Hi David,
On Mon, Feb 19, 2018 at 12:15:37PM -0500, David Miller wrote:
> From: Phil Sutter <p...@nwl.cc>
> Date: Mon, 19 Feb 2018 18:09:39 +0100
>
> > What puzzles me about your argumentation is that you seem to propose for
> > the kernel to cover up flaws in users
Hi David,
On Mon, Feb 19, 2018 at 01:41:29PM -0500, David Miller wrote:
> From: Phil Sutter <p...@nwl.cc>
> Date: Mon, 19 Feb 2018 19:05:51 +0100
>
> > On Mon, Feb 19, 2018 at 12:22:26PM -0500, David Miller wrote:
> >> From: Phil Sutter <p...@nwl.cc>
> &
Hi David,
On Mon, Feb 19, 2018 at 12:22:26PM -0500, David Miller wrote:
> From: Phil Sutter <p...@nwl.cc>
> Date: Mon, 19 Feb 2018 18:14:11 +0100
>
> > OK, so reading between the lines you're saying that nftables project
> > has failed to provide an adequate success
Hi David,
On Mon, Feb 19, 2018 at 10:44:59AM -0500, David Miller wrote:
> From: Harald Welte
> Date: Mon, 19 Feb 2018 16:38:08 +0100
>
> > On Mon, Feb 19, 2018 at 10:27:27AM -0500, David Miller wrote:
> >> > Would you be willing to merge nftables into kernel tools
Hi David,
On Mon, Feb 19, 2018 at 10:31:39AM -0500, David Miller wrote:
> From: Harald Welte
> Date: Mon, 19 Feb 2018 16:27:46 +0100
>
> > On Mon, Feb 19, 2018 at 10:13:35AM -0500, David Miller wrote:
> >
> >> Florian, first of all, the whole "change the iptables binary"
On Mon, Feb 12, 2018 at 08:23:12PM +0100, Lubomir Rintel wrote:
> It will fail with EPERM on Linux 4.15.
>
> Signed-off-by: Lubomir Rintel <lkund...@v3.sk>
Acked-by: Phil Sutter <p...@nwl.cc>
Since there is no documentation in Latex format left, there is no need
to check for commands to build it. Also there is no need to ignore any
of the temporary files which were created by them.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
.gitignore | 10 --
configure
Hi,
On Thu, Feb 08, 2018 at 02:26:05PM +0100, Élie Bouttier wrote:
> On 24/01/2018 16:44, Stephen Hemminger wrote:
> > On Wed, 24 Jan 2018 10:19:24 +0100
> > Phil Sutter <p...@nwl.cc> wrote:
> >> On Tue, Jan 23, 2018 at 02:44:42PM -0800, Stephen Hemminger wr
On Tue, Jan 23, 2018 at 02:44:42PM -0800, Stephen Hemminger wrote:
[...]
> Also, it looks like read_family converts any address family it doesn't know
> about to unspec
> that is stupid behavior as well.
I had a closer look and it is the best thing it could do. In all but one
cases, the function
Hi Stephen,
On Tue, Jan 23, 2018 at 02:44:42PM -0800, Stephen Hemminger wrote:
> On Tue, 23 Jan 2018 17:40:47 +0100
> Phil Sutter <p...@nwl.cc> wrote:
>
> > The following command segfaults if enp0s31f6 does not exist:
> >
> > | # ip -6 route add default proto
oet...@redhat.com>
Fixes: 2f406f2d0b4ef ("ip route: replace exits with returns")
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/iproute.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/ip/iproute.c b/ip/iproute.c
index bf886fda9d761..d7accf57ac8d1 100
t;j...@mellanox.com>
Cc: Jamal Hadi Salim <j...@mojatatu.com>
Cc: David Ahern <dsah...@gmail.com>
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/m_action.c | 5 -
tc/tc_util.c | 10 ++
tc/tc_util.h | 2 ++
3 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/tc/m_
On Wed, Jan 10, 2018 at 09:12:45PM +0100, Phil Sutter wrote:
> On Wed, Jan 10, 2018 at 12:20:36PM -0700, David Ahern wrote:
> [...]
