packages/libnl3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!55 [sync] PR-52: sync some pathes from upstream

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @zengwefeng 
Signed-off-by: @zengwefeng
This commit is contained in:
openeuler-ci-bot 2024-04-26 09:26:46 +00:00 committed by Gitee
commit c5c442d95d
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
15 changed files with 1490 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
backport-accept-NULL-argument-in-nla_nest_cancel-for-robustness.patch Normal file
View File

@ -0,0 +1,38 @@
From 6af26981e727149e2e3fdfac85e2ef86b3828b11 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 26 Jul 2023 16:17:18 +0200
Subject: [PATCH] lib: accept NULL argument in nla_nest_cancel() for robustness
Previously, a NULL argument would most likely also do thing, but it also
hits undefined behavior.
Conflict:NA
Reference:https://github.com/thom311/libnl/commit/6af26981e727149e2e3fdfac85e2ef86b3828b11
---
lib/attr.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/lib/attr.c b/lib/attr.c
index a4f5852..2b2d538 100644
--- a/lib/attr.c
+++ b/lib/attr.c
@@ -996,6 +996,15 @@ void nla_nest_cancel(struct nl_msg *msg, const struct nlattr *attr)
{
ssize_t len;
+ if (!attr) {
+ /* For robustness, allow a NULL attr to do nothing. NULL is also
+ * what nla_nest_start() when out of buffer space.
+ *
+ * Warning, before libnl-3.8, the function did not accept NULL!
+ * If you care, catch NULL yourself. */
+ return;
+ }
+
len = (char *) nlmsg_tail(msg->nm_nlh) - (char *) attr;
if (len < 0)
BUG();
--
2.33.0

609
backport-add-some-tests-about-addr-class-rule-neigh-qdisc.patch Normal file
View File

