diff --git a/backport-lib-names-check-calloc-return-value-in-db_names_alloc.patch b/backport-lib-names-check-calloc-return-value-in-db_names_alloc.patch new file mode 100644 index 0000000000000000000000000000000000000000..012a0e24d9103273b42e560ca5a4f854b6d176a8 --- /dev/null +++ b/backport-lib-names-check-calloc-return-value-in-db_names_alloc.patch @@ -0,0 +1,32 @@ +From 225f74761b091e51444cf1f9686547f3c42e44b3 Mon Sep 17 00:00:00 2001 +From: Denis Kirjanov +Date: Wed, 13 Nov 2024 13:53:49 +0300 +Subject: [PATCH] lib: names: check calloc return value in db_names_alloc + +db_names_load() may crash since it touches the +hash member. Fix it by checking the return value + +Signed-off-by: Denis Kirjanov +Signed-off-by: Stephen Hemminger + +Conflict: NA +Reference: https://github.com/iproute2/iproute2/commit/225f74761b091e51444cf1f9686547f3c42e44b3 +--- + lib/names.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/lib/names.c b/lib/names.c +index cbfa971ff..4ecae92b9 100644 +--- a/lib/names.c ++++ b/lib/names.c +@@ -55,6 +55,10 @@ struct db_names *db_names_alloc(void) + + db->size = MAX_ENTRIES; + db->hash = calloc(db->size, sizeof(struct db_entry *)); ++ if (!db->hash) { ++ free(db); ++ return NULL; ++ } + + return db; + } diff --git a/backport-route-filter-by-interface-on-multipath-routes.patch b/backport-route-filter-by-interface-on-multipath-routes.patch new file mode 100644 index 0000000000000000000000000000000000000000..1921ab40de8dc94cd9ce8484c3f218ffcc54528b --- /dev/null +++ b/backport-route-filter-by-interface-on-multipath-routes.patch @@ -0,0 +1,88 @@ +From 0ea0699ea01df81750becf742083933a23a95d94 Mon Sep 17 00:00:00 2001 +From: Stephen Hemminger +Date: Thu, 4 Jul 2024 17:26:41 -0700 +Subject: [PATCH] route: filter by interface on multipath routes + +The ip route command would silently hide multipath routes when filter +by interface. The problem was it was not looking for interface when +filter multipath routes. + +Example: + ip link add name dummy1 up type dummy + ip link add name dummy2 up type dummy + ip address add 192.0.2.1/28 dev dummy1 + ip address add 192.0.2.17/28 dev dummy2 + ip route add 198.51.100.0/24 \ + nexthop via 192.0.2.2 dev dummy1 \ + nexthop via 192.0.2.18 dev dummy2 + +Before: +ip route show dev dummy1 +192.0.2.0/28 proto kernel scope link src 192.0.2.1 + +After: +ip route show dev dummy1 +192.0.2.0/28 proto kernel scope link src 192.0.2.1 +198.51.100.0/24 + nexthop via 192.0.2.2 dev dummy1 weight 1 + nexthop via 192.0.2.18 dev dummy2 weight 1 + +Reported-by: "Muggeridge, Matt" +Signed-off-by: Stephen Hemminger + +Conflict: NA +Reference: https://github.com/iproute2/iproute2/commit/0ea0699ea01df81750becf742083933a23a95d94.patch +--- + ip/iproute.c | 31 ++++++++++++++++++++++++++----- + 1 file changed, 26 insertions(+), 5 deletions(-) + +diff --git a/ip/iproute.c b/ip/iproute.c +index b53046116..446662404 100644 +--- a/ip/iproute.c ++++ b/ip/iproute.c +@@ -154,6 +154,24 @@ static int flush_update(void) + return 0; + } + ++static bool filter_multipath(const struct rtattr *rta) ++{ ++ const struct rtnexthop *nh = RTA_DATA(rta); ++ int len = RTA_PAYLOAD(rta); ++ ++ while (len >= sizeof(*nh)) { ++ if (nh->rtnh_len > len) ++ break; ++ ++ if (!