntap.c -@@ -444,6 +444,7 @@ static int do_show(int argc, char **argv) - - if (rtnl_dump_filter(&rth, print_tuntap, NULL) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return -1; - } - -diff --git a/ip/tunnel.c b/ip/tunnel.c -index 88585cf..51a0016 100644 ---- a/ip/tunnel.c -+++ b/ip/tunnel.c -@@ -439,11 +439,13 @@ int do_tunnels_list(struct tnl_print_nlmsg_info *info) - new_json_obj(json); - if (rtnl_linkdump_req(&rth, preferred_family) < 0) { - perror("Cannot send dump request\n"); -+ delete_json_obj(); - return -1; - } - - if (rtnl_dump_filter(&rth, print_nlmsg_tunnel, info) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return -1; - } - delete_json_obj(); -diff --git a/tc/tc_filter.c b/tc/tc_filter.c -index 71be2e8..5a2a6ba 100644 ---- a/tc/tc_filter.c -+++ b/tc/tc_filter.c -@@ -738,6 +738,7 @@ static int tc_filter_list(int cmd, int argc, char **argv) - new_json_obj(json); - if (rtnl_dump_filter(&rth, print_filter, stdout) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return 1; - } - delete_json_obj(); -diff --git a/tc/tc_qdisc.c b/tc/tc_qdisc.c -index b79029d..77f4d97 100644 ---- a/tc/tc_qdisc.c -+++ b/tc/tc_qdisc.c -@@ -435,6 +435,7 @@ static int tc_qdisc_list(int argc, char **argv) - new_json_obj(json); - if (rtnl_dump_filter(&rth, print_qdisc, stdout) < 0) { - fprintf(stderr, "Dump terminated\n"); -+ delete_json_obj(); - return 1; - } - delete_json_obj(); --- -2.27.0 - diff --git a/backport-iproute_lwtunnel-fix-array-boundary-check.patch b/backport-iproute_lwtunnel-fix-array-boundary-check.patch deleted file mode 100644 index 9c207dea0d372d04c3ae250a062cff5ed3fa4912..0000000000000000000000000000000000000000 --- a/backport-iproute_lwtunnel-fix-array-boundary-check.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 1cf50a1f2723764eb53fad7c5ff8754835806df0 Mon Sep 17 00:00:00 2001 -From: Andrea Claudi -Date: Mon, 29 May 2023 23:42:16 +0200 -Subject: [PATCH] iproute_lwtunnel: fix array boundary check - -seg6_mode_types is made up of 5 elements, so ARRAY_SIZE(seg6_mode_types) -evaluates to 5. Thus, when mode = 5, this function returns -seg6_mode_types[5], resulting in an out-of-bound access. - -Fix this bailing out when mode is equal to or greater than 5. - -Fixes: cf87da417bb4 ("iproute: add support for seg6 l2encap mode") -Signed-off-by: Andrea Claudi -Signed-off-by: Stephen Hemminger ---- - ip/iproute_lwtunnel.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ip/iproute_lwtunnel.c b/ip/iproute_lwtunnel.c -index 96de3b20..94985972 100644 ---- a/ip/iproute_lwtunnel.c -+++ b/ip/iproute_lwtunnel.c -@@ -140,7 +140,7 @@ static const char *seg6_mode_types[] = { - - static const char *format_seg6mode_type(int mode) - { -- if (mode < 0 || mode > ARRAY_SIZE(seg6_mode_types)) -+ if (mode < 0 || mode >= ARRAY_SIZE(seg6_mode_types)) - return ""; - - return seg6_mode_types[mode]; --- -2.27.0 - diff --git a/backport-iproute_lwtunnel-fix-possible-use-of-NULL-when-mallo.patch b/backport-iproute_lwtunnel-fix-possible-use-of-NULL-when-mallo.patch deleted file mode 100644 index 31c42f775d3ec98e93bdf7c1de892da797615baf..0000000000000000000000000000000000000000 --- a/backport-iproute_lwtunnel-fix-possible-use-of-NULL-when-mallo.patch +++ /dev/null @@ -1,178 +0,0 @@ -From fa44c2d6f1dab40ad615bcb16fdbdb189d617ed6 Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 19:05:38 -0700 -Subject: [PATCH] iproute_lwtunnel: fix possible use of NULL when malloc() - fails -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -iproute_lwtunnel.c: In function ‘parse_srh’: -iproute_lwtunnel.c:903:9: warning: use of possibly-NULL ‘srh’ where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument] - 903 | memset(srh, 0, srhlen); - | ^~~~~~~~~~~~~~~~~~~~~~ - ‘parse_srh’: events 1-2 - | - | 902 | srh = malloc(srhlen); - | | ^~~~~~~~~~~~~~ - | | | - | | (1) this call could return NULL - | 903 | memset(srh, 0, srhlen); - | | ~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (2) argument 1 (‘srh’) from (1) could be NULL where non-null expected - | -In file included from iproute_lwtunnel.c:13: -/usr/include/string.h:61:14: note: argument 1 of ‘memset’ must be non-null - 61 | extern void *memset (void *__s, int __c, size_t __n) __THROW __nonnull ((1)); - | ^~~~~~ -iproute_lwtunnel.c: In function ‘parse_encap_seg6’: -iproute_lwtunnel.c:980:9: warning: use of possibly-NULL ‘tuninfo’ where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument] - 980 | memset(tuninfo, 0, sizeof(*tuninfo) + srhlen); - | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - ‘parse_encap_seg6’: events 1-2 - | - | 934 | static int parse_encap_seg6(struct rtattr *rta, size_t len, int *argcp, - | | ^~~~~~~~~~~~~~~~ - | | | - | | (1) entry to ‘parse_encap_seg6’ - |...... - | 976 | srh = parse_srh(segbuf, hmac, encap); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (2) calling ‘parse_srh’ from ‘parse_encap_seg6’ - | - +--> ‘parse_srh’: events 3-5 - | - | 882 | static struct ipv6_sr_hdr *parse_srh(char *segbuf, int hmac, bool encap) - | | ^~~~~~~~~ - | | | - | | (3) entry to ‘parse_srh’ - |...... - | 922 | if (hmac) { - | | ~ - | | | - | | (4) following ‘false’ branch (when ‘hmac == 0’)... - |...... - | 931 | return srh; - | | ~~~ - | | | - | | (5) ...to here - | - <------+ - | - ‘parse_encap_seg6’: events 6-8 - | - | 976 | srh = parse_srh(segbuf, hmac, encap); - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (6) returning to ‘parse_encap_seg6’ from ‘parse_srh’ - |...... - | 979 | tuninfo = malloc(sizeof(*tuninfo) + srhlen); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (7) this call could return NULL - | 980 | memset(tuninfo, 0, sizeof(*tuninfo) + srhlen); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (8) argument 1 (‘tuninfo’) from (7) could be NULL where non-null expected - | -/usr/include/string.h:61:14: note: argument 1 of ‘memset’ must be non-null - 61 | extern void *memset (void *__s, int __c, size_t __n) __THROW __nonnull ((1)); - | ^~~~~~ -iproute_lwtunnel.c: In function ‘parse_rpl_srh’: -iproute_lwtunnel.c:1018:21: warning: dereference of possibly-NULL ‘srh’ [CWE-690] [-Wanalyzer-possible-null-dereference] - 1018 | srh->hdrlen = (srhlen >> 3) - 1; - | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~ - ‘parse_rpl_srh’: events 1-2 - | - | 1016 | srh = calloc(1, srhlen); - | | ^~~~~~~~~~~~~~~~~ - | | | - | | (1) this call could return NULL - | 1017 | - | 1018 | srh->hdrlen = (srhlen >> 3) - 1; - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (2) ‘srh’ could be NULL: unchecked value from (1) - | - -Fixes: 00e76d4da37f ("iproute: add helper functions for SRH processing") -Signed-off-by: Stephen Hemminger ---- - ip/iproute_lwtunnel.c | 18 +++++++++++++----- - 1 file changed, 13 insertions(+), 5 deletions(-) - -diff --git a/ip/iproute_lwtunnel.c b/ip/iproute_lwtunnel.c -index 308178ef..96de3b20 100644 ---- a/ip/iproute_lwtunnel.c -+++ b/ip/iproute_lwtunnel.c -@@ -900,6 +900,9 @@ static struct ipv6_sr_hdr *parse_srh(char *segbuf, int hmac, bool encap) - srhlen += 40; - - srh = malloc(srhlen); -+ if (srh == NULL) -+ return NULL; -+ - memset(srh, 0, srhlen); - - srh->hdrlen = (srhlen >> 3) - 1; -@@ -935,14 +938,14 @@ static int parse_encap_seg6(struct rtattr *rta, size_t len, int *argcp, - char ***argvp) - { - int mode_ok = 0, segs_ok = 0, hmac_ok = 0; -- struct seg6_iptunnel_encap *tuninfo; -+ struct seg6_iptunnel_encap *tuninfo = NULL; - struct ipv6_sr_hdr *srh; - char **argv = *argvp; - char segbuf[1024] = ""; - int argc = *argcp; - int encap = -1; - __u32 hmac = 0; -- int ret = 0; -+ int ret = -1; - int srhlen; - - while (argc > 0) { -@@ -974,9 +977,13 @@ static int parse_encap_seg6(struct rtattr *rta, size_t len, int *argcp, - } - - srh = parse_srh(segbuf, hmac, encap); -+ if (srh == NULL) -+ goto out; - srhlen = (srh->hdrlen + 1) << 3; - - tuninfo = malloc(sizeof(*tuninfo) + srhlen); -+ if (tuninfo == NULL) -+ goto out; - memset(tuninfo, 0, sizeof(*tuninfo) + srhlen); - - tuninfo->mode = encap; -@@ -984,13 +991,12 @@ static int parse_encap_seg6(struct rtattr *rta, size_t len, int *argcp, - memcpy(tuninfo->srh, srh, srhlen); - - if (rta_addattr_l(rta, len, SEG6_IPTUNNEL_SRH, tuninfo, -- sizeof(*tuninfo) + srhlen)) { -- ret = -1; -+ sizeof(*tuninfo) + srhlen)) - goto out; -- } - - *argcp = argc + 1; - *argvp = argv - 1; -+ ret = 0; - - out: - free(tuninfo); -@@ -1014,6 +1020,8 @@ static struct ipv6_rpl_sr_hdr *parse_rpl_srh(char *segbuf) - srhlen = 8 + 16 * nsegs; - - srh = calloc(1, srhlen); -+ if (srh == NULL) -+ return NULL; - - srh->hdrlen = (srhlen >> 3) - 1; - srh->type = 3; --- -2.27.0 - diff --git a/backport-iptunnel-detect-protocol-mismatch-on-tunnel-change.patch b/backport-iptunnel-detect-protocol-mismatch-on-tunnel-change.patch deleted file mode 100644 index 841b4a56c114b1a2eacc8b64840e1c6d6586713f..0000000000000000000000000000000000000000 --- a/backport-iptunnel-detect-protocol-mismatch-on-tunnel-change.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 8cc2eac60d5f1f5ec2c40d02c0003731c8b610dc Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 10 Apr 2023 16:22:51 -0700 -Subject: [PATCH] iptunnel: detect protocol mismatch on tunnel change - -If attempt is made to change an IPv6 tunnel by using IPv4 -parameters, a stack overflow would happen and garbage request -would be passed to kernel. - -Example: -ip tunnel add gre1 mode ip6gre local 2001:db8::1 remote 2001:db8::2 ttl 255 -ip tunnel change gre1 mode gre local 192.168.0.0 remote 192.168.0.1 ttl 255 - -The second command should fail because it attempting set IPv4 addresses -on a GRE tunnel that is IPv6. - -Do best effort detection of this mismatch by giving a bigger buffer to get -tunnel request, and checking that the IP header is IPv4. It is still possible -but unlikely that byte would match in IPv6 tunnel paramater, but good enough -to catch the obvious cases. - -Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032642 -Tested-by: Luca Boccassi -Reported-by: Robin -Signed-off-by: Stephen Hemminger ---- - ip/iptunnel.c | 14 ++++++++++++-- - 1 file changed, 12 insertions(+), 2 deletions(-) - -diff --git a/ip/iptunnel.c b/ip/iptunnel.c -index 02c3670b..b6da1459 100644 ---- a/ip/iptunnel.c -+++ b/ip/iptunnel.c -@@ -17,6 +17,7 @@ - #include - #include - #include -+#include - - #include "rt_names.h" - #include "utils.h" -@@ -172,11 +173,20 @@ static int parse_args(int argc, char **argv, int cmd, struct ip_tunnel_parm *p) - if (get_ifname(p->name, *argv)) - invarg("\"name\" not a valid ifname", *argv); - if (cmd == SIOCCHGTUNNEL && count == 0) { -- struct ip_tunnel_parm old_p = {}; -+ union { -+ struct ip_tunnel_parm ip_tnl; -+ struct ip6_tnl_parm2 ip6_tnl; -+ } old_p = {}; - - if (tnl_get_ioctl(*argv, &old_p)) - return -1; -- *p = old_p; -+ -+ if (old_p.ip_tnl.iph.version != 4 || -+ old_p.ip_tnl.iph.ihl != 5) -+ invarg("\"name\" is not an ip tunnel", -+ *argv); -+ -+ *p = old_p.ip_tnl; - } - } - count++; --- -2.27.0 - diff --git a/backport-l2tp-fix-typo-in-AF_INET6-checksum-JSON-print.patch b/backport-l2tp-fix-typo-in-AF_INET6-checksum-JSON-print.patch deleted file mode 100644 index eb3cc70cdffd29665e1ba395d93f269786582b56..0000000000000000000000000000000000000000 --- a/backport-l2tp-fix-typo-in-AF_INET6-checksum-JSON-print.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 2bb37e90177cae1b92284a943123b0575505141f Mon Sep 17 00:00:00 2001 -From: Andrea Claudi -Date: Tue, 21 Jun 2022 18:53:08 +0200 -Subject: [PATCH] l2tp: fix typo in AF_INET6 checksum JSON print - -In print_tunnel json output, a typo makes it impossible to know the -value of udp6_csum_rx, printing instead udp6_csum_tx two times. - -Fixed getting rid of the typo. - -Fixes: 98453b65800f ("ip/l2tp: add JSON support") -Signed-off-by: Andrea Claudi -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=2bb37e90177 ---- - ip/ipl2tp.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ip/ipl2tp.c b/ip/ipl2tp.c -index 56972358..f1d574de 100644 ---- a/ip/ipl2tp.c -+++ b/ip/ipl2tp.c -@@ -258,7 +258,7 @@ static void print_tunnel(const struct l2tp_data *data) - NULL, p->udp6_csum_tx); - - print_bool(PRINT_JSON, "checksum_rx", -- NULL, p->udp6_csum_tx); -+ NULL, p->udp6_csum_rx); - } else { - printf(" UDP checksum: %s%s%s%s\n", - p->udp6_csum_tx && p->udp6_csum_rx --- -2.23.0 - diff --git a/backport-libnetlink-Fix-memory-leak-in-__rtnl_talk_iov.patch b/backport-libnetlink-Fix-memory-leak-in-__rtnl_talk_iov.patch deleted file mode 100644 index 9108f136db1f3480e197e22ad127fe9d0f779a6f..0000000000000000000000000000000000000000 --- a/backport-libnetlink-Fix-memory-leak-in-__rtnl_talk_iov.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 0faec4d050b607f7544b6cf9a4c2d57e191f981f Mon Sep 17 00:00:00 2001 -From: Lahav Schlesinger -Date: Mon, 5 Dec 2022 10:47:41 +0200 -Subject: [PATCH] libnetlink: Fix memory leak in __rtnl_talk_iov() - -If `__rtnl_talk_iov` fails then callers are not expected to free `answer`. - -Currently if `NLMSG_ERROR` was received with an error then the netlink -buffer was stored in `answer`, while still returning an error - -This leak can be observed by running this snippet over time. -This triggers an `NLMSG_ERROR` because for each neighbour update, `ip` -will try to query for the name of interface 9999 in the wrong netns. -(which in itself is a separate bug) - - set -e - - ip netns del test-a || true - ip netns add test-a - ip netns del test-b || true - ip netns add test-b - - ip -n test-a netns set test-b auto - ip -n test-a link add veth_a index 9999 type veth \ - peer name veth_b netns test-b - ip -n test-b link set veth_b up - - ip -n test-a monitor link address prefix neigh nsid label all-nsid \ - > /dev/null & - monitor_pid=$! - clean() { - kill $monitor_pid - ip netns del test-a - ip netns del test-b - } - trap clean EXIT - - while true; do - ip -n test-b neigh add dev veth_b 1.2.3.4 lladdr AA:AA:AA:AA:AA:AA - ip -n test-b neigh del dev veth_b 1.2.3.4 - done - - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=0faec4d050b607f7544b6cf9a4c2d57e191f981f - -Fixes: 55870dfe7f8b ("Improve batch and dump times by caching link lookups") -Signed-off-by: Lahav Schlesinger -Signed-off-by: Gilad Naaman -Signed-off-by: Stephen Hemminger ---- - lib/libnetlink.c | 17 +++++++++++------ - 1 file changed, 11 insertions(+), 6 deletions(-) - -diff --git a/lib/libnetlink.c b/lib/libnetlink.c -index 9af06232..001efc1d 100644 ---- a/lib/libnetlink.c -+++ b/lib/libnetlink.c -@@ -1092,14 +1092,19 @@ next: - rtnl_talk_error(h, err, errfn); - } - -- if (answer) -- *answer = (struct nlmsghdr *)buf; -- else -+ if (i < iovlen) { - free(buf); -- -- if (i < iovlen) - goto next; -- return error ? -i : 0; -+ } -+ -+ if (error) { -+ free(buf); -+ return -i; -+ } -+ -+ if (answer) -+ *answer = (struct nlmsghdr *)buf; -+ return 0; - } - - if (answer) { --- -2.23.0 diff --git a/backport-libnetlink-fix-socket-leak-in-rtnl_open_byproto.patch b/backport-libnetlink-fix-socket-leak-in-rtnl_open_byproto.patch deleted file mode 100644 index 002a09ce5f6d8ddc7740daa31d81e9f17aa12574..0000000000000000000000000000000000000000 --- a/backport-libnetlink-fix-socket-leak-in-rtnl_open_byproto.patch +++ /dev/null @@ -1,75 +0,0 @@ -From f8beda6e00e57b8f875442351f91e5c01530ad8e Mon Sep 17 00:00:00 2001 -From: Maxim Petrov -Date: Tue, 8 Feb 2022 