@ -0,0 +1,609 @@
From 6b39fd0906c4f572b39c538b60790bd6ffe94341 Mon Sep 17 00:00:00 2001
From: chengyechun <chengyechun1@huawei.com>
Date: Tue, 21 Nov 2023 10:11:00 +0800
Subject: [PATCH] backport-add-some-tests-about-addr-class-rule-neigh-qdisc
Conflict:NA
Reference:https://gitee.com/src-openeuler/libnl3/commit/cbf611d151d1ceb63331041e35a5a54184a51eaf/https://gitee.com/src-openeuler/libnl3/commit/501d5c2bec60070e78024bb98917970d207de06b
---
tests/params.h | 5 ++
tests/test-add-delete-addr.c | 39 +++++++++
tests/test-add-delete-class.c | 142 +++++++++++++++++++++++++++++++
tests/test-add-delete-neigh.c | 41 +++++++++
tests/test-add-delete-qdisc.c | 156 ++++++++++++++++++++++++++++++++++
tests/test-add-delete-route.c | 43 ++++++++++
tests/test-genl-connect.c | 37 ++++++++
tests/test-link.c | 68 +++++++++++++++
8 files changed, 531 insertions(+)
create mode 100644 tests/params.h
create mode 100644 tests/test-add-delete-addr.c
create mode 100644 tests/test-add-delete-class.c
create mode 100644 tests/test-add-delete-neigh.c
create mode 100644 tests/test-add-delete-qdisc.c
create mode 100644 tests/test-add-delete-route.c
create mode 100644 tests/test-genl-connect.c
create mode 100644 tests/test-link.c
diff --git a/tests/params.h b/tests/params.h
new file mode 100644
index 0000000..e3cab17
--- /dev/null
+++ b/tests/params.h
@@ -0,0 +1,5 @@
+#define DST_ADDR "addr"
+#define IP "ip"
+#define NEXTHOP "dev=1,via=2"
+#define DEV_NAME "dev_name"
+
diff --git a/tests/test-add-delete-addr.c b/tests/test-add-delete-addr.c
new file mode 100644
index 0000000..3fc4c5c
--- /dev/null
+++ b/tests/test-add-delete-addr.c
@@ -0,0 +1,39 @@
+#include <netlink/cli/utils.h>
+#include <netlink/cli/addr.h>
+#include <netlink/cli/link.h>
+#include <linux/netlink.h>
+#include <stdio.h>
+#include <params.h>
+
+
+int main(int argc, char *argv[])
+{
+ struct nl_sock *sock;
+ struct rtnl_addr *addr;
+ struct nl_cache *link_cache;
+ int err = 0, nlflags = NLM_F_CREATE;
+
+ sock = nl_cli_alloc_socket();
+ nl_cli_connect(sock, NETLINK_ROUTE);
+ link_cache = nl_cli_link_alloc_cache(sock);
+ addr = nl_cli_addr_alloc();
+
+ nl_cli_addr_parse_local(addr, IP);
+ nl_cli_addr_parse_dev(addr, link_cache, DEV_NAME);
+
+ if ((err = rtnl_addr_add(sock, addr, nlflags)) < 0) {
+ printf("Unable to add route: %s", nl_geterror(err));
+ goto END;
+ }
+
+ if ((err = rtnl_addr_delete(sock, addr, nlflags)) < 0) {
+ printf("Unable to add route: %s", nl_geterror(err));
+ goto END;
+ }
+
+END:
+ rtnl_addr_put(addr);
+ nl_cache_put(link_cache);
+ nl_socket_free(sock);
+ return err;
+}
diff --git a/tests/test-add-delete-class.c b/tests/test-add-delete-class.c
new file mode 100644
index 0000000..6ee0e16
--- /dev/null
+++ b/tests/test-add-delete-class.c
@@ -0,0 +1,142 @@
+#include <netlink/cli/utils.h>
+#include <netlink/cli/tc.h>
+#include <netlink/cli/class.h>
+#include <netlink/cli/link.h>
+#include <netlink-private/route/tc-api.h>
+#include <linux/netlink.h>
+#include <stdio.h>
+#include <params.h>
+
+static int default_yes = 0, deleted = 0, interactive = 0;
+static struct nl_sock *sk;
+
+static int test_add_class()
+{
+ struct rtnl_class *class;
+ struct rtnl_tc *tc;
+ struct nl_cache *link_cache;
+ struct nl_cli_tc_module *tm;
+ struct rtnl_tc_ops *ops;
+ int err = 0, flags = NLM_F_CREATE | NLM_F_EXCL;
+ char kind[] = "htb";
+ char *rate[] = {DEV_NAME, "root", "htb", "--rate=100mbit"};
+
+ sk = nl_cli_alloc_socket();
+ nl_cli_connect(sk, NETLINK_ROUTE);
+ link_cache = nl_cli_link_alloc_cache(sk);
+ class = nl_cli_class_alloc();
+ tc = (struct rtnl_tc *) class;
+
+ nl_cli_tc_parse_dev(tc, link_cache, DEV_NAME);
+ nl_cli_tc_parse_parent(tc, "root");
+ if (!rtnl_tc_get_ifindex(tc)) {
+ printf("You must specify a network device (--dev=XXX)\n");
+ err = -1;
+ goto END;
+ }
+ if (!rtnl_tc_get_parent(tc)) {
+ printf("You must specify a parent (--parent=XXX)\n");
+ err = -1;
+ goto END;
+ }
+
+ rtnl_tc_set_kind(tc, kind);
+ if (!(ops = rtnl_tc_get_ops(tc))) {
+ printf("Unknown class \"%s\"\n", kind);
+ err = -1;
+ goto END;
+ }
+ if (!(tm = nl_cli_tc_lookup(ops))) {
+ printf("class type \"%s\" not supported.\n", kind);
+ err = -1;
+ goto END;
+ }
+ tm->tm_parse_argv(tc, 4, rate);
+
+ if ((err = rtnl_class_add(sk, class, flags)) < 0) {
+ printf("Unable to add class: %s\n", nl_geterror(err));
+ goto END;
+ }
+
+END:
+ nl_cache_mngt_unprovide(link_cache);
+ nl_cache_put(link_cache);
+ rtnl_class_put(class);
+ nl_socket_free(sk);
+ return err;
+}
+
+
+static void delete_cb(struct nl_object *obj, void *arg)
+{
+ struct rtnl_class *class = nl_object_priv(obj);
+ struct nl_dump_params params = {
+ .dp_type = NL_DUMP_LINE,
+ .dp_fd = stdout,
+ };
+ int err;
+
+ if (interactive && !nl_cli_confirm(obj, &params, default_yes))
+ return;
+
+ if ((err = rtnl_class_delete(sk, class)) < 0)
+ nl_cli_fatal(err, "Unable to delete class: %s\n", nl_geterror(err));
+
+ deleted++;
+}
+
+static int test_delete_class()
+{
+ struct rtnl_class *class;
+ struct rtnl_tc *tc;
+ struct nl_cache *link_cache, *class_cache;
+ struct nl_cli_tc_module *tm;
+ struct rtnl_tc_ops *ops;
+ char kind[] = "htb";
+ int err = 0;
+
+ sk = nl_cli_alloc_socket();
+ nl_cli_connect(sk, NETLINK_ROUTE);
+ link_cache = nl_cli_link_alloc_cache(sk);
+ class = nl_cli_class_alloc();
+ tc = (struct rtnl_tc *) class;
+
+ nl_cli_tc_parse_dev(tc, link_cache, DEV_NAME);
+ nl_cli_tc_parse_parent(tc, "root");
+ if (!rtnl_tc_get_ifindex(tc)) {
+ printf("You must specify a network device (--dev=XXX)\n");
+ err = -1;
+ goto END;
+ }
+ if (!rtnl_tc_get_parent(tc)) {
+ printf("You must specify a parent (--parent=XXX)\n");
+ err = -1;
+ goto END;
+ }
+ rtnl_tc_set_kind(tc, kind);
+ if (!(ops = rtnl_tc_get_ops(tc))) {
+ printf("Unknown class \"%s\"\n", kind);
+ err = -1;
+ goto END;
+ }
+ class_cache = nl_cli_class_alloc_cache(sk, rtnl_tc_get_ifindex(tc));
+ nl_cache_foreach_filter(class_cache, OBJ_CAST(class), delete_cb, NULL);
+
+END:
+ nl_cache_put(link_cache);
+ nl_socket_free(sk);
+ rtnl_class_put(class);
+ return err;
+}
+
+int main(int argc, char *argv[])
+{
+ int err = 0;
+ if ((err = test_add_class()) < 0) {
+ printf("Unable to add class\n");
+ }
+ if ((err = test_delete_class()) < 0) {
+ printf("Unable to delete class");
+ }
+ return err;
+}
diff --git a/tests/test-add-delete-neigh.c b/tests/test-add-delete-neigh.c
new file mode 100644
index 0000000..e4bc63a
--- /dev/null
+++ b/tests/test-add-delete-neigh.c
@@ -0,0 +1,41 @@
+#include <netlink/cli/utils.h>
+#include <netlink/cli/neigh.h>
+#include <netlink/cli/link.h>
+#include <linux/netlink.h>
+#include <stdio.h>
+#include <params.h>
+
+
+int main(int argc, char *argv[])
+{
+ struct nl_sock *sk;
+ struct rtnl_neigh *neigh;
+ struct nl_cache *link_cache;
+ int err = 0, ok = 0, nlflags = NLM_F_REPLACE | NLM_F_CREATE;
+ char lladdr[] = "AA:BB:CC:DD:EE:FF";
+
+ sk = nl_cli_alloc_socket();
+ nl_cli_connect(sk, NETLINK_ROUTE);
+ link_cache = nl_cli_link_alloc_cache(sk);
+ neigh = nl_cli_neigh_alloc();
+
+ nl_cli_neigh_parse_dst(neigh, DST_ADDR);
+ nl_cli_neigh_parse_lladdr(neigh, lladdr);
+ nl_cli_neigh_parse_dev(neigh, link_cache, DEV_NAME);
+
+ if ((err = rtnl_neigh_add(sk, neigh, nlflags)) < 0){
+ printf("Unable to add neighbour: %s\n",nl_geterror(err));
+ goto END;
+ }
+
+ if ((err = rtnl_neigh_delete(sk, neigh, nlflags)) < 0){
+ printf("Unable to add neighbour: %s\n",nl_geterror(err));
+ goto END;
+ }
+
+END:
+ nl_socket_free(sk);
+ nl_cache_put(link_cache);
+ rtnl_neigh_put(neigh);
+ return err;
+}
diff --git a/tests/test-add-delete-qdisc.c b/tests/test-add-delete-qdisc.c
new file mode 100644
index 0000000..29502db
--- /dev/null
+++ b/tests/test-add-delete-qdisc.c
@@ -0,0 +1,156 @@
+#include <netlink/cli/utils.h>
+#include <netlink/cli/tc.h>