> > 2. I am using a batch file with drop filters:
> >
> > filter add dev eth2 ingress protocol ip pref 273 flower dst_ip
> >
On Wed, Jan 10, 2018 at 12:20:36PM -0700, David Ahern wrote:
[...]
> 2. I am using a batch file with drop filters:
>
> filter add dev eth2 ingress protocol ip pref 273 flower dst_ip
> 192.168.253.0/16 action drop
>
> and for each command tc is trying to dlopen m_drop.so:
>
>
Hi Chris,
On Wed, Jan 10, 2018 at 03:00:23AM +, Chris Mi wrote:
[...]
> > Drop this and use 'continue' instead of 'goto next' below?
> Actually there are two loops, I need go to the outer while loop instead of
> the inner for loop.
Oh, I missed that. Sorry for the noise!
Cheers, Phil
Hi,
On Tue, Jan 09, 2018 at 03:59:07PM +0900, Chris Mi wrote:
[...]
> diff --git a/lib/libnetlink.c b/lib/libnetlink.c
> index 00e6ce0c..ae0059f9 100644
> --- a/lib/libnetlink.c
> +++ b/lib/libnetlink.c
> @@ -581,39 +581,43 @@ static void rtnl_talk_error(struct nlmsghdr *h, struct
> nlmsgerr
Hi Chris,
On Mon, Jan 08, 2018 at 02:03:53AM +, Chris Mi wrote:
> > On Thu, Jan 04, 2018 at 04:34:51PM +0900, Chris Mi wrote:
> > > The insertion rate is improved more than 10%.
> >
> > Did you measure the effect of increasing batch sizes?
> Yes. Even if we enlarge the batch size bigger than
Hi Chris,
On Thu, Jan 04, 2018 at 04:34:51PM +0900, Chris Mi wrote:
> Currently in tc batch mode, only one command is read from the batch
> file and sent to kernel to process. With this patchset, we can accumulate
> several commands before sending to kernel. The batch size is specified
> using
RTAX_FEATURES value with that from userspace (which obviously has no
knowledge about DST_FEATURE_ECN_CA) and fails.
Fixes: 5f9ae3d9e7e4a ("ipv4: do metrics match when looking up and deleting a
route")
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
net/ipv4/fib_semantics.c | 8 ++--
n...@netronome.com>
> Reviewed-by: Quentin Monnet <quentin.mon...@netronome.com>
Acked-by: Phil Sutter <p...@nwl.cc>
On Fri, Dec 01, 2017 at 01:45:09PM -0800, Jakub Kicinski wrote:
> On Fri, 1 Dec 2017 22:36:52 +0100, Phil Sutter wrote:
> > On Fri, Dec 01, 2017 at 12:14:07PM -0800, Jakub Kicinski wrote:
> > > On Fri, 1 Dec 2017 14:43:06 +0100, Phil Sutter wrote:
> > > > On Thu, No
On Fri, Dec 01, 2017 at 12:19:52PM -0800, Jakub Kicinski wrote:
> On Fri, 1 Dec 2017 14:46:34 +0100, Phil Sutter wrote:
> > On Thu, Nov 30, 2017 at 05:35:40PM -0800, Jakub Kicinski wrote:
> > > netdevsim driver seems like a better place for fake SR-IOV
> > > func
On Fri, Dec 01, 2017 at 12:14:07PM -0800, Jakub Kicinski wrote:
> On Fri, 1 Dec 2017 14:43:06 +0100, Phil Sutter wrote:
> > On Thu, Nov 30, 2017 at 05:35:39PM -0800, Jakub Kicinski wrote:
> > [...]
> > > +static int nsim_vfs_enable(struct netdevsim *ns, unsigned int num_
n Monnet <quentin.mon...@netronome.com>
Acked-by: Phil Sutter <p...@nwl.cc>
On Thu, Nov 30, 2017 at 05:35:39PM -0800, Jakub Kicinski wrote:
[...]
> +static int nsim_vfs_enable(struct netdevsim *ns, unsigned int num_vfs)
> +{
> + ns->vfconfigs = kcalloc(num_vfs, sizeof(struct nsim_vf_config),
> + GFP_KERNEL);
> + if (!ns->vfconfigs)
> +
Commit 6bbe5e6290db5 ("man: tc-csum.8: Fix example") changed both source
and destination IP addresses in example code but missed to update the
example's description accordingly.