20:20:45 +0300 -Subject: [PATCH] libnetlink: fix socket leak in rtnl_open_byproto() - -rtnl_open_byproto() does not close the opened socket in case of -errors, and the socket is returned to the caller in the `fd` field of -the struct. However, none of the callers care about the socket, so -close it in the function immediately to avoid any potential resource -leaks. - -Signed-off-by: Maxim Petrov -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=f8beda6e00e ---- - lib/libnetlink.c | 15 +++++++++------ - 1 file changed, 9 insertions(+), 6 deletions(-) - -diff --git a/lib/libnetlink.c b/lib/libnetlink.c -index 7e977a67..6d1b1187 100644 ---- a/lib/libnetlink.c -+++ b/lib/libnetlink.c -@@ -210,13 +210,13 @@ int rtnl_open_byproto(struct rtnl_handle *rth, unsigned int subscriptions, - if (setsockopt(rth->fd, SOL_SOCKET, SO_SNDBUF, - &sndbuf, sizeof(sndbuf)) < 0) { - perror("SO_SNDBUF"); -- return -1; -+ goto err; - } - - if (setsockopt(rth->fd, SOL_SOCKET, SO_RCVBUF, - &rcvbuf, sizeof(rcvbuf)) < 0) { - perror("SO_RCVBUF"); -- return -1; -+ goto err; - } - - /* Older kernels may no support extended ACK reporting */ -@@ -230,25 +230,28 @@ int rtnl_open_byproto(struct rtnl_handle *rth, unsigned int subscriptions, - if (bind(rth->fd, (struct sockaddr *)&rth->local, - sizeof(rth->local)) < 0) { - perror("Cannot bind netlink socket"); -- return -1; -+ goto err; - } - addr_len = sizeof(rth->local); - if (getsockname(rth->fd, (struct sockaddr *)&rth->local, - &addr_len) < 0) { - perror("Cannot getsockname"); -- return -1; -+ goto err; - } - if (addr_len != sizeof(rth->local)) { - fprintf(stderr, "Wrong address length %d\n", addr_len); -- return -1; -+ goto err; - } - if (rth->local.nl_family != AF_NETLINK) { - fprintf(stderr, "Wrong address family %d\n", - rth->local.nl_family); -- return -1; -+ goto err; - } - rth->seq = time(NULL); - return 0; -+err: -+ rtnl_close(rth); -+ return -1; - } - - int rtnl_open(struct rtnl_handle *rth, unsigned int subscriptions) --- -2.23.0 - diff --git a/backport-lnstat-fix-buffer-overflow-in-header-output.patch b/backport-lnstat-fix-buffer-overflow-in-header-output.patch deleted file mode 100644 index 48c1ecc16559318247303d5ea653ffb77619c369..0000000000000000000000000000000000000000 --- a/backport-lnstat-fix-buffer-overflow-in-header-output.patch +++ /dev/null @@ -1,37 +0,0 @@ -From be31c2648487596f23096278dacd86bf88305a14 Mon Sep 17 00:00:00 2001 -From: "[200~jiangheng" -Date: Wed, 17 Nov 2021 13:41:10 -0800 -Subject: [PATCH] lnstat: fix buffer overflow in header output - -Running lnstat will cause core dump from reading past end of array. - -Segmentation fault (core dumped) - -The maximum value of th.num_lines is HDR_LINES(10), h should not be equal to th.num_lines, array th.hdr may be out of bounds. - -Signed-off-by jiangheng -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=be31c264848 ---- - misc/lnstat.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/misc/lnstat.c b/misc/lnstat.c -index 89cb0e7e..98904d45 100644 ---- a/misc/lnstat.c -+++ b/misc/lnstat.c -@@ -210,8 +210,9 @@ static struct table_hdr *build_hdr_string(struct lnstat_file *lnstat_files, - } - ofs += width+1; - } -+ - /* fill in spaces */ -- for (h = 1; h <= th.num_lines; h++) { -+ for (h = 1; h < th.num_lines; h++) { - for (i = 0; i < ofs; i++) { - if (th.hdr[h][i] == '\0') - th.hdr[h][i] = ' '; --- -2.23.0 - diff --git a/backport-lnstat-fix-strdup-leak-in-w-argument-parsing.patch b/backport-lnstat-fix-strdup-leak-in-w-argument-parsing.patch deleted file mode 100644 index e0815a35fde5da33f15872bdceadfced9c5045e9..0000000000000000000000000000000000000000 --- a/backport-lnstat-fix-strdup-leak-in-w-argument-parsing.patch +++ /dev/null @@ -1,32 +0,0 @@ -From cc143bda6bcec20d073f42162f06dde8998551d4 Mon Sep 17 00:00:00 2001 -From: Maxim Petrov -Date: Tue, 15 Feb 2022 23:53:47 +0300 -Subject: [PATCH] lnstat: fix strdup leak in -w argument parsing - -'tmp' string is used for safe tokenizing, but it is not required after -getting all the widths in -w option. As 'tmp' string is obtained by strdup -call, the caller has to deallocate it to avoid memory leak. - -Signed-off-by: Maxim Petrov -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=cc143bda6bc ---- - misc/lnstat.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/misc/lnstat.c b/misc/lnstat.c -index 98904d45..c3293a8e 100644 ---- a/misc/lnstat.c -+++ b/misc/lnstat.c -@@ -331,6 +331,7 @@ int main(int argc, char **argv) - for (i = 0; i < MAX_FIELDS; i++) - fp.params[i].print.width = len; - } -+ free(tmp); - break; - default: - usage(argv[0], 1); --- -2.23.0 - diff --git a/backport-m_action-fix-warning-of-overwrite-of-const-string.patch b/backport-m_action-fix-warning-of-overwrite-of-const-string.patch deleted file mode 100644 index dae5218d703d0c8e04ea2109fc702851ddbc44f6..0000000000000000000000000000000000000000 --- a/backport-m_action-fix-warning-of-overwrite-of-const-string.patch +++ /dev/null @@ -1,162 +0,0 @@ -From b134c2c344582f12d3e350168334e50b91a99c7d Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 19:25:33 -0700 -Subject: [PATCH] m_action: fix warning of overwrite of const string -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The function get_action_kind() searches first for the given -action, then rescans on failure for "gact". In the process, -it would overwrite the argument. Avoid the warning -by using a const argument and not copying. - -The problem dates back to pre-git history. - -m_action.c: In function ‘get_action_kind’: -m_action.c:126:17: warning: write to string literal [-Wanalyzer-write-to-string-literal] - 126 | strcpy(str, "gact"); - | ^~~~~~~~~~~~~~~~~~~ - ‘do_action’: events 1-6 - | - | 853 | int do_action(int argc, char **argv) - | | ^~~~~~~~~ - | | | - | | (1) entry to ‘do_action’ - |...... - | 858 | while (argc > 0) { - | | ~~~~~~~~ - | | | - | | (2) following ‘true’ branch... - | 859 | - | 860 | if (matches(*argv, "add") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(3) ...to here - | | (4) following ‘false’ branch... - | 861 | ret = tc_action_modify(RTM_NEWACTION, - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (5) ...to here - | | (6) calling ‘tc_action_modify’ from ‘do_action’ - | 862 | NLM_F_EXCL | NLM_F_CREATE, - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~ - | 863 | &argc, &argv); - | | ~~~~~~~~~~~~~ - | - +--> ‘tc_action_modify’: events 7-8 - | - | 715 | static int tc_action_modify(int cmd, unsigned int flags, - | | ^~~~~~~~~~~~~~~~ - | | | - | | (7) entry to ‘tc_action_modify’ - |...... - | 735 | if (parse_action(&argc, &argv, TCA_ACT_TAB, &req.n)) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (8) calling ‘parse_action’ from ‘tc_action_modify’ - | - +--> ‘parse_action’: events 9-18 - | - | 203 | int parse_action(int *argc_p, char ***argv_p, int tca_id, struct nlmsghdr *n) - | | ^~~~~~~~~~~~ - | | | - | | (9) entry to ‘parse_action’ - |...... - | 217 | if (argc <= 0) - | | ~ - | | | - | | (10) following ‘false’ branch... - |...... - | 220 | tail2 = addattr_nest(n, MAX_MSG, tca_id); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (11) ...to here - | 221 | - | 222 | while (argc > 0) { - | | ~~~~~~~~ - | | | - | | (12) following ‘true’ branch... - | 223 | - | 224 | memset(k, 0, sizeof(k)); - | | ~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (13) ...to here - | 225 | - | 226 | if (strcmp(*argv, "action") == 0) { - | | ~ - | | | - | | (14) following ‘true’ branch (when the strings are equal)... - | 227 | argc--; - | | ~~~~~~ - | | | - | | (15) ...to here - |...... - | 231 | if (!gact_ld) - | | ~ - | | | - | | (16) following ‘true’ branch... - | 232 | get_action_kind("gact"); - | | ~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (17) ...to here - | | (18) calling ‘get_action_kind’ from ‘parse_action’ - | - +--> ‘get_action_kind’: events 19-24 - | - | 86 | static struct action_util *get_action_kind(char *str) - | | ^~~~~~~~~~~~~~~ - | | | - | | (19) entry to ‘get_action_kind’ - |...... - | 114 | if (a == NULL) - | | ~ - | | | - | | (20) following ‘true’ branch (when ‘a’ is NULL)... - | 115 | goto noexist; - | | ~~~~ - | | | - | | (21) ...to here - |...... - | 124 | if (!looked4gact) { - | | ~ - | | | - | | (22) following ‘true’ branch (when ‘looked4gact == 0’)... - | 125 | looked4gact = 1; - | 126 | strcpy(str, "gact"); - | | ~~~~~~~~~~~~~~~~~~~ - | | | - | | (23) ...to here - | | (24) write to string literal here - | - -Signed-off-by: Stephen Hemminger ---- - tc/m_action.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/tc/m_action.c b/tc/m_action.c -index a446cabd..16474c56 100644 ---- a/tc/m_action.c -+++ b/tc/m_action.c -@@ -83,7 +83,7 @@ static int parse_noaopt(struct action_util *au, int *argc_p, - return -1; - } - --static struct action_util *get_action_kind(char *str) -+static struct action_util *get_action_kind(const char *str) - { - static void *aBODY; - void *dlh; -@@ -123,7 +123,7 @@ noexist: - #ifdef CONFIG_GACT - if (!looked4gact) { - looked4gact = 1; -- strcpy(str, "gact"); -+ str = "gact"; - goto restart_s; - } - #endif --- -2.27.0 - diff --git a/backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch b/backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch deleted file mode 100644 index 95bb7e42c5930c1ff025ff4c4ee8bc9b54af8081..0000000000000000000000000000000000000000 --- a/backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch +++ /dev/null @@ -1,49 +0,0 @@ -From afdbb0204a5872f1f76058a0db5a529b1f0c8de7 Mon Sep 17 00:00:00 2001 -From: Benjamin Poirier -Date: Mon, 11 Jul 2022 08:52:52 +0900 -Subject: [PATCH] mptcp: Fix memory leak when doing 'endpoint show' - -With the following command sequence: - -ip mptcp endpoint add 127.0.0.1 id 1 -ip mptcp endpoint show id 1 - -when running the last command under valgrind, it reports - -32,768 bytes in 1 blocks are definitely lost in loss record 2 of 2 -at 0x483F7B5: malloc (vg_replace_malloc.c:381) -by 0x17A0AC: rtnl_recvmsg (libnetlink.c:838) -by 0x17A391: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040) -by 0x17B854: __rtnl_talk (libnetlink.c:1141) -by 0x17B854: rtnl_talk (libnetlink.c:1147) -by 0x168A56: mptcp_addr_show (ipmptcp.c:334) -by 0x1174CB: do_cmd (ip.c:136) -by 0x116F7C: main (ip.c:324) - -Free the answer obtained from rtnl_talk(). - -Fixes: 7e0767cd862b ("add support for mptcp netlink interface") -Suggested-by: Ido Schimmel -Reviewed-by: Ido Schimmel -Signed-off-by: Benjamin Poirier -Signed-off-by: Stephen Hemminger -Conflict: adapt patch due to json_xxx conflict -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=afdbb020 ---- -ip/ipmptcp.c | 1 + -1 file changed, 1 insertion(+) -diff --git a/ip/ipmptcp.c b/ip/ipmptcp.c -index fd042da..763908f 100644 ---- a/ip/ipmptcp.c -+++ b/ip/ipmptcp.c -@@ -299,7 +299,9 @@ static int mptcp_addr_show(int argc, char **argv) - if (rtnl_talk(&genl_rth, &req.n, &answer) < 0) - return -2; - -- return print_mptcp_addr(answer, stdout); -+ ret = print_mptcp_addr(answer, stdout); -+ free(answer); -+ return ret; - } - - static int mptcp_addr_flush(int argc, char **argv) diff --git a/backport-mptcp-Fix-memory-leak-when-getting-limits.patch b/backport-mptcp-Fix-memory-leak-when-getting-limits.patch deleted file mode 100644 index e74540e11aa46e9af2d85d87cd9f6c1d6f2be3fe..0000000000000000000000000000000000000000 --- a/backport-mptcp-Fix-memory-leak-when-getting-limits.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 2cb76253ed852559a4f2b315f5e23457a15d71e5 Mon Sep 17 00:00:00 2001 -From: Benjamin Poirier -Date: Mon, 11 Jul 2022 08:52:53 +0900 -Subject: [PATCH] mptcp: Fix memory leak when getting limits - -When running the command `ip mptcp limits` under valgrind, it reports - -32,768 bytes in 1 blocks are definitely lost in loss record 1 of 1 - at 0x483F7B5: malloc (vg_replace_malloc.c:381) - by 0x17A0BC: rtnl_recvmsg (libnetlink.c:838) - by 0x17A3A1: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040) - by 0x17B864: __rtnl_talk (libnetlink.c:1141) - by 0x17B864: rtnl_talk (libnetlink.c:1147) - by 0x16837D: mptcp_limit_get_set (ipmptcp.c:436) - by 0x1174CB: do_cmd (ip.c:136) - by 0x116F7C: main (ip.c:324) - -Free the answer obtained from rtnl_talk(). - -Fixes: 7e0767cd862b ("add support for mptcp netlink interface") -Suggested-by: Ido Schimmel -Reviewed-by: Ido Schimmel -Signed-off-by: Benjamin Poirier -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=2cb76253 ---- - ip/ipmptcp.c | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/ip/ipmptcp.c b/ip/ipmptcp.c -index 54817e46..ce62ab9a 100644 ---- a/ip/ipmptcp.c -+++ b/ip/ipmptcp.c -@@ -436,9 +436,13 @@ static int mptcp_limit_get_set(int argc, char **argv, int cmd) - if (rtnl_talk(&genl_rth, &req.n, do_get ? &answer : NULL) < 0) - return -2; - -- if (do_get) -- return print_mptcp_limit(answer, stdout); -- return 0; -+ ret = 0; -+ if (do_get) { -+ ret = print_mptcp_limit(answer, stdout); -+ free(answer); -+ } -+ -+ return ret; - } - - static const char * const event_to_str[] = { --- -2.23.0 - diff --git a/backport-netem-fix-NULL-deref-on-allocation-failure.patch b/backport-netem-fix-NULL-deref-on-allocation-failure.patch deleted file mode 100644 index d4d7e0a6c68d00365e178be153d862d95d7bc8b3..0000000000000000000000000000000000000000 --- a/backport-netem-fix-NULL-deref-on-allocation-failure.patch +++ /dev/null @@ -1,197 +0,0 @@ -From 6c266d7c22a8f4f631d278ba6102f1b1d2bca148 Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 19:36:14 -0700 -Subject: [PATCH] netem: fix NULL deref on allocation failure -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -q_netem.c: In function ‘get_distribution’: -q_netem.c:159:35: warning: dereference of possibly-NULL ‘data’ [CWE-690] [-Wanalyzer-possible-null-dereference] - 159 | data[n++] = x; - | ~~~~~~~~~~^~~ - ‘netem_parse_opt’: events 1-24 - | - | 192 | static int netem_parse_opt(struct qdisc_util *qu, int argc, char **argv, - | | ^~~~~~~~~~~~~~~ - | | | - | | (1) entry to ‘netem_parse_opt’ - |...... - | 212 | for ( ; argc > 0; --argc, ++argv) { - | | ~~~~~~~~ - | | | - | | (2) following ‘true’ branch (when ‘argc > 0’)... - | 213 | if (matches(*argv, "limit") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(3) ...to here - | | (4) following ‘true’ branch... - |...... - | 219 | } else if (matches(*argv, "latency") == 0 || - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | || | - | | |(5) ...to here (8) following ‘true’ branch... - | | (6) following ‘true’ branch... - | 220 | matches(*argv, "delay") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (7) ...to here - |...... - | 243 | } else if (matches(*argv, "loss") == 0 || - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | || | - | | |(9) ...to here (12) following ‘true’ branch... - | | (10) following ‘true’ branch... - | 244 | matches(*argv, "drop") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (11) ...to here - |...... - | 366 | } else if (matches(*argv, "ecn") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(13) ...to here - | | (14) following ‘true’ branch... - | 367 | present[TCA_NETEM_ECN] = 1; - | 368 | } else if (matches(*argv, "reorder") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(15) ...to here - | | (16) following ‘true’ branch... - |...... - | 383 | } else if (matches(*argv, "corrupt") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(17) ...to here - | | (18) following ‘true’ branch... - |...... - | 398 | } else if (matches(*argv, "gap") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(19) ...to here - | | (20) following ‘true’ branch... - |...... - | 404 | } else if (matches(*argv, "duplicate") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(21) ...to here - | | (22) following ‘true’ branch... - |...... - | 417 | } else if (matches(*argv, "distribution") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(23) ...to here - | | (24) following ‘false’ branch... - | - ‘netem_parse_opt’: event 25 - | - |../include/utils.h:50:29: - | 50 | #define NEXT_ARG() do { argv++; if (--argc <= 0) incomplete_command(); } while(0) - | | ~~~~^~ - | | | - | | (25) ...to here -q_netem.c:418:25: note: in expansion of macro ‘NEXT_ARG’ - | 418 | NEXT_ARG(); - | | ^~~~~~~~ - | - ‘netem_parse_opt’: event 26 - | - |../include/utils.h:50:36: - | 50 | #define NEXT_ARG() do { argv++; if (--argc <= 0) incomplete_command(); } while(0) - | | ^ - | | | - | | (26) following ‘false’ branch (when ‘argc != 0’)... -q_netem.c:418:25: note: in expansion of macro ‘NEXT_ARG’ - | 418 | NEXT_ARG(); - | | ^~~~~~~~ - | - ‘netem_parse_opt’: events 27-29 - | - | 419 | dist_data = calloc(sizeof(dist_data[0]), MAX_DIST); - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (27) ...to here - | | (28) this call could return NULL - | 420 | dist_size = get_distribution(*argv, dist_data, MAX_DIST); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (29) calling ‘get_distribution’ from ‘netem_parse_opt’ - | - +--> ‘get_distribution’: events 30-31 - | - | 124 | static int get_distribution(const char *type, __s16 *data, int maxdata) - | | ^~~~~~~~~~~~~~~~ - | | | - | | (30) entry to ‘get_distribution’ - |...... - | 135 | if (f == NULL) { - | | ~ - | | | - | | (31) following ‘false’ branch (when ‘f’ is non-NULL)... - | - ‘get_distribution’: event 32 - | - |cc1: - | (32): ...to here - | - ‘get_distribution’: events 33-35 - | - | 142 | while (getline(&line, &len, f) != -1) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~ - | | | - | | (33) following ‘true’ branch... - |...... - | 145 | if (*line == '\n' || *line == '#') - | | ~~~~~~ - | | || - | | |(34) ...to here - | | (35) following ‘false’ branch... - | - ‘get_distribution’: event 36 - | - |cc1: - | (36): ...to here - | - ‘get_distribution’: events 37-41 - | - | 150 | if (endp == p) - | | ^ - | | | - | | (37) following ‘false’ branch... - |...... - | 153 | if (n >= maxdata) { - | | ~ - | | | - | | (38) ...to here - | | (39) following ‘false’ branch (when ‘n < maxdata’)... - |...... - | 159 | data[n++] = x; - | | ~~~~~~~~~~~~~ - | | | | - | | | (41) ‘data + (long unsigned int)n * 2’ could be NULL: unchecked value from (28) - | | (40) ...to here - | - -Fixes: c1b81cb5fe92 ("netem potential dist table overflow") -Signed-off-by: Stephen Hemminger ---- - tc/q_netem.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/tc/q_netem.c b/tc/q_netem.c -index 26402e9a..d1d79b0b 100644 ---- a/tc/q_netem.c -+++ b/tc/q_netem.c -@@ -417,6 +417,9 @@ random_loss_model: - } else if (matches(*argv, "distribution") == 0) { - NEXT_ARG(); - dist_data = calloc(sizeof(dist_data[0]), MAX_DIST); -+ if (dist_data == NULL) -+ return -1; -+ - dist_size = get_distribution(*argv, dist_data, MAX_DIST); - if (dist_size <= 0) { - free(dist_data); --- -2.27.0 - diff --git a/backport-nstat-fix-potential-NULL-deref.patch b/backport-nstat-fix-potential-NULL-deref.patch deleted file mode 100644 index 663136fba526d389472ee9bf81aad9b88372f690..0000000000000000000000000000000000000000 --- a/backport-nstat-fix-potential-NULL-deref.patch +++ /dev/null @@ -1,364 +0,0 @@ -From d348d1d6466a4a712b47612c1e9388161334fc7a Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 19:42:03 -0700 -Subject: [PATCH] nstat: fix potential NULL deref -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Reported as: - CC nstat -nstat.c: In function ‘load_ugly_table’: -nstat.c:205:24: warning: dereference of NULL ‘p’ [CWE-476] [-Wanalyzer-null-dereference] - 205 | while (*p) { - | ^~ - ‘main’: events 1-14 - | - | 575 | int main(int argc, char *argv[]) - | | ^~~~ - | | | - | | (1) entry to ‘main’ - |...... - | 635 | if (scan_interval > 0) { - | | ~ - | | | - | | (2) following ‘true’ branch... - | 636 | if (time_constant == 0) - | | ~~~~~~~~~~~~~~~~~~ - | | | - | | (3) ...to here - |...... - | 640 | if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { - | | ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | | - | | | (4) when ‘socket’ succeeds - | | (5) following ‘false’ branch (when ‘fd >= 0’)... - |...... - | 644 | if (bind(fd, (struct sockaddr *)&sun, 2+1+strlen(sun.sun_path+1)) < 0) { - | | ~ ~~~~~~~~~~~~~~~~~~~~~~ - | | | | - | | (7) following ‘false’ branch... (6) ...to here - |...... - | 648 | if (listen(fd, 5) < 0) { - | | ~~~~~~~~~~~~~~ - | | || - | | |(8) ...to here - | | |(9) when ‘listen’ succeeds - | | (10) following ‘false’ branch... - |...... - | 652 | if (daemon(0, 0)) { - | | ~~~~~~~~~~~~~ - | | || - | | |(11) ...to here - | | (12) following ‘false’ branch... - |...... - | 656 | signal(SIGPIPE, SIG_IGN); - | | ~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (13) ...to here - | 657 | signal(SIGCHLD, sigchild); - | 658 | server_loop(fd); - | | ~~~~~~~~~~~~~~~ - | | | - | | (14) calling ‘server_loop’ from ‘main’ - | - +--> ‘server_loop’: events 15-16 - | - | 472 | static void server_loop(int fd) - | | ^~~~~~~~~~~ - | | | - | | (15) entry to ‘server_loop’ - |...... - | 483 | load_netstat(); - | | ~~~~~~~~~~~~~~ - | | | - | | (16) calling ‘load_netstat’ from ‘server_loop’ - | - +--> ‘load_netstat’: events 17-20 - | - | 302 | static void load_netstat(void) - | | ^~~~~~~~~~~~ - | | | - | | (17) entry to ‘load_netstat’ - |...... - | 306 | if (fp) { - | | ~ - | | | - | | (18) following ‘true’ branch (when ‘fp’ is non-NULL)... - | 307 | load_ugly_table(fp); - | | ~~~~~~~~~~~~~~~~~~~ - | | | - | | (19) ...to here - | | (20) calling ‘load_ugly_table’ from ‘load_netstat’ - | - +--> ‘load_ugly_table’: events 21-26 - | - | 178 | static void load_ugly_table(FILE *fp) - | | ^~~~~~~~~~~~~~~ - | | | - | | (21) entry to ‘load_ugly_table’ - | 179 | { - | 180 | char *buf = NULL; - | | ~~~ - | | | - | | (22) ‘buf’ is NULL - |...... - | 186 | while ((nread = getline(&buf, &buflen, fp)) != -1) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (23) following ‘true’ branch... - |...... - | 192 | p = strchr(buf, ':'); - | | ~~~~~~~~~~~~~~~~ - | | | - | | (24) ...to here - | | (25) when ‘strchr’ returns non-NULL - | 193 | if (!p) { - | | ~ - | | | - | | (26) following ‘false’ branch (when ‘p’ is non-NULL)... - | - ‘load_ugly_table’: event 27 - | - |cc1: - | (27): ...to here - | - ‘load_ugly_table’: events 28-40 - | - | 205 | while (*p) { - | | ^~ - | | | - | | (28) following ‘true’ branch... - | | (40) dereference of NULL ‘p’ - |...... - | 208 | if ((next = strchr(p, ' ')) != NULL) - | | ~ ~~~~~~~~~~~~~~ - | | | | - | | | (29) ...to here - | | | (30) when ‘strchr’ returns NULL - | | (31) following ‘false’ branch (when ‘next’ is NULL)... - | 209 | *next++ = 0; - | 210 | else if ((next = strchr(p, '\n')) != NULL) - | | ~ ~~~~~~~~~~~~~~~ - | | | | - | | | (32) ...to here - | | | (33) when ‘strchr’ returns NULL - | | (34) following ‘false’ branch (when ‘next’ is NULL)... - | 211 | *next++ = 0; - | 212 | if (off < sizeof(idbuf)) { - | | ~~~~~~~~~~~~~~~~~~~~ - | | | | - | | | (35) ...to here - | | (36) following ‘false’ branch... - |...... - | 216 | n = malloc(sizeof(*n)); - | | ~~~~~~~~~~~~~~~~~~ - | | | - | | (37) ...to here - | 217 | if (!n) { - | | ~ - | | | - | | (38) following ‘false’ branch (when ‘n’ is non-NULL)... - |...... - | 221 | n->id = strdup(idbuf); - | | ~~~~~~~~~~~~~ - | | | - | | (39) ...to here - | -nstat.c:254:35: warning: dereference of NULL ‘n’ [CWE-476] [-Wanalyzer-null-dereference] - 254 | n = n->next; - | ~~^~~~~~~~~ - ‘main’: events 1-14 - | - | 575 | int main(int argc, char *argv[]) - | | ^~~~ - | | | - | | (1) entry to ‘main’ - |...... - | 635 | if (scan_interval > 0) { - | | ~ - | | | - | | (2) following ‘true’ branch... - | 636 | if (time_constant == 0) - | | ~~~~~~~~~~~~~~~~~~ - | | | - | | (3) ...to here - |...... - | 640 | if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { - | | ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | | - | | | (4) when ‘socket’ succeeds - | | (5) following ‘false’ branch (when ‘fd >= 0’)... - |...... - | 644 | if (bind(fd, (struct sockaddr *)&sun, 2+1+strlen(sun.sun_path+1)) < 0) { - | | ~ ~~~~~~~~~~~~~~~~~~~~~~ - | | | | - | | (7) following ‘false’ branch... (6) ...to here - |...... - | 648 | if (listen(fd, 5) < 0) { - | | ~~~~~~~~~~~~~~ - | | || - | | |(8) ...to here - | | |(9) when ‘listen’ succeeds - | | (10) following ‘false’ branch... - |...... - | 652 | if (daemon(0, 0)) { - | | ~~~~~~~~~~~~~ - | | || - | | |(11) ...to here - | | (12) following ‘false’ branch... - |...... - | 656 | signal(SIGPIPE, SIG_IGN); - | | ~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (13) ...to here - | 657 | signal(SIGCHLD, sigchild); - | 658 | server_loop(fd); - | | ~~~~~~~~~~~~~~~ - | | | - | | (14) calling ‘server_loop’ from ‘main’ - | - +--> ‘server_loop’: events 15-16 - | - | 472 | static void server_loop(int fd) - | | ^~~~~~~~~~~ - | | | - | | (15) entry to ‘server_loop’ - |...... - | 483 | load_netstat(); - | | ~~~~~~~~~~~~~~ - | | | - | | (16) calling ‘load_netstat’ from ‘server_loop’ - | - +--> ‘load_netstat’: events 17-20 - | - | 302 | static void load_netstat(void) - | | ^~~~~~~~~~~~ - | | | - | | (17) entry to ‘load_netstat’ - |...... - | 306 | if (fp) { - | | ~ - | | | - | | (18) following ‘true’ branch (when ‘fp’ is non-NULL)... - | 307 | load_ugly_table(fp); - | | ~~~~~~~~~~~~~~~~~~~ - | | | - | | (19) ...to here - | | (20) calling ‘load_ugly_table’ from ‘load_netstat’ - | - +--> ‘load_ugly_table’: events 21-25 - | - | 178 | static void load_ugly_table(FILE *fp) - | | ^~~~~~~~~~~~~~~ - | | | - | | (21) entry to ‘load_ugly_table’ - |...... - | 186 | while ((nread = getline(&buf, &buflen, fp)) != -1) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (22) following ‘true’ branch... - |...... - | 192 | p = strchr(buf, ':'); - | | ~~~~~~~~~~~~~~~~ - | | | - | | (23) ...to here - | | (24) when ‘strchr’ returns non-NULL - | 193 | if (!p) { - | | ~ - | | | - | | (25) following ‘false’ branch (when ‘p’ is non-NULL)... - | - ‘load_ugly_table’: event 26 - | - |cc1: - | (26): ...to here - | - ‘load_ugly_table’: events 27-28 - | - | 205 | while (*p) { - | | ^ - | | | - | | (27) following ‘false’ branch... - |...... - | 228 | nread = getline(&buf, &buflen, fp); - | | ~ - | | | - | | (28) inlined call to ‘getline’ from ‘load_ugly_table’ - | - +--> ‘getline’: event 29 - | - |/usr/include/bits/stdio.h:120:10: - | 120 | return __getdelim (__lineptr, __n, '\n', __stream); - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (29) ...to here - | - <------+ - | - ‘load_ugly_table’: events 30-36 - | - |nstat.c:229:20: - | 229 | if (nread == -1) { - | | ^ - | | | - | | (30) following ‘false’ branch... - |...... - | 234 | count2 = count_spaces(buf); - | | ~~~~~~~~~~~~~~~~~ - | | | - | | (31) ...to here - |...... - | 239 | if (!p) { - | | ~ - | | | - | | (32) following ‘false’ branch (when ‘p’ is non-NULL)... - |...... - | 244 | *p = 0; - | | ~~~~~~ - | | | - | | (33) ...to here - | 245 | if (sscanf(p+1, "%llu", &n->val) != 1) { - | | ~ - | | | - | | (34) following ‘false’ branch... - |...... - | 251 | if (skip) - | | ~ - | | | - | | (35) ...to here - |...... - | 254 | n = n->next; - | | ~~~~~~~~~~~ - | | | - | | (36) dereference of NULL ‘n’ - | - -Signed-off-by: Stephen Hemminger ---- - misc/nstat.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/misc/nstat.c b/misc/nstat.c -index 0ab92ecb..2c10feaa 100644 ---- a/misc/nstat.c -+++ b/misc/nstat.c -@@ -219,9 +219,15 @@ static void load_ugly_table(FILE *fp) - exit(-1); - } - n->id = strdup(idbuf); -+ if (n->id == NULL) { -+ perror("nstat: strdup"); -+ exit(-1); -+ } - n->rate = 0; - n->next = db; - db = n; -+ if (next == NULL) -+ break; - p = next; - } - n = db; --- -2.27.0 - diff --git a/backport-q_cake-allow-changing-to-diffserv3.patch b/backport-q_cake-allow-changing-to-diffserv3.patch deleted file mode 100644 index 697aa5456a70aaff1a86fcf1cc61148bbb045998..0000000000000000000000000000000000000000 --- a/backport-q_cake-allow-changing-to-diffserv3.patch +++ /dev/null @@ -1,49 +0,0 @@ -From eb4206ecd0342ff92b1a85b7dae3d4fd1b5be1c6 Mon Sep 17 00:00:00 2001 -From: Kevin Bracey -Date: Thu, 6 Jan 2022 13:16:04 +0200 -Subject: [PATCH] q_cake: allow changing to diffserv3 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -A diffserv3 option (enum value 0) was never sent to the kernel, so it -was not possible to use "tc qdisc change" to select it. - -This also meant that were also relying on the kernel's default being -diffserv3 when adding. If the default were to change, we wouldn't have -been able to request diffserv3 explicitly. - -Signed-off-by: Kevin Bracey -Acked-by: Toke Høiland-Jørgensen -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=eb4206ecd03 ---- - tc/q_cake.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/tc/q_cake.c b/tc/q_cake.c -index 4cfc1c00..c438b765 100644 ---- a/tc/q_cake.c -+++ b/tc/q_cake.c -@@ -95,7 +95,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, - bool overhead_override = false; - bool overhead_set = false; - unsigned int interval = 0; -- unsigned int diffserv = 0; -+ int diffserv = -1; - unsigned int memlimit = 0; - unsigned int fwmark = 0; - unsigned int target = 0; -@@ -356,7 +356,7 @@ static int cake_parse_opt(struct qdisc_util *qu, int argc, char **argv, - if (bandwidth || unlimited) - addattr_l(n, 1024, TCA_CAKE_BASE_RATE64, &bandwidth, - sizeof(bandwidth)); -- if (diffserv) -+ if (diffserv != -1) - addattr_l(n, 1024, TCA_CAKE_DIFFSERV_MODE, &diffserv, - sizeof(diffserv)); - if (atm != -1) --- -2.23.0 - diff --git a/backport-rdma-utils-fix-some-analyzer-warnings.patch b/backport-rdma-utils-fix-some-analyzer-warnings.patch deleted file mode 100644 index 214d57851012abbda5a1b656cfcc5a6e9d6f2dc8..0000000000000000000000000000000000000000 --- a/backport-rdma-utils-fix-some-analyzer-warnings.patch +++ /dev/null @@ -1,87 +0,0 @@ -From 33722349feb9ac8ea77cf658f79940a42261f44d Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 20:15:52 -0700 -Subject: [PATCH] rdma/utils: fix some analyzer warnings -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Add error checks for cases where analyzer thinks it is possible -to us a possibly NULL value. - -utils.c: In function ‘get_port_from_argv’: -utils.c:76:17: warning: use of NULL where non-null expected [CWE-476] [-Wanalyzer-null-argument] - 76 | slash = strchr(rd_argv(rd), '/'); - | ^~~~~~~~~~~~~~~~~~~~~~~~ - ‘get_port_from_argv’: events 1-2 - | - | 68 | static int get_port_from_argv(struct rd *rd, uint32_t *port, - | | ^~~~~~~~~~~~~~~~~~ - | | | - | | (1) entry to ‘get_port_from_argv’ - |...... - | 76 | slash = strchr(rd_argv(rd), '/'); - | | ~ - | | | - | | (2) inlined call to ‘rd_argv’ from ‘get_port_from_argv’ - | - +--> ‘rd_argv’: event 3 - | - | 18 | if (!rd_argc(rd)) - | | ^ - | | | - | | (3) following ‘true’ branch... - | - <------+ - | - ‘get_port_from_argv’: events 4-5 - | - | 76 | slash = strchr(rd_argv(rd), '/'); - | | ^~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (4) ...to here - | | (5) argument 1 (‘’) NULL where non-null expected - | -In file included from rdma.h:10, - from utils.c:7: -/usr/include/string.h:246:14: note: argument 1 of ‘strchr’ must be non-null - 246 | extern char *strchr (const char *__s, int __c) - | ^~~~~~ - -Fixes: 40df8263a0f0 ("rdma: Add dev object") -Signed-off-by: Stephen Hemminger ---- - rdma/utils.