+#include <netlink/cli/qdisc.h>
+#include <netlink/cli/link.h>
+#include <netlink-private/route/tc-api.h>
+#include <linux/netlink.h>
+#include <stdio.h>
+#include <params.h>
+
+
+static int default_yes = 0, deleted = 0, interactive = 0;
+static struct nl_sock *sk;
+
+static void delete_cb(struct nl_object *obj, void *arg)
+{
+ struct rtnl_qdisc *qdisc = nl_object_priv(obj);
+ struct nl_dump_params params = {
+ .dp_type = NL_DUMP_LINE,
+ .dp_fd = stdout,
+ };
+ int err;
+
+ /* Ignore default qdiscs, unable to delete */
+ if (rtnl_tc_get_handle((struct rtnl_tc *) qdisc) == 0)
+ return;
+
+ if (interactive && !nl_cli_confirm(obj, &params, default_yes))
+ return;
+
+ if ((err = rtnl_qdisc_delete(sk, qdisc)) < 0) {
+ nl_cli_fatal(err, "Unable to delete qdisc: %s\n", nl_geterror(err));
+ }
+ deleted++;
+}
+
+static int test_delete_qdisc()
+{
+ struct rtnl_qdisc *qdisc;
+ struct rtnl_tc *tc;
+ struct nl_cache *link_cache, *qdisc_cache;
+ struct nl_cli_tc_module *tm;
+ struct rtnl_tc_ops *ops;
+ char kind[] = "htb";
+ int err = 0;
+
+ sk = nl_cli_alloc_socket();
+ nl_cli_connect(sk, NETLINK_ROUTE);
+ link_cache = nl_cli_link_alloc_cache(sk);
+ qdisc_cache = nl_cli_qdisc_alloc_cache(sk);
+ qdisc = nl_cli_qdisc_alloc();
+ tc = (struct rtnl_tc *) qdisc;
+ nl_cli_tc_parse_dev(tc, link_cache, DEV_NAME);
+ nl_cli_tc_parse_parent(tc, "root");
+
+ if (!rtnl_tc_get_ifindex(tc)) {
+ printf("You must specify a network device (--dev=XXX)");
+ goto END;
+ }
+
+ if (!rtnl_tc_get_parent(tc)) {
+ printf("You must specify a parent");
+ goto END;
+ }
+
+ rtnl_tc_set_kind(tc, kind);
+ if (!(ops = rtnl_tc_get_ops(tc))) {
+ printf("Unknown qdisc \"%s\"", kind);
+ goto END;
+ }
+
+ if (!(tm = nl_cli_tc_lookup(ops))) {
+ nl_cli_fatal(ENOTSUP, "Qdisc type \"%s\" not supported.", kind);
+ goto END;
+ }
+
+
+ nl_cache_foreach_filter(qdisc_cache, OBJ_CAST(qdisc), delete_cb, NULL);
+
+END:
+ nl_cache_put(link_cache);
+ nl_cache_put(qdisc_cache);
+ rtnl_qdisc_put(qdisc);
+ nl_socket_free(sk);
+ return err;
+}
+
+static int test_add_qdisc()
+{
+ struct rtnl_qdisc *qdisc;
+ struct rtnl_tc *tc;
+ struct nl_cache *link_cache;
+ struct nl_cli_tc_module *tm;
+ struct rtnl_tc_ops *ops;
+ char kind[] = "htb";
+ int err = 0, flags = NLM_F_CREATE | NLM_F_EXCL;
+
+ if (!(sk = nl_socket_alloc())){
+ printf("Unable to allocate netlink socket\n");
+ return -1;
+ }
+ if ((err = nl_connect(sk, NETLINK_ROUTE)) < 0) {
+ printf("Unable to connect netlink socket: %s\n", nl_geterror(err));
+ nl_socket_free(sk);
+ return -1;
+ }
+ link_cache = nl_cli_link_alloc_cache(sk);
+ qdisc = nl_cli_qdisc_alloc();
+ tc = (struct rtnl_tc *) qdisc;
+
+ nl_cli_tc_parse_dev(tc, link_cache, DEV_NAME);
+ nl_cli_tc_parse_parent(tc, "root");
+
+ if (!rtnl_tc_get_ifindex(tc)){
+ printf("You must specify a network device (--dev=XXX)\n");
+ goto END;
+ }
+
+ if (!rtnl_tc_get_parent(tc)){
+ printf("You must specify a parent\n");
+ goto END;
+ }
+
+ rtnl_tc_set_kind(tc, kind);
+ if (!(ops = rtnl_tc_get_ops(tc))){
+ printf("Unknown qdisc \"%s\"\n", kind);
+ goto END;
+ }
+ if (!(tm = nl_cli_tc_lookup(ops))){
+ nl_cli_fatal(ENOTSUP, "Qdisc type \"%s\" not supported.\n", kind);
+ goto END;
+ }
+
+ if ((err = rtnl_qdisc_add(sk, qdisc, flags)) < 0){
+ printf("Unable to add qdisc: %s\n", nl_geterror(err));
+ goto END;
+ }
+
+END:
+ nl_cache_mngt_unprovide(link_cache);
+ nl_cache_put(link_cache);
+ rtnl_qdisc_put(qdisc);
+ nl_socket_free(sk);
+ return err;
+}
+
+int main(int args, char *argv[])
+{
+ int err = 0;
+ if ((err = test_add_qdisc()) < 0) {
+ printf("Unable to add qdisc:%s", nl_geterror(err));
+ }
+ if ((err = test_delete_qdisc()) < 0) {
+ printf("Unable to delete qdisc:%s", nl_geterror(err));
+ }
+ return err;
+}
diff --git a/tests/test-add-delete-route.c b/tests/test-add-delete-route.c
new file mode 100644
index 0000000..756fb46
--- /dev/null
+++ b/tests/test-add-delete-route.c
@@ -0,0 +1,43 @@
+#include <netlink/cli/utils.h>
+#include <netlink/cli/route.h>
+#include <netlink/cli/link.h>
+#include <linux/netlink.h>
+#include <stdio.h>
+#include <params.h>
+
+
+int main(int argc, char argv[])
+{
+ struct nl_sock *sk;
+ struct rtnl_route *route;
+ struct nl_cache *link_cache, *route_cache;
+ char dst_addr[] = DST_ADDR;
+ char nexthop[] = NEXTHOP;
+ int err = 0;
+
+ sk = nl_cli_alloc_socket();
+ nl_cli_connect(sk, NETLINK_ROUTE);
+ link_cache = nl_cli_link_alloc_cache(sk);
+ route_cache = nl_cli_route_alloc_cache(sk, 0);
+ route = nl_cli_route_alloc();
+
+ nl_cli_route_parse_dst(route, dst_addr);
+ nl_cli_route_parse_nexthop(route, nexthop, link_cache);
+
+ if ((err = rtnl_route_add(sk, route, NLM_F_EXCL)) < 0) {
+ printf("Unable to add route: %s", nl_geterror(err));
+ goto END;
+ }
+
+ if ((err = rtnl_route_delete(sk, route, NLM_F_EXCL)) < 0) {
+ printf("Unable to delete route: %s", nl_geterror(err));
+ goto END;
+ }
+
+END:
+ rtnl_route_put(route);
+ nl_cache_put(link_cache);
+ nl_cache_put(route_cache);
+ nl_socket_free(sk);
+ return err;
+}
diff --git a/tests/test-genl-connect.c b/tests/test-genl-connect.c
new file mode 100644
index 0000000..9522e1f
--- /dev/null
+++ b/tests/test-genl-connect.c
@@ -0,0 +1,37 @@
+#include <linux/genetlink.h>
+#include <netlink/socket.h>
+#include <netlink/cli/utils.h>
+#include <stdio.h>
+
+
+int main(int argc, char *argv[])
+{
+ struct nl_sock *sk;
+ struct nl_cache *family_cache;
+ struct nl_dump_params params = {
+ .dp_type = NL_DUMP_LINE,
+ .dp_fd = stdout,
+ };
+ int err = 0;
+
+ sk = nl_socket_alloc();
+ if ((err = genl_connect(sk)) < 0) {
+ printf("Unable create socket: %s\n", nl_geterror(err));
+ goto END;
+ }
+ nl_socket_enable_auto_ack(sk);
+
+ if (nl_socket_get_fd(sk) < 0) {
+ printf("vaild socket\n");
+ err = -1;
+ goto END;
+ }
+ nl_socket_set_buffer_size(sk, 32655, 32655);
+ family_cache = nl_cli_alloc_cache(sk, "generic netlink family", genl_ctrl_alloc_cache);
+ nl_cache_dump(family_cache, &params);
+
+END:
+ nl_socket_free(sk);
+ nl_cache_put(family_cache);
+ return err;
+}
diff --git a/tests/test-link.c b/tests/test-link.c
new file mode 100644
index 0000000..e5c415e
--- /dev/null
+++ b/tests/test-link.c
@@ -0,0 +1,68 @@
+#include <netlink/socket.h>
+#include <netlink/netlink.h>
+#include <netlink/cli/utils.h>
+#include <netlink/cli/link.h>
+#include <netlink/route/link.h>
+#include <unistd.h>
+
+
+static int self_def_cb = NL_CB_DEBUG;
+
+
+int main(int argc, char *argv[])
+{
+ struct nl_sock *sk;
+ struct nl_cache *link_cache;
+ struct rtnl_link *link;
+ struct nl_addr *addr;
+ struct nl_cb *cb;
+ int err = 0, ifindex, pid;
+ char *buf;
+
+ cb = nl_cb_alloc(self_def_cb);
+ pid = getpid();
+
+ if (!(sk = nl_socket_alloc_cb(cb))) {
+ nl_cli_fatal(ENOBUFS, "Unable to allocate netlink socket\n");
+ }
+ nl_cli_connect(sk, NETLINK_ROUTE);
+ nl_socket_disable_seq_check(sk);
+ nl_socket_disable_auto_ack(sk);
+ nl_socket_set_local_port(sk, pid);
+ nl_join_groups(sk, pid);
+ nl_socket_drop_membership(sk, pid);
+ nl_socket_set_peer_port(sk, 0);
+
+ link_cache = nl_cli_link_alloc_cache(sk);
+ link = nl_cli_link_alloc();
+
+ if (err = nl_socket_get_peer_port(sk)){
+ printf("peer_port %d\n", err);
+ goto END;
+ }
+ if (err = nl_socket_use_seq(sk))
+ printf("sk->s_seq_next %d\n", err);
+
+ if ((ifindex = rtnl_link_get_ifindex(link)) == 0){
+ printf("ifindex is not set, %d\n", ifindex);
+ rtnl_link_set_ifindex(link, 1);
+ };
+
+ if (rtnl_link_get(link_cache, 1)){
+ printf("now link is cached\n");
+ }else{
+ nl_cache_add(link_cache, (struct nl_object *)link);
+ };
+
+ if ((err = rtnl_link_add(sk, link, AF_INET)) < 0){
+ printf("Unable to add link %s\n", nl_geterror(err));
+ goto END;
+ }
+
+END:
+ nl_cb_put(cb);
+ nl_socket_free(sk);
+ nl_cache_put(link_cache);
+ rtnl_link_put(link);
+ return err;
+}
--
2.33.0