Fixes: 6bbe5e6290db5 ("man: tc-csum.8: Fix example")
Signed-off-by: Phil Sutter <p...@nwl.cc&g
Looks like a typo: get_u8() returns 0 on success and -1 on error, so the
error checking here was ineffective.
Fixes: a11b7b71a6eba ("link_gre6: really support encaplimit option")
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/link_gre6.c | 2 +-
1 file changed, 1 insertio
Hi,
On Mon, Nov 27, 2017 at 11:42:49AM -0800, Jakub Kicinski wrote:
> On Tue, 28 Nov 2017 04:30:26 +0900 (KST), David Miller wrote:
> > From: Jakub Kicinski
> > Date: Thu, 23 Nov 2017 18:36:11 -0800
> >
> > > The dummy driver have previously been extended to test
GCC version 7.2.1 complains that 'result1' may be used uninitialized in
parse_action_control_slash_spaces(). This should not be possible in
practice, so the actual value 'result1' is initialized with does not
matter.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/tc_util.c | 2 +-
The function parse_action_control_slash() returns early if 'p' is NULL,
so after the first call to action_a2n(), 'p' is guaranteed not to be
NULL. Otherwise, the assignment '*p = 0' above would dereference the
NULL pointer already anyway, so just drop this check here.
Signed-off-by: Phil Sutter
This silences a spurious compiler warning with gcc-7 and eliminates a
needless conditional identified while investigating the warning.
Phil Sutter (2):
tc_util: Drop needless pointer check
tc_util: Silence spurious compiler warning
tc/tc_util.c | 5 ++---
1 file changed, 2 insertions(+), 3
On Thu, Oct 26, 2017 at 09:42:46AM -0600, David Ahern wrote:
> On 10/26/17 9:33 AM, Phil Sutter wrote:
> > On Thu, Oct 26, 2017 at 09:28:00AM -0600, David Ahern wrote:
> >> On 10/26/17 4:24 AM, Stephen Hemminger wrote:
> >>>>
> >>>> The ke
On Thu, Oct 26, 2017 at 09:28:00AM -0600, David Ahern wrote:
> On 10/26/17 4:24 AM, Stephen Hemminger wrote:
> >>
> >> The kernel needs a flag that says "give me the message of the buffer is
> >> large enough; if not just PEEK and tell me the length." That would avoid
> >> the double call in most
On Thu, Oct 26, 2017 at 07:15:31AM +, yupeng wrote:
> Add detail explains of -m, -o, -e and -i options, which are not documented
> anywhere
>
> Signed-off-by: yupeng <yupeng0...@gmail.com>
Acked-by: Phil Sutter <p...@nwl.cc>
Hi Yupeng,
On Wed, Oct 25, 2017 at 02:20:25PM -0700, peng yu wrote:
> Thanks for your suggestion, below is a new patch. What I did:
> 1. change all 'package' to 'packet'
> 2. put my additional text as second paragraphs of the original options.
> 3. checked the man page by aspell
> If anything
;ip: fix igmp parsing when iface is long")
> Signed-off-by: Michal Kubecek <mkube...@suse.cz>
Acked-by: Phil Sutter <p...@nwl.cc>
Prefix IPPROTO_ICMPV6 sockets with 'icmp6' instead of '???'.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/misc/ss.c b/misc/ss.c
index e37aba6022eb4..b5c6bbc05766e 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -784,6 +784,8 @@
lt;eric.duma...@gmail.com>
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 36 +---
1 file changed, 17 insertions(+), 19 deletions(-)
diff --git a/misc/ss.c b/misc/ss.c
index 09bff8a7e2d28..e37aba6022eb4 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -10
On Mon, Oct 16, 2017 at 07:49:58PM -0700, Stephen Hemminger wrote:
> On Mon, 16 Oct 2017 19:00:36 -0700
> Eric Dumazet wrote:
>
> > On Mon, 2017-10-16 at 14:28 -0700, Stephen Hemminger wrote:
> > > On Mon, 16 Oct 2017 20:44:07 +
> > > Humberto Alves
Hi,
On Fri, Oct 13, 2017 at 09:57:37AM +, Humberto Alves wrote:
> Hi! With the last iproute2 release, ss command output does not
> differentiate between any-address IPv4 sockets from the IPv6 ones.