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/rdma/utils.c b/rdma/utils.c -index 21177b56..a33ff420 100644 ---- a/rdma/utils.c -+++ b/rdma/utils.c -@@ -75,6 +75,13 @@ static int get_port_from_argv(struct rd *rd, uint32_t *port, - - slash = strchr(rd_argv(rd), '/'); - /* if no port found, return 0 */ -+ if (slash == NULL) { -+ if (strict_port) -+ return -EINVAL; -+ else -+ return 0; -+ } -+ - if (slash++) { - if (*slash == '-') { - if (strict_port) -@@ -747,6 +754,9 @@ struct dev_map *dev_map_lookup(struct rd *rd, bool allow_port_index) - return NULL; - - dev_name = strdup(rd_argv(rd)); -+ if (!dev_name) -+ return NULL; -+ - if (allow_port_index) { - slash = strrchr(dev_name, '/'); - if (slash) --- -2.27.0 - diff --git a/backport-rt_names-check-for-malloc-failure.patch b/backport-rt_names-check-for-malloc-failure.patch deleted file mode 100644 index 2b5b7b417f22ef6b36bb623720026bbba934b1ea..0000000000000000000000000000000000000000 --- a/backport-rt_names-check-for-malloc-failure.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 507fe042181c8e481e4463ab66b3f7af897a5500 Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Wed, 7 Jun 2023 18:33:49 -0700 -Subject: [PATCH] rt_names: check for malloc() failure - -Fixes issue reported by Gcc 13 analayzer. - -Signed-off-by: Stephen Hemminger ---- - lib/rt_names.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/lib/rt_names.c b/lib/rt_names.c -index b441e98f..68db74e3 100644 ---- a/lib/rt_names.c -+++ b/lib/rt_names.c -@@ -81,6 +81,10 @@ rtnl_hash_initialize(const char *file, struct rtnl_hash_entry **hash, int size) - continue; - - entry = malloc(sizeof(*entry)); -+ if (entry == NULL) { -+ fprintf(stderr, "malloc error: for entry\n"); -+ break; -+ } - entry->id = id; - entry->name = strdup(namebuf); - entry->next = hash[id & (size - 1)]; --- -2.27.0 - diff --git a/backport-ss-Fix-socket-type-check-in-packet_show_line.patch b/backport-ss-Fix-socket-type-check-in-packet_show_line.patch deleted file mode 100644 index e6eb4df82e7e75678de6675d3287fa06c82ea88e..0000000000000000000000000000000000000000 --- a/backport-ss-Fix-socket-type-check-in-packet_show_line.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 92e9915c36b7d4820f004fa74e0d93be99b8272a Mon Sep 17 00:00:00 2001 -From: Phil Sutter -Date: Tue, 22 Aug 2023 14:19:16 +0200 -Subject: ss: Fix socket type check in packet_show_line() - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=92e9915c36b7d4820f004fa74e0d93be99b8272a - -The field is accessed before being assigned a meaningful value, -effectively disabling the checks. - -Fixes: 4a0053b606a34 ("ss: Unify packet stats output from netlink and proc") -Signed-off-by: Phil Sutter -Signed-off-by: Stephen Hemminger ---- - misc/ss.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/misc/ss.c b/misc/ss.c -index c71b08f98..653b1512c 100644 ---- a/misc/ss.c -+++ b/misc/ss.c -@@ -4535,9 +4535,9 @@ static int packet_show_line(char *buf, const struct filter *f, int fam) - &type, &prot, &iface, &state, - &rq, &uid, &ino); - -- if (stat.type == SOCK_RAW && !(f->dbs&(1<dbs & (1<dbs&(1<dbs & (1< -Date: Tue, 8 Aug 2023 23:42:57 +0200 -Subject: ss: change aafilter port from int to long (inode support) - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=012cb5152d05122299384c9159ea82d059c80873 - -The aafilter struct considers the port as (usually) 32 bit signed -integer. In case of a unix socket, the port is used with an inode -number which is an unsigned int. In this case, the 'ss' command -fails because it assumes that the value does not look like a port -(<0). - -Here an example of command call where the inode is passed and -is larger than a signed integer: - -ss -H -A unix_stream src :2259952798 - -Signed-off-by: Mathieu Schroeter -Signed-off-by: David Ahern ---- - misc/ss.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/misc/ss.c b/misc/ss.c -index e9d813596..baa835149 100644 ---- a/misc/ss.c -+++ b/misc/ss.c -@@ -1733,7 +1733,7 @@ static void inet_addr_print(const inet_prefix *a, int port, - - struct aafilter { - inet_prefix addr; -- int port; -+ long port; - unsigned int iface; - __u32 mark; - __u32 mask; -@@ -2256,7 +2256,7 @@ void *parse_hostcond(char *addr, bool is_port) - port = find_port(addr, is_port); - if (port) { - if (*port && strcmp(port, "*")) { -- if (get_integer(&a.port, port, 0)) { -+ if (get_long(&a.port, port, 0)) { - if ((a.port = xll_name_to_index(port)) <= 0) - return NULL; - } -@@ -2279,7 +2279,7 @@ void *parse_hostcond(char *addr, bool is_port) - port = find_port(addr, is_port); - if (port) { - if (*port && strcmp(port, "*")) { -- if (get_integer(&a.port, port, 0)) { -+ if (get_long(&a.port, port, 0)) { - if (strcmp(port, "kernel") == 0) - a.port = 0; - else -@@ -2335,7 +2335,7 @@ void *parse_hostcond(char *addr, bool is_port) - *port++ = 0; - - if (*port && *port != '*') { -- if (get_integer(&a.port, port, 0)) { -+ if (get_long(&a.port, port, 0)) { - struct servent *se1 = NULL; - struct servent *se2 = NULL; - --- -cgit - diff --git a/backport-ss-print-unix-socket-ports-as-unsigned-int-inode.patch b/backport-ss-print-unix-socket-ports-as-unsigned-int-inode.patch deleted file mode 100644 index 7e0b410217647001690a348349c70c50a6aba44a..0000000000000000000000000000000000000000 --- a/backport-ss-print-unix-socket-ports-as-unsigned-int-inode.patch +++ /dev/null @@ -1,33 +0,0 @@ -From e12d0c929cf5f4266f745063696dd291cb6f06a4 Mon Sep 17 00:00:00 2001 -From: Mathieu Schroeter -Date: Tue, 8 Aug 2023 23:42:58 +0200 -Subject: ss: print unix socket "ports" as unsigned int (inode) - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=e12d0c929cf5f4266f745063696dd291cb6f06a4 - -Signed-off-by: Mathieu Schroeter -Signed-off-by: David Ahern ---- - misc/ss.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/misc/ss.c b/misc/ss.c -index baa835149..13b2523f4 100644 ---- a/misc/ss.c -+++ b/misc/ss.c -@@ -4073,9 +4073,9 @@ static void unix_stats_print(struct sockstat *s, struct filter *f) - sock_state_print(s); - - sock_addr_print(s->name ?: "*", " ", -- int_to_str(s->lport, port_name), NULL); -+ uint_to_str(s->lport, port_name), NULL); - sock_addr_print(s->peer_name ?: "*", " ", -- int_to_str(s->rport, port_name), NULL); -+ uint_to_str(s->rport, port_name), NULL); - - proc_ctx_print(s); - } --- -cgit - diff --git a/backport-tc-ct-Fix-invalid-pointer-dereference.patch b/backport-tc-ct-Fix-invalid-pointer-dereference.patch deleted file mode 100644 index 818d741fe77253a695b4e57282114e6f886f3625..0000000000000000000000000000000000000000 --- a/backport-tc-ct-Fix-invalid-pointer-dereference.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 4de59102f49ff9128378568cf967d6c7aabea6f2 Mon Sep 17 00:00:00 2001 -From: Roi Dayan -Date: Wed, 7 Dec 2022 10:22:13 +0200 -Subject: [PATCH] tc: ct: Fix invalid pointer dereference - -Using macro NEXT_ARG_FWD does not validate argc. -Use macro NEXT_ARG which validates argc while parsing args -in the same loop iteration. - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=4de59102f49ff9128378568cf967d6c7aabea6f2 - -Fixes: c8a494314c40 ("tc: Introduce tc ct action") -Signed-off-by: Roi Dayan -Reviewed-by: Paul Blakey -Signed-off-by: Stephen Hemminger ---- - tc/m_ct.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tc/m_ct.c b/tc/m_ct.c -index a02bf0cc..54d64867 100644 ---- a/tc/m_ct.c -+++ b/tc/m_ct.c -@@ -243,7 +243,7 @@ parse_ct(struct action_util *a, int *argc_p, char ***argv_p, int tca_id, - return -1; - } - -- NEXT_ARG_FWD(); -+ NEXT_ARG(); - if (matches(*argv, "port") != 0) - continue; - --- -2.23.0 diff --git a/backport-tc-em_u32-fix-offset-parsing.patch b/backport-tc-em_u32-fix-offset-parsing.patch deleted file mode 100644 index 6929b156e1313a314b37e3eb0efaacd9690d9132..0000000000000000000000000000000000000000 --- a/backport-tc-em_u32-fix-offset-parsing.patch +++ /dev/null @@ -1,63 +0,0 @@ -From b84fc3321c6adaf76f36cf7ef0e17389bdf31500 Mon Sep 17 00:00:00 2001 -From: Andrea Claudi -Date: Fri, 6 May 2022 22:11:46 +0200 -Subject: [PATCH] tc: em_u32: fix offset parsing - -tc u32 ematch offset parsing might fail even if nexthdr offset is -aligned to 4. The issue can be reproduced with the following script: - -tc qdisc del dev dummy0 root -tc qdisc add dev dummy0 root handle 1: htb r2q 1 default 1 -tc class add dev dummy0 parent 1:1 classid 1:108 htb quantum 1000000 \ - rate 1.00mbit ceil 10.00mbit burst 6k - -while true; do -if ! tc filter add dev dummy0 protocol all parent 1: prio 1 basic match \ - "meta(vlan mask 0xfff eq 1)" and "u32(u32 0x20011002 0xffffffff \ - at nexthdr+8)" flowid 1:108; then - exit 0 -fi -done - -which we expect to produce an endless loop. -With the current code, instead, this ends with: - -u32: invalid offset alignment, must be aligned to 4. -... meta(vlan mask 0xfff eq 1) and >>u32(u32 0x20011002 0xffffffff at nexthdr+8)<< ... -... u32(u32 0x20011002 0xffffffff at >>nexthdr+8<<)... -Usage: u32(ALIGN VALUE MASK at [ nexthdr+ ] OFFSET) -where: ALIGN := { u8 | u16 | u32 } - -Example: u32(u16 0x1122 0xffff at nexthdr+4) -Illegal "ematch" - -This is caused by memcpy copying into buf an unterminated string. - -Fix it using strncpy instead of memcpy. - -Fixes: commit 311b41454dc4 ("Add new extended match files.") -Reported-by: Alfred Yang -Signed-off-by: Andrea Claudi -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=b84fc3321c6 ---- - tc/em_u32.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tc/em_u32.c b/tc/em_u32.c -index bc284af4..ea2bf882 100644 ---- a/tc/em_u32.c -+++ b/tc/em_u32.c -@@ -84,7 +84,7 @@ static int u32_parse_eopt(struct nlmsghdr *n, struct tcf_ematch_hdr *hdr, - char buf[a->len - nh_len + 1]; - - offmask = -1; -- memcpy(buf, a->data + nh_len, a->len - nh_len); -+ strncpy(buf, a->data + nh_len, a->len - nh_len + 1); - offset = strtoul(buf, NULL, 0); - } else if (!bstrcmp(a, "nexthdr+")) { - a = bstr_next(a); --- -2.23.0 - diff --git a/backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch b/backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch deleted file mode 100644 index 4bebf76b7937c23f24a2bea7076ae75617d73b93..0000000000000000000000000000000000000000 --- a/backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 73590d9573148804034a88ceb2f6b7ca1545561f Mon Sep 17 00:00:00 2001 -From: Paul Blakey -Date: Sun, 5 Dec 2021 15:20:25 +0200 -Subject: [PATCH] tc: flower: Fix buffer overflow on large labels - -Buffer is 64bytes, but label printing can take 66bytes printing -in hex, and will overflow when setting the string delimiter ('\0'). - -Fix that by increasing the print buffer size. - -Example of overflowing ct_label: -ct_label 11111111111111111111111111111111/11111111111111111111111111111111 - -Fixes: 2fffb1c03056 ("tc: flower: Add matching on conntrack info") -Signed-off-by: Paul Blakey -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=73590d95731 ---- - tc/f_flower.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tc/f_flower.c b/tc/f_flower.c -index 7f78195f..6d70b92a 100644 ---- a/tc/f_flower.c -+++ b/tc/f_flower.c -@@ -2195,7 +2195,7 @@ static void flower_print_ct_label(struct rtattr *attr, - const unsigned char *str; - bool print_mask = false; - int data_len, i; -- SPRINT_BUF(out); -+ char out[128]; - char *p; - - if (!attr) --- -2.23.0 - diff --git a/backport-tc-prio-handle-possible-truncated-kernel-response.patch b/backport-tc-prio-handle-possible-truncated-kernel-response.patch deleted file mode 100644 index 7ce1b609c927578751db5279e777f933bd9fc9af..0000000000000000000000000000000000000000 --- a/backport-tc-prio-handle-possible-truncated-kernel-response.patch +++ /dev/null @@ -1,74 +0,0 @@ -From c90d25e96b010c5837b5db9eaa57f5063f0c2aeb Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 20:17:50 -0700 -Subject: [PATCH] tc/prio: handle possible truncated kernel response -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Reported by -fanalyzer. If kernel did not send full qdisc -info, then uninitialized or null data could be referenced. - -q_prio.c: In function ‘prio_print_opt’: -q_prio.c:105:57: warning: dereference of NULL ‘0’ [CWE-476] [-Wanalyzer-null-dereference] - 105 | print_uint(PRINT_ANY, "bands", "bands %u ", qopt->bands); - | ~~~~^~~~~~~ - ‘prio_print_opt’: event 1 - | - | 98 | if (opt == NULL) - | | ^ - | | | - | | (1) following ‘false’ branch (when ‘opt’ is non-NULL)... - | - ‘prio_print_opt’: event 2 - | - |../include/uapi/linux/rtnetlink.h:228:38: - | 228 | #define RTA_PAYLOAD(rta) ((int)((rta)->rta_len) - RTA_LENGTH(0)) - | | ~~~~~~^~~~~~~~~~ - | | | - | | (2) ...to here -../include/libnetlink.h:236:19: note: in expansion of macro ‘RTA_PAYLOAD’ - | 236 | ({ data = RTA_PAYLOAD(rta) >= len ? RTA_DATA(rta) : NULL; \ - | | ^~~~~~~~~~~ -q_prio.c:101:13: note: in expansion of macro ‘parse_rtattr_nested_compat’ - | 101 | if (parse_rtattr_nested_compat(tb, TCA_PRIO_MAX, opt, qopt, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~ - | - ‘prio_print_opt’: event 3 - | - |../include/libnetlink.h:236:59: - | 236 | ({ data = RTA_PAYLOAD(rta) >= len ? RTA_DATA(rta) : NULL; \ -q_prio.c:101:13: note: in expansion of macro ‘parse_rtattr_nested_compat’ - | 101 | if (parse_rtattr_nested_compat(tb, TCA_PRIO_MAX, opt, qopt, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~ - | - ‘prio_print_opt’: events 4-5 - | - | 105 | print_uint(PRINT_ANY, "bands", "bands %u ", qopt->bands); - | | ~~~~^~~~~~~ - | | | - | | (4) ...to here - | | (5) dereference of NULL ‘’ - | - -Signed-off-by: Stephen Hemminger ---- - tc/q_prio.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/tc/q_prio.c b/tc/q_prio.c -index c8c6477e..a3781ffe 100644 ---- a/tc/q_prio.c -+++ b/tc/q_prio.c -@@ -101,6 +101,8 @@ int prio_print_opt(struct qdisc_util *qu, FILE *f, struct rtattr *opt) - if (parse_rtattr_nested_compat(tb, TCA_PRIO_MAX, opt, qopt, - sizeof(*qopt))) - return -1; -+ if (qopt == NULL) -+ return -1; /* missing data from kernel */ - - print_uint(PRINT_ANY, "bands", "bands %u ", qopt->bands); - open_json_array(PRINT_ANY, "priomap"); --- -2.27.0 - diff --git a/backport-tc_exec-don-t-dereference-NULL-on-calloc-failure.patch b/backport-tc_exec-don-t-dereference-NULL-on-calloc-failure.patch deleted file mode 100644 index 8b1a8c2f44c001add8342d1247a567f067af0985..0000000000000000000000000000000000000000 --- a/backport-tc_exec-don-t-dereference-NULL-on-calloc-failure.