((nh->rtnh_ifindex ^ filter.oif) & filter.oifmask)) ++ return true; ++ ++ len -= NLMSG_ALIGN(nh->rtnh_len); ++ nh = RTNH_NEXT(nh); ++ } ++ return false; ++} ++ + static int filter_nlmsg(struct nlmsghdr *n, struct rtattr **tb, int host_len) + { + struct rtmsg *r = NLMSG_DATA(n); +@@ -310,12 +328,15 @@ static int filter_nlmsg(struct nlmsghdr *n, struct rtattr **tb, int host_len) + return 0; + } + if (filter.oifmask) { +- int oif = 0; ++ if (tb[RTA_OIF]) { ++ int oif = rta_getattr_u32(tb[RTA_OIF]); + +- if (tb[RTA_OIF]) +- oif = rta_getattr_u32(tb[RTA_OIF]); +- if ((oif^filter.oif)&filter.oifmask) +- return 0; ++ if ((oif ^ filter.oif) & filter.oifmask) ++ return 0; ++ } else if (tb[RTA_MULTIPATH]) { ++ if (!filter_multipath(tb[RTA_MULTIPATH])) ++ return 0; ++ } + } + if (filter.markmask) { + int mark = 0; diff --git a/backport-ss-fix-expired-time-format-of-timer.patch b/backport-ss-fix-expired-time-format-of-timer.patch new file mode 100644 index 0000000000000000000000000000000000000000..e5e05b4baef7b43169b6d49f67cb7d5a2ce7c733 --- /dev/null +++ b/backport-ss-fix-expired-time-format-of-timer.patch @@ -0,0 +1,52 @@ +From 3e807112fdf3d7b89a8295379dd8474f08a38b4b Mon Sep 17 00:00:00 2001 +From: xixiliguo +Date: Sat, 20 Jul 2024 23:23:27 +0800 +Subject: [PATCH] ss: fix expired time format of timer + +When expired time of time-wait timer is less than or equal to 9 seconds, +as shown below, result that below 1 sec is incorrect. +Expect output should be show 9 seconds and 373 millisecond, but 9.373ms +mean only 9 millisecond and 373 microseconds + +Before: +TIME-WAIT 0 0 ... timer:(timewait,12sec,0) +TIME-WAIT 0 0 ... timer:(timewait,11sec,0) +TIME-WAIT 0 0 ... timer:(timewait,10sec,0) +TIME-WAIT 0 0 ... timer:(timewait,9.373ms,0) +TIME-WAIT 0 0 ... timer:(timewait,8.679ms,0) +TIME-WAIT 0 0 ... timer:(timewait,1.574ms,0) +TIME-WAIT 0 0 ... timer:(timewait,954ms,0) +TIME-WAIT 0 0 ... timer:(timewait,303ms,0) + +After: +TIME-WAIT 0 0 ... timer:(timewait,13sec,0) +TIME-WAIT 0 0 ... timer:(timewait,12sec,0) +TIME-WAIT 0 0 ... timer:(timewait,10sec,0) +TIME-WAIT 0 0 ... timer:(timewait,9.501sec,0) +TIME-WAIT 0 0 ... timer:(timewait,8.990sec,0) +TIME-WAIT 0 0 ... timer:(timewait,7.865sec,0) +TIME-WAIT 0 0 ... timer:(timewait,1.098sec,0) +TIME-WAIT 0 0 ... timer:(timewait,476ms,0) + +Signed-off-by: xixiliguo +Signed-off-by: Stephen Hemminger + +Conflict: NA +Reference: https://github.com/iproute2/iproute2/commit/3e807112fdf3d7b89a8295379dd8474f08a38b4b +--- + misc/ss.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/misc/ss.c b/misc/ss.c +index 27f0f20d8..620f4c8fb 100644 +--- a/misc/ss.c ++++ b/misc/ss.c +@@ -1516,7 +1516,7 @@ static const char *print_ms_timer(unsigned int timeout) + sprintf(buf+strlen(buf), "%d%s", secs, msecs ? "." : "sec"); + } + if (msecs) +- sprintf(buf+strlen(buf), "%03dms", msecs); ++ sprintf(buf+strlen(buf), "%03d%s", msecs, secs ? "sec" : "ms"); + return buf; + } + diff --git a/iproute.spec b/iproute.spec index 7a2c7e89d389aeddc2b6c193931e0cec51d8492c..7aea67a3030b6bc77a1ae8156b3d5d26b6e7007a 100644 --- a/iproute.spec +++ b/iproute.spec @@ -2,7 +2,7 @@ Name: iproute Version: 5.15.0 Epoch: 1 -Release: 21 +Release: 22 Summary: Linux network configuration utilities License: GPLv2+ and Public Domain URL: https://kernel.org/pub/linux/utils/net/iproute2/ @@ -70,6 +70,9 @@ patch6052: backport-mnl_utils-sanitize-incoming-netlink-payload-size-in-cal Patch6053: backport-devlink-use-snprintf-instead-of-sprintf.patch Patch6054: backport-ctrl-Fix-fd-leak-in-ctrl_list.patch Patch6055: backport-ctrl-Fix-fd-leak-in-ctrl_listen.patch +Patch6056: backport-ss-fix-expired-time-format-of-timer.patch +Patch6057: backport-route-filter-by-interface-on-multipath-routes.patch +Patch6058: backport-lib-names-check-calloc-return-value-in-db_names_alloc.patch Patch9000: feature-iproute-add-support-for-ipvlan-l2e-mode.patch Patch9001: bugfix-iproute2-cancel-some-test-cases.patch @@ -151,6 +154,14 @@ install -m 0644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a %{_mandir}/* %changelog +* Thu Feb 13 2025 xinghe - 1:5.15.0-22 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:ss: fix expired time format of timer + route: filter by interface on multipath routes + lib: names: check calloc return value in db_names_alloc + * Wed Oct 09 2024 liningjie - 1:5.15.0-21 - Type:bugfix - ID:NA