commit 98e3fdba962b641a2f0fd6b4eca008af8cdfac7b Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 10:57:19 2019 -0400 Package init diff --git a/libnl-3.4.0.tar.gz b/libnl-3.4.0.tar.gz new file mode 100644 index 0000000..e60880b Binary files /dev/null and b/libnl-3.4.0.tar.gz differ diff --git a/libnl-doc-3.4.0.tar.gz b/libnl-doc-3.4.0.tar.gz new file mode 100644 index 0000000..eba149c Binary files /dev/null and b/libnl-doc-3.4.0.tar.gz differ diff --git a/libnl3-ipgre-Fix-wrong-array-size-initialization.patch b/libnl3-ipgre-Fix-wrong-array-size-initialization.patch new file mode 100644 index 0000000..6cb94c0 --- /dev/null +++ b/libnl3-ipgre-Fix-wrong-array-size-initialization.patch @@ -0,0 +1,30 @@ +From a31948b905ac20e1d85cda56fb3672b44d66305e Mon Sep 17 00:00:00 2001 +From: Thomas Winter +Date: Fri, 8 Jun 2018 15:43:53 +1200 +Subject: [PATCH 55/76] ipgre: Fix wrong array size initialization + +IPv4 GRE tunnels use the GRE defines. + +Signed-off-by: Thomas Winter + +Fixes: 57bdc4ff4895dd91cc723d22eecadcf48945e87c +--- + lib/route/link/ipgre.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/route/link/ipgre.c b/lib/route/link/ipgre.c +index 6551323..a7665fe 100644 +--- a/lib/route/link/ipgre.c ++++ b/lib/route/link/ipgre.c +@@ -91,7 +91,7 @@ static int ipgre_alloc(struct rtnl_link *link) + static int ipgre_parse(struct rtnl_link *link, struct nlattr *data, + struct nlattr *xstats) + { +- struct nlattr *tb[IFLA_IPTUN_MAX + 1]; ++ struct nlattr *tb[IFLA_GRE_MAX + 1]; + struct ipgre_info *ipgre; + int err; + +-- +1.8.3.1 + diff --git a/libnl3-ipvti-Fix-wrong-array-size-initialization.patch b/libnl3-ipvti-Fix-wrong-array-size-initialization.patch new file mode 100644 index 0000000..7a7a9b2 --- /dev/null +++ b/libnl3-ipvti-Fix-wrong-array-size-initialization.patch @@ -0,0 +1,46 @@ +From daa2edebe71d794284142696397bfce6fd45f926 Mon Sep 17 00:00:00 2001 +From: Thomas Winter +Date: Fri, 8 Jun 2018 15:45:42 +1200 +Subject: [PATCH 56/76] ipvti: Fix wrong array size initialization + +IPv4 VTI tunnels use the VTI defines. + +Signed-off-by: Thomas Winter + +Fixes: 8f6301426a00d992d00238c7ddd666e96aa63e28 +--- + lib/route/link/ipvti.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/lib/route/link/ipvti.c b/lib/route/link/ipvti.c +index 0fa80ea..851d566 100644 +--- a/lib/route/link/ipvti.c ++++ b/lib/route/link/ipvti.c +@@ -48,7 +48,7 @@ struct ipvti_info + uint32_t ipvti_mask; + }; + +-static struct nla_policy ipvti_policy[IFLA_GRE_MAX + 1] = { ++static struct nla_policy ipvti_policy[IFLA_VTI_MAX + 1] = { + [IFLA_VTI_LINK] = { .type = NLA_U32 }, + [IFLA_VTI_IKEY] = { .type = NLA_U32 }, + [IFLA_VTI_OKEY] = { .type = NLA_U32 }, +@@ -76,13 +76,13 @@ static int ipvti_alloc(struct rtnl_link *link) + static int ipvti_parse(struct rtnl_link *link, struct nlattr *data, + struct nlattr *xstats) + { +- struct nlattr *tb[IFLA_IPTUN_MAX + 1]; ++ struct nlattr *tb[IFLA_VTI_MAX + 1]; + struct ipvti_info *ipvti; + int err; + + NL_DBG(3, "Parsing IPVTI link info\n"); + +- err = nla_parse_nested(tb, IFLA_GRE_MAX, data, ipvti_policy); ++ err = nla_parse_nested(tb, IFLA_VTI_MAX, data, ipvti_policy); + if (err < 0) + goto errout; + +-- +1.8.3.1 + diff --git a/libnl3-lib-tc-ensure-correct-error-code-in-rtnl_tc_msg_buil.patch b/libnl3-lib-tc-ensure-correct-error-code-in-rtnl_tc_msg_buil.patch new file mode 100644 index 0000000..20e2bda --- /dev/null +++ b/libnl3-lib-tc-ensure-correct-error-code-in-rtnl_tc_msg_buil.patch @@ -0,0 +1,48 @@ +From 52cd3c14ce42db53637f8f5dafaf0d5c24d724db Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Mon, 8 Oct 2018 13:41:25 +0200 +Subject: [PATCH 62/76] lib/tc: ensure correct error code in + rtnl_tc_msg_build() + +--- + lib/route/tc.