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 0b9b9d659880a3084ec0a5b49f07f387de7b0f0c Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 19:21:27 -0700 -Subject: [PATCH] tc_exec: don't dereference NULL on calloc failure -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Reported as: -tc_exec.c: In function ‘do_exec’: -tc_exec.c:103:18: warning: dereference of NULL ‘eu’ [CWE-476] [-Wanalyzer-null-dereference] - 103 | return eu->parse_eopt(eu, argc, argv); - | ~~^~~~~~~~~~~~ - ‘do_exec’: events 1-6 - | - | 81 | int do_exec(int argc, char **argv) - | | ^~~~~~~ - | | | - | | (1) entry to ‘do_exec’ - |...... - | 86 | if (argc < 1) { - | | ~ - | | | - | | (2) following ‘false’ branch (when ‘argc > 0’)... - |...... - | 91 | if (matches(*argv, "help") == 0) { - | | ~~~~~~~~~~~~~~~~~~~~~~~ - | | || - | | |(3) ...to here - | | (4) following ‘true’ branch... - |...... - | 96 | strncpy(kind, *argv, sizeof(kind) - 1); - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (5) ...to here - | 97 | - | 98 | eu = get_exec_kind(kind); - | | ~~~~~~~~~~~~~~~~~~~ - | | | - | | (6) calling ‘get_exec_kind’ from ‘do_exec’ - | - +--> ‘get_exec_kind’: events 7-10 - | - | 40 | static struct exec_util *get_exec_kind(const char *name) - | | ^~~~~~~~~~~~~ - | | | - | | (7) entry to ‘get_exec_kind’ - |...... - | 63 | if (eu == NULL) - | | ~ - | | | - | | (8) following ‘true’ branch (when ‘eu’ is NULL)... - | 64 | goto noexist; - | | ~~~~ - | | | - | | (9) ...to here - |...... - | 72 | if (eu) { - | | ~ - | | | - | | (10) following ‘false’ branch (when ‘eu’ is NULL)... - | - ‘get_exec_kind’: event 11 - | - |cc1: - | (11): ...to here - | - <------+ - | - ‘do_exec’: events 12-13 - | - | 98 | eu = get_exec_kind(kind); - | | ^~~~~~~~~~~~~~~~~~~ - | | | - | | (12) return of NULL to ‘do_exec’ from ‘get_exec_kind’ - |...... - | 103 | return eu->parse_eopt(eu, argc, argv); - | | ~~~~~~~~~~~~~~ - | | | - | | (13) dereference of NULL ‘eu’ - | - -Fixes: 4bd624467bc6 ("tc: built-in eBPF exec proxy") -Signed-off-by: Stephen Hemminger ---- - tc/tc_exec.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/tc/tc_exec.c b/tc/tc_exec.c -index 5d883402..182fbb4c 100644 ---- a/tc/tc_exec.c -+++ b/tc/tc_exec.c -@@ -96,6 +96,10 @@ int do_exec(int argc, char **argv) - strncpy(kind, *argv, sizeof(kind) - 1); - - eu = get_exec_kind(kind); -+ if (eu == NULL) { -+ fprintf(stderr, "Allocation failed finding exec\n"); -+ return -1; -+ } - - argc--; - argv++; --- -2.27.0 - diff --git a/backport-tc_util-Change-datatype-for-maj-to-avoid-overflow-issue.patch b/backport-tc_util-Change-datatype-for-maj-to-avoid-overflow-issue.patch deleted file mode 100644 index dc41e63f687c971bc2b2c1a4ea9f27ffe3c626b2..0000000000000000000000000000000000000000 --- a/backport-tc_util-Change-datatype-for-maj-to-avoid-overflow-issue.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 455fa8295298a68a2dedabf9dd4c1dbf847b128b Mon Sep 17 00:00:00 2001 -From: Lai Peter Jun Ann -Date: Mon, 21 Nov 2022 10:29:09 +0800 -Subject: [PATCH] tc_util: Change datatype for maj to avoid overflow issue - -The return value by stroul() is unsigned long int. Hence the datatype -for maj should defined as unsigned long to avoid overflow issue. - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=455fa8295298a68a2dedabf9dd4c1dbf847b128b - -Signed-off-by: Muhammad Husaini Zulkifli -Signed-off-by: Lai Peter Jun Ann -Signed-off-by: Stephen Hemminger ---- - tc/tc_util.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tc/tc_util.c b/tc/tc_util.c -index 334334db..8cd3c035 100644 ---- a/tc/tc_util.c -+++ b/tc/tc_util.c -@@ -74,7 +74,7 @@ const char *get_tc_lib(void) - - int get_qdisc_handle(__u32 *h, const char *str) - { -- __u32 maj; -+ unsigned long maj; - char *p; - - maj = TC_H_UNSPEC; --- -2.23.0 diff --git a/backport-tc_util-Fix-no-error-return-when-large-parent-id-used.patch b/backport-tc_util-Fix-no-error-return-when-large-parent-id-used.patch deleted file mode 100644 index cd95f832ee3e1e1408894a1f45e3e073fa30efd0..0000000000000000000000000000000000000000 --- a/backport-tc_util-Fix-no-error-return-when-large-parent-id-used.patch +++ /dev/null @@ -1,35 +0,0 @@ -From e0ecee3a33af57e01fe5d15f1a436216412f2d96 Mon Sep 17 00:00:00 2001 -From: Lai Peter Jun Ann -Date: Thu, 17 Nov 2022 13:33:17 +0800 -Subject: [PATCH] tc_util: Fix no error return when large parent id used - -This patch is to fix the issue where there is no error return -when large value of parent ID is being used. The return value by -stroul() is unsigned long int. Hence the datatype for maj and min -should defined as unsigned long to avoid overflow issue. - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=e0ecee3a33af57e01fe5d15f1a436216412f2d96 - -Signed-off-by: Muhammad Husaini Zulkifli -Signed-off-by: Lai Peter Jun Ann -Signed-off-by: Stephen Hemminger ---- - tc/tc_util.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tc/tc_util.c b/tc/tc_util.c -index 44137adb..334334db 100644 ---- a/tc/tc_util.c -+++ b/tc/tc_util.c -@@ -93,7 +93,7 @@ ok: - - int get_tc_classid(__u32 *h, const char *str) - { -- __u32 maj, min; -+ unsigned long maj, min; - char *p; - - maj = TC_H_ROOT; --- -2.23.0 diff --git a/backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch b/backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch deleted file mode 100644 index 1a939961b2c854920f62cfba132ba63ce5730b82..0000000000000000000000000000000000000000 --- a/backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 7f70eb2a8b2c451683c801b23b25f34071a8882f Mon Sep 17 00:00:00 2001 -From: Roi Dayan -Date: Thu, 3 Feb 2022 14:20:46 +0200 -Subject: [PATCH] tc_util: Fix parsing action control with space and slash - -For action police there is an conform-exceed action control -which can be for example "jump 2 / pipe". -The current parsing loop is doing one more iteration than necessary -and results in ok var being 3. - -Example filter: - -tc filter add dev enp8s0f0_0 ingress protocol ip prio 2 flower \ - verbose action police rate 100mbit burst 12m \ - conform-exceed jump 1 / pipe mirred egress redirect dev enp8s0f0_1 action drop - -Before this change the command will fail. -Trying to add another "pipe" before mirred as a workaround for the stopping the loop -in ok var 3 resulting in result2 not being saved and wrong filter. - -... conform-exceed jump 1 / pipe pipe mirred ... - -Example dump of the action part: -... action order 1: police 0x1 rate 100Mbit burst 12Mb mtu 2Kb action jump 1 overhead 0b ... - -Fix the behavior by removing redundant case 2 handling, either argc is over or breaking. - -Example dump of the action part with the fix: -... action order 1: police 0x1 rate 100Mbit burst 12Mb mtu 2Kb action jump 1/pipe overhead 0b ... - -Signed-off-by: Roi Dayan -Reviewed-by: Maor Dickman -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=7f70eb2a8b2 ---- - tc/tc_util.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/tc/tc_util.c b/tc/tc_util.c -index 48065897..b82dbd5d 100644 ---- a/tc/tc_util.c -+++ b/tc/tc_util.c -@@ -476,7 +476,6 @@ static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p, - NEXT_ARG(); - /* fall-through */ - case 0: /* fall-through */ -- case 2: - ret = parse_action_control(&argc, &argv, - result_p, allow_num); - if (ret) --- -2.23.0 - diff --git a/backport-tc_util-fix-unitialized-warning.patch b/backport-tc_util-fix-unitialized-warning.patch deleted file mode 100644 index fc40f863f17503f03b39cbb9cd0c81299bcf2f98..0000000000000000000000000000000000000000 --- a/backport-tc_util-fix-unitialized-warning.patch +++ /dev/null @@ -1,318 +0,0 @@ -From c9c1c9d59a6cfe52f380805a3e91a13ab1a28482 Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Mon, 8 May 2023 19:15:43 -0700 -Subject: [PATCH] tc_util fix unitialized warning -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -tc_util.c: In function ‘parse_action_control_slash_spaces’: -tc_util.c:488:28: warning: use of uninitialized value ‘result2’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value] - 488 | *result2_p = result2; - | ~~~~~~~~~~~^~~~~~~~~ - ‘parse_action_control_slash_spaces’: events 1-5 - | - | 455 | static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (1) entry to ‘parse_action_control_slash_spaces’ - |...... - | 461 | int result1 = -1, result2; - | | ~~~~~~~ - | | | - | | (2) region created on stack here - | | (3) capacity: 4 bytes - |...... - | 467 | switch (ok) { - | | ~~~~~~ - | | | - | | (4) following ‘case 0:’ branch... - |...... - | 475 | ret = parse_action_control(&argc, &argv, - | | ~ - | | | - | | (5) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’ - | - +--> ‘parse_action_control’: events 6-7 - | - | 432 | return __parse_action_control(argc_p, argv_p, result_p, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (6) ...to here - | | (7) calling ‘__parse_action_control’ from ‘parse_action_control_slash_spaces’ - | 433 | allow_num, false); - | | ~~~~~~~~~~~~~~~~~ - | - ‘__parse_action_control’: events 8-11 - | - | 371 | static int __parse_action_control(int *argc_p, char ***argv_p, int *result_p, - | | ^~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (8) entry to ‘__parse_action_control’ - |...... - | 378 | if (!argc) - | | ~ - | | | - | | (9) following ‘false’ branch (when ‘argc != 0’)... - | 379 | return -1; - | 380 | if (action_a2n(*argv, &result, allow_num) == -1) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (10) ...to here - | | (11) calling ‘action_a2n’ from ‘__parse_action_control’ - | - +--> ‘action_a2n’: events 12-16 - | - | 335 | int action_a2n(char *arg, int *result, bool allow_num) - | | ^~~~~~~~~~ - | | | - | | (12) entry to ‘action_a2n’ - |...... - | 356 | for (iter = a2n; iter->a; iter++) { - | | ~~~~ - | | | - | | (13) following ‘true’ branch... - | 357 | if (matches(arg, iter->a) != 0) - | | ~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (14) ...to here - |...... - | 366 | if (result) - | | ~ - | | | - | | (15) following ‘true’ branch (when ‘result’ is non-NULL)... - | 367 | *result = n; - | | ~~~~~~~~~~~ - | | | - | | (16) ...to here - | - <------+ - | - ‘__parse_action_control’: event 17 - | - | 380 | if (action_a2n(*argv, &result, allow_num) == -1) { - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (17) returning to ‘__parse_action_control’ from ‘action_a2n’ - | - <------+ - | - ‘parse_action_control_slash_spaces’: event 18 - | - | 475 | ret = parse_action_control(&argc, &argv, - | | ^ - | | | - | | (18) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’ - | - +--> ‘parse_action_control’: event 19 - | - | 432 | return __parse_action_control(argc_p, argv_p, result_p, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (19) returning to ‘parse_action_control_slash_spaces’ from ‘__parse_action_control’ - | 433 | allow_num, false); - | | ~~~~~~~~~~~~~~~~~ - | - <------+ - | - ‘parse_action_control_slash_spaces’: events 20-24 - | - | 477 | if (ret) - | | ^ - | | | - | | (20) following ‘false’ branch... - | 478 | return ret; - | 479 | ok++; - | | ~~~~ - | | | - | | (21) ...to here - |...... - | 487 | if (ok == 2) - | | ~ - | | | - | | (22) following ‘true’ branch (when ‘ok == 2’)... - | 488 | *result2_p = result2; - | | ~~~~~~~~~~~~~~~~~~~~ - | | | - | | (23) ...to here - | | (24) use of uninitialized value ‘result2’ here - | -tc_util.c:488:28: warning: use of uninitialized value ‘result2’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value] - 488 | *result2_p = result2; - | ~~~~~~~~~~~^~~~~~~~~ - ‘parse_action_control_slash’: events 1-5 - | - | 505 | int parse_action_control_slash(int *argc_p, char ***argv_p, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (1) entry to ‘parse_action_control_slash’ - |...... - | 510 | char *p = strchr(*argv, '/'); - | | ~~~~~~~~~~~~~~~~~~ - | | | - | | (2) when ‘strchr’ returns NULL - | 511 | - | 512 | if (!p) - | | ~ - | | | - | | (3) following ‘true’ branch (when ‘p’ is NULL)... - | 513 | return parse_action_control_slash_spaces(argc_p, argv_p, - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (4) ...to here - | | (5) calling ‘parse_action_control_slash_spaces’ from ‘parse_action_control_slash’ - | 514 | result1_p, result2_p, - | | ~~~~~~~~~~~~~~~~~~~~~ - | 515 | allow_num); - | | ~~~~~~~~~~ - | - +--> ‘parse_action_control_slash_spaces’: events 6-10 - | - | 455 | static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (6) entry to ‘parse_action_control_slash_spaces’ - |...... - | 461 | int result1 = -1, result2; - | | ~~~~~~~ - | | | - | | (7) region created on stack here - | | (8) capacity: 4 bytes - |...... - | 467 | switch (ok) { - | | ~~~~~~ - | | | - | | (9) following ‘case 0:’ branch... - |...... - | 475 | ret = parse_action_control(&argc, &argv, - | | ~ - | | | - | | (10) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’ - | - +--> ‘parse_action_control’: events 11-12 - | - | 432 | return __parse_action_control(argc_p, argv_p, result_p, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (11) ...to here - | | (12) calling ‘__parse_action_control’ from ‘parse_action_control_slash_spaces’ - | 433 | allow_num, false); - | | ~~~~~~~~~~~~~~~~~ - | - ‘__parse_action_control’: events 13-16 - | - | 371 | static int __parse_action_control(int *argc_p, char ***argv_p, int *result_p, - | | ^~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (13) entry to ‘__parse_action_control’ - |...... - | 378 | if (!argc) - | | ~ - | | | - | | (14) following ‘false’ branch (when ‘argc != 0’)... - | 379 | return -1; - | 380 | if (action_a2n(*argv, &result, allow_num) == -1) { - | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (15) ...to here - | | (16) calling ‘action_a2n’ from ‘__parse_action_control’ - | - +--> ‘action_a2n’: events 17-21 - | - | 335 | int action_a2n(char *arg, int *result, bool allow_num) - | | ^~~~~~~~~~ - | | | - | | (17) entry to ‘action_a2n’ - |...... - | 356 | for (iter = a2n; iter->a; iter++) { - | | ~~~~ - | | | - | | (18) following ‘true’ branch... - | 357 | if (matches(arg, iter->a) != 0) - | | ~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (19) ...to here - |...... - | 366 | if (result) - | | ~ - | | | - | | (20) following ‘true’ branch (when ‘result’ is non-NULL)... - | 367 | *result = n; - | | ~~~~~~~~~~~ - | | | - | | (21) ...to here - | - <------+ - | - ‘__parse_action_control’: event 22 - | - | 380 | if (action_a2n(*argv, &result, allow_num) == -1) { - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (22) returning to ‘__parse_action_control’ from ‘action_a2n’ - | - <------+ - | - ‘parse_action_control_slash_spaces’: event 23 - | - | 475 | ret = parse_action_control(&argc, &argv, - | | ^ - | | | - | | (23) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’ - | - +--> ‘parse_action_control’: event 24 - | - | 432 | return __parse_action_control(argc_p, argv_p, result_p, - | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - | | | - | | (24) returning to ‘parse_action_control_slash_spaces’ from ‘__parse_action_control’ - | 433 | allow_num, false); - | | ~~~~~~~~~~~~~~~~~ - | - <------+ - | - ‘parse_action_control_slash_spaces’: events 25-29 - | - | 477 | if (ret) - | | ^ - | | | - | | (25) following ‘false’ branch... - | 478 | return ret; - | 479 | ok++; - | | ~~~~ - | | | - | | (26) ...to here - |...... - | 487 | if (ok == 2) - | | ~ - | | | - | | (27) following ‘true’ branch (when ‘ok == 2’)... - | 488 | *result2_p = result2; - | | ~~~~~~~~~~~~~~~~~~~~ - | | | - | | (28) ...to here - | | (29) use of uninitialized value ‘result2’ here - | - -Fixes: e67aba559581 ("tc: actions: add helpers to parse and print control actions") -Signed-off-by: Stephen Hemminger ---- - tc/tc_util.