46
backport-avoid-integer-overflow-in-rtnl_tc_calc_cell_log.patch Normal file
View File

@ -0,0 +1,46 @@
From acd05d6e8066f775474cbcf00b85b4743efe896e Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 4 Dec 2023 12:13:40 +0100
Subject: [PATCH] route/tc: avoid integer overflow in rtnl_tc_calc_cell_log()
Coverity doesn't like this. Workaround.
Error: CPPCHECK_WARNING (CWE-190): [#def97]
libnl-3.8.0/lib/route/tc.c:681: error[integerOverflow]: Signed integer overflow for expression '1<<i'.
# 679|
# 680| for (i = 0; i < 32; i++)
# 681|-> if ((1 << i) == cell_size)
# 682| return i;
# 683|
Conflict:NA
Reference:https://github.com/thom311/libnl/commit/acd05d6e8066f775474cbcf00b85b4743efe896e
---
lib/route/tc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/route/tc.c b/lib/route/tc.c
index a06a478..764b7f7 100644
--- a/lib/route/tc.c
+++ b/lib/route/tc.c
@@ -666,14 +666,14 @@ int rtnl_tc_calc_bufsize(int txtime, int rate)
/**
* Calculate the binary logarithm for a specific cell size
* @arg cell_size Size of cell, must be a power of two.
- * @return Binary logirhtm of cell size or a negative error code.
+ * @return Binary logarithm of cell size or a negative error code.
*/
int rtnl_tc_calc_cell_log(int cell_size)
{
int i;
for (i = 0; i < 32; i++)
- if ((1 << i) == cell_size)
+ if ((((uint32_t)1u) << i) == cell_size)
return i;
return -NLE_INVAL;
--
2.33.0

35
backport-clear-XFRM_SP_ATTR_TMPL-when-removing-the-last-template.patch Normal file
View File

@ -0,0 +1,35 @@
From 664f8f1bea7f3c46bdfcd637e694e2c3c627fa7b Mon Sep 17 00:00:00 2001
From: Thomas Egerer <thomas.egerer@secunet.com>
Date: Tue, 17 Oct 2023 11:10:26 +0000
Subject: [PATCH] xfrm: clear XFRM_SP_ATTR_TMPL when removing the last template
from a policy
Leaving XFRM_SP_ATTR_TMPL active in the mask may not impose a problem
but, when removing the last template from a policy, the value signifying
attached templates should be cleared.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Conflict:NA
Reference:https://github.com/thom311/libnl/commit/664f8f1bea7f3c46bdfcd637e694e2c3c627fa7b
---
lib/xfrm/sp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/xfrm/sp.c b/lib/xfrm/sp.c
index 30f9182..ab7cf89 100644
--- a/lib/xfrm/sp.c
+++ b/lib/xfrm/sp.c
@@ -1317,6 +1317,8 @@ void xfrmnl_sp_remove_usertemplate(struct xfrmnl_sp *sp, struct xfrmnl_user_tmpl
if (sp->ce_mask & XFRM_SP_ATTR_TMPL) {
sp->nr_user_tmpl--;
nl_list_del(&utmpl->utmpl_list);
+ if (sp->nr_user_tmpl == 0)
+ sp->ce_mask &= ~XFRM_SP_ATTR_TMPL;
}
}
--
2.33.0

39
backport-do-not-use-static-array-indices-for-buffer.patch Normal file
View File

@ -0,0 +1,39 @@
From 65ab16f23b553ba09b168a961a0b77de341f470d Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 1 Dec 2023 17:11:07 +0100
Subject: [PATCH] base: don't use static array indices for buffer argument of _nl_inet_ntop()
Seems the static array indices can confuse coverity. I think coverity is wrong
here, regardless, change it.
libnl-3.8.0/include/base/nl-base-utils.h:683: overrun-buffer-arg: Overrunning buffer pointed to by "buf" of 16 bytes by passing it to a function which accesses it at byte offset 45 using argument "(addr_family == 2) ? 16 : 46" (which evaluates to 46).
# 681| * and a suitably large buffer, it cannot. Assert for that. */
# 682|
# 683|-> r = (char *)inet_ntop(addr_family, addr, buf,
# 684| (addr_family == AF_INET) ? INET_ADDRSTRLEN :
# 685| INET6_ADDRSTRLEN);
---
Conflict:Before libnl3.8 is reconstructed, the _nl_inet_ntop function is in utils.h. Therefore, the incorporated patch is different from the 65ab16f modification file.
Reference:https://github.com/thom311/libnl/commit/65ab16f23b553ba09b168a961a0b77de341f470d
include/netlink-private/utils.h | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/include/netlink-private/utils.h b/include/netlink-private/utils.h
index 93a04c9..5540144 100644
--- a/include/netlink-private/utils.h
+++ b/include/netlink-private/utils.h
@@ -361,8 +361,7 @@ typedef union {
struct in6_addr a6;
} _NLIPAddr;
-static inline char *_nl_inet_ntop(int addr_family, const void *addr,
- char buf[static INET_ADDRSTRLEN])
+static inline char *_nl_inet_ntop(int addr_family, const void *addr, char *buf)
{
char *r;
--
2.33.0