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/lib/route/tc.c b/lib/route/tc.c +index 62efd35..061e54e 100644 +--- a/lib/route/tc.c ++++ b/lib/route/tc.c +@@ -202,14 +202,16 @@ int rtnl_tc_msg_build(struct rtnl_tc *tc, int type, int flags, + .tcm_handle = tc->tc_handle, + .tcm_parent = tc->tc_parent, + }; +- int err = -NLE_MSGSIZE; ++ int err; + + msg = nlmsg_alloc_simple(type, flags); + if (!msg) + return -NLE_NOMEM; + +- if (nlmsg_append(msg, &tchdr, sizeof(tchdr), NLMSG_ALIGNTO) < 0) ++ if (nlmsg_append(msg, &tchdr, sizeof(tchdr), NLMSG_ALIGNTO) < 0) { ++ err = -NLE_MSGSIZE; + goto nla_put_failure; ++ } + + if (tc->ce_mask & TCA_ATTR_KIND) + NLA_PUT_STRING(msg, TCA_KIND, tc->tc_kind); +@@ -220,8 +222,10 @@ int rtnl_tc_msg_build(struct rtnl_tc *tc, int type, int flags, + void *data = rtnl_tc_data(tc); + + if (ops->to_msg_fill) { +- if (!(opts = nla_nest_start(msg, TCA_OPTIONS))) ++ if (!(opts = nla_nest_start(msg, TCA_OPTIONS))) { ++ err = -NLE_NOMEM; + goto nla_put_failure; ++ } + + if ((err = ops->to_msg_fill(tc, data, msg)) < 0) + goto nla_put_failure; +-- +1.8.3.1 + diff --git a/libnl3-lib-tc-fix-uninitalized-err-variable-in-rtnl_tc_msg_.patch b/libnl3-lib-tc-fix-uninitalized-err-variable-in-rtnl_tc_msg_.patch new file mode 100644 index 0000000..c109aba --- /dev/null +++ b/libnl3-lib-tc-fix-uninitalized-err-variable-in-rtnl_tc_msg_.patch @@ -0,0 +1,55 @@ +From 1bffe3cc6739d95c1a42f12b417e98f9d6ee5e80 Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Wed, 10 Oct 2018 10:59:27 +0200 +Subject: [PATCH] lib/tc: fix uninitalized err variable in rtnl_tc_msg_build() + +Fixes: 52cd3c14ce42db53637f8f5dafaf0d5c24d724db +--- + lib/route/tc.c | 10 +++++++----- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/lib/route/tc.c b/lib/route/tc.c +index 061e54e..694c48e 100644 +--- a/lib/route/tc.c ++++ b/lib/route/tc.c +@@ -210,11 +210,11 @@ + + if (nlmsg_append(msg, &tchdr, sizeof(tchdr), NLMSG_ALIGNTO) < 0) { + err = -NLE_MSGSIZE; +- goto nla_put_failure; ++ goto out_err; + } + + if (tc->ce_mask & TCA_ATTR_KIND) +- NLA_PUT_STRING(msg, TCA_KIND, tc->tc_kind); ++ NLA_PUT_STRING(msg, TCA_KIND, tc->tc_kind); + + ops = rtnl_tc_get_ops(tc); + if (ops && (ops->to_msg_fill || ops->to_msg_fill_raw)) { +@@ -224,21 +224,23 @@ + if (ops->to_msg_fill) { + if (!(opts = nla_nest_start(msg, TCA_OPTIONS))) { + err = -NLE_NOMEM; +- goto nla_put_failure; ++ goto out_err; + } + + if ((err = ops->to_msg_fill(tc, data, msg)) < 0) +- goto nla_put_failure; ++ goto out_err; + + nla_nest_end(msg, opts); + } else if ((err = ops->to_msg_fill_raw(tc, data, msg)) < 0) +- goto nla_put_failure; ++ goto out_err; + } + + *result = msg; + return 0; + + nla_put_failure: ++ err = -NLE_NOMEM; ++out_err: + nlmsg_free(msg); + return err; + } diff --git a/libnl3-link-macvlan-fixes.patch b/libnl3-link-macvlan-fixes.patch new file mode 100644 index 0000000..0ef7ddc --- /dev/null +++ b/libnl3-link-macvlan-fixes.patch @@ -0,0 +1,98 @@ +From 470b98354627eb4ab9eeb67308bc2f2c746e83eb Mon Sep 17 00:00:00 2001 +From: Wang Jian +Date: Sat, 29 Sep 2018 11:09:17 +0000 +Subject: [PATCH 75/76] link: macvlan fixes + +1. While parsing flags, it overrides mode. +2. Before, dump-line and dump-details are same leading that macvlan info will be shown twice while dumpping details. + So make dump-line show nothing. +3. Add some spaces to show dump-details more prettier. + +Signed-off-by: Wang Jian + +Fixes: c76393e2037d78eb60c32f95b26f5b1e5b9422a6 + +http://lists.infradead.org/pipermail/libnl/2018-August/002405.html +http://lists.infradead.org/pipermail/libnl/2018-September/002406.html +http://lists.infradead.org/pipermail/libnl/2018-September/002411.html +--- + lib/route/link/macvlan.c | 23 ++++++++++++----------- + 1 file changed, 12 insertions(+), 11 deletions(-) + +diff --git a/lib/route/link/macvlan.c b/lib/route/link/macvlan.c +index ac90d0b..dbcea44 100644 +--- a/lib/route/link/macvlan.c ++++ b/lib/route/link/macvlan.c +@@ -108,7 +108,7 @@ static int macvlan_parse(struct rtnl_link *link, struct nlattr *data, + } + + if (tb[IFLA_MACVLAN_FLAGS]) { +- mvi->mvi_mode = nla_get_u16(tb[IFLA_MACVLAN_FLAGS]); ++ mvi->mvi_flags = nla_get_u16(tb[IFLA_MACVLAN_FLAGS]); + mvi->mvi_mask |= MACVLAN_HAS_FLAGS; + } + +@@ -158,7 +158,7 @@ static void macvlan_free(struct rtnl_link *link) + link->l_info = NULL; + } + +-static void macvlan_dump(struct rtnl_link *link, struct nl_dump_params *p) ++static void macvlan_dump_details(struct