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tc/tc_util.c b/tc/tc_util.c -index 0714134e..ed9efa70 100644 ---- a/tc/tc_util.c -+++ b/tc/tc_util.c -@@ -458,7 +458,7 @@ static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p, - { - int argc = *argc_p; - char **argv = *argv_p; -- int result1 = -1, result2; -+ int result1 = -1, result2 = -1; - int *result_p = &result1; - int ok = 0; - int ret; --- -2.27.0 - diff --git a/backport-tipc-fix-keylen-check.patch b/backport-tipc-fix-keylen-check.patch deleted file mode 100644 index 24f2c9ae1363d750bcd5088e04f737b430bc71f7..0000000000000000000000000000000000000000 --- a/backport-tipc-fix-keylen-check.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 4429a6c9b484bc02dfab1e020a9b6f9f77370331 Mon Sep 17 00:00:00 2001 -From: Andrea Claudi -Date: Fri, 13 May 2022 11:52:30 +0200 -Subject: [PATCH] tipc: fix keylen check - -Key length check in str2key() is wrong for hex. Fix this using the -proper hex key length. - -Fixes: 28ee49e5153b ("tipc: bail out if key is abnormally long") -Suggested-by: Xin Long -Signed-off-by: Andrea Claudi -Signed-off-by: Stephen Hemminger -Conflict: NA -Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=4429a6c9b48 ---- - tipc/misc.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/tipc/misc.c b/tipc/misc.c -index 909975d8..6175bf07 100644 ---- a/tipc/misc.c -+++ b/tipc/misc.c -@@ -113,16 +113,15 @@ int str2key(char *str, struct tipc_aead_key *key) - } - } - -- if (len > TIPC_AEAD_KEYLEN_MAX) -+ key->keylen = ishex ? (len + 1) / 2 : len; -+ if (key->keylen > TIPC_AEAD_KEYLEN_MAX) - return -1; - - /* Obtain key: */ - if (!ishex) { -- key->keylen = len; - memcpy(key->key, str, len); - } else { - /* Convert hex string to key */ -- key->keylen = (len + 1) / 2; - for (i = 0; i < key->keylen; i++) { - if (i == 0 && len % 2 != 0) { - if (sscanf(str, "%1hhx", &key->key[0]) != 1) --- -2.23.0 - diff --git a/backport-utils-fix-get_integer-logic.patch b/backport-utils-fix-get_integer-logic.patch deleted file mode 100644 index 1a99832f430c2c1a2526ddb961deaadec04fff41..0000000000000000000000000000000000000000 --- a/backport-utils-fix-get_integer-logic.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 877f8149d2ed94b6ab412fabaab9fe8d15193db7 Mon Sep 17 00:00:00 2001 -From: Pedro Tammela -Date: Sat, 19 Aug 2023 17:54:48 -0300 -Subject: [PATCH] utils: fix get_integer() logic - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=877f8149d2ed94b6ab412fabaab9fe8d15193db7 - -After 3a463c15, get_integer() doesn't return the converted value and -always writes 0 in 'val' in case of success. -Fix the logic so it writes the converted value in 'val'. - -Fixes: 3a463c15 ("Add get_long utility and adapt get_integer accordingly" -Signed-off-by: Pedro Tammela -Signed-off-by: David Ahern ---- - lib/utils.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/lib/utils.c b/lib/utils.c -index efa01668d..99ba7a233 100644 ---- a/lib/utils.c -+++ b/lib/utils.c -@@ -142,7 +142,8 @@ int get_integer(int *val, const char *arg, int base) - { - long res; - -- res = get_long(NULL, arg, base); -+ if (get_long(&res, arg, base) < 0) -+ return -1; - - /* Outside range of int */ - if (res < INT_MIN || res > INT_MAX) diff --git a/backport-xfrm-prepare-state-offload-logic-to-set-mode.patch b/backport-xfrm-prepare-state-offload-logic-to-set-mode.patch deleted file mode 100644 index 08143f6f689f70c12dfdd6e2cebe92a12830a6ec..0000000000000000000000000000000000000000 --- a/backport-xfrm-prepare-state-offload-logic-to-set-mode.patch +++ /dev/null @@ -1,117 +0,0 @@ -From bdd19b1edec44c00c968950301074734cee54cab Mon Sep 17 00:00:00 2001 -From: Leon Romanovsky -Date: Mon, 12 Dec 2022 09:54:04 +0200 -Subject: [PATCH] xfrm: prepare state offload logic to set mode - -The offload in xfrm state requires to provide device and direction -in order to activate it. However, in the help section, device and -direction were displayed as an optional. - -As a preparation to addition of packet offload, let's fix the help -section and refactor the code to be more clear. - -Conflict:NA -Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=bdd19b1edec44c00c968950301074734cee54cab - -Signed-off-by: Leon Romanovsky -Signed-off-by: David Ahern ---- - ip/xfrm_state.c | 35 +++++++++++++++++++---------------- - man/man8/ip-xfrm.8 | 5 +++++ - 2 files changed, 24 insertions(+), 16 deletions(-) - -diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c -index b2294d9f..6de2d28d 100644 ---- a/ip/xfrm_state.c -+++ b/ip/xfrm_state.c -@@ -61,7 +61,7 @@ static void usage(void) - " [ replay-seq-hi SEQ ] [ replay-oseq-hi SEQ ]\n" - " [ flag FLAG-LIST ] [ sel SELECTOR ] [ LIMIT-LIST ] [ encap ENCAP ]\n" - " [ coa ADDR[/PLEN] ] [ ctx CTX ] [ extra-flag EXTRA-FLAG-LIST ]\n" -- " [ offload [dev DEV] dir DIR ]\n" -+ " [ offload dev DEV dir DIR ]\n" - " [ output-mark OUTPUT-MARK [ mask MASK ] ]\n" - " [ if_id IF_ID ] [ tfcpad LENGTH ]\n" - "Usage: ip xfrm state allocspi ID [ mode MODE ] [ mark MARK [ mask MASK ] ]\n" -@@ -267,7 +267,7 @@ static int xfrm_state_extra_flag_parse(__u32 *extra_flags, int *argcp, char ***a - return 0; - } - --static int xfrm_offload_dir_parse(__u8 *dir, int *argcp, char ***argvp) -+static bool xfrm_offload_dir_parse(__u8 *dir, int *argcp, char ***argvp) - { - int argc = *argcp; - char **argv = *argvp; -@@ -277,12 +277,12 @@ static int xfrm_offload_dir_parse(__u8 *dir, int *argcp, char ***argvp) - else if (strcmp(*argv, "out") == 0) - *dir = 0; - else -- invarg("DIR value is invalid", *argv); -+ return false; - - *argcp = argc; - *argvp = argv; - -- return 0; -+ return true; - } - - static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv) -@@ -424,24 +424,27 @@ static int xfrm_state_modify(int cmd, unsigned int flags, int argc, char **argv) - addattr_l(&req.n, sizeof(req.buf), XFRMA_SEC_CTX, - (void *)&ctx, ctx.sctx.len); - } else if (strcmp(*argv, "offload") == 0) { -- is_offload = true; - NEXT_ARG(); - if (strcmp(*argv, "dev") == 0) { - NEXT_ARG(); - ifindex = ll_name_to_index(*argv); -- if (!ifindex) { -- invarg("value after \"offload dev\" is invalid", *argv); -- is_offload = false; -- } -- NEXT_ARG(); -- } -+ if (!ifindex) -+ invarg("Invalid device name", *argv); -+ } else -+ invarg("Missing dev keyword", *argv); -+ -+ NEXT_ARG(); - if (strcmp(*argv, "dir") == 0) { -+ bool is_dir; -+ - NEXT_ARG(); -- xfrm_offload_dir_parse(&dir, &argc, &argv); -- } else { -- invarg("value after \"offload dir\" is invalid", *argv); -- is_offload = false; -- } -+ is_dir = xfrm_offload_dir_parse(&dir, &argc, -+ &argv); -+ if (!is_dir) -+ invarg("DIR value is invalid", *argv); -+ } else -+ invarg("Missing DIR keyword", *argv); -+ is_offload = true; - } else if (strcmp(*argv, "output-mark") == 0) { - NEXT_ARG(); - if (get_u32(&output_mark.v, *argv, 0)) -diff --git a/man/man8/ip-xfrm.8 b/man/man8/ip-xfrm.8 -index bf725cab..4243a023 100644 ---- a/man/man8/ip-xfrm.8 -+++ b/man/man8/ip-xfrm.8 -@@ -65,6 +65,11 @@ ip-xfrm \- transform configuration - .IR MASK " ] ]" - .RB "[ " if_id - .IR IF-ID " ]" -+.RB "[ " offload -+.RB dev -+.IR DEV " -+.RB dir -+.IR DIR " ]" - .RB "[ " tfcpad - .IR LENGTH " ]" - --- -2.23.0 diff --git a/bugfix-iproute2-3.10.0-fix-maddr-show.patch b/bugfix-iproute2-3.10.0-fix-maddr-show.patch deleted file mode 100644 index 0c6d51dbb101c350a071340505419a1bf704aa1d..0000000000000000000000000000000000000000 --- a/bugfix-iproute2-3.10.0-fix-maddr-show.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 9b190596f7d26ad640bd3e56b65c3fedf80d3963 Mon Sep 17 00:00:00 2001 -From: Feilong Lin -Date: Mon, 20 Jan 2020 23:21:25 +0800 -Subject: [PATCH] fix maddr show - ---- - ip/ipmaddr.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/ip/ipmaddr.c b/ip/ipmaddr.c -index 3400e05..e37929e 100644 ---- a/ip/ipmaddr.c -+++ b/ip/ipmaddr.c -@@ -138,9 +138,11 @@ static void read_igmp(struct ma_info **result_p) - while (fgets(buf, sizeof(buf), fp)) { - struct ma_info *ma; - -+ int index; - if (buf[0] != '\t') { - size_t len; - -+ memset(&m.name, 0, sizeof(m.name)); - sscanf(buf, "%d%s", &m.index, m.name); - len = strlen(m.name); - if (m.name[len - 1] == ':') -@@ -148,6 +150,10 @@ static void read_igmp(struct ma_info **result_p) - continue; - } - -+ index = strlen(m.name) - 1; -+ if (index > 0 && m.name[index] == ':') { -+ m.name[index] = 0; -+ } - if (filter.dev && strcmp(filter.dev, m.name)) - continue; - --- -1.8.3.1 - diff --git a/bugfix-iproute2-cancel-some-test-cases.patch b/bugfix-iproute2-cancel-some-test-cases.patch deleted file mode 100644 index 26e955512df6bd9fd0a5bc4b1e2e574c106ff01d..0000000000000000000000000000000000000000 --- a/bugfix-iproute2-cancel-some-test-cases.patch +++ /dev/null @@ -1,424 +0,0 @@ -From 7f8757b093e463c797b76eed8ecb8d04072898e7 Mon Sep 17 00:00:00 2001 -From: gaoxingwang -Date: Tue, 20 Dec 2022 11:45:07 +0800 -Subject: [PATCH] cancel some test cases that failed due to host configure - ---- - Makefile | 6 -- - testsuite/tests/ip/link/add_type_bareudp.t | 86 ---------------------- - testsuite/tests/ip/link/add_type_xfrm.t | 32 -------- - testsuite/tests/tc/flower_mpls.t | 82 --------------------- - testsuite/tests/tc/mpls.t | 69 ----------------- - testsuite/tests/tc/vlan.t | 86 ---------------------- - 6 files changed, 361 deletions(-) - delete mode 100755 testsuite/tests/ip/link/add_type_bareudp.t - delete mode 100755 testsuite/tests/ip/link/add_type_xfrm.t - delete mode 100755 testsuite/tests/tc/flower_mpls.t - delete mode 100755 testsuite/tests/tc/mpls.t - delete mode 100755 testsuite/tests/tc/vlan.t - -diff --git a/Makefile b/Makefile -index 5bc1147..063160f 100644 ---- a/Makefile -+++ b/Makefile -@@ -115,12 +115,6 @@ distclean: clobber - check: all - $(MAKE) -C testsuite - $(MAKE) -C testsuite alltests -- @if command -v man >/dev/null 2>&1; then \ -- echo "Checking manpages for syntax errors..."; \ -- $(MAKE) -C man check; \ -- else \ -- echo "man not installed, skipping checks for syntax errors."; \ -- fi - - cscope: - cscope -b -q -R -Iinclude -sip -slib -smisc -snetem -stc -diff --git a/testsuite/tests/ip/link/add_type_bareudp.t b/testsuite/tests/ip/link/add_type_bareudp.t -deleted file mode 100755 -index 8a2a1ed..0000000 ---- a/testsuite/tests/ip/link/add_type_bareudp.t -+++ /dev/null -@@ -1,86 +0,0 @@ --#!/bin/sh -- --. lib/generic.sh -- --ts_log "[Testing Add BareUDP interface (unicast MPLS)]" --NEW_DEV="$(rand_dev)" -- --ts_ip "$0" "Add $NEW_DEV BareUDP interface (unicast MPLS)" link add dev $NEW_DEV type bareudp dstport 6635 ethertype mpls_uc -- --ts_ip "$0" "Show $NEW_DEV BareUDP interface (unicast MPLS)" -d link show dev $NEW_DEV --test_on "$NEW_DEV" --test_on "dstport 6635" --test_on "ethertype mpls_uc" --test_on "nomultiproto" -- --ts_ip "$0" "Del $NEW_DEV BareUDP interface (unicast MPLS)" link del dev $NEW_DEV -- -- --ts_log "[Testing Add BareUDP interface (multicast MPLS)]" --NEW_DEV="$(rand_dev)" -- --ts_ip "$0" "Add $NEW_DEV BareUDP interface (multicast MPLS)" link add dev $NEW_DEV type bareudp dstport 6635 ethertype mpls_mc -- --ts_ip "$0" "Show $NEW_DEV BareUDP interface (multicast MPLS)" -d link show dev $NEW_DEV --test_on "$NEW_DEV" --test_on "dstport 6635" --test_on "ethertype mpls_mc" --test_on "nomultiproto" -- --ts_ip "$0" "Del $NEW_DEV BareUDP interface (multicast MPLS)" link del dev $NEW_DEV -- -- --ts_log "[Testing Add BareUDP interface (unicast and multicast MPLS)]" --NEW_DEV="$(rand_dev)" -- --ts_ip "$0" "Add $NEW_DEV BareUDP interface (unicast and multicast MPLS)" link add dev $NEW_DEV type bareudp dstport 6635 ethertype mpls_uc multiproto -- --ts_ip "$0" "Show $NEW_DEV BareUDP interface (unicast and multicast MPLS)" -d link show dev $NEW_DEV --test_on "$NEW_DEV" --test_on "dstport 6635" --test_on "ethertype mpls_uc" --test_on "multiproto" -- --ts_ip "$0" "Del $NEW_DEV BareUDP interface (unicast and multicast MPLS)" link del dev $NEW_DEV -- -- --ts_log "[Testing Add BareUDP interface (IPv4)]" --NEW_DEV="$(rand_dev)" -- --ts_ip "$0" "Add $NEW_DEV BareUDP interface (IPv4)" link add dev $NEW_DEV type bareudp dstport 6635 ethertype ipv4 -- --ts_ip "$0" "Show $NEW_DEV BareUDP interface (IPv4)" -d link show dev $NEW_DEV --test_on "$NEW_DEV" --test_on "dstport 6635" --test_on "ethertype ip" --test_on "nomultiproto" -- --ts_ip "$0" "Del $NEW_DEV BareUDP interface (IPv4)" link del dev $NEW_DEV -- -- --ts_log "[Testing Add BareUDP interface (IPv6)]" --NEW_DEV="$(rand_dev)" -- --ts_ip "$0" "Add $NEW_DEV BareUDP interface (IPv6)" link add dev $NEW_DEV type bareudp dstport 6635 ethertype ipv6 -- --ts_ip "$0" "Show $NEW_DEV BareUDP interface (IPv6)" -d link show dev $NEW_DEV --test_on "$NEW_DEV" --test_on "dstport 6635" --test_on "ethertype ipv6" --test_on "nomultiproto" -- --ts_ip "$0" "Del $NEW_DEV BareUDP interface (IPv6)" link del dev $NEW_DEV -- -- --ts_log "[Testing Add BareUDP interface (IPv4 and IPv6)]" --NEW_DEV="$(rand_dev)" -- --ts_ip "$0" "Add $NEW_DEV BareUDP interface (IPv4 and IPv6)" link add dev $NEW_DEV type bareudp dstport 6635 ethertype ipv4 multiproto -- --ts_ip "$0" "Show $NEW_DEV BareUDP interface (IPv4 and IPv6)" -d link show dev $NEW_DEV --test_on "$NEW_DEV" --test_on "dstport 6635" --test_on "ethertype ip" --test_on "multiproto" -- --ts_ip "$0" "Del $NEW_DEV BareUDP interface (IPv4 and IPv6)" link del dev $NEW_DEV -diff --git a/testsuite/tests/ip/link/add_type_xfrm.t b/testsuite/tests/ip/link/add_type_xfrm.t -deleted file mode 100755 -index 78ce28e..0000000 ---- a/testsuite/tests/ip/link/add_type_xfrm.t -+++ /dev/null -@@ -1,32 +0,0 @@ --#!/bin/sh -- --. lib/generic.sh -- --ts_log "[Testing Add XFRM Interface, With IF-ID]" -- --PHYS_DEV="lo" --NEW_DEV="$(rand_dev)" --IF_ID="0xf" -- --ts_ip "$0" "Add $NEW_DEV xfrm interface" link add dev $NEW_DEV type xfrm dev $PHYS_DEV if_id $IF_ID -- --ts_ip "$0" "Show $NEW_DEV xfrm interface" -d link show dev $NEW_DEV --test_on "$NEW_DEV" --test_on "if_id $IF_ID" -- --ts_ip "$0" "Del $NEW_DEV xfrm interface" link del dev $NEW_DEV -- -- --ts_log "[Testing Add XFRM Interface, No IF-ID]" -- --PHYS_DEV="lo" --NEW_DEV="$(rand_dev)" --IF_ID="0xf" -- --ts_ip "$0" "Add $NEW_DEV xfrm interface" link add dev $NEW_DEV type xfrm dev $PHYS_DEV -- --ts_ip "$0" "Show $NEW_DEV xfrm interface" -d link show dev $NEW_DEV --test_on "$NEW_DEV" --test_on_not "if_id $IF_ID" -- --ts_ip "$0" "Del $NEW_DEV xfrm interface" link del dev $NEW_DEV -diff --git a/testsuite/tests/tc/flower_mpls.t b/testsuite/tests/tc/flower_mpls.t -deleted file mode 100755 -index 430ed13..0000000 ---- a/testsuite/tests/tc/flower_mpls.t -+++ /dev/null -@@ -1,82 +0,0 @@ --#!