From f59533eb3cb188a23456444aeb19ac3634eddd8c Mon Sep 17 00:00:00 2001

From: Stefano Brivio <sbrivio@redhat.com>

Date: Sun, 22 Oct 2017 21:44:26 +0200

Subject: [PATCH] ss: allow AF_FAMILY constants >32

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1472759

Upstream Status: iproute2.git commit b338a3e7e7d9

commit b338a3e7e7d95c9d46de9748604da06287664033

Author: Stefan Hajnoczi <stefanha@redhat.com>

Date:   Fri Oct 6 11:48:39 2017 -0400

    ss: allow AF_FAMILY constants >32

    Linux has more than 32 address families defined in <bits/socket.h>.  Use

    a 64-bit type so all of them can be represented in the filter->families

    bitmask.

    It's easy to introduce bugs when using (1 << AF_FAMILY) because the

    value is 32-bit.  This can produce incorrect results from bitmask

    operations so introduce the FAMILY_MASK() macro to eliminate these bugs.

    Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

---

 misc/ss.c | 54 ++++++++++++++++++++++++++++--------------------------

 1 file changed, 28 insertions(+), 26 deletions(-)

diff --git a/misc/ss.c b/misc/ss.c

index d3fb9a751b3ab..0d6452777f7b6 100644

--- a/misc/ss.c

+++ b/misc/ss.c

@@ -170,55 +170,57 @@ enum {

 struct filter {

 	int dbs;

 	int states;

-	int families;

+	uint64_t families;

 	struct ssfilter *f;

 	bool kill;

 };

+#define FAMILY_MASK(family) ((uint64_t)1 << (family))

+

 static const struct filter default_dbs[MAX_DB] = {

 	[TCP_DB] = {

 		.states   = SS_CONN,

-		.families = (1 << AF_INET) | (1 << AF_INET6),

+		.families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),

 	},

 	[DCCP_DB] = {

 		.states   = SS_CONN,

-		.families = (1 << AF_INET) | (1 << AF_INET6),

+		.families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),

 	},

 	[UDP_DB] = {

 		.states   = (1 << SS_ESTABLISHED),

-		.families = (1 << AF_INET) | (1 << AF_INET6),

+		.families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),

 	},

 	[RAW_DB] = {

 		.states   = (1 << SS_ESTABLISHED),

-		.families = (1 << AF_INET) | (1 << AF_INET6),

+		.families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),

 	},

 	[UNIX_DG_DB] = {

 		.states   = (1 << SS_CLOSE),

-		.families = (1 << AF_UNIX),

+		.families = FAMILY_MASK(AF_UNIX),

 	},

 	[UNIX_ST_DB] = {

 		.states   = SS_CONN,

-		.families = (1 << AF_UNIX),

+		.families = FAMILY_MASK(AF_UNIX),

 	},

 	[UNIX_SQ_DB] = {

 		.states   = SS_CONN,

-		.families = (1 << AF_UNIX),

+		.families = FAMILY_MASK(AF_UNIX),

 	},

 	[PACKET_DG_DB] = {

 		.states   = (1 << SS_CLOSE),

-		.families = (1 << AF_PACKET),

+		.families = FAMILY_MASK(AF_PACKET),

 	},

 	[PACKET_R_DB] = {

 		.states   = (1 << SS_CLOSE),

-		.families = (1 << AF_PACKET),

+		.families = FAMILY_MASK(AF_PACKET),

 	},

 	[NETLINK_DB] = {

 		.states   = (1 << SS_CLOSE),

-		.families = (1 << AF_NETLINK),

+		.families = FAMILY_MASK(AF_NETLINK),

 	},

 	[SCTP_DB] = {

 		.states   = SS_CONN,

-		.families = (1 << AF_INET) | (1 << AF_INET6),

+		.families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6),

 	},

 };

@@ -258,14 +260,14 @@ static void filter_db_set(struct filter *f, int db)

 static void filter_af_set(struct filter *f, int af)