rtnl_link *link, struct nl_dump_params *p) + { + char buf[64]; + uint32_t i; +@@ -166,23 +166,26 @@ static void macvlan_dump(struct rtnl_link *link, struct nl_dump_params *p) + + if (mvi->mvi_mask & MACVLAN_HAS_MODE) { + rtnl_link_macvlan_mode2str(mvi->mvi_mode, buf, sizeof(buf)); +- nl_dump(p, "%s-mode %s", link->l_info_ops->io_name, buf); ++ nl_dump(p, " %s-mode %s", link->l_info_ops->io_name, buf); + } + + if (mvi->mvi_mask & MACVLAN_HAS_FLAGS) { + rtnl_link_macvlan_flags2str(mvi->mvi_flags, buf, sizeof(buf)); +- nl_dump(p, "%s-flags %s", link->l_info_ops->io_name, buf); ++ nl_dump(p, " %s-flags %s", link->l_info_ops->io_name, buf); + } + + if (mvi->mvi_mask & MACVLAN_HAS_MACADDR) { +- nl_dump(p, "macvlan-count %u", (unsigned) mvi->mvi_maccount); ++ nl_dump(p, " macvlan-count %u", (unsigned) mvi->mvi_maccount); ++ ++ if (mvi->mvi_maccount) ++ nl_dump(p, " macvlan-sourcemac"); + + for (i = 0; i < mvi->mvi_maccount; i++) { +- nl_dump(p, "macvlan-sourcemac %s", +- nl_addr2str(mvi->mvi_macaddr[i], buf, ++ nl_dump(p, " %s", nl_addr2str(mvi->mvi_macaddr[i], buf, + sizeof(buf))); + } + } ++ nl_dump(p, "\n"); + } + + static int macvlan_clone(struct rtnl_link *dst, struct rtnl_link *src) +@@ -258,8 +261,7 @@ static struct rtnl_link_info_ops macvlan_info_ops = { + .io_alloc = macvlan_alloc, + .io_parse = macvlan_parse, + .io_dump = { +- [NL_DUMP_LINE] = macvlan_dump, +- [NL_DUMP_DETAILS] = macvlan_dump, ++ [NL_DUMP_DETAILS] = macvlan_dump_details, + }, + .io_clone = macvlan_clone, + .io_put_attrs = macvlan_put_attrs, +@@ -271,8 +273,7 @@ static struct rtnl_link_info_ops macvtap_info_ops = { + .io_alloc = macvlan_alloc, + .io_parse = macvlan_parse, + .io_dump = { +- [NL_DUMP_LINE] = macvlan_dump, +- [NL_DUMP_DETAILS] = macvlan_dump, ++ [NL_DUMP_DETAILS] = macvlan_dump_details, + }, + .io_clone = macvlan_clone, + .io_put_attrs = macvlan_put_attrs, +-- +1.8.3.1 + diff --git a/libnl3-nl-neigh-list-free-allocated-items.patch b/libnl3-nl-neigh-list-free-allocated-items.patch new file mode 100644 index 0000000..6db76da --- /dev/null +++ b/libnl3-nl-neigh-list-free-allocated-items.patch @@ -0,0 +1,27 @@ +From 250a7c9ae91a726dfe33174f5281505add5cdbaa Mon Sep 17 00:00:00 2001 +From: Tobias Jungel +Date: Tue, 17 Apr 2018 13:49:23 +0200 +Subject: [PATCH 49/76] nl-neigh-list: free allocated items + +--- + src/nl-neigh-list.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/nl-neigh-list.c b/src/nl-neigh-list.c +index ba4ade8..1581e17 100644 +--- a/src/nl-neigh-list.c ++++ b/src/nl-neigh-list.c +@@ -87,5 +87,10 @@ int main(int argc, char *argv[]) + + nl_cache_dump_filter(neigh_cache, ¶ms, OBJ_CAST(neigh)); + ++ rtnl_neigh_put(neigh); ++ nl_cache_put(neigh_cache); ++ nl_cache_put(link_cache); ++ nl_socket_free(sock); ++ + return 0; + } +-- +1.8.3.1 + diff --git a/libnl3-nla_ok-fix-overrun-in-attribute-iteration.patch b/libnl3-nla_ok-fix-overrun-in-attribute-iteration.patch new file mode 100644 index 0000000..7be6943 --- /dev/null +++ b/libnl3-nla_ok-fix-overrun-in-attribute-iteration.patch @@ -0,0 +1,34 @@ +From 123dc07bcc3f402a500edf370d2000e171c91b34 Mon Sep 17 00:00:00 2001 +From: Patrick Havelange +Date: Fri, 27 Jul 2018 14:39:35 +0200 +Subject: [PATCH 74/76] nla_ok: fix overrun in attribute iteration. + +A detailed explanation is provided in the original Linux kernel commit that +fixes the bug: 1045b03e07d85f3545118510a587035536030c1c + +Valgrind spotted the issue when the remaining was negative. +This bug was triggering application crashes. + +Signed-off-by: Patrick Havelange + +https://github.com/thom311/libnl/pull/199 +--- + lib/attr.