> I don't know if this is an expected behaviour, but the old output looks
> more useful.
On Thu, Oct 12, 2017 at 09:07:06AM -0700, Stephen Hemminger wrote:
> On Wed, 11 Oct 2017 13:10:07 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > On Tue, Oct 10, 2017 at 09:47:43AM -0700, Stephen Hemminger wrote:
> > > On Tue, 10 Oct 2017 08:41:17 +0200
> >
On Tue, Oct 10, 2017 at 09:47:43AM -0700, Stephen Hemminger wrote:
> On Tue, 10 Oct 2017 08:41:17 +0200
> Michal Kubecek <mkube...@suse.cz> wrote:
>
> > On Mon, Oct 09, 2017 at 10:25:25PM +0200, Phil Sutter wrote:
> > > Hi Stephen,
> > >
> > > O
> > With call like rtnl_talk(, nlh, nlh, sizeof(req), I add a new variable
> > answer to avoid overwrite data in nlh, because it may has more info after
> > nlh. also this will avoid nlh buffer not enough issue.
> >
> > We need to free answer after using.
> &
:
- Changed patch 3 as suggested in review.
Changes since v1:
- Patches 1 and 2 introduced.
- Changes to patch 3 are listed in there.
Phil Sutter (3):
ip{6,}tunnel: Avoid copying user-supplied interface name around
tc: flower: No need to cache indev arg
Check user supplied interface name lengths
until the later lookup/strcpy.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ip6tunnel.c | 6 +++---
ip/iptunnel.c | 22 +-
2 files changed, 12 insertions(+), 16 deletions(-)
diff --git a/ip/ip6tunnel.c b/ip/ip6tunnel.c
index b4a7def144226..c12d700e74189 100644
--
Since addattrstrz() will copy the provided string into the attribute
payload, there is no need to cache the data.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/f_flower.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 934832e
and is therefore looked up using ll_name_to_index(),
so if_nametoindex() will perform the necessary checks already.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Change implementation of check_ifname() and add get_ifname() just as
Stephen suggested with one exception: Call s
On Fri, Sep 29, 2017 at 10:31:07AM -0700, Stephen Hemminger wrote:
[...]
> I was thinking something like:
>
>
>
> diff --git a/include/utils.h b/include/utils.h
> index c9ed230b9604..e2702b56f2e0 100644
> --- a/include/utils.h
> +++ b/include/utils.h
> @@ -105,6 +105,8 @@ int get_be64(__be64
although they are not.
Fix this by taking mxlock value for the given metric into account before
skipping it if it is not present.
Reported-by: Thomas Haller <thal...@redhat.com>
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/iproute.c | 4 ++--
1 file changed, 2 insertions(+), 2 deleti
On Wed, Sep 27, 2017 at 08:42:49AM +0100, Stephen Hemminger wrote:
> On Tue, 26 Sep 2017 18:35:45 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > This series adds explicit checks for user-supplied interface names to
> > make sure their length fits Linux's requireme
Since addattrstrz() will copy the provided string into the attribute
payload, there is no need to cache the data.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/f_flower.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 934832e
until the later lookup/strcpy.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ip6tunnel.c | 6 +++---
ip/iptunnel.c | 22 +-
2 files changed, 12 insertions(+), 16 deletions(-)
diff --git a/ip/ip6tunnel.c b/ip/ip6tunnel.c
index b4a7def144226..c12d700e74189 100644
--
:
- Patches 1 and 2 introduced.
- Changes to patch 3 are listed in there.
Phil Sutter (3):
ip{6,}tunnel: Avoid copying user-supplied interface name around
tc: flower: No need to cache indev arg
Check user supplied interface name lengths
include/utils.h | 1 +
ip/ip6tunnel.c | 9
using ll_name_to_index(),
so if_nametoindex() will perform the necessary checks already.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v1:
- added missing check to tc/f_flower.c
- Drop some useless checks from ip/ip{6,}tunnel.c (ll_name_to_index()
will detect illegal interface
On Tue, Sep 26, 2017 at 02:08:49PM +0300, Baruch Siach wrote:
[...]