234
backport-fix-crashes-in-case-of-ENOMEM.patch Normal file
View File

@ -0,0 +1,234 @@
From 49c20efaa783449dca424cc50e4ee4b2fc5351cc Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 27 Nov 2023 21:15:06 +0100
Subject: [PATCH] xfrm: fix crashes in case of ENOMEM
Conflict:The pre-optimization patch 9e7b5c8 is not integrated. As a result, context adaptation occurs.
Reference:https://github.com/thom311/libnl/commit/49c20efaa783449dca424cc50e4ee4b2fc5351cc
---
lib/xfrm/ae.c | 11 +++++++--
lib/xfrm/sa.c | 64 ++++++++++++++++++++++++++++++++++++++++-----------
lib/xfrm/sp.c | 40 +++++++++++++++++++++++++-------
3 files changed, 91 insertions(+), 24 deletions(-)
diff --git a/lib/xfrm/ae.c b/lib/xfrm/ae.c
index 69c8e7e..44c43ed 100644
--- a/lib/xfrm/ae.c
+++ b/lib/xfrm/ae.c
@@ -506,11 +506,18 @@ int xfrmnl_ae_parse(struct nlmsghdr *n, struct xfrmnl_ae **result)
if (err < 0)
goto errout;
- ae->sa_id.daddr = nl_addr_build(ae_id->sa_id.family, &ae_id->sa_id.daddr, sizeof (ae_id->sa_id.daddr));
+ if (!(ae->sa_id.daddr = nl_addr_build(ae_id->sa_id.family, &ae_id->sa_id.daddr,
+ sizeof (ae_id->sa_id.daddr)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
ae->sa_id.family= ae_id->sa_id.family;
ae->sa_id.spi = ntohl(ae_id->sa_id.spi);
ae->sa_id.proto = ae_id->sa_id.proto;
- ae->saddr = nl_addr_build(ae_id->sa_id.family, &ae_id->saddr, sizeof (ae_id->saddr));
+ if (!(ae->saddr = nl_addr_build(ae_id->sa_id.family, &ae_id->saddr, sizeof (ae_id->saddr)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
ae->reqid = ae_id->reqid;
ae->flags = ae_id->flags;
ae->ce_mask |= (XFRM_AE_ATTR_DADDR | XFRM_AE_ATTR_FAMILY | XFRM_AE_ATTR_SPI |
diff --git a/lib/xfrm/sa.c b/lib/xfrm/sa.c
index 90b6335..ea0d333 100644
--- a/lib/xfrm/sa.c
+++ b/lib/xfrm/sa.c
@@ -718,9 +718,15 @@ int xfrmnl_sa_parse(struct nlmsghdr *n, struct xfrmnl_sa **result)
goto errout;
if (sa_info->sel.family == AF_INET)
- addr = nl_addr_build (sa_info->sel.family, &sa_info->sel.daddr.a4, sizeof (sa_info->sel.daddr.a4));
+ if (!(addr = nl_addr_build (sa_info->sel.family, &sa_info->sel.daddr.a4, sizeof (sa_info->sel.daddr.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- addr = nl_addr_build (sa_info->sel.family, &sa_info->sel.daddr.a6, sizeof (sa_info->sel.daddr.a6));
+ if (!(addr = nl_addr_build (sa_info->sel.family, &sa_info->sel.daddr.a6, sizeof (sa_info->sel.daddr.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
nl_addr_set_prefixlen (addr, sa_info->sel.prefixlen_d);
xfrmnl_sel_set_daddr (sa->sel, addr);
/* Drop the reference count from the above set operation */
@@ -728,9 +734,15 @@ int xfrmnl_sa_parse(struct nlmsghdr *n, struct xfrmnl_sa **result)
xfrmnl_sel_set_prefixlen_d (sa->sel, sa_info->sel.prefixlen_d);
if (sa_info->sel.family == AF_INET)
- addr = nl_addr_build (sa_info->sel.family, &sa_info->sel.saddr.a4, sizeof (sa_info->sel.saddr.a4));
+ if (!(addr = nl_addr_build (sa_info->sel.family, &sa_info->sel.saddr.a4, sizeof (sa_info->sel.saddr.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- addr = nl_addr_build (sa_info->sel.family, &sa_info->sel.saddr.a6, sizeof (sa_info->sel.saddr.a6));
+ if (!(addr = nl_addr_build (sa_info->sel.family, &sa_info->sel.saddr.a6, sizeof (sa_info->sel.saddr.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
nl_addr_set_prefixlen (addr, sa_info->sel.prefixlen_s);
xfrmnl_sel_set_saddr (sa->sel, addr);
/* Drop the reference count from the above set operation */
@@ -748,17 +760,29 @@ int xfrmnl_sa_parse(struct nlmsghdr *n, struct xfrmnl_sa **result)
sa->ce_mask |= XFRM_SA_ATTR_SEL;
if (sa_info->family == AF_INET)
- sa->id.daddr = nl_addr_build (sa_info->family, &sa_info->id.daddr.a4, sizeof (sa_info->id.daddr.a4));
+ if (!(sa->id.daddr = nl_addr_build (sa_info->family, &sa_info->id.daddr.a4, sizeof (sa_info->id.daddr.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- sa->id.daddr = nl_addr_build (sa_info->family, &sa_info->id.daddr.a6, sizeof (sa_info->id.daddr.a6));
+ if (!(sa->id.daddr = nl_addr_build (sa_info->family, &sa_info->id.daddr.a6, sizeof (sa_info->id.daddr.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
sa->id.spi = ntohl(sa_info->id.spi);
sa->id.proto = sa_info->id.proto;
sa->ce_mask |= (XFRM_SA_ATTR_DADDR | XFRM_SA_ATTR_SPI | XFRM_SA_ATTR_PROTO);
if (sa_info->family == AF_INET)
- sa->saddr = nl_addr_build (sa_info->family, &sa_info->saddr.a4, sizeof (sa_info->saddr.a4));
+ if (!(sa->saddr = nl_addr_build (sa_info->family, &sa_info->saddr.a4, sizeof (sa_info->saddr.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- sa->saddr = nl_addr_build (sa_info->family, &sa_info->saddr.a6, sizeof (sa_info->saddr.a6));
+ if (!(sa->saddr = nl_addr_build (sa_info->family, &sa_info->saddr.a6, sizeof (sa_info->saddr.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
sa->ce_mask |= XFRM_SA_ATTR_SADDR;
sa->lft->soft_byte_limit = sa_info->lft.soft_byte_limit;
@@ -866,9 +890,15 @@ int xfrmnl_sa_parse(struct nlmsghdr *n, struct xfrmnl_sa **result)
sa->encap->encap_sport = ntohs(encap->encap_sport);
sa->encap->encap_dport = ntohs(encap->encap_dport);
if (sa_info->family == AF_INET)
- sa->encap->encap_oa = nl_addr_build (sa_info->family, &encap->encap_oa.a4, sizeof (encap->encap_oa.a4));
+ if (!(sa->encap->encap_oa = nl_addr_build (sa_info->family, &encap->encap_oa.a4, sizeof (encap->encap_oa.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- sa->encap->encap_oa = nl_addr_build (sa_info->family, &encap->encap_oa.a6, sizeof (encap->encap_oa.a6));
+ if (!(sa->encap->encap_oa = nl_addr_build (sa_info->family, &encap->encap_oa.a6, sizeof (encap->encap_oa.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
sa->ce_mask |= XFRM_SA_ATTR_ENCAP;
}
@@ -880,13 +910,19 @@ int xfrmnl_sa_parse(struct nlmsghdr *n, struct xfrmnl_sa **result)
if (tb[XFRMA_COADDR]) {
if (sa_info->family == AF_INET)
{
- sa->coaddr = nl_addr_build(sa_info->family, nla_data(tb[XFRMA_COADDR]),
- sizeof (uint32_t));
+ if (!(sa->coaddr = nl_addr_build(
+ sa_info->family, nla_data(tb[XFRMA_COADDR]), sizeof (uint32_t)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
}
else
{
- sa->coaddr = nl_addr_build(sa_info->family, nla_data(tb[XFRMA_COADDR]),
- sizeof (uint32_t) * 4);
+ if (!(sa->coaddr = nl_addr_build(
+ sa_info->family, nla_data(tb[XFRMA_COADDR]), sizeof (uint32_t) * 4))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
}
sa->ce_mask |= XFRM_SA_ATTR_COADDR;
}
diff --git a/lib/xfrm/sp.c b/lib/xfrm/sp.c
index d3d9778..38002da 100644
--- a/lib/xfrm/sp.c
+++ b/lib/xfrm/sp.c
@@ -558,9 +558,15 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
}
if (sp_info->sel.family == AF_INET)
- addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.daddr.a4, sizeof (sp_info->sel.daddr.a4));
+ if (!(addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.daddr.a4, sizeof (sp_info->sel.daddr.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.daddr.a6, sizeof (sp_info->sel.daddr.a6));
+ if (!(addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.daddr.a6, sizeof (sp_info->sel.daddr.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
nl_addr_set_prefixlen (addr, sp_info->sel.prefixlen_d);
xfrmnl_sel_set_daddr (sp->sel, addr);
/* Drop the reference count from the above set operation */
@@ -568,9 +574,15 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
xfrmnl_sel_set_prefixlen_d (sp->sel, sp_info->sel.prefixlen_d);
if (sp_info->sel.family == AF_INET)
- addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.saddr.a4, sizeof (sp_info->sel.saddr.a4));
+ if (!(addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.saddr.a4, sizeof (sp_info->sel.saddr.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.saddr.a6, sizeof (sp_info->sel.saddr.a6));
+ if (!(addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.saddr.a6, sizeof (sp_info->sel.saddr.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
nl_addr_set_prefixlen (addr, sp_info->sel.prefixlen_s);
xfrmnl_sel_set_saddr (sp->sel, addr);
/* Drop the reference count from the above set operation */
@@ -647,9 +659,15 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
}
if (tmpl->family == AF_INET)
- addr = nl_addr_build(tmpl->family, &tmpl->id.daddr.a4, sizeof (tmpl->id.daddr.a4));
+ if (!(addr = nl_addr_build(tmpl->family, &tmpl->id.daddr.a4, sizeof (tmpl->id.daddr.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- addr = nl_addr_build(tmpl->family, &tmpl->id.daddr.a6, sizeof (tmpl->id.daddr.a6));
+ if (!(addr = nl_addr_build(tmpl->family, &tmpl->id.daddr.a6, sizeof (tmpl->id.daddr.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
xfrmnl_user_tmpl_set_daddr (sputmpl, addr);
/* Drop the reference count from the above set operation */
nl_addr_put(addr);
@@ -658,9 +676,15 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
xfrmnl_user_tmpl_set_family (sputmpl, tmpl->family);
if (tmpl->family == AF_INET)
- addr = nl_addr_build(tmpl->family, &tmpl->saddr.a4, sizeof (tmpl->saddr.a4));
+ if (!(addr = nl_addr_build(tmpl->family, &tmpl->saddr.a4, sizeof (tmpl->saddr.a4)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
else
- addr = nl_addr_build(tmpl->family, &tmpl->saddr.a6, sizeof (tmpl->saddr.a6));
+ if (!(addr = nl_addr_build(tmpl->family, &tmpl->saddr.a6, sizeof (tmpl->saddr.a6)))) {
+ err = -NLE_NOMEM;
+ goto errout;
+ }
xfrmnl_user_tmpl_set_saddr (sputmpl, addr);
/* Drop the reference count from the above set operation */
nl_addr_put(addr);
--
2.33.0