/bin/sh -- --. lib/generic.sh -- --DEV="$(rand_dev)" --ts_ip "$0" "Add $DEV dummy interface" link add dev $DEV up type dummy --ts_tc "$0" "Add ingress qdisc" qdisc add dev $DEV ingress -- --reset_qdisc() --{ -- ts_tc "$0" "Remove ingress qdisc" qdisc del dev $DEV ingress -- ts_tc "$0" "Add ingress qdisc" qdisc add dev $DEV ingress --} -- --ts_tc "$0" "Add MPLS filter matching first LSE with minimal values" \ -- filter add dev $DEV ingress protocol mpls_uc flower \ -- mpls_label 0 mpls_tc 0 mpls_bos 0 mpls_ttl 0 \ -- action drop --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls_label 0" --test_on "mpls_tc 0" --test_on "mpls_bos 0" --test_on "mpls_ttl 0" -- --reset_qdisc --ts_tc "$0" "Add MPLS filter matching first LSE with maximal values" \ -- filter add dev $DEV ingress protocol mpls_uc flower \ -- mpls_label 1048575 mpls_tc 7 mpls_bos 1 mpls_ttl 255 \ -- action drop --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls_label 1048575" --test_on "mpls_tc 7" --test_on "mpls_bos 1" --test_on "mpls_ttl 255" -- --reset_qdisc --ts_tc "$0" "Add MPLS filter matching second LSE with minimal values" \ -- filter add dev $DEV ingress protocol mpls_uc flower \ -- mpls lse depth 2 label 0 tc 0 bos 0 ttl 0 \ -- action drop --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls" --test_on "lse" --test_on "depth 2" --test_on "label 0" --test_on "tc 0" --test_on "bos 0" --test_on "ttl 0" -- --reset_qdisc --ts_tc "$0" "Add MPLS filter matching second LSE with maximal values" \ -- filter add dev $DEV ingress protocol mpls_uc flower \ -- mpls lse depth 2 label 1048575 tc 7 bos 1 ttl 255 \ -- action drop --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls" --test_on "lse" --test_on "depth 2" --test_on "label 1048575" --test_on "tc 7" --test_on "bos 1" --test_on "ttl 255" -- --reset_qdisc --ts_tc "$0" "Add MPLS filter matching two LSEs" \ -- filter add dev $DEV ingress protocol mpls_uc flower mpls \ -- lse depth 1 label 0 tc 0 bos 0 ttl 0 \ -- lse depth 2 label 1048575 tc 7 bos 1 ttl 255 \ -- action drop --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls" --test_on "lse" --test_on "depth 1" --test_on "label 0" --test_on "tc 0" --test_on "bos 0" --test_on "ttl 0" --test_on "depth 2" --test_on "label 1048575" --test_on "tc 7" --test_on "bos 1" --test_on "ttl 255" -diff --git a/testsuite/tests/tc/mpls.t b/testsuite/tests/tc/mpls.t -deleted file mode 100755 -index cb25f36..0000000 ---- a/testsuite/tests/tc/mpls.t -+++ /dev/null -@@ -1,69 +0,0 @@ --#!/bin/sh -- --. lib/generic.sh -- --DEV="$(rand_dev)" --ts_ip "$0" "Add $DEV dummy interface" link add dev $DEV up type dummy --ts_tc "$0" "Add ingress qdisc" qdisc add dev $DEV ingress -- --reset_qdisc() --{ -- ts_tc "$0" "Remove ingress qdisc" qdisc del dev $DEV ingress -- ts_tc "$0" "Add ingress qdisc" qdisc add dev $DEV ingress --} -- --ts_tc "$0" "Add mpls action pop" \ -- filter add dev $DEV ingress protocol mpls_uc matchall \ -- action mpls pop protocol ip --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls" --test_on "pop protocol ip pipe" -- --reset_qdisc --ts_tc "$0" "Add mpls action push" \ -- filter add dev $DEV ingress protocol ip matchall \ -- action mpls push protocol mpls_uc label 20 tc 3 bos 1 ttl 64 --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls" --test_on "push" --test_on "protocol mpls_uc" --test_on "label 20" --test_on "tc 3" --test_on "bos 1" --test_on "ttl 64" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add mpls action mac_push" \ -- filter add dev $DEV ingress matchall \ -- action mpls mac_push protocol mpls_uc label 20 tc 3 bos 1 ttl 64 --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls" --test_on "mac_push" --test_on "protocol mpls_uc" --test_on "label 20" --test_on "tc 3" --test_on "bos 1" --test_on "ttl 64" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add mpls action modify" \ -- filter add dev $DEV ingress protocol mpls_uc matchall \ -- action mpls modify label 20 tc 3 ttl 64 --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls" --test_on "modify" --test_on "label 20" --test_on "tc 3" --test_on "ttl 64" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add mpls action dec_ttl" \ -- filter add dev $DEV ingress protocol mpls_uc matchall \ -- action mpls dec_ttl --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "mpls" --test_on "dec_ttl" --test_on "pipe" -diff --git a/testsuite/tests/tc/vlan.t b/testsuite/tests/tc/vlan.t -deleted file mode 100755 -index b86dc36..0000000 ---- a/testsuite/tests/tc/vlan.t -+++ /dev/null -@@ -1,86 +0,0 @@ --#!/bin/sh -- --. lib/generic.sh -- --DEV="$(rand_dev)" --ts_ip "$0" "Add $DEV dummy interface" link add dev $DEV up type dummy --ts_tc "$0" "Add ingress qdisc" qdisc add dev $DEV ingress -- --reset_qdisc() --{ -- ts_tc "$0" "Remove ingress qdisc" qdisc del dev $DEV ingress -- ts_tc "$0" "Add ingress qdisc" qdisc add dev $DEV ingress --} -- --ts_tc "$0" "Add vlan action pop" \ -- filter add dev $DEV ingress matchall action vlan pop --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "vlan" --test_on "pop" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add vlan action push (default parameters)" \ -- filter add dev $DEV ingress matchall action vlan push id 5 --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "vlan" --test_on "push" --test_on "id 5" --test_on "protocol 802.1Q" --test_on "priority 0" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add vlan action push (explicit parameters)" \ -- filter add dev $DEV ingress matchall \ -- action vlan push id 5 protocol 802.1ad priority 2 --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "vlan" --test_on "push" --test_on "id 5" --test_on "protocol 802.1ad" --test_on "priority 2" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add vlan action modify (default parameters)" \ -- filter add dev $DEV ingress matchall action vlan modify id 5 --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "vlan" --test_on "modify" --test_on "id 5" --test_on "protocol 802.1Q" --test_on "priority 0" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add vlan action modify (explicit parameters)" \ -- filter add dev $DEV ingress matchall \ -- action vlan modify id 5 protocol 802.1ad priority 2 --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "vlan" --test_on "modify" --test_on "id 5" --test_on "protocol 802.1ad" --test_on "priority 2" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add vlan action pop_eth" \ -- filter add dev $DEV ingress matchall action vlan pop_eth --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "vlan" --test_on "pop_eth" --test_on "pipe" -- --reset_qdisc --ts_tc "$0" "Add vlan action push_eth" \ -- filter add dev $DEV ingress matchall \ -- action vlan push_eth dst_mac 02:00:00:00:00:02 \ -- src_mac 02:00:00:00:00:01 --ts_tc "$0" "Show ingress filters" filter show dev $DEV ingress --test_on "vlan" --test_on "push_eth" --test_on "dst_mac 02:00:00:00:00:02" --test_on "src_mac 02:00:00:00:00:01" --test_on "pipe" --- -2.27.0 - diff --git a/bugfix-iproute2-change-proc-to-ipnetnsproc-which-is-private.patch b/bugfix-iproute2-change-proc-to-ipnetnsproc-which-is-private.patch deleted file mode 100644 index 6bb73526a0207fa79ed3f00119a30e513cbe3799..0000000000000000000000000000000000000000 --- a/bugfix-iproute2-change-proc-to-ipnetnsproc-which-is-private.patch +++ /dev/null @@ -1,133 +0,0 @@ -From 19ed63e8ed3c5dece47c83949b61815f661c9036 Mon Sep 17 00:00:00 2001 -From: Minhua Chen -Date: Tue, 21 Jan 2020 00:19:13 +0800 -Subject: [PATCH] iproute2: change proc to ipnetnsproc which is private system -proc is mounted shared, if use this, it will cause the list size of mnt_share -become too large to loop, and will casue kernel softlockup. - -so we need a private mounted proc which is /ipnetnsproc to avoid -the large list in kernel. - -use /etc/iproute_private.conf to switch on or off this patch. -if file exist and file content equals use_ipnetnsproc=1 then -switch on, or else switch off. - -Signed-off-by: Minhua Chen ---- - ip/ipnetns.c | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++------- - 1 file changed, 64 insertions(+), 8 deletions(-) - -diff --git a/ip/ipnetns.c b/ip/ipnetns.c -index fc58a04..fedc3db 100644 ---- a/ip/ipnetns.c -+++ b/ip/ipnetns.c -@@ -25,6 +25,62 @@ - #include "namespace.h" - #include "json_print.h" - -+const char *conf_file = "/etc/iproute2/iproute_private.conf"; -+static int conf_file_parsed = 0; -+static int should_use_ipnetnsproc = 0; -+ -+static void parse_config() -+{ -+ FILE *fp = NULL; -+ char buffer[256] = {0}; -+ char *str = NULL; -+ char *p = NULL; -+ -+ fp = fopen(conf_file, "r"); -+ if(fp){ -+ while (fgets(buffer, sizeof(buffer), fp)) { -+ str = buffer; -+ /* skip the space */ -+ while (isspace(*str)) -+ str++; -+ /* skip the comment line */ -+ if (strncmp(str, "#", 1) == 0) -+ continue; -+ /* skip line feed */ -+ if((p = strchr(str, '\n')) != NULL) -+ *p = '\0'; -+ if (strstr(str, "use_ipnetnsproc") != NULL && (p = strstr(str, "=")) != NULL){ -+ str = p + 1; -+ /* skip the space */ -+ while (isspace(*str)) -+ str++; -+ if (strcmp(str, "1") == 0){ -+ should_use_ipnetnsproc = 1; -+ } -+ break; -+ } -+ } -+ fclose(fp); -+ fp = NULL; -+ } -+ conf_file_parsed = 1; -+} -+static int get_should_use_ipnetnsproc() -+{ -+ if (!conf_file_parsed) -+ parse_config(); -+ return should_use_ipnetnsproc; -+} -+ -+static char* get_proc_string() -+{ -+ if(get_should_use_ipnetnsproc()){ -+ return "/ipnetnsproc"; -+ } else { -+ return "/proc"; -+ } -+} -+ - static int usage(void) - { - fprintf(stderr, -@@ -606,10 +663,9 @@ static int netns_pids(int argc, char **argv) - strerror(errno)); - goto out; - } -- dir = opendir("/proc/"); -+ dir = opendir(get_proc_string()); - if (!dir) { -- fprintf(stderr, "Open of /proc failed: %s\n", -- strerror(errno)); -+ fprintf(stderr, "Open of %s failed: %s\n", get_proc_string(), strerror(errno)); - goto out; - } - while ((entry = readdir(dir))) { -@@ -618,8 +674,7 @@ static int netns_pids(int argc, char **argv) - - if (!is_pid(entry->d_name)) - continue; -- snprintf(pid_net_path, sizeof(pid_net_path), "/proc/%s/ns/net", -- entry->d_name); -+ snprintf(pid_net_path, sizeof(pid_net_path), "/%s/%s/ns/net", get_proc_string(), entry->d_name); - if (stat(pid_net_path, &st) != 0) - continue; - if ((st.st_dev == netst.st_dev) && -@@ -646,7 +701,7 @@ int netns_identify_pid(const char *pidstr, char *name, int len) - - name[0] = '\0'; - -- snprintf(net_path, sizeof(net_path), "/proc/%s/ns/net", pidstr); -+ snprintf(net_path, sizeof(net_path), "/%s/%s/ns/net", get_proc_string(), pidstr); - netns = open(net_path, O_RDONLY); - if (netns < 0) { - fprintf(stderr, "Cannot open network namespace: %s\n", -@@ -911,9 +965,9 @@ static int netns_add(int argc, char **argv, bool create) - goto out_delete; - } - -- strcpy(proc_path, "/proc/self/ns/net"); -+ snprintf(proc_path, sizeof(proc_path), "/%s/self/ns/net", get_proc_string()); - } else { -- snprintf(proc_path, sizeof(proc_path), "/proc/%d/ns/net", pid); -+ snprintf(proc_path, sizeof(proc_path), "/%s/%d/ns/net", get_proc_string(), pid); - } - - /* Bind the netns last so I can watch for it */ --- -1.8.3.1 - diff --git a/feature-iproute-add-support-for-ipvlan-l2e-mode.patch b/feature-iproute-add-support-for-ipvlan-l2e-mode.patch deleted file mode 100644 index 479c1e3aeb3f3089229a35b689933b8f69131563..0000000000000000000000000000000000000000 --- a/feature-iproute-add-support-for-ipvlan-l2e-mode.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 3ea7f5ac296ee5c19459c2bf00fecf98f552a1c5 Mon Sep 17 00:00:00 2001 -From: Feilong Lin -Date: Mon, 2 Mar 2020 20:52:06 +0800 - ---- - include/uapi/linux/if_link.h | 2 +- - ip/iplink_ipvlan.c | 10 +++++----- - 2 files changed, 6 insertions(+), 6 deletions(-) -diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h -index 1d4ed60..bddbdc7 100644 ---- a/include/uapi/linux/if_link.h -+++ b/include/uapi/linux/if_link.h -@@ -702,6 +702,7 @@ enum { - enum ipvlan_mode { - IPVLAN_MODE_L2 = 0, - IPVLAN_MODE_L3, -+ IPVLAN_MODE_L2E, - IPVLAN_MODE_L3S, - IPVLAN_MODE_MAX - }; -diff --git a/ip/iplink_ipvlan.c b/ip/iplink_ipvlan.c -index baae767..6de3138 100644 ---- a/ip/iplink_ipvlan.c -+++ b/ip/iplink_ipvlan.c -@@ -23,7 +23,7 @@ static void print_explain(struct link_util *lu, FILE *f) - fprintf(f, - "Usage: ... %s [ mode MODE ] [ FLAGS ]\n" - "\n" -- "MODE: l3 | l3s | l2\n" -+ "MODE: l3 | l2e | l3s | l2\n" - "FLAGS: bridge | private | vepa\n" - "(first values are the defaults if nothing is specified).\n", - lu->id); -@@ -47,8 +47,10 @@ static int ipvlan_parse_opt(struct link_util *lu, int argc, char **argv, - mode = IPVLAN_MODE_L3; - else if (strcmp(*argv, "l3s") == 0) - mode = IPVLAN_MODE_L3S; -+ else if (strcmp(*argv, "l2e") == 0) -+ mode = IPVLAN_MODE_L2E; - else { -- fprintf(stderr, "Error: argument of \"mode\" must be either \"l2\", \"l3\" or \"l3s\"\n"); -+ fprintf(stderr, "Error: argument of \"mode\" must be either \"l2\", \"l3\", \"l2e\", or \"l3s\"\n"); - return -1; - } - addattr16(n, 1024, IFLA_IPVLAN_MODE, mode); -@@ -88,6 +90,7 @@ static void ipvlan_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[]) - __u16 mode = rta_getattr_u16(tb[IFLA_IPVLAN_MODE]); - const char *mode_str = mode == IPVLAN_MODE_L2 ? "l2" : - mode == IPVLAN_MODE_L3 ? "l3" : -+ mode == IPVLAN_MODE_L2E ? "l2e" : - mode == IPVLAN_MODE_L3S ? "l3s" : "unknown"; - - print_string(PRINT_ANY, "mode", " mode %s ", mode_str); --- -2.19.1 - diff --git a/feature-iproute2-supports-to-parse-UB-device-and-related-display-of-vf-address.patch b/feature-iproute2-supports-to-parse-UB-device-and-related-display-of-vf-address.patch deleted file mode 100644 index d4bd24dccabd9e8db2d4256c7e391d4f0e893e59..0000000000000000000000000000000000000000 --- a/feature-iproute2-supports-to-parse-UB-device-and-related-display-of-vf-address.patch +++ /dev/null @@ -1,199 +0,0 @@ -From fc8d86356ef55fc4716e9bfb643592c1e1aef9a6 Mon Sep 17 00:00:00 2001 -From: Fengyan Mu -Date: Sat, 25 Nov 2023 12:10:29 +0800 -Subject: [PATCH] [feature]iproute2 supports to parse UB device and related - display of vf address - -tool inclusion -category: feature -bugzilla: https://gitee.com/src-openeuler/iproute/issues/I8EZGI -CVE: NA - ------------------------------------------------------ - -This patch adds ARPHRD_UB for iproute2 and support name parse for it. -The pf in the ub does not manage the addresses of VFs and the address -information of the VF cannot be obtained. -This patch deletes the display of vf address information in the pf. - -Signed-off-by: Junxin Chen -Signed-off-by: Fengyan Mu ---- - configure | 23 +++++++++++++ - include/uapi/linux/if_arp.h | 4 +++ - ip/ipaddress.c | 68 ++++++++++++++++++++++++++----------- - lib/ll_types.c | 3 ++ - 4 files changed, 79 insertions(+), 19 deletions(-) - -diff --git a/configure b/configure -index 7f4f3bd..094582b 100755 ---- a/configure -+++ b/configure -@@ -265,6 +265,17 @@ check_elf() - fi - } - -+check_support_ub() -+{ -+ if [ "$SUPPORT_UB" = on ]; then -+ echo "yes" -+ echo 'CFLAGS += -DSUPPORT_UB' >> $CONFIG -+ else -+ echo "no" -+ return -+ fi -+} -+ - have_libbpf_basic() - { - cat >$TMPDIR/libbpf_test.c <> $CONFIG - echo "%.o: %.c" >> $CONFIG - echo ' $(QUIET_CC)$(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(CPPFLAGS) -c -o $@ $<' >> $CONFIG -diff --git a/include/uapi/linux/if_arp.h b/include/uapi/linux/if_arp.h -index 12d06bb..b7111a5 100644 ---- a/include/uapi/linux/if_arp.h -+++ b/include/uapi/linux/if_arp.h -@@ -43,6 +43,10 @@ - #define ARPHRD_EUI64 27 /* EUI-64 */ - #define ARPHRD_INFINIBAND 32 /* InfiniBand */ - -+#ifdef SUPPORT_UB -+#define ARPHRD_UB 38 /* Unified bus */ -+#endif -+ - /* Dummy types for non ARP hardware */ - #define ARPHRD_SLIP 256 - #define ARPHRD_CSLIP 257 -diff --git a/ip/ipaddress.c b/ip/ipaddress.c -index 85534aa..463b8fd 100644 ---- a/ip/ipaddress.c -+++ b/ip/ipaddress.c -@@ -374,31 +374,61 @@ static void print_vfinfo(FILE *fp, struct ifinfomsg *ifi, struct rtattr *vfinfo) - "link_type", - " link/%s ", - ll_type_n2a(ifi->ifi_type, b1, sizeof(b1))); -- -- print_color_string(PRINT_ANY, COLOR_MAC, -- "address", "%s", -- ll_addr_n2a((unsigned char *) &vf_mac->mac, -- ifi->ifi_type == ARPHRD_ETHER ? -- ETH_ALEN : INFINIBAND_ALEN, -- ifi->ifi_type, -- b1, sizeof(b1))); -- -- if (vf[IFLA_VF_BROADCAST]) { -- if (ifi->ifi_flags&IFF_POINTOPOINT) { -- print_string(PRINT_FP, NULL, " peer ", NULL); -- print_bool(PRINT_JSON, -- "link_pointtopoint", NULL, true); -- } else -- print_string(PRINT_FP, NULL, " brd ", NULL); -- -+#ifdef SUPPORT_UB -+ if (ifi->ifi_type == ARPHRD_UB) { -+ print_string(PRINT_FP, NULL, "pointtopoint", NULL); -+ } else { - print_color_string(PRINT_ANY, COLOR_MAC, -- "broadcast", "%s", -- ll_addr_n2a((unsigned char *) &vf_broadcast->broadcast, -+ "address", "%s", -+ ll_addr_n2a((unsigned char *) &vf_mac->mac, - ifi->ifi_type == ARPHRD_ETHER ? - ETH_ALEN : INFINIBAND_ALEN, - ifi->ifi_type, - b1, sizeof(b1))); -+ -+ if (vf[IFLA_VF_BROADCAST]) { -+ if (ifi->ifi_flags&IFF_POINTOPOINT) { -+ print_string(PRINT_FP, NULL, " peer ", NULL); -+ print_bool(PRINT_JSON, -+ "link_pointtopoint", NULL, true); -+ } else -+ print_string(PRINT_FP, NULL, " brd ", NULL); -+ -+ print_color_string(PRINT_ANY, COLOR_MAC, -+ "broadcast", "%s", -+ ll_addr_n2a((unsigned char *) &vf_broadcast->broadcast, -+ ifi->ifi_type == ARPHRD_ETHER ? -+ ETH_ALEN : INFINIBAND_ALEN, -+ ifi->ifi_type, -+ b1, sizeof(b1))); -+ } - } -+#else -+ print_color_string(PRINT_ANY, COLOR_MAC, -+ "address", "%s", -+ ll_addr_n2a((unsigned char *) &vf_mac->mac, -+ ifi->ifi_type == ARPHRD_ETHER ? -+ ETH_ALEN : INFINIBAND_ALEN, -+ ifi->ifi_type, -+ b1, sizeof(b1))); -+ -+ if (vf[IFLA_VF_BROADCAST]) { -+ if (ifi->ifi_flags&IFF_POINTOPOINT) { -+ print_string(PRINT_FP, NULL, " peer ", NULL); -+ print_bool(PRINT_JSON, -+ "link_pointtopoint", NULL, true); -+ } else -+ print_string(PRINT_FP, NULL, " brd ", NULL); -+ -+ print_color_string(PRINT_ANY, COLOR_MAC, -+ "broadcast", "%s", -+ ll_addr_n2a((unsigned char *) &vf_broadcast->broadcast, -+ ifi->ifi_type == ARPHRD_ETHER ? -+ ETH_ALEN : INFINIBAND_ALEN, -+ ifi->ifi_type, -+ b1, sizeof(b1))); -+ } -+#endif - - if (vf[IFLA_VF_VLAN_LIST]) { - struct rtattr *i, *vfvlanlist = vf[IFLA_VF_VLAN_LIST]; -diff --git a/lib/ll_types.c b/lib/ll_types.c -index 49da15d..2dc8140 100644 ---- a/lib/ll_types.c -+++ b/lib/ll_types.c -@@ -106,6 +106,9 @@ __PF(CAIF, caif) - __PF(IP6GRE, gre6) - __PF(NETLINK, netlink) - __PF(6LOWPAN, 6lowpan) -+#ifdef SUPPORT_UB -+__PF(UB, ub) -+#endif - - __PF(NONE, none) - __PF(VOID,void) --- -2.33.0 - diff --git a/iproute.spec b/iproute.spec deleted file mode 100644 index 0b1796f61cf66708ccbe410bc5259fa98abd6fe8..0000000000000000000000000000000000000000 --- a/iproute.spec +++ /dev/null @@ -1,326 +0,0 @@ -#needsrootforbuild -Name: iproute -Version: 5.15.0 -Epoch: 1 -Release: 18 -Summary: Linux network configuration utilities -License: GPLv2+ and Public Domain -URL: https://kernel.org/pub/linux/utils/net/iproute2/ -Source0: https://mirrors.edge.kernel.org/pub/linux/utils/net/iproute2/iproute2-%{version}.tar.xz - -Patch1: bugfix-iproute2-3.10.0-fix-maddr-show.patch -Patch2: bugfix-iproute2-change-proc-to-ipnetnsproc-which-is-private.patch - -Patch6000: backport-devlink-fix-devlink-health-dump-command-without-arg.patch -Patch6001: backport-ip-Fix-size_columns-for-very-large-values.patch -Patch6002: backport-ip-Fix-size_columns-invocation-that-passes-a-32-bit-.patch -Patch6003: backport-l2tp-fix-typo-in-AF_INET6-checksum-JSON-print.patch -Patch6004: backport-libnetlink-fix-socket-leak-in-rtnl_open_byproto.patch -Patch6005: backport-lnstat-fix-buffer-overflow-in-header-output.patch -Patch6006: backport-lnstat-fix-strdup-leak-in-w-argument-parsing.patch -Patch6007: backport-q_cake-allow-changing-to-diffserv3.patch -Patch6008: backport-tc-em_u32-fix-offset-parsing.patch -Patch6009: backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch -Patch6010: backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch -Patch6011: backport-tipc-fix-keylen-check.patch - -Patch6012: backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch -Patch6013: backport-ip-address-Fix-memory-leak-when-specifying-device.patch -Patch6014: backport-ip-neigh-Fix-memory-leak-when-doing-get.patch -Patch6015: backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch -Patch6016: backport-mptcp-Fix-memory-leak-when-getting-limits.patch -Patch6017: backport-iptunnel-detect-protocol-mismatch-on-tunnel-change.patch -Patch6018: backport-ipnetns-fix-fd-leak-with-ip-netns-set.patch -Patch6019: backport-iproute2-optimize-code-and-fix-some-mem-leak-risk.patch -Patch6020: backport-ipmaddr-fix-dereference-of-NULL-on-malloc-failure.patch -Patch6021: backport-iproute_lwtunnel-fix-possible-use-of-NULL-when-mallo.patch -Patch6022: backport-tc_util-fix-unitialized-warning.patch -Patch6023: backport-tc_exec-don-t-dereference-NULL-on-calloc-failure.patch -Patch6024: backport-m_action-fix-warning-of-overwrite-of-const-string.patch -Patch6025: backport-netem-fix-NULL-deref-on-allocation-failure.patch -Patch6026: backport-nstat-fix-potential-NULL-deref.patch -Patch6027: backport-rdma-utils-fix-some-analyzer-warnings.patch -Patch6028: backport-tc-prio-handle-possible-truncated-kernel-response.patch -Patch6029: backport-iproute_lwtunnel-fix-array-boundary-check.patch -Patch6030: backport-rt_names-check-for-malloc-failure.patch -Patch6031: backport-tc_util-Fix-no-error-return-when-large-parent-id-used.patch -Patch6032: backport-tc_util-Change-datatype-for-maj-to-avoid-overflow-issue.patch -Patch6033: backport-tc-ct-Fix-invalid-pointer-dereference.patch -Patch6034: backport-libnetlink-Fix-memory-leak-in-__rtnl_talk_iov.patch -Patch6035: backport-xfrm-prepare-state-offload-logic-to-set-mode.patch - -Patch6036: backport-Add-get_long-utility-and-adapt-get_integer-accordingly.patch -Patch6037: backport-Add-utility-to-convert-an-unsigned-int-to-string.patch -Patch6038: backport-f_flower-Treat-port-0-as-valid.patch -Patch6039: backport-ip-error-out-if-iplink-does-not-consume-all-options.patch -Patch6040: backport-iplink_bridge-fix-incorrect-root-id-dump.patch -Patch6041: backport-ss-change-aafilter-port-from-int-to-long-inode-support.patch -Patch6042: backport-ss-Fix-socket-type-check-in-packet_show_line.patch -Patch6043: backport-ss-print-unix-socket-ports-as-unsigned-int-inode.patch -Patch6044: backport-utils-fix-get_integer-logic.patch - -Patch9000: feature-iproute-add-support-for-ipvlan-l2e-mode.patch -Patch9001: bugfix-iproute2-cancel-some-test-cases.patch -Patch9002: feature-iproute2-supports-to-parse-UB-device-and-related-display-of-vf-address.patch -Patch9003: sync-ipvlan_mode-enum-with-kernel-headers.patch - -BuildRequires: gcc bison elfutils-libelf-devel flex iptables-devel -BuildRequires: libmnl-devel libselinux-devel pkgconfig libbpf-devel sudo make -Requires: libbpf psmisc - -Provides: /sbin/ip iproute-tc tc -Obsoletes: iproute-tc - -%description -Iproute2 is a collection of user-space utilities to set up networking -under Linux from the command-line. It can inspect and configure, -among other things: interface paramters, IP addresses, routing, -tunnels, bridges, packet transformations (IPsec, etc.), and Quality -of Service. - -%package devel -Summary: Header files for iprout2 -License: GPLv2+ -Provides: iproute-static = %{version}-%{release} -Obsoletes: iproute-static < %{version}-%{release} - -%description devel -Header files for iprout2 - -%package_help - -%prep -%autosetup -n %{name}2-%{version} -p1 - -%build -export LIBDIR='%{_libdir}' -export IPT_LIB_DIR='/%{_lib}/xtables' -%configure --support_ub on -%make_build - -%check -make check -if test -n "$(find . -name *.err)"; then - echo "make check failed, please check" - exit 1 -fi - -%install -export CONFDIR='%{_sysconfdir}/iproute2' -export SBINDIR='%{_sbindir}' -export LIBDIR='%{_libdir}' -export DOCDIR='%{_docdir}' - -%make_install - -install -m 0755 -d %{buildroot}%{_includedir} -install -m 0644 include/libnetlink.h %{buildroot}%{_includedir}/libnetlink.h -install -m 0644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a - -%files -%defattr(-,root,root) -%license COPYING -%doc README -%attr(644,root,root) %config(noreplace) %{_sysconfdir}/iproute2/* -%{_sbindir}/* -%{_libdir}/tc/* -%{_datadir}/bash-completion/completions/* - -%files devel -%defattr(-,root,root) -%license COPYING -%{_libdir}/libnetlink.a -%{_includedir}/* - -%files help -%defattr(-,root,root) -%doc README -%{_mandir}/* - -%changelog -* Fri Jan 12 2024 liubo - 1:5.15.0-18 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:f_flower: Treat port 0 as valid - ip: error out if iplink does not consume all options - iplink_bridge: fix incorrect root id dump - ss: change aafilter port from int to long (inode support) - ss: Fix socket type check in packet_show_line() - ss: print unix socket "ports" as unsigned int (inode) - Add utility to convert an unsigned int to string - Add get_long utility and adapt get_integer accordingly - utils: fix get_integer() logic - -* Mon Nov 27 2023 liubo - 1:5.15.0-17 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:libnetlink: Fix memory leak in __rtnl_talk_iov() - tc: ct: Fix invalid pointer dereference - tc_util: Change datatype for maj to avoid overflow issue - tc_util: Fix no error return when large parent id used - xfrm: prepare state offload logic to set mode - -* Mon Nov 27 2023 liubo - 1:5.15.0-16 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC: sync ipvlan_mode enum with kernel-headers - -* Sat Nov 25 2023 mufengyan - 1:5.15.0-15 -- Type:feature -- ID:NA -- SUG:NA -- DESC:This patch adds ARPHRD_UB for iproute2 and support name - parse for it and deletes the display of vf address - information in the pf - -* Thu Aug 17 2023 gaoxingwang - 1:5.15.0-14 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:ipnetns: fix fd leak with 'ip netns set' - iproute2: optimize code and fix some mem-leak risk - iproute_lwtunnel: fix array boundary check - iproute_lwtunnel: fix possible use of NULL when malloc() - m_action: fix warning of overwrite of const string - netem: fix NULL deref on allocation failure - nstat: fix potential NULL deref - rdma/utils: fix some analyzer warnings - rt_names: check for malloc() failure - tc/prio: handle possible truncated kernel response - tc_exec: don't dereference NULL on calloc failure - tc_util fix unitialized warning - iptunnel: detect protocol mismatch on tunnel change - ipmaddr: fix dereference of NULL on malloc() failure - -* Thu Mar 02 2023 jiangheng - 1:5.15.0-13 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:fix ip netns attach failed - -* Fri Feb 17 2023 gaoxingwang - 1:5.15.0-12 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:add BuildRequire for make to fix build failure - -* Wed Feb 8 2023 gaoxingwang - 1:5.15.0-11 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:add epoch version in changelog to fix check_spec_file ci failure - -* Wed Feb 1 2023 gaoxingwang - 5.15.0-10 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:add epoch version - -* Thu Dec 22 2022 gaoxingwang - 5.15.0-9 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:cancel some test cases that failed due to host configure - -* Wed Dec 21 2022 gaoxingwang - 5.15.0-8 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:cancle man page check - -* Mon Nov 21 2022 gaoxingwang - 5.15.0-7 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:enable make check - -* Wed Nov 09 2022 jiangheng - 5.15.0-6 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:add ipvlan l2e mode support - -* Mon Oct 10 2022 jiangheng - 5.15.0-5 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:bridge: fix memory leak when doing fdb get - mptcp: fix memory leak when doing 'endpoint show' - mptcp: fix memory leak when getting limits - ip neigh: fix memory leak when doing 'get' - ip address: fix memory leak when specifying device - fix marco expansion in changelog - -* Fri Aug 26 2022 sunsuwan - 5.15.0-4 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC:lnstat: fix buffer overflow in header output - libnetlink: fix socket leak in rtnl_open_byptoyo - lnstat: fix strdup leak in w argument parsing - q_cake: allow fix buffer overflow on large labels - tc flower: fix buffer overflow on large labels - tc_tuil: fix parsing action control with space and sl - tipc: fix keylen check - fix devlink health dump command without arg - tc: em_u32: fix offset parsing - l2tp fix typo in AF_INET6 checksum JSON print - ip: Fix size_columns() for very large values - ip: Fix size_columns() invocation that passes a 32-bit quantity - -* Tue Mar 01 2022 jiangheng - 5.15.0-3 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC: remove libcap-devel dependency - -* Mon Feb 21 2022 jiangheng - 5.15.0-2 -- Type:bugfix -- ID:NA -- SUG:NA -- DESC: remove libdb-devel dependency - -* Fri Nov 26 2021 jiangheng - 5.15.0-1 -- DESC: update to 5.15.0 - -* Mon Aug 02 2021 chenyanpanHW - 5.10.0-2 -- DESC: delete -S git from autosetup, and delete BuildRequires git - -* Tue Jan 26 2021 xihaochen - 5.10.0-1 -- Type:requirements -- ID:NA -- SUG:NA -- DESC: update iproute to 5.10.0 - -* Thu Dec 10 2020 zhouyihang - 5.7.0-3 -- Type:bugfix -- Id:NA -- SUG:NA -- DESC:modify fix of get_tc_lib err - -* Thu Sep 24 2020 zhouyihang - 5.7.0-2 -- Type:bugfix -- Id:NA -- SUG:NA -- DESC:fix get_tc_lib err - -* Wed Jul 22 2020 hanzhijun - 5.7.0-1 -- update to 5.7.0 - -* Mon Jan 20 2020 openEuler Buildteam - 5.4.0-2 -- fix maddr show and change proc to ipnetnsproc - -* Tue Jan 14 2020 openEuler Buildteam - 5.4.0-1 -- update to 5.4.0 - -* Fri Oct 18 2019 openEuler Buildteam - 5.2.0-2 -- Type:bugfix -- Id:NA -- SUG:NA -- DESC:add the bugfix about iproute - -* Thu Sep 19 2019 openEuler Buildteam - 5.2.0-1 -- Package init diff --git a/iproute.yaml b/iproute.yaml deleted file mode 100644 index 81854db435353d286f1a827393bba461350655bd..0000000000000000000000000000000000000000 --- a/iproute.yaml +++ /dev/null @@ -1,4 +0,0 @@ -version_control: git -src_repo: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git -tag_prefix: iproute2- -seperator: . diff --git a/iproute2-5.15.0.tar.xz b/iproute2-5.15.0.tar.xz deleted file mode 100644 index 2629ef7ae8d12d0fd3c46b2779621905f163d3fa..0000000000000000000000000000000000000000 Binary files a/iproute2-5.15.0.tar.xz and /dev/null differ diff --git a/sync-ipvlan_mode-enum-with-kernel-headers.patch b/sync-ipvlan_mode-enum-with-kernel-headers.patch deleted file mode 100644 index 9958862b443a952bd2d43f2d3b45a7bf75631b4f..0000000000000000000000000000000000000000 --- a/sync-ipvlan_mode-enum-with-kernel-headers.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 22f6c8174dca9de68e7a011f580ba07e7d9c15b2 Mon Sep 17 00:00:00 2001 -From: liyunqing -Date: Fri, 16 Jun 2023 17:48:11 +0800 -Subject: [PATCH] sync ipvlan_mode enum with kernel-headers - ---- - include/uapi/linux/if_link.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h -index bddbdc7..1c6f6b1 100644 ---- a/include/uapi/linux/if_link.h -+++ b/include/uapi/linux/if_link.h -@@ -702,8 +702,8 @@ enum { - enum ipvlan_mode { - IPVLAN_MODE_L2 = 0, - IPVLAN_MODE_L3, -- IPVLAN_MODE_L2E, - IPVLAN_MODE_L3S, -+ IPVLAN_MODE_L2E, - IPVLAN_MODE_MAX - }; - --- -2.33.0 -