> diff --git a/configure b/configure
> index 7be8fb113cc9..787b2e061af9 100755
> --- a/configure
> +++ b/configure
> @@ -326,6 +326,27 @@ EOF
> rm -f $TMPDIR/dbtest.c $TMPDIR/dbtest
> }
>
> +check_strlcpy()
> +{
> +cat
On Thu, Sep 21, 2017 at 08:14:11PM +0200, Thomas Haller wrote:
> Signed-off-by: Thomas Haller
Fixes: 4ec1933dfddfc ("Update ip.8 man page to describe route table id values")
(So that bug is over 7 years old. :)
Cheers, Phil
json output")
Signed-off-by: Phil Sutter <p...@nwl.cc>
--
Changes since v1:
Align json output with that of 'ip -j addr show':
- Interface index label is 'ifindex', not 'index' and it doesn't belong
to 'addr_info' array.
- Create one 'addr_info' array per dumped address, not one for all.
--
On Tue, Sep 12, 2017 at 04:58:12PM +0200, Phil Sutter wrote:
> Obviously, 'addr showdump' feature wasn't adjusted to json output
> support. As a consequence, calls to print_string() in print_addrinfo()
> tried to dereference a NULL FILE pointer.
Please ignore this patch - it generates
Obviously, 'addr showdump' feature wasn't adjusted to json output
support. As a consequence, calls to print_string() in print_addrinfo()
tried to dereference a NULL FILE pointer.
Fixes: d0e720111aad2 ("ip: ipaddress.c: add support for json output")
Signed-off-by: Phil Sutter <p...@nw
Hi,
On Fri, Sep 08, 2017 at 10:01:31PM +0800, Hangbin Liu wrote:
[...]
> > > diff --git a/lib/libnetlink.c b/lib/libnetlink.c
> > > index be7ac86..37cfb5a 100644
> > > --- a/lib/libnetlink.c
> > > +++ b/lib/libnetlink.c
> > > @@ -402,6 +402,59 @@ static void rtnl_dump_error(const struct
Hi Hangbin,
On Fri, Sep 08, 2017 at 06:14:57PM +0800, Hangbin Liu wrote:
[...]
> diff --git a/genl/ctrl.c b/genl/ctrl.c
> index 448988e..699657b 100644
> --- a/genl/ctrl.c
> +++ b/genl/ctrl.c
> @@ -55,6 +55,7 @@ int genl_ctrl_resolve_family(const char *family)
> };
> struct nlmsghdr
Hi Hangbin,
On Fri, Sep 08, 2017 at 06:14:56PM +0800, Hangbin Liu wrote:
[...]
> diff --git a/lib/libnetlink.c b/lib/libnetlink.c
> index be7ac86..37cfb5a 100644
> --- a/lib/libnetlink.c
> +++ b/lib/libnetlink.c
> @@ -402,6 +402,59 @@ static void rtnl_dump_error(const struct rtnl_handle
> *rth,
strlcat() by avoiding the call to strlcpy() if dst string is
already full, not just as sanity check.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/utils.c | 12
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/lib/utils.c b/lib/utils.c
index 330ab073c2068..bbd3cbc
On Mon, Sep 04, 2017 at 02:49:20PM +, David Laight wrote:
> From: Phil Sutter
> > Sent: 01 September 2017 17:53
> > By making use of strncpy(), both implementations are really simple so
> > there is no need to add libbsd as additional dependency.
> >
> ...
>
Hi Stephen,
On Fri, Sep 01, 2017 at 12:13:33PM -0700, Stephen Hemminger wrote:
> On Fri, 1 Sep 2017 16:08:07 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > Changing a tunnel's flowlabel value was broken if it was set to a
> > non-zero value before. Since the same
Hi Stephen,
On Tue, Aug 15, 2017 at 06:51:32PM +0200, Phil Sutter wrote:
> On Tue, Aug 15, 2017 at 09:09:45AM -0700, Stephen Hemminger wrote:
> > On Sat, 12 Aug 2017 14:05:09 +0200
> > Phil Sutter <p...@nwl.cc> wrote:
> >
> > > +void assert_val
This patch converts spots where manual buffer termination was missing to
strlcpy() since that does what is needed.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
genl/ctrl.c | 2 +-
ip/ipvrf.c | 2 +-
ip/xfrm_state.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff
Can't use strlcpy() here since lnstat is not linked against libutil.