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/attr.c b/lib/attr.c +index 0928630..1ddc007 100644 +--- a/lib/attr.c ++++ b/lib/attr.c +@@ -147,7 +147,7 @@ int nla_len(const struct nlattr *nla) + */ + int nla_ok(const struct nlattr *nla, int remaining) + { +- return remaining >= sizeof(*nla) && ++ return remaining >= (int) sizeof(*nla) && + nla->nla_len >= sizeof(*nla) && + nla->nla_len <= remaining; + } +-- +1.8.3.1 + diff --git a/libnl3-route-cls-fix-potential-memory-leak.patch b/libnl3-route-cls-fix-potential-memory-leak.patch new file mode 100644 index 0000000..4872717 --- /dev/null +++ b/libnl3-route-cls-fix-potential-memory-leak.patch @@ -0,0 +1,75 @@ +From 1ac40683a879a602dbf8c42372677fb94f958a7d Mon Sep 17 00:00:00 2001 +From: Ilya Pronin +Date: Thu, 23 Aug 2018 16:12:25 -0700 +Subject: [PATCH 73/76] route/cls: fix potential memory leak + +rtnl_act_append() cannot add more than TCA_ACT_MAX_PRIO actions to the +same list. Because of that rtnl_basic_add_action() and +rtnl_u32_add_action() should not increment the reference counter of the +given action until it is successfully added to the filter's list. + +Signed-off-by: Ilya Pronin + +Fixes: e5d9b828f6ec64fd77854578fbf1c33f214f3ac4 + +https://github.com/thom311/libnl/pull/201 +--- + lib/route/cls/basic.c | 6 +++++- + lib/route/cls/u32.c | 6 +++++- + 2 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/lib/route/cls/basic.c b/lib/route/cls/basic.c +index 912ded6..3581c60 100644 +--- a/lib/route/cls/basic.c ++++ b/lib/route/cls/basic.c +@@ -220,6 +220,7 @@ struct rtnl_ematch_tree *rtnl_basic_get_ematch(struct rtnl_cls *cls) + int rtnl_basic_add_action(struct rtnl_cls *cls, struct rtnl_act *act) + { + struct rtnl_basic *b; ++ int err; + + if (!act) + return 0; +@@ -228,9 +229,12 @@ int rtnl_basic_add_action(struct rtnl_cls *cls, struct rtnl_act *act) + return -NLE_NOMEM; + + b->b_mask |= BASIC_ATTR_ACTION; ++ if ((err = rtnl_act_append(&b->b_act, act))) ++ return err; ++ + /* In case user frees it */ + rtnl_act_get(act); +- return rtnl_act_append(&b->b_act, act); ++ return 0; + } + + struct rtnl_act* rtnl_basic_get_action(struct rtnl_cls *cls) +diff --git a/lib/route/cls/u32.c b/lib/route/cls/u32.c +index 0078888..f06bc24 100644 +--- a/lib/route/cls/u32.c ++++ b/lib/route/cls/u32.c +@@ -526,6 +526,7 @@ int rtnl_u32_set_cls_terminal(struct rtnl_cls *cls) + int rtnl_u32_add_action(struct rtnl_cls *cls, struct rtnl_act *act) + { + struct rtnl_u32 *u; ++ int err; + + if (!act) + return 0; +@@ -534,9 +535,12 @@ int rtnl_u32_add_action(struct rtnl_cls *cls, struct rtnl_act *act) + return -NLE_NOMEM; + + u->cu_mask |= U32_ATTR_ACTION; ++ if ((err = rtnl_act_append(&u->cu_act, act))) ++ return err; ++ + /* In case user frees it */ + rtnl_act_get(act); +- return rtnl_act_append(&u->cu_act, act); ++ return 0; + } + + struct rtnl_act* rtnl_u32_get_action(struct rtnl_cls *cls) +-- +1.8.3.1 + diff --git a/libnl3-route-fix-handling-old_nh-in-rtnl_route_parse-and-av.patch b/libnl3-route-fix-handling-old_nh-in-rtnl_route_parse-and-av.patch new file mode 100644 index 0000000..af2cf03 --- /dev/null +++ b/libnl3-route-fix-handling-old_nh-in-rtnl_route_parse-and-av.patch @@ -0,0 +1,121 @@ +From 1228a65963956300bd0466437530b975e0eaeec5 Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Mon, 6 Nov 2017 15:04:14 +0100 +Subject: [PATCH 08/76] route: fix handling old_nh in rtnl_route_parse() and + avoid leak + +The previous code would miss to release old_nh in the error +path. + +Also, it relied on the present netlink attributes to have old_nh +initialized. Don't do that. + +Also, fixup error codes by using "goto errout_nomem" where appropriate +and keep @err as returned from rtnl_route_set_metric(). +--- + lib/route/route_obj.c | 28 ++++++++++++++++++++-------- + 1 file changed, 20 insertions(+), 8 deletions(-) + +diff --git a/lib/route/route_obj.c b/lib/route/route_obj.c +index 8ae6b89..bc62408 100644 +--- a/lib/route/route_obj.c ++++ b/lib/route/route_obj.c +@@ -1125,10 +1125,8 @@ int rtnl_route_parse(struct nlmsghdr *nlh, struct rtnl_route **result) + int err, family; + + route = rtnl_route_alloc(); +- if (!route) { +- err = -NLE_NOMEM; +- goto errout; +- } ++ if (!route) ++ goto errout_nomem; + + route->ce_msgtype = nlh->nlmsg_type; + +@@ -1213,7 +1211,9 @@ int rtnl_route_parse(struct nlmsghdr *nlh, struct rtnl_route **result) + for (i = 1; i <= RTAX_MAX; i++) { + if (mtb[i] && nla_len(mtb[i]) >= sizeof(uint32_t)) { + uint32_t m = nla_get_u32(mtb[i]); +- if (rtnl_route_set_metric(route, i, m) < 0) ++ ++ err = rtnl_route_set_metric(route, i, m); ++ if (err < 0) + goto errout; + } + } +@@ -1231,14 +1231,14 @@ int rtnl_route_parse(struct nlmsghdr *nlh, struct rtnl_route **result) + + if (tb[RTA_OIF]) { + if (!old_nh && !