28
backport-fix-error-handling-in-nl_str2ip_protos.patch Normal file
View File

@ -0,0 +1,28 @@
From 8ee8b05ff59999fd88b8a6faae40e7777ccf8c98 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 18 Aug 2023 11:56:58 +0200
Subject: [PATCH] lib: fix error handling in nl_str2ip_proto()
Conflict:Deleted the test case because the check-direct test case does not exist in the current version because it is not integrated into the pre-installation patch bae11ec.
Reference:https://github.com/thom311/libnl/commit/8ee8b05ff59999fd88b8a6faae40e7777ccf8c98
---
lib/utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/utils.c b/lib/utils.c
index 496bf3b..9795b42 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -887,7 +887,7 @@ int nl_str2ip_proto(const char *name)
return p->p_proto;
l = strtoul(name, &end, 0);
- if (l == ULONG_MAX || *end != '\0')
+ if (name == end || *end != '\0' || l > (unsigned long)INT_MAX)
return -NLE_OBJ_NOTFOUND;
return (int) l;
--
2.33.0

45
backport-fix-leak-in-error-handling-of-rtnl_flower_append_action.patch Normal file
View File

@ -0,0 +1,45 @@
From 7912b4f90668afab9b7cb7054434d341826b8c54 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 1 Dec 2023 19:51:41 +0100
Subject: [PATCH] route/cls: fix leak in error handling of
rtnl_flower_append_action()
Using rtnl_act_append() correctly is hard.
Fixes: ef46de143206 ('route/cls: add flower classifier')
Conflict:NA
Reference:https://github.com/thom311/libnl/commit/7912b4f90668afab9b7cb7054434d341826b8c54
---
lib/route/cls/flower.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/route/cls/flower.c b/lib/route/cls/flower.c
index 11bd709..65f0ccf 100644
--- a/lib/route/cls/flower.c
+++ b/lib/route/cls/flower.c
@@ -787,6 +787,7 @@ int rtnl_flower_get_ipv4_dst(struct rtnl_cls *cls, in_addr_t *out_addr,
int rtnl_flower_append_action(struct rtnl_cls *cls, struct rtnl_act *act)
{
struct rtnl_flower *f;
+ int err;
if (!act)
return 0;
@@ -796,8 +797,11 @@ int rtnl_flower_append_action(struct rtnl_cls *cls, struct rtnl_act *act)
f->cf_mask |= FLOWER_ATTR_ACTION;
+ if ((err = rtnl_act_append(&f->cf_act, act)) < 0)
+ return err;
+
rtnl_act_get(act);
- return rtnl_act_append(&f->cf_act, act);
+ return 0;
}
/**
--
2.33.0

60
backport-fix-leaking-usertemplate-in-xfrmnl_sp_parse.patch Normal file
View File

@ -0,0 +1,60 @@
From d8a1ff30c4864bd57c2d895ef88df8a2d138a17d Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 4 Dec 2023 11:36:16 +0100
Subject: [PATCH] xfrm: fix leaking usertemplate in xfrmnl_sp_parse()
Conflict:The libnl-3.8 version is reconstructed. The nl-xfrm.h file is modified based on the _nl-auto.h file. Therefore, the modified files are inconsistent, and context adaptation is required.
Reference:https://github.com/thom311/libnl/commit/d8a1ff30c4864bd57c2d895ef88df8a2d138a17d
---
include/netlink-private/nl-auto.h | 7 +++++++
lib/xfrm/sp.c | 4 ++--
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/include/netlink-private/nl-auto.h b/include/netlink-private/nl-auto.h
index 4092782..0ff3791 100644
--- a/include/netlink-private/nl-auto.h
+++ b/include/netlink-private/nl-auto.h
@@ -99,4 +99,11 @@ void nl_socket_free(struct nl_sock *);
#define _nl_auto_nl_socket _nl_auto(_nl_auto_nl_socket_fcn)
_NL_AUTO_DEFINE_FCN_TYPED0(struct nl_sock *, _nl_auto_nl_socket_fcn, nl_socket_free);
+struct xfrmnl_user_tmpl;
+void xfrmnl_user_tmpl_free(struct xfrmnl_user_tmpl *utmpl);
+#define _nl_auto_xfrmnl_user_tmpl _nl_auto(_nl_auto_xfrmnl_user_tmpl_fcn)
+_NL_AUTO_DEFINE_FCN_TYPED0(struct xfrmnl_user_tmpl *,
+ _nl_auto_xfrmnl_user_tmpl_fcn,
+ xfrmnl_user_tmpl_free);
+
#endif /* NETLINK_NL_AUTO_H_ */
diff --git a/lib/xfrm/sp.c b/lib/xfrm/sp.c
index d38daef..d3d9778 100644
--- a/lib/xfrm/sp.c
+++ b/lib/xfrm/sp.c
@@ -633,13 +633,13 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
if (tb[XFRMA_TMPL]) {
struct xfrm_user_tmpl* tmpl = nla_data(tb[XFRMA_TMPL]);
- struct xfrmnl_user_tmpl* sputmpl;
uint32_t i;
uint32_t num_tmpls = nla_len(tb[XFRMA_TMPL]) / sizeof (*tmpl);
struct nl_addr* addr;
for (i = 0; (i < num_tmpls) && (tmpl); i ++, tmpl++)
{
+ _nl_auto_xfrmnl_user_tmpl struct xfrmnl_user_tmpl *sputmpl = NULL;
if ((sputmpl = xfrmnl_user_tmpl_alloc ()) == NULL)
{
err = -NLE_NOMEM;
@@ -672,7 +672,7 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
xfrmnl_user_tmpl_set_aalgos (sputmpl, tmpl->aalgos);
xfrmnl_user_tmpl_set_ealgos (sputmpl, tmpl->ealgos);
xfrmnl_user_tmpl_set_calgos (sputmpl, tmpl->calgos);
- xfrmnl_sp_add_usertemplate (sp, sputmpl);
+ xfrmnl_sp_add_usertemplate (sp, _nl_steal_pointer(&sputmpl));
sp->ce_mask |= XFRM_SP_ATTR_TMPL;
}
--
2.33.0

67
backport-fix-reference-counters-of-sa-selector-addresses.patch Normal file
View File

