diff --git a/.gitignore b/.gitignore index 44778c8..fe00b2f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /iproute2-4.18.0.tar.xz /iproute2-4.20.0.tar.xz /iproute2-5.0.0.tar.xz +/iproute2-5.1.0.tar.xz diff --git a/0001-m_mirred-don-t-bail-if-the-control-action-is-missing.patch b/0001-m_mirred-don-t-bail-if-the-control-action-is-missing.patch new file mode 100644 index 0000000..8acd9fb --- /dev/null +++ b/0001-m_mirred-don-t-bail-if-the-control-action-is-missing.patch @@ -0,0 +1,39 @@ +From bdda9ba541aac9f840af8554e60fcede68c6e8a1 Mon Sep 17 00:00:00 2001 +From: Paolo Abeni +Date: Mon, 20 May 2019 11:56:52 +0200 +Subject: [PATCH] m_mirred: don't bail if the control action is missing + +The mirred act admits an optional control action, defaulting +to TC_ACT_PIPE. The parsing code currently emits an error message +if the control action is not provided on the command line, even +if the command itself completes with no error. + +This change shuts down the error message, using the appropriate +parsing helper. + +Fixes: e67aba559581 ("tc: actions: add helpers to parse and print control actions") +Signed-off-by: Paolo Abeni +Signed-off-by: Stephen Hemminger +(cherry picked from commit 6eccf7ecdb010a90e5271942748ef4338ddb61ae) +Signed-off-by: Phil Sutter +--- + tc/m_mirred.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tc/m_mirred.c b/tc/m_mirred.c +index c7f7318b8413f..23ba638a234d1 100644 +--- a/tc/m_mirred.c ++++ b/tc/m_mirred.c +@@ -202,7 +202,8 @@ parse_direction(struct action_util *a, int *argc_p, char ***argv_p, + + + if (p.eaction == TCA_EGRESS_MIRROR || p.eaction == TCA_INGRESS_MIRROR) +- parse_action_control(&argc, &argv, &p.action, false); ++ parse_action_control_dflt(&argc, &argv, &p.action, false, ++ TC_ACT_PIPE); + + if (argc) { + if (iok && matches(*argv, "index") == 0) { +-- +2.21.0 + diff --git a/0002-lib-suppress-error-msg-when-filling-the-cache.patch b/0002-lib-suppress-error-msg-when-filling-the-cache.patch new file mode 100644 index 0000000..3f5a1cb --- /dev/null +++ b/0002-lib-suppress-error-msg-when-filling-the-cache.patch @@ -0,0 +1,40 @@ +From 179024901d8760312d153ff843306eec66863a4f Mon Sep 17 00:00:00 2001 +From: Nicolas Dichtel +Date: Fri, 24 May 2019 10:59:10 +0200 +Subject: [PATCH] lib: suppress error msg when filling the cache + +Before the patch: +$ ip netns add foo +$ ip link add name veth1 address 2a:a5:5c:b9:52:89 type veth peer name veth2 address 2a:a5:5c:b9:53:90 netns foo +RTNETLINK answers: No such device +RTNETLINK answers: No such device + +But the command was successful. This may break script. Let's remove those +error messages. + +Fixes: 55870dfe7f8b ("Improve batch and dump times by caching link lookups") +Reported-by: Philippe Guibert +Signed-off-by: Nicolas Dichtel +Signed-off-by: Stephen Hemminger +(cherry picked from commit 757837230a654d39623d0b90882b695a2facd107) +Signed-off-by: Phil Sutter +--- + lib/ll_map.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/ll_map.c b/lib/ll_map.c +index 2d7b65dcb8f7e..e0ed54bf77c98 100644 +--- a/lib/ll_map.c ++++ b/lib/ll_map.c +@@ -177,7 +177,7 @@ static int ll_link_get(const char *name, int index) + addattr_l(&req.n, sizeof(req), IFLA_IFNAME, name, + strlen(name) + 1); + +- if (rtnl_talk(&rth, &req.n, &answer) < 0) ++ if (rtnl_talk_suppress_rtnl_errmsg(&rth, &req.n, &answer) < 0) + goto out; + + /* add entry to cache */ +-- +2.21.0 + diff --git a/0003-tc-flower-fix-port-value-truncation.patch b/0003-tc-flower-fix-port-value-truncation.patch new file mode 100644 index 0000000..63b1dec --- /dev/null +++ b/0003-tc-flower-fix-port-value-truncation.patch @@ -0,0 +1,104 @@ +From 9cfbfd6b5b3aa49b3966853d06fb3ddae82e207e Mon Sep 17 00:00:00 2001 +From: Lukasz Czapnik +Date: Mon, 27 May 2019 23:03:49 +0200 +Subject: [PATCH] tc: flower: fix port value truncation + +sscanf truncates read port values silently without any error. As sscanf +man says: +(...) sscanf() conform to C89 and C99 and POSIX.1-2001. These standards +do not specify the ERANGE error. + +Replace sscanf with safer get_be16 that returns error when value is out +of range. + +Example: +tc filter add dev eth0 protocol ip parent ffff: prio 1 flower ip_proto +tcp dst_port 70000 hw_tc 1 + +Would result in filter for port 4464 without any warning. + +Fixes: 8930840e678b ("tc: flower: Classify packets based port ranges") +Signed-off-by: Lukasz Czapnik +Signed-off-by: Stephen Hemminger +(cherry picked from commit 767b6fd620ddc4319a121595f953313b2e9789ff) +Signed-off-by: Phil Sutter +--- + tc/f_flower.c | 48 ++++++++++++++++++++++++++++++++++++------------ + 1 file changed, 36 insertions(+), 12 deletions(-) + +diff --git a/tc/f_flower.c b/tc/f_flower.c +index 9659e894dd1f9..e2420d924248d 100644 +--- a/tc/f_flower.c ++++ b/tc/f_flower.c +@@ -493,23 +493,40 @@ static int flower_port_range_attr_type(__u8 ip_proto, enum flower_endpoint type, + return 0; + } + ++/* parse range args in format 10-20 */ ++static int parse_range(char *str, __be16 *min, __be16 *max) ++{ ++ char *sep; ++ ++ sep = strchr(str, '-'); ++ if (sep) { ++ *sep = '\0'; ++ ++ if (get_be16(min, str, 10)) ++ return -1; ++ ++ if (get_be16(max, sep + 1, 10)) ++ return -1; ++ } else { ++ if (get_be16(min, str, 10)) ++ return -1; ++ } ++ return 0; ++} ++ + static int flower_parse_port(char *str, __u8 ip_proto, + enum flower_endpoint endpoint, + struct nlmsghdr *n) + { +- __u16 min, max; ++ __be16 min = 0; ++ __be16 max = 0; + int ret; + +- ret = sscanf(str, "%hu-%hu", &min, &max); +- +- if (ret == 1) { +- int type; ++ ret = parse_range(str, &min, &max); ++ if (ret) ++ return -1; + +- type = flower_port_attr_type(ip_proto, endpoint); +- if (type < 0) +- return -1; +- addattr16(n, MAX_MSG, type, htons(min)); +- } else if (ret == 2) { ++ if (min && max) { + __be16 min_port_type, max_port_type; + + if (max <= min) { +@@ -520,8 +537,15 @@ static int flower_parse_port(char *str, __u8 ip_proto, + &min_port_type, &max_port_type)) + return -1; + +- addattr16(n, MAX_MSG, min_port_type, htons(min)); +- addattr16(n, MAX_MSG, max_port_type, htons(max)); ++ addattr16(n, MAX_MSG, min_port_type, min); ++ addattr16(n, MAX_MSG, max_port_type, max); ++ } else if (min && !max) { ++ int type; ++ ++ type = flower_port_attr_type(ip_proto, endpoint); ++ if (type < 0) ++ return -1; ++ addattr16(n, MAX_MSG, type, min); + } else { + return -1; + } +-- +2.21.0 + diff --git a/iproute.spec b/iproute.spec index 9e836fb..095b2c6 100644 --- a/iproute.spec +++ b/iproute.spec @@ -1,11 +1,15 @@ %global cbq_version v0.7.3 Summary: Advanced IP routing and network device configuration tools Name: iproute -Version: 5.0.0 -Release: 2%{?dist} +Version: 5.1.0 +Release: 1%{?dist} URL: http://kernel.org/pub/linux/utils/net/%{name}2/ Source0: http://kernel.org/pub/linux/utils/net/%{name}2/%{name}2-%{version}.tar.xz +Patch0: 0001-m_mirred-don-t-bail-if-the-control-action-is-missing.patch +Patch1: 0002-lib-suppress-error-msg-when-filling-the-cache.patch +Patch2: 0003-tc-flower-fix-port-value-truncation.patch + License: GPLv2+ and Public Domain BuildRequires: gcc BuildRequires: bison @@ -122,6 +126,9 @@ install -D -m644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a %{_includedir}/iproute2/bpf_elf.h %changelog +* Wed May 29 2019 Phil Sutter - 5.1.0-1 +- New version 5.1.0 + * Wed Mar 20 2019 Phil Sutter - 5.0.0-2 - Restore Provides: hint, at least pptp depends on it diff --git a/sources b/sources index 7f93c29..3ebf39c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (iproute2-5.0.0.tar.xz) = 4b1649ccdfefbb5eace9d444843492db9d1357b9b3ee1567d6241283cde00ad3c9dbee6b8e507c4e9a5ca0a6378b71ca0c5fbf1e2ed2a9c7d479daf5d49eaed0 +SHA512 (iproute2-5.1.0.tar.xz) = 5c8319b040bd0ba98cf1225b2a77efafc662741344c53877ee38cf108ca01906b03328e4f9b00b7557e301c6e64bca4e42e92af477b4d657bcbff5120c0c4e87