(old_nh = rtnl_route_nh_alloc())) +- goto errout; ++ goto errout_nomem; + + rtnl_route_nh_set_ifindex(old_nh, nla_get_u32(tb[RTA_OIF])); + } + + if (tb[RTA_GATEWAY]) { + if (!old_nh && !(old_nh = rtnl_route_nh_alloc())) +- goto errout; ++ goto errout_nomem; + + if (!(addr = nl_addr_alloc_attr(tb[RTA_GATEWAY], family))) + goto errout_nomem; +@@ -1249,7 +1249,7 @@ int rtnl_route_parse(struct nlmsghdr *nlh, struct rtnl_route **result) + + if (tb[RTA_FLOW]) { + if (!old_nh && !(old_nh = rtnl_route_nh_alloc())) +- goto errout; ++ goto errout_nomem; + + rtnl_route_nh_set_realms(old_nh, nla_get_u32(tb[RTA_FLOW])); + } +@@ -1257,6 +1257,9 @@ int rtnl_route_parse(struct nlmsghdr *nlh, struct rtnl_route **result) + if (tb[RTA_NEWDST]) { + struct nl_addr *addr; + ++ if (!old_nh && !(old_nh = rtnl_route_nh_alloc())) ++ goto errout_nomem; ++ + addr = nl_addr_alloc_attr(tb[RTA_NEWDST], route->rt_family); + if (!addr) + goto errout_nomem; +@@ -1271,6 +1274,9 @@ int rtnl_route_parse(struct nlmsghdr *nlh, struct rtnl_route **result) + int alen = nla_len(tb[RTA_VIA]) - offsetof(struct rtvia, rtvia_addr); + struct rtvia *via = nla_data(tb[RTA_VIA]); + ++ if (!old_nh && !(old_nh = rtnl_route_nh_alloc())) ++ goto errout_nomem; ++ + addr = nl_addr_build(via->rtvia_family, via->rtvia_addr, alen); + if (!addr) + goto errout_nomem; +@@ -1287,6 +1293,9 @@ int rtnl_route_parse(struct nlmsghdr *nlh, struct rtnl_route **result) + } + + if (tb[RTA_ENCAP] && tb[RTA_ENCAP_TYPE]) { ++ if (!old_nh && !(old_nh = rtnl_route_nh_alloc())) ++ goto errout_nomem; ++ + err = nh_encap_parse_msg(tb[RTA_ENCAP], + tb[RTA_ENCAP_TYPE], old_nh); + if (err) +@@ -1319,12 +1328,15 @@ int rtnl_route_parse(struct nlmsghdr *nlh, struct rtnl_route **result) + + rtnl_route_nh_free(old_nh); + } ++ old_nh = NULL; + } + + *result = route; + return 0; + + errout: ++ if (old_nh) ++ rtnl_route_nh_free(old_nh); + rtnl_route_put(route); + return err; + +-- +1.8.3.1 + diff --git a/libnl3-route-link-fix-sequence-number-handling-in-rtnl_link.patch b/libnl3-route-link-fix-sequence-number-handling-in-rtnl_link.patch new file mode 100644 index 0000000..5f33930 --- /dev/null +++ b/libnl3-route-link-fix-sequence-number-handling-in-rtnl_link.patch @@ -0,0 +1,45 @@ +From 4e2f5dfa6484a90d8c01f5d5f9c46dddab8d86e9 Mon Sep 17 00:00:00 2001 +From: Tuetuopay +Date: Mon, 9 Apr 2018 16:21:41 +0200 +Subject: [PATCH 41/76] route/link: fix sequence number handling in + rtnl_link_change() + +When rtnl_link_change() fails with -NLE_OPNOTSUPP, it retries +with RTM_SETLINK operation. However, it also needs to re-adjust +the sequence number. Otherwise, the second request might fail +with NLE_SEQ_MISMATCH, although it actually succeeded. + +[thaller@redhat.com: changed commit message] + +https://github.com/thom311/libnl/issues/179 +https://github.com/thom311/libnl/pull/184 +--- + lib/route/link.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/lib/route/link.c b/lib/route/link.c +index de3c393..40165e5 100644 +--- a/lib/route/link.c ++++ b/lib/route/link.c +@@ -1772,6 +1772,10 @@ errout: + * @note The link name can only be changed if the link has been put + * in opertional down state. (~IF_UP) + * ++ * @note On versions up to 3.4.0, \c NLE_SEQ_MISMATCH would be returned if the ++ * kernel does not supports \c RTM_NEWLINK. It is advised to ignore the ++ * error code if you cannot upgrade the library. ++ * + * @return 0 on success or a negative error code. + */ + int rtnl_link_change(struct nl_sock *sk, struct rtnl_link *orig, +@@ -1792,6 +1796,7 @@ retry: + err = wait_for_ack(sk); + if (err == -NLE_OPNOTSUPP && msg->nm_nlh->nlmsg_type == RTM_NEWLINK) { + msg->nm_nlh->nlmsg_type = RTM_SETLINK; ++ msg->nm_nlh->nlmsg_seq = NL_AUTO_SEQ; + goto retry; + } + +-- +1.8.3.1 + diff --git a/libnl3-route-link-vxlan-Fix-IPv4-set_local-resetting-ce_mas.patch b/libnl3-route-link-vxlan-Fix-IPv4-set_local-resetting-ce_mas.patch