@ -0,0 +1,67 @@
From c4c22d267117900b9582d5c2e934c107419c9603 Mon Sep 17 00:00:00 2001
From: Thomas Egerer <thomas.egerer@secunet.com>
Date: Mon, 27 Nov 2023 15:58:19 +0100
Subject: [PATCH] xfrm/sp: fix reference counters of sa selector/tmpl addresses
It's a similar issue as in commit 3f4f1dda, when calling
xfrmnl_sp_parse, the refcount of the addresses for selectors and
templates increases to two, as xfrmnl_sel_set_[s|d]addr and
xfrmnl_user_tmpl_set_[s|d]addr add another reference to the address
object. As only one of those refs is dropped in sel_destroy or
xfrmnl_user_tmpl_free respectively the address objects' refcount
will never drop to zero, causing a leak.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Fixes: 917154470895 ('xfrm: add xfrm support')
Conflict:NA
Reference:https://github.com/thom311/libnl/commit/c4c22d267117900b9582d5c2e934c107419c9603
---
lib/xfrm/sp.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/lib/xfrm/sp.c b/lib/xfrm/sp.c
index ab7cf89..d38daef 100644
--- a/lib/xfrm/sp.c
+++ b/lib/xfrm/sp.c
@@ -563,6 +563,8 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.daddr.a6, sizeof (sp_info->sel.daddr.a6));
nl_addr_set_prefixlen (addr, sp_info->sel.prefixlen_d);
xfrmnl_sel_set_daddr (sp->sel, addr);
+ /* Drop the reference count from the above set operation */
+ nl_addr_put(addr);
xfrmnl_sel_set_prefixlen_d (sp->sel, sp_info->sel.prefixlen_d);
if (sp_info->sel.family == AF_INET)
@@ -571,6 +573,8 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
addr = nl_addr_build (sp_info->sel.family, &sp_info->sel.saddr.a6, sizeof (sp_info->sel.saddr.a6));
nl_addr_set_prefixlen (addr, sp_info->sel.prefixlen_s);
xfrmnl_sel_set_saddr (sp->sel, addr);
+ /* Drop the reference count from the above set operation */
+ nl_addr_put(addr);
xfrmnl_sel_set_prefixlen_s (sp->sel, sp_info->sel.prefixlen_s);
xfrmnl_sel_set_dport (sp->sel, ntohs (sp_info->sel.dport));
@@ -647,6 +651,8 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
else
addr = nl_addr_build(tmpl->family, &tmpl->id.daddr.a6, sizeof (tmpl->id.daddr.a6));
xfrmnl_user_tmpl_set_daddr (sputmpl, addr);
+ /* Drop the reference count from the above set operation */
+ nl_addr_put(addr);
xfrmnl_user_tmpl_set_spi (sputmpl, ntohl(tmpl->id.spi));
xfrmnl_user_tmpl_set_proto (sputmpl, tmpl->id.proto);
xfrmnl_user_tmpl_set_family (sputmpl, tmpl->family);
@@ -656,6 +662,8 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result)
else
addr = nl_addr_build(tmpl->family, &tmpl->saddr.a6, sizeof (tmpl->saddr.a6));
xfrmnl_user_tmpl_set_saddr (sputmpl, addr);
+ /* Drop the reference count from the above set operation */
+ nl_addr_put(addr);
xfrmnl_user_tmpl_set_reqid (sputmpl, tmpl->reqid);
xfrmnl_user_tmpl_set_mode (sputmpl, tmpl->mode);
--
2.33.0

30
backport-fix-signed-overflow-warning-in-nl_object_diff.patch Normal file
View File

@ -0,0 +1,30 @@
From aea3f9f2d8b6ecf6b69df12ba4e99ca44d6813fb Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 1 Dec 2023 20:06:36 +0100
Subject: [PATCH] lib: fix signed overflow warning in nl_object_diff()
Coverity warns "Signed integer overflow for expression '1<<31'".
Conflict:NA
Reference:https://github.com/thom311/libnl/commit/aea3f9f2d8b6ecf6b69df12ba4e99ca44d6813fb
---
lib/object.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/object.c b/lib/object.c
index bef0b6f..cca4c48 100644
--- a/lib/object.c
+++ b/lib/object.c
@@ -392,7 +392,7 @@ uint32_t nl_object_diff(struct nl_object *a, struct nl_object *b)
diff = nl_object_diff64(a, b);
return (diff & ~((uint64_t) 0xFFFFFFFF))
- ? (uint32_t) diff | (1 << 31)
+ ? (uint32_t) diff | (((uint32_t ) 1u) << 31)
: (uint32_t) diff;
}
--
2.33.0

44
backport-handle-negative-and-zero-size-in-nla_memcpy.patch Normal file
View File

@ -0,0 +1,44 @@
From ca34ad524ec7a9f0e24bb5975b178a3e70268f0f Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 28 Jul 2023 11:24:26 +0200
Subject: [PATCH] lib: handle negative and zero size in nla_memcpy()
a negative count is a bug in the caller. Still, handle it better than
just crashing. Maybe we should assert, but it doesn't seem best to
assert against user input.
Also, if count is zero, don't call memcpy(). Calling memcpy() requires
that the source and destination pointers are valid, otherwise it's
undefined behavior. I think if the caller tells us to copy zero bytes,
we should never look at the destination pointer.
Conflict:NA
Reference:https://github.com/thom311/libnl/commit/ca34ad524ec7a9f0e24bb5975b178a3e70268f0f
---
lib/attr.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/lib/attr.c b/lib/attr.c
index 2b2d538..23619c7 100644
--- a/lib/attr.c
+++ b/lib/attr.c
@@ -357,10 +357,13 @@ int nla_memcpy(void *dest, const struct nlattr *src, int count)
if (!src)
return 0;
-
+
minlen = min_t(int, count, nla_len(src));
- memcpy(dest, nla_data(src), minlen);
+ if (minlen <= 0)
+ return 0;
+
+ memcpy(dest, nla_data(src), minlen);
return minlen;
}
--
2.33.0

107
backport-use-thread-safe-gmtime_r-instead-of-gmtime.patch Normal file
View File

@ -0,0 +1,107 @@
From f520471cb6e2340309028e0400b8186db3635e0f Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 18 Aug 2023 14:04:21 +0200
Subject: [PATCH] lib/xfrm: use thread-safe gmtime_r() instead of gmtime()
Conflict:NA
Reference:https://github.com/thom311/libnl/commit/f520471cb6e2340309028e0400b8186db3635e0f
---
lib/xfrm/ae.c | 5 +++--
lib/xfrm/sa.c | 5 +++--
lib/xfrm/sp.c | 5 +++--
3 files changed, 9 insertions(+), 6 deletions(-)
diff --git a/lib/xfrm/ae.c b/lib/xfrm/ae.c
index a56cd87..522cef0 100644
--- a/lib/xfrm/ae.c
+++ b/lib/xfrm/ae.c
@@ -299,6 +299,7 @@ static void xfrm_ae_dump_line(struct nl_object *a, struct nl_dump_params *p)
char flags[128], buf[128];
time_t add_time, use_time;
struct tm *add_time_tm, *use_time_tm;
+ struct tm tm_buf;
nl_dump_line(p, "src %s dst %s \n", nl_addr2str(ae->saddr, src, sizeof(src)),
nl_addr2str(ae->sa_id.daddr, dst, sizeof(dst)));
@@ -317,7 +318,7 @@ static void xfrm_ae_dump_line(struct nl_object *a, struct nl_dump_params *p)
if (ae->lifetime_cur.add_time != 0)
{
add_time = ae->lifetime_cur.add_time;
- add_time_tm = gmtime (&add_time);
+ add_time_tm = gmtime_r (&add_time, &tm_buf);
strftime (flags, 128, "%Y-%m-%d %H-%M-%S", add_time_tm);
}
else
@@ -328,7 +329,7 @@ static void xfrm_ae_dump_line(struct nl_object *a, struct nl_dump_params *p)
if (ae->lifetime_cur.use_time != 0)
{
use_time = ae->lifetime_cur.use_time;
- use_time_tm = gmtime (&use_time);
+ use_time_tm = gmtime_r (&use_time, &tm_buf);
strftime (buf, 128, "%Y-%m-%d %H-%M-%S", use_time_tm);
}
else
diff --git a/lib/xfrm/sa.c b/lib/xfrm/sa.c
index 6b3daf4..63a13ba 100644
--- a/lib/xfrm/sa.c
+++ b/lib/xfrm/sa.c
@@ -411,6 +411,7 @@ static void xfrm_sa_dump_line(struct nl_object *a, struct nl_dump_params *p)
char flags[128], mode[128];
time_t add_time, use_time;
struct tm *add_time_tm, *use_time_tm;
+ struct tm tm_buf;
nl_dump_line(p, "src %s dst %s family: %s\n", nl_addr2str(sa->saddr, src, sizeof(src)),
nl_addr2str(sa->id.daddr, dst, sizeof(dst)),
@@ -454,7 +455,7 @@ static void xfrm_sa_dump_line(struct nl_object *a, struct nl_dump_params *p)
if (sa->curlft.add_time != 0)
{
add_time = sa->curlft.add_time;
- add_time_tm = gmtime (&add_time);
+ add_time_tm = gmtime_r (&add_time, &tm_buf);
strftime (flags, 128, "%Y-%m-%d %H-%M-%S", add_time_tm);
}
else
@@ -465,7 +466,7 @@ static void xfrm_sa_dump_line(struct nl_object *a, struct nl_dump_params *p)
if (sa->curlft.use_time != 0)
{
use_time = sa->curlft.use_time;
- use_time_tm = gmtime (&use_time);
+ use_time_tm = gmtime_r (&use_time, &tm_buf);
strftime (mode, 128, "%Y-%m-%d %H-%M-%S", use_time_tm);
}
else
diff --git a/lib/xfrm/sp.c b/lib/xfrm/sp.c
index 3943469..1984099 100644
--- a/lib/xfrm/sp.c
+++ b/lib/xfrm/sp.c
@@ -325,6 +325,7 @@ static void xfrm_sp_dump_line(struct nl_object *a, struct nl_dump_params *p)
char dst[INET6_ADDRSTRLEN+5], src[INET6_ADDRSTRLEN+5];
time_t add_time, use_time;
struct tm *add_time_tm, *use_time_tm;
+ struct tm tm_buf;
nl_addr2str(xfrmnl_sel_get_saddr (sp->sel), src, sizeof(src));
nl_addr2str (xfrmnl_sel_get_daddr (sp->sel), dst, sizeof (dst));
@@ -375,7 +376,7 @@ static void xfrm_sp_dump_line(struct nl_object *a, struct nl_dump_params *p)
if (sp->curlft.add_time != 0)
{
add_time = sp->curlft.add_time;
- add_time_tm = gmtime (&add_time);
+ add_time_tm = gmtime_r (&add_time, &tm_buf);
strftime (dst, INET6_ADDRSTRLEN+5, "%Y-%m-%d %H-%M-%S", add_time_tm);
}
else
@@ -386,7 +387,7 @@ static void xfrm_sp_dump_line(struct nl_object *a, struct nl_dump_params *p)
if (sp->curlft.use_time != 0)
{
use_time = sp->curlft.use_time;
- use_time_tm = gmtime (&use_time);
+ use_time_tm = gmtime_r (&use_time, &tm_buf);
strftime (src, INET6_ADDRSTRLEN+5, "%Y-%m-%d %H-%M-%S", use_time_tm);
}
else
--
2.33.0