While being at it, fix coding style in that chunk as well.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/lnstat_util.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/misc/lnstat_util.c
snprintf() won't leave the buffer unterminated, so manually terminating
is not necessary here.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/tc_util.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/tc/tc_util.c b/tc/tc_util.c
index 371046839ba9f..50d355046bdad 100644
--- a/tc/tc_
This converts the typical idiom of manually terminating the buffer after
a call to strncpy().
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipnetns.c | 3 +--
ip/iproute_lwtunnel.c | 3 +--
ip/ipvrf.c| 3 +--
lib/bpf.c | 3 +--
lib/fs.c
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipxfrm.c | 21 +
1 file changed, 5 insertions(+), 16 deletions(-)
diff --git a/ip/ipxfrm.c b/ip/ipxfrm.c
index d5eb22e25476a..12c2f721571b6 100644
--- a/ip/ipxfrm.c
+++ b/ip/ipxfrm.c
@@ -40,17 +40,6 @@
#include "
By making use of strncpy(), both implementations are really simple so
there is no need to add libbsd as additional dependency.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
include/utils.h | 3 +++
lib/utils.c | 19 +++
2 files changed, 22 insertions(+)
diff --git a/i
sanitizes a call to strncpy() in
misc/lnstat_util.c without using strlcpy() since lnstat is not being
linked against libutil.
I implemented both functions solely based on information in libbsd's man
pages, so they are safe to be released under the GPL.
Phil Sutter (6):
utils: Implement strlcpy
: af89576d7a8c4 ("iproute2: GRE over IPv6 tunnel support.")
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/link_gre6.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ip/link_gre6.c b/ip/link_gre6.c
index 4d3d4b54210b9..447ac5d78ab7b 100644
--- a/ip/link_gre6.c
+++ b/ip/link_
result.
Phil Sutter (2):
link_gre6: Fix for changing tclass/flowlabel
link_gre6: Print the tunnel's tclass setting
ip/link_gre6.c | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
--
2.13.1
Print the value analogous to flowlabel. While being at it, also break
the overlong lines to not exceed 80 characters boundary.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/link_gre6.c | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/ip/link_gre6.c b/ip/link_
Hi Daniel,
On Wed, Aug 30, 2017 at 03:53:59PM +0200, Daniel Borkmann wrote:
> On 08/29/2017 05:09 PM, Phil Sutter wrote:
[...]
> > @@ -228,18 +229,20 @@ static int bpf_parse_string(char *arg, bool
> > from_file, __u16 *bpf_len,
> >
detect double
separator characters, so doesn't soften up the parser too much.
Fixes: 3da3ebfca85b8 ("bpf: Make bytecode-file reading a little more robust")
Cc: Daniel Borkmann <dan...@iogearbox.net>
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/bpf.c | 7 +--
1 file chang
de returned from
netlink reply")
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 20
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/misc/ss.c b/misc/ss.c
index fcc3cf9282c49..2c9e80e696595 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -2753,7 +2753,7
The original issue was that filter.name might end up unterminated if
user provided string was too long. But in fact it is not necessary to
copy the commandline parameter at all: just make filter.name point to it
instead.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
ip/ipntable.c | 6 +++
in get_u8() to find out whether passed 'buf' contains a valid
decimal number instead of checking the first character's value manually.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/inet_proto.c | 24 +---
1 file changed, 13 insertions(+), 11 deletions(-)
diff --git
upstream.
Changes since v3:
- Dropped patch 2 since upstream discussion in v3 is not conclusive yet.