new file mode 100644 index 0000000..8a200ae --- /dev/null +++ b/libnl3-route-link-vxlan-Fix-IPv4-set_local-resetting-ce_mas.patch @@ -0,0 +1,32 @@ +From cd5f6f842905b83d8c49f3eacb17273997036552 Mon Sep 17 00:00:00 2001 +From: Tuetuopay +Date: Tue, 15 May 2018 14:11:20 +0200 +Subject: [PATCH 53/76] route/link/vxlan: Fix IPv4 set_local resetting ce_mask + +rtnl_link_vxlan_set_local() removes the bit for the other IP version in +ce_mask. A missing flag inversion in the v4 part made this removal +reset all bits to 0 except the v6 one, screwing all link configuration. + +Fixes: 2e68fb5b02304fa6a3e6429c4fdabb084e61b501 + +https://github.com/thom311/libnl/pull/192 +--- + lib/route/link/vxlan.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/route/link/vxlan.c b/lib/route/link/vxlan.c +index 9e578ec..686ac31 100644 +--- a/lib/route/link/vxlan.c ++++ b/lib/route/link/vxlan.c +@@ -889,7 +889,7 @@ int rtnl_link_vxlan_set_local(struct rtnl_link *link, struct nl_addr *addr) + memcpy(&vxi->vxi_local, nl_addr_get_binary_addr(addr), + sizeof(vxi->vxi_local)); + vxi->ce_mask |= VXLAN_ATTR_LOCAL; +- vxi->ce_mask &= VXLAN_ATTR_LOCAL6; ++ vxi->ce_mask &= ~VXLAN_ATTR_LOCAL6; + } else if ((nl_addr_get_family(addr) == AF_INET6) && + (nl_addr_get_len(addr) == sizeof(vxi->vxi_local6))) { + memcpy(&vxi->vxi_local6, nl_addr_get_binary_addr(addr), +-- +1.8.3.1 + diff --git a/libnl3-route-vlan-add-capability-to-indicate-heap-overflow-.patch b/libnl3-route-vlan-add-capability-to-indicate-heap-overflow-.patch new file mode 100644 index 0000000..35c9191 --- /dev/null +++ b/libnl3-route-vlan-add-capability-to-indicate-heap-overflow-.patch @@ -0,0 +1,48 @@ +From be550df10993c89e9367a860d5060c632ed9afbf Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Mon, 23 Oct 2017 10:54:10 +0200 +Subject: [PATCH 07/76] route/vlan: add capability to indicate heap overflow + fix in rtnl_link_vlan_set_egress_map() + +Without this fix/capablity, adding more then 4 mappings in +rtnl_link_vlan_set_egress_map() overflows the heap. +--- + include/netlink/utils.h | 8 ++++++++ + lib/utils.c | 2 +- + 2 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/include/netlink/utils.h b/include/netlink/utils.h +index 10e76ce..dc22c9d 100644 +--- a/include/netlink/utils.h ++++ b/include/netlink/utils.h +@@ -286,6 +286,14 @@ enum { + NL_CAPABILITY_VERSION_3_4_0 = 28, + #define NL_CAPABILITY_VERSION_3_4_0 NL_CAPABILITY_VERSION_3_4_0 + ++ /** ++ * Fixed memory corruption in rtnl_link_vlan_set_egress_map(). Previously, if you tried ++ * to add more then 4 mappings, a buffer overflow occured. Also fixed nl_object_clone() ++ * for VLAN links. ++ */ ++ NL_CAPABILITY_ROUTE_FIX_VLAN_SET_EGRESS_MAP = 29, ++#define NL_CAPABILITY_ROUTE_FIX_VLAN_SET_EGRESS_MAP NL_CAPABILITY_ROUTE_FIX_VLAN_SET_EGRESS_MAP ++ + __NL_CAPABILITY_MAX, + NL_CAPABILITY_MAX = (__NL_CAPABILITY_MAX - 1), + #define NL_CAPABILITY_MAX NL_CAPABILITY_MAX +diff --git a/lib/utils.c b/lib/utils.c +index 544feda..eefe802 100644 +--- a/lib/utils.c ++++ b/lib/utils.c +@@ -1221,7 +1221,7 @@ int nl_has_capability (int capability) + NL_CAPABILITY_XFRM_SP_SEC_CTX_LEN, + NL_CAPABILITY_VERSION_3_3_0, + NL_CAPABILITY_VERSION_3_4_0, +- 0, ++ NL_CAPABILITY_ROUTE_FIX_VLAN_SET_EGRESS_MAP, + 0, + 0, + 0), +-- +1.8.3.1 + diff --git a/libnl3-route-vlan-fix-cloning-vlan-link-in-vlan_clone.patch b/libnl3-route-vlan-fix-cloning-vlan-link-in-vlan_clone.patch new file mode 100644 index 0000000..ab0a918 --- /dev/null +++ b/libnl3-route-vlan-fix-cloning-vlan-link-in-vlan_clone.patch @@ -0,0 +1,58 @@ +From f9d68741065182f4c75a17426246f12a4aeb3c56 Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Mon, 23 Oct 2017 11:35:32 +0200 +Subject: [PATCH 05/76] route/vlan: fix cloning vlan link in vlan_clone() + +We need to copy the entire source struct over +from source to destination. + +The only thing that needs special handling is +to deep-clone the vi_egress_qos buffer. + +Fixes: a7469ce758fac3631df6ce72eb3f89150070e7f8 +--- + lib/route/link/vlan.c | 21 +++++++++++++++------ + 1 file changed, 15 insertions(+), 6 deletions(-) + +diff --git