!12 backport upstream patches

From: @yangl777 
Reviewed-by: @seuzw 
Signed-off-by: @seuzw

backport-8021Qaz-check-for-rx-block-validity.patch

@@ -0,0 +1,129 @@
+From dbbfdde4febf2f2ebb8522ff817f5fd169883dbc Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Wed, 25 Aug 2021 10:37:22 -0400
+Subject: [PATCH] 8021Qaz: check for rx block validity
+
+There is a slim but possible race in the 8021Qaz processing when handling
+TLVs during ifdown windows.  To address this, check for the rx block
+before dereferencing it.
+
+Conflict:NA
+Reference:https://github.com/openSUSE/lldpad/commit/dbbfdde4febf2f2ebb8522ff817f5fd169883dbc
+
+closes https://github.com/intel/openlldp/issues/78
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+---
+ lldp_8021qaz.c | 41 ++++++++++++++++++++++++++++-------------
+ 1 file changed, 28 insertions(+), 13 deletions(-)
+
+diff --git a/lldp_8021qaz.c b/lldp_8021qaz.c
+index abeae46..5fccbe4 100644
+--- a/lldp_8021qaz.c
++++ b/lldp_8021qaz.c
+@@ -1563,48 +1563,63 @@ static bool unpack_ieee8021qaz_tlvs(struct port *port,
+ 	/* Process */
+ 	switch (tlv->info[OUI_SIZE]) {
+ 	case IEEE8021QAZ_ETSCFG_TLV:
+-		if (tlvs->rx->etscfg == NULL) {
++		if (tlvs->rx && tlvs->rx->etscfg == NULL) {
+ 			tlvs->ieee8021qazdu |= RCVD_IEEE8021QAZ_TLV_ETSCFG;
+ 			tlvs->rx->etscfg = tlv;
+-		} else {
++		} else if (tlvs->rx) {
+ 			LLDPAD_WARN("%s: %s: 802.1Qaz Duplicate ETSCFG TLV\n",
+ 				__func__, port->ifname);
+ 			agent->rx.dupTlvs |= DUP_IEEE8021QAZ_TLV_ETSCFG;
+ 			return false;
++		} else {
++			LLDPAD_INFO("%s: %s: 802.1Qaz port IFDOWN\n",
++				__func__, port->ifname);
++			return false;
+ 		}
+ 		break;
+ 	case IEEE8021QAZ_ETSREC_TLV:
+-		if (tlvs->rx->etsrec == NULL) {
++		if (tlvs->rx && tlvs->rx->etsrec == NULL) {
+ 			tlvs->ieee8021qazdu |= RCVD_IEEE8021QAZ_TLV_ETSREC;
+ 			tlvs->rx->etsrec = tlv;
+-		} else {
++		} else if (tlvs->rx) {
+ 			LLDPAD_WARN("%s: %s: 802.1Qaz Duplicate ETSREC TLV\n",
+ 				__func__, port->ifname);
+ 			agent->rx.dupTlvs |= DUP_IEEE8021QAZ_TLV_ETSREC;
+ 			return false;
++		} else {
++			LLDPAD_INFO("%s: %s: 802.1Qaz port IFDOWN\n",
++				__func__, port->ifname);
++			return false;
+ 		}
+ 		break;
+-
+ 	case IEEE8021QAZ_PFC_TLV:
+-		if (tlvs->rx->pfc == NULL) {
++		if (tlvs->rx && tlvs->rx->pfc == NULL) {
+ 			tlvs->ieee8021qazdu |= RCVD_IEEE8021QAZ_TLV_PFC;
+ 			tlvs->rx->pfc = tlv;
+-		} else {
++		} else if (tlvs->rx) {
+ 			LLDPAD_WARN("%s: %s: 802.1Qaz Duplicate PFC TLV\n",
+ 				__func__, port->ifname);
+ 			agent->rx.dupTlvs |= DUP_IEEE8021QAZ_TLV_PFC;
+ 			return false;
++		} else {
++			LLDPAD_INFO("%s: %s: 802.1Qaz port IFDOWN\n",
++				__func__, port->ifname);
++			return false;
+ 		}
+ 		break;
+ 	case IEEE8021QAZ_APP_TLV:
+-		if (tlvs->rx->app == NULL) {
++		if (tlvs->rx && tlvs->rx->app == NULL) {
+ 			tlvs->ieee8021qazdu |= RCVD_IEEE8021QAZ_TLV_APP;
+ 			tlvs->rx->app = tlv;
+-		} else {
++		} else if (tlvs->rx) {
+ 			LLDPAD_WARN("%s: %s: 802.1Qaz Duplicate APP TLV\n",
+ 				    __func__, port->ifname);
+ 			agent->rx.dupTlvs |= DUP_IEEE8021QAZ_TLV_APP;
+ 			return false;
++		} else {
++			LLDPAD_INFO("%s: %s: 802.1Qaz port IFDOWN\n",
++				__func__, port->ifname);
++			return false;
+ 		}
+ 		break;
+ 	default:
+@@ -1891,26 +1906,26 @@ static void ieee8021qaz_mibUpdateObjects(struct port *port)
+ 
+ 	tlvs = ieee8021qaz_data(port->ifname);
+ 
+-	if (tlvs->rx->etscfg) {
++	if (tlvs->rx && tlvs->rx->etscfg) {
+ 		process_ieee8021qaz_etscfg_tlv(port);
+ 	} else if (tlvs->ets->cfgr) {
+ 		free(tlvs->ets->cfgr);
+ 		tlvs->ets->cfgr = NULL;
+ 	}
+ 
+-	if (tlvs->rx->etsrec) {
++	if (tlvs->rx && tlvs->rx->etsrec) {
+ 		process_ieee8021qaz_etsrec_tlv(port);
+ 	} else if (tlvs->ets->recr) {
+ 		free(tlvs->ets->recr);
+ 		tlvs->ets->recr = NULL;
+ 	}
+ 
+-	if (tlvs->rx->pfc)
++	if (tlvs->rx && tlvs->rx->pfc)
+ 		process_ieee8021qaz_pfc_tlv(port);
+ 	else if (tlvs->pfc)
+ 		tlvs->pfc->remote_param = false;
+ 
+-	if (tlvs->rx->app)
++	if (tlvs->rx && tlvs->rx->app)
+ 		process_ieee8021qaz_app_tlv(port);
+ 	else
+ 		ieee8021qaz_app_reset(&tlvs->app_head);
+-- 
+1.8.3.1
+