86
backport-workaround-coverity-warning-about-time_t-handling.patch Normal file
View File

@ -0,0 +1,86 @@
From 4fcb075720ed3beea4ceee3f679305caacd0f51b Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 4 Dec 2023 11:22:38 +0100
Subject: [PATCH] socket: workaround coverity warning about time_t handling
Coverity really wants to warn if a time_t is cast to 32 bits.
We use time() here to get (some very bad) randomness. The loss
of the upper bits is the least of the problems.
Work around the coverity warning by also the higher bits.
Error: Y2K38_SAFETY (CWE-197): [#def12]
libnl-3.8.0/lib/socket.c:76: store_truncates_time_t: A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "uint32_t".
# 74|
# 75| if (idx_state == 0) {
# 76|-> uint32_t t = (uint32_t) time(NULL);
# 77|
# 78| /* from time to time (on average each 2^15 calls), the idx_state will
Error: Y2K38_SAFETY (CWE-197): [#def13]
libnl-3.8.0/lib/socket.c:193: store_truncates_time_t: A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "time(NULL)" is cast to "unsigned int".
# 191| sk->s_local.nl_family = AF_NETLINK;
# 192| sk->s_peer.nl_family = AF_NETLINK;
# 193|-> sk->s_seq_next = (unsigned int) time(NULL);
# 194| sk->s_seq_expect = sk->s_seq_next;
# 195|
Conflict:patch for explicitly cast time() to uint32_t at 57e0170 is not incorporated
Reference:https://github.com/thom311/libnl/commit/4fcb075720ed3beea4ceee3f679305caacd0f51b
---
lib/socket.c | 23 +++++++++++++++++++++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/lib/socket.c b/lib/socket.c
index 99cd36d..778230b 100644
--- a/lib/socket.c
+++ b/lib/socket.c
@@ -54,6 +54,24 @@ static void __init init_default_cb(void)
}
}
+static uint32_t _badrandom_from_time(void)
+{
+ uint32_t result;
+ uint64_t v64;
+ time_t t;
+
+ t = time(NULL);
+ v64 = (uint64_t)t;
+ result = (uint32_t)v64;
+
+ /* XOR with the upper bits. Otherwise, coverity warns about only
+ * considering 32 bit from time_t. Use the inverse, so that for the
+ * most part the bits don't change. */
+ result ^= (~(v64 >> 32));
+
+ return result;
+}
+
static uint32_t used_ports_map[32];
static NL_RW_LOCK(port_map_lock);
@@ -67,7 +85,7 @@ static uint32_t generate_local_port(void)
nl_write_lock(&port_map_lock);
if (idx_state == 0) {
- uint32_t t = time(NULL);
+ uint32_t t = _badrandom_from_time();
/* from time to time (on average each 2^15 calls), the idx_state will
* be zero again. No problem, just "seed" anew with time(). */
@@ -184,7 +202,8 @@ static struct nl_sock *__alloc_socket(struct nl_cb *cb)
sk->s_cb = nl_cb_get(cb);
sk->s_local.nl_family = AF_NETLINK;
sk->s_peer.nl_family = AF_NETLINK;
- sk->s_seq_expect = sk->s_seq_next = time(NULL);
+ sk->s_seq_next = _badrandom_from_time();
+ sk->s_seq_expect = sk->s_seq_next;
/* the port is 0 (unspecified), meaning NL_OWN_PORT */
sk->s_flags = NL_OWN_PORT;
--
2.33.0

23
libnl3.spec
View File

@ -1,6 +1,6 @@
Name: libnl3
Version: 3.7.0
Release: 3
Release: 4
Summary: Providing APIs to netlink protocol based Linux kernel interfaces
License: LGPLv2
URL: http://www.infradead.org/~tgr/libnl/
@ -11,6 +11,21 @@ Patch6001: backport-fix-bridge-info-parsing.patch
Patch9000: solve-redefinition-of-struct-ipv6_mreq.patch
patch6002: backport-add-some-tests-about-addr-class-rule-neigh-qdisc.patch
patch6003: backport-clear-XFRM_SP_ATTR_TMPL-when-removing-the-last-template.patch
patch6004: backport-fix-reference-counters-of-sa-selector-addresses.patch
patch6005: backport-do-not-use-static-array-indices-for-buffer.patch
patch6006: backport-fix-leak-in-error-handling-of-rtnl_flower_append_action.patch
patch6007: backport-fix-signed-overflow-warning-in-nl_object_diff.patch
patch6008: backport-workaround-coverity-warning-about-time_t-handling.patch
patch6009: backport-fix-leaking-usertemplate-in-xfrmnl_sp_parse.patch
patch6010: backport-avoid-integer-overflow-in-rtnl_tc_calc_cell_log.patch
patch6011: backport-fix-crashes-in-case-of-ENOMEM.patch
patch6012: backport-accept-NULL-argument-in-nla_nest_cancel-for-robustness.patch
patch6013: backport-fix-error-handling-in-nl_str2ip_protos.patch
patch6014: backport-handle-negative-and-zero-size-in-nla_memcpy.patch
patch6015: backport-use-thread-safe-gmtime_r-instead-of-gmtime.patch
BuildRequires: flex bison libtool autoconf automake swig
Requires: %{name} = %{version}-%{release}
@ -94,6 +109,12 @@ cd python
%{python3_sitearch}/netlink-*.egg-info
%changelog
* Thu Apr 25 2024 sunhai <sunhai10@huawei.com> - 3.7.0-4
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:sync some pathes from upstream
* Fri Jan 12 2024 chengyechun <chengyechun1@huawei.com> - 3.7.0-3
- Type:bugfix
- ID:NA