a/lib/route/link/vlan.c b/lib/route/link/vlan.c +index 477c9af..23fdf66 100644 +--- a/lib/route/link/vlan.c ++++ b/lib/route/link/vlan.c +@@ -264,19 +264,28 @@ static int vlan_clone(struct rtnl_link *dst, struct rtnl_link *src) + { + struct vlan_info *vdst, *vsrc = src->l_info; + int err; ++ struct vlan_map *p = NULL; + + dst->l_info = NULL; + if ((err = rtnl_link_set_type(dst, "vlan")) < 0) + return err; + vdst = dst->l_info; + +- vdst->vi_egress_qos = calloc(vsrc->vi_egress_size, +- sizeof(struct vlan_map)); +- if (!vdst->vi_egress_qos) +- return -NLE_NOMEM; ++ if (vsrc->vi_negress) { ++ p = calloc(vsrc->vi_negress, ++ sizeof(struct vlan_map)); ++ if (!p) ++ return -NLE_NOMEM; ++ } + +- memcpy(vdst->vi_egress_qos, vsrc->vi_egress_qos, +- vsrc->vi_egress_size * sizeof(struct vlan_map)); ++ *vdst = *vsrc; ++ ++ if (vsrc->vi_negress) { ++ vdst->vi_egress_size = vsrc->vi_negress; ++ vdst->vi_egress_qos = p; ++ memcpy(vdst->vi_egress_qos, vsrc->vi_egress_qos, ++ vsrc->vi_negress * sizeof(struct vlan_map)); ++ } + + return 0; + } +-- +1.8.3.1 + diff --git a/libnl3-route-vlan-fix-memory-corruption-in-rtnl_link_vlan_s.patch b/libnl3-route-vlan-fix-memory-corruption-in-rtnl_link_vlan_s.patch new file mode 100644 index 0000000..bdb80ee --- /dev/null +++ b/libnl3-route-vlan-fix-memory-corruption-in-rtnl_link_vlan_s.patch @@ -0,0 +1,35 @@ +From 6dfb40acd9b0b421b587f26840dfc072211976c2 Mon Sep 17 00:00:00 2001 +From: Sebastian Bixl +Date: Sun, 15 Oct 2017 22:34:01 +0200 +Subject: [PATCH 04/76] route/vlan: fix memory corruption in + rtnl_link_vlan_set_egress_map + +If you set more than four entries for the vlan egress map a memory +corruption occurs because the reallocation does not reserve memory +for more than four. + +Fixes: a7469ce758fac3631df6ce72eb3f89150070e7f8 + +https://github.com/thom311/libnl/pull/155 + +[thaller@redhat.com: squashed commits and updated commit message] +--- + lib/route/link/vlan.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/route/link/vlan.c b/lib/route/link/vlan.c +index 118d5a0..477c9af 100644 +--- a/lib/route/link/vlan.c ++++ b/lib/route/link/vlan.c +@@ -589,7 +589,7 @@ int rtnl_link_vlan_set_egress_map(struct rtnl_link *link, uint32_t from, int to) + int new_size = vi->vi_egress_size + 32; + void *ptr; + +- ptr = realloc(vi->vi_egress_qos, new_size); ++ ptr = realloc(vi->vi_egress_qos, new_size * sizeof(struct vlan_map)); + if (!ptr) + return -NLE_NOMEM; + +-- +1.8.3.1 + diff --git a/libnl3-route-vrf-initalize-clone-destination-with-NULL-in-v.patch b/libnl3-route-vrf-initalize-clone-destination-with-NULL-in-v.patch new file mode 100644 index 0000000..f54a0be --- /dev/null +++ b/libnl3-route-vrf-initalize-clone-destination-with-NULL-in-v.patch @@ -0,0 +1,26 @@ +From c3db1c47828628413a65786efabe46cffa366c7c Mon Sep 17 00:00:00 2001 +From: Jonas Johansson +Date: Mon, 12 Mar 2018 13:51:36 +0100 +Subject: [PATCH 28/76] route/vrf: initalize clone destination with NULL in + vrf_clone() + +Signed-off-by: Jonas Johansson +--- + lib/route/link/vrf.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/route/link/vrf.c b/lib/route/link/vrf.c +index 84d2d8b..8b6b451 100644 +--- a/lib/route/link/vrf.c ++++ b/lib/route/link/vrf.c +@@ -107,6 +107,7 @@ static int vrf_clone(struct rtnl_link *dst, struct rtnl_link *src) + struct vrf_info *vdst, *vsrc = src->l_info; + int err; + ++ dst->l_info = NULL; + if ((err = rtnl_link_set_type(dst, "vrf")) < 0) + return err; + vdst = dst->l_info; +-- +1.8.3.1 + diff --git a/libnl3.spec b/libnl3.spec new file mode 100644 index 0000000..6560418 --- /dev/null +++ b/libnl3.spec @@ -0,0 +1,133 @@ +Name: libnl3 +Version: 3.4.0 +Release: 7 +Summary: Providing APIs to netlink protocol based Linux kernel interfaces +License: LGPLv2 +URL: http://www.infradead.org/~tgr/libnl/ +Source: http://www.infradead.org/~tgr/libnl/files/libnl-%{version}.tar.gz +Source1: http://www.infradead.org/~tgr/libnl/files/libnl-doc-%{version}.tar.gz +Patch9000: solve-redefinition-of-struct-ipv6_mreq.patch + +Patch6001: libnl3-route-vlan-fix-memory-corruption-in-rtnl_link_vlan_s.patch +Patch6002: libnl3-route-vlan-fix-cloning-vlan-link-in-vlan_clone.patch +Patch6003: libnl3-route-vlan-add-capability-to-indicate-heap-overflow-.patch +Patch6004: libnl3-route-fix-handling-old_nh-in-rtnl_route_parse-and-av.patch +Patch6005: libnl3-route-vrf-initalize-clone-destination-with-NULL-in-v.patch +Patch6006: libnl3-route-link-fix-sequence-number-handling-in-rtnl_link.patch +Patch6007: libnl3-nl-neigh-list-free-allocated-items.patch +Patch6008: libnl3-route-link-vxlan-Fix-IPv4-set_local-resetting-ce_mas.patch +Patch6009: libnl3-ipgre-Fix-wrong-array-size-initialization.patch +Patch6010: libnl3-ipvti-Fix-wrong-array-size-initialization.patch +Patch6011: libnl3-lib-tc-ensure-correct-error-code-in-rtnl_tc_msg_buil.patch +Patch6012: libnl3-lib-tc-fix-uninitalized-err-variable-in-rtnl_tc_msg_.patch +Patch6013: libnl3-route-cls-fix-potential-memory-leak.patch +Patch6014: libnl3-nla_ok-fix-overrun-in-attribute-iteration.patch +Patch6015: libnl3-link-macvlan-fixes.patch + +BuildRequires: flex bison libtool autoconf automake swig +Requires: %{name} = %{version}-%{release} + +Provides: %{name}-cli +Obsoletes: %{name}-cli + +%description +This package contains a collection of libraries providing +APIs to netlink based Linux kernel sockets interfaces. + +%package devel +Summary: Libraries and headers for libnl3 +Requires: %{name} = %{version}-%{release} kernel-headers + +%description devel +This package provides various libraries and headers for using libnl3 + +%package help +Summary: Document for libnl3 +Requires: %{name} = %{version}-%{release} + +%description help +This package contains libnl3 related documentations + +%package -n python3-libnl3 +Summary: Python3 binding for libnl3 +BuildRequires: python3-devel +Requires: %{name} = %{version}-%{release} + +%description -n python3-libnl3 +Python3 bindings for libnl3 + +%package -n python2-libnl3 +Summary: Python2 bindings for libnl3 +BuildRequires: python2-devel +Requires: %{name} = %{version}-%{release} + +%description -n python2-libnl3 +Python2 bindings for libnl3 +%prep +%autosetup -n libnl-%{version} -p1 + +tar -xzf %SOURCE1 + +%build +autoreconf -vif +%configure --disable-static +%make_build + +cd python +CFLAGS="$RPM_OPT_FLAGS" %py2_build +CFLAGS="$RPM_OPT_FLAGS" %py2_build +CFLAGS="$RPM_OPT_FLAGS" %py3_build +CFLAGS="$RPM_OPT_FLAGS" %py3_build + +%install +%make_install + +find $RPM_BUILD_ROOT -name *.la |xargs rm -f + +cd python +%py2_install +%py3_install + +%check +make check + +cd python +%{__python2} setup.py check +%{__python3} setup.py check + +%post -p /sbin/ldconfig +%postun -p /sbin/ldconfig + +%files +%doc COPYING +%{_libdir}/libnl-*.so.* +%config(noreplace) %{_sysconfdir}/* +%{_libdir}/libnl/ +%{_bindir}/* + +%files devel +%{_includedir}/libnl3/netlink/ +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc + +%files help +%doc libnl-doc-%{version}/*.html +%doc libnl-doc-%{version}/*.css +%doc libnl-doc-%{version}/stylesheets/* +%doc libnl-doc-%{version}/images/* +%doc libnl-doc-%{version}/images/icons/* +%doc libnl-doc-%{version}/images/icons/callouts/* +%doc libnl-doc-%{version}/api/* +%{_mandir}/man8/* + +%files -n python3-libnl3 +%{python3_sitearch}/netlink +%{python3_sitearch}/netlink-*.egg-info + +%files -n python2-libnl3 +%{python2_sitearch}/netlink +%{python2_sitearch}/netlink-*.egg-info + +%changelog +* Sat Sep 7 2019 liyongqiang - 3.4.0-7 +- Package init diff --git a/solve-redefinition-of-struct-ipv6_mreq.patch b/solve-redefinition-of-struct-ipv6_mreq.patch new file mode 100644 index 0000000..af3b66c --- /dev/null +++ b/solve-redefinition-of-struct-ipv6_mreq.patch @@ -0,0 +1,12 @@ +diff -uNrp libnl-3.2.28/include/linux-private/linux/if_bridge.h libnl-3.2.28-new//include/linux-private/linux/if_bridge.h +--- libnl-3.2.28/include/linux-private/linux/if_bridge.h 2016-06-29 17:04:28.000000000 +0800 ++++ libnl-3.2.28-new//include/linux-private/linux/if_bridge.h 2016-11-26 13:46:11.000000000 +0800 +@@ -15,7 +15,7 @@ + + #include + #include +-#include ++#include + + #define SYSFS_BRIDGE_ATTR "bridge" + #define SYSFS_BRIDGE_FDB "brforward"