backport-8021qaz-squelch-initialization-errors.patch

@@ -0,0 +1,34 @@
+From 1459f3ca787e799eeddd40ca5abd28de1efc12b6 Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Wed, 25 Aug 2021 10:29:19 -0400
+Subject: [PATCH] 8021qaz: squelch initialization errors
+
+Some static analysis tools (like coverity) flag this array
+as accessed without proper initialization.  Squelch by forcing
+initialization.
+
+Conflict:NA
+Reference:https://github.com/openSUSE/lldpad/commit/1459f3ca787e799eeddd40ca5abd28de1efc12b6
+
+closes https://github.com/intel/openlldp/issues/77
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+---
+ lldp_8021qaz_clif.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lldp_8021qaz_clif.c b/lldp_8021qaz_clif.c
+index f776392..9031cb0 100644
+--- a/lldp_8021qaz_clif.c
++++ b/lldp_8021qaz_clif.c
+@@ -253,7 +253,7 @@ static void ieee8021qaz_print_app_tlv(u16 len, char *info)
+ {
+ 	u8 app, app_idx, app_prio, app_sel;
+ 	u16 proto, offset = 2;
+-	u8 dscp[MAX_USER_PRIORITIES][MAX_APP_ENTRIES];
++	u8 dscp[MAX_USER_PRIORITIES][MAX_APP_ENTRIES] = {0};
+ 	u8 dscp_count[MAX_USER_PRIORITIES] = {0};
+ 	u8 i, j;
+ 	bool first_app = true;
+-- 
+1.8.3.1
+

backport-basman-use-return-address-when-pulling-address.patch

@@ -0,0 +1,34 @@
+From 594c4e8257fbdc3c1608acde5419009a20f31650 Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Wed, 10 Nov 2021 16:40:20 -0500
+Subject: [PATCH] basman: use return address when pulling address
+
+The managed address pulling routine will fail to reset the return
+value from a previous attempt if no IPv4 and IPv6 addresses are
+available.  Use the return address of the hwaddr fetch.
+
+Conflict:NA
+Reference:https://github.com/openSUSE/lldpad/commit/594c4e8257fbdc3c1608acde5419009a20f31650
+
+Resolves: https://github.com/intel/openlldp/issues/82
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+---
+ lldp_basman.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lldp_basman.c b/lldp_basman.c
+index 25e7d9e..cb0c50c 100644
+--- a/lldp_basman.c
++++ b/lldp_basman.c
+@@ -515,7 +515,7 @@ static int basman_bld_manaddr_tlv(struct basman_data *bd,
+ 	if (rc) {
+ 		rc = basman_get_manaddr_sub(bd, agent, MANADDR_IPV6);
+ 		if (rc)
+-			basman_get_manaddr_sub(bd, agent, MANADDR_ALL802);
++			rc = basman_get_manaddr_sub(bd, agent, MANADDR_ALL802);
+ 	}
+ out_err:
+ 	return rc;
+-- 
+1.8.3.1
+