Phil Sutter (6):
ipntable: Avoid memory allocation for filter.name
lib/fs: Fix format string in find_fs_mount()
lib/inet_proto: Review inet_proto_{a2n,n2a}()
lnstat_util: Simplify alloc_and_open
A field width of 4096 allows fscanf() to store that amount of characters
into the given buffer, though that doesn't include the terminating NULL
byte. Decrease the value by one to leave space for it.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/fs.c | 2 +-
1 file changed, 1 insertion
Relying upon callers and using unsafe strcpy() is probably not the best
idea. Aside from that, using snprintf() allows to format the string for
lf->path in one go.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/lnstat_util.c | 7 ++-
1 file changed, 2 insertions(+), 5 deletions
would overwrite the previously NULL'ed 'k[15]'. Also, the
sanitization has to happen if 'tname' is exactly 16 bytes long as
well.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
tc/m_xt.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tc/m_xt.c b/tc/
Instead of having a fixed buffer of 16 bytes for the interface name,
tailor size of new ll_cache entry using the interface name's actual
length. This also makes sure the following call to strcpy() is safe.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/ll_map.c | 4 ++--
1 file chan
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Keep assignment and check in separate statements.
---
tipc/bearer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tipc/bearer.c b/tipc/bearer.c
index c3d4491f8f6ef..0d84570150624 100644
--- a/tipc/be
Prevent passing NULL FILE pointer to fgets() later.
Fix both tools in a single patch since the code changes are basically
identical.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ifstat.c | 16 +++-
misc/nstat.c | 16 +++-
2 files changed, 22 insertions(
The later check for 'k[0] != 0' requires a non-empty filter name,
otherwise NULL pointer dereference in 'q' might happen.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Instead of calling strlen(), just make sure **argv is not 0.
---
tc/tc_filter.c | 3 +++
1 file chan
Assuming 'opt' might be NULL, move the call to RTA_PAYLOAD to after the
check since it dereferences its parameter.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
Changes since v2:
- Dropped empty line between assignment and check.
---
tc/q_netem.c | 3 ++-
1 file changed, 2 insertions
This series collects patches from v1 which eliminate possible cases of
NULL pointer dereferences.
Changes since v3:
- Dropped upstream rejected patch 2.
Phil Sutter (4):
ifstat, nstat: Check fdopen() return value
tc/q_netem: Don't dereference possibly NULL pointer
tc/tc_filter: Make sure
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
netem/maketable.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/netem/maketable.c b/netem/maketable.c
index ad660e7d457f0..ccb8f0c68b062 100644
--- a/netem/maketable.c
+++ b/netem/maketable.c
@@ -38,8 +38,8 @@ readdouble
Calling stat() before mkdir() is racey: The entry might change in
between. Also, the call to stat() seems to exist only to check if the
directory exists already. So simply call mkdir() unconditionally and
catch only errors other than EEXIST.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
li
This series collects patches from v1 addressing miscellaneous issues
detected by covscan.
Changes since v2:
- Dropped patch 1 since v2 discussion is still inconclusive.
- Replaced patch 2 by a more appropriate one given feedback from v2.
Phil Sutter (6):
ss: Make struct tcpstat fields 'timer
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/misc/ss.c b/misc/ss.c
index c41d5169aba52..951aa877bcb01 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -3148,7 +3148,8 @@ static int unix_show(struct fil
This is merely to silence the compiler warning. If write to stderr
failed, assume that printing an error message will fail as well so don't
even try.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/bpf.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/bpf.c b/lib
Both addattr_l() and rta_addattr_l() may be called with NULL data
pointer and 0 alen parameters. Avoid calling memcpy() in that case.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
lib/libnetlink.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/libnetlink.c
for negative values.
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
misc/ss.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/misc/ss.c b/misc/ss.c
index 34c6da5443642..c41d5169aba52 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -697,8 +697,8 @@ struct dctcpstat {
On Mon, Aug 21, 2017 at 05:28:20PM -0700, Stephen Hemminger wrote:
> On Mon, 21 Aug 2017 15:23:36 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > Signed-off-by: Phil Sutter <p...@nwl.cc>
> > ---
> > ip/xfrm_state.c | 3 ++-
> > 1 file changed, 2 ins
On Mon, Aug 21, 2017 at 05:23:23PM -0700, Stephen Hemminger wrote:
> On Mon, 21 Aug 2017 19:08:07 +0200
> Phil Sutter <p...@nwl.cc> wrote:
>
> > Introduce a wrapper which does the sanity checking and returns NULL
> > in case fd is invalid.
> >
> >
101 - 200 of 1052 matches
Mail list logo