backport-macvtap-fix-error-condition.patch

@@ -0,0 +1,34 @@
+From 56b21ceb743fabe290ef7a8be8bbeecc55888a9e Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Wed, 25 Aug 2021 10:22:20 -0400
+Subject: [PATCH] macvtap: fix error condition
+
+If the socket() call fails, we will jump to out and pass a
+negative value to close() which is not allowed.
+
+Conflict:NA
+Reference:https://github.com/openSUSE/lldpad/commit/56b21ceb743fabe290ef7a8be8bbeecc55888a9e
+
+Fixes: d43abb0267f3 ("lldpad: do not use macv[tap/lan] interfaces as ports")
+closes https://github.com/intel/openlldp/issues/75
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+---
+ lldp_util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lldp_util.c b/lldp_util.c
+index 1e58b1e..be1333e 100644
+--- a/lldp_util.c
++++ b/lldp_util.c
+@@ -681,7 +681,7 @@ int is_macvtap(const char *ifname)
+ 	s = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE);
+ 
+ 	if (s < 0) {
+-		goto out;
++		return false;
+ 	}
+ 
+ 	nlh = malloc(NLMSG_SIZE);
+-- 
+1.8.3.1
+

backport-vdp22-convert-command-parsing-to-null-term.patch

@@ -0,0 +1,32 @@
+From 89202fc87f03d6ae836a98a000f75690a45314d6 Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Wed, 25 Aug 2021 10:19:16 -0400
+Subject: [PATCH] vdp22: convert command parsing to null term
+
+There is a theoretical buffer escape here.
+
+Conflict:NA
+Reference:https://github.com/openSUSE/lldpad/commit/89202fc87f03d6ae836a98a000f75690a45314d6
+
+closes https://github.com/intel/openlldp/issues/74
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+---
+ qbg/vdp22_cmds.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/qbg/vdp22_cmds.c b/qbg/vdp22_cmds.c
+index a8025ee..0ded0f1 100644
+--- a/qbg/vdp22_cmds.c
++++ b/qbg/vdp22_cmds.c
+@@ -577,7 +577,7 @@ static int get_arg_vsi(struct cmd *cmd, char *arg, char *argvalue,
+ 	memset(&vsi, 0, sizeof(vsi));
+ 	memset(vsi_str, 0, sizeof(vsi_str));
+ 	vsi.request = cmd->tlvid;
+-	strncpy(vsi.ifname, cmd->ifname, sizeof(vsi.ifname));
++	STRNCPY_TERMINATED(vsi.ifname, cmd->ifname, sizeof(vsi.ifname));
+ 	good_cmd = cmd_failed;
+ 	if ((cmd->ops & op_config) && (cmd->ops & op_arg)) {
+ 		memset(&mac, 0, sizeof(mac));
+-- 
+1.8.3.1
+

lldpad.spec

@@ -4,12 +4,18 @@
 
 Name:               lldpad
 Version:            1.1
-Release:            2
+Release:            3
 Summary:            Intel LLDP Agent
 License:            GPLv2
 URL:                https://www.open-lldp.org
 Source0:            https://github.com/intel/lldpad/archive/v%{version}.tar.gz
 
+Patch1:             backport-8021Qaz-check-for-rx-block-validity.patch
+Patch2:             backport-8021qaz-squelch-initialization-errors.patch
+Patch3:             backport-basman-use-return-address-when-pulling-address.patch
+Patch4:             backport-macvtap-fix-error-condition.patch
+Patch5:             backport-vdp22-convert-command-parsing-to-null-term.patch
+
 BuildRequires:      automake autoconf libtool flex kernel-headers libconfig-devel
 BuildRequires:      libnl3-devel readline-devel systemd 
 
@@ -83,6 +89,12 @@ make check
 %{_mandir}/man*/*
 
 %changelog
+* Wed Sep 14 2022 yanglu <yanglu72@h-partners.com> - 1.1-3
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:backport upstream patches
+
 * Fri Jul 30 2021 chenyanpanHW <chenyanpan@huawei.com> - 1.1-2
 - DESC: delete -S git from %autosetup, and delete BuildRequires git