 {

 	f->states	   |= default_afs[af].states;

-	f->families	   |= 1 << af;

+	f->families	   |= FAMILY_MASK(af);

 	do_default	    = 0;

 	preferred_family    = af;

 }

 static int filter_af_get(struct filter *f, int af)

 {

-	return f->families & (1 << af);

+	return !!(f->families & FAMILY_MASK(af));

 }

 static void filter_default_dbs(struct filter *f)

@@ -302,7 +304,7 @@ static void filter_merge_defaults(struct filter *f)

 			f->families |= default_dbs[db].families;

 	}

 	for (af = 0; af < AF_MAX; af++) {

-		if (!(f->families & (1 << af)))

+		if (!(f->families & FAMILY_MASK(af)))

 			continue;

 		if (!(default_afs[af].dbs & f->dbs))

@@ -2599,7 +2601,7 @@ static int show_one_inet_sock(const struct sockaddr_nl *addr,

 	struct inet_diag_msg *r = NLMSG_DATA(h);

 	struct sockstat s = {};

-	if (!(diag_arg->f->families & (1 << r->idiag_family)))

+	if (!(diag_arg->f->families & FAMILY_MASK(r->idiag_family)))

 		return 0;

 	parse_diag_msg(h, &s);

@@ -2785,7 +2787,7 @@ static int tcp_show(struct filter *f)

 		return -1;

 	}

-	if (f->families & (1<

+	if (f->families & FAMILY_MASK(AF_INET)) {

 		if ((fp = net_tcp_open()) == NULL)

 			goto outerr;

@@ -2795,7 +2797,7 @@ static int tcp_show(struct filter *f)

 		fclose(fp);

 	}

-	if ((f->families & (1<

+	if ((f->families & FAMILY_MASK(AF_INET6)) &&

 	    (fp = net_tcp6_open()) != NULL) {

 		setbuffer(fp, buf, bufsize);

 		if (generic_record_read(fp, tcp_show_line, f, AF_INET6))

@@ -2894,7 +2896,7 @@ static int udp_show(struct filter *f)

 	    && inet_show_netlink(f, NULL, IPPROTO_UDP) == 0)

 		return 0;

-	if (f->families&(1<

+	if (f->families&FAMILY_MASK(AF_INET)) {

 		if ((fp = net_udp_open()) == NULL)

 			goto outerr;

 		if (generic_record_read(fp, dgram_show_line, f, AF_INET))

@@ -2902,7 +2904,7 @@ static int udp_show(struct filter *f)

 		fclose(fp);

 	}

-	if ((f->families&(1<

+	if ((f->families&FAMILY_MASK(AF_INET6)) &&

 	    (fp = net_udp6_open()) != NULL) {

 		if (generic_record_read(fp, dgram_show_line, f, AF_INET6))

 			goto outerr;

@@ -2934,7 +2936,7 @@ static int raw_show(struct filter *f)

 	    inet_show_netlink(f, NULL, IPPROTO_RAW) == 0)

 		return 0;

-	if (f->families&(1<

+	if (f->families&FAMILY_MASK(AF_INET)) {

 		if ((fp = net_raw_open()) == NULL)

 			goto outerr;

 		if (generic_record_read(fp, dgram_show_line, f, AF_INET))

@@ -2942,7 +2944,7 @@ static int raw_show(struct filter *f)

 		fclose(fp);

 	}

-	if ((f->families&(1<

+	if ((f->families&FAMILY_MASK(AF_INET6)) &&

 	    (fp = net_raw6_open()) != NULL) {

 		if (generic_record_read(fp, dgram_show_line, f, AF_INET6))

 			goto outerr;

@@ -3682,13 +3684,13 @@ static int handle_follow_request(struct filter *f)

 	int groups = 0;

 	struct rtnl_handle rth;

-	if (f->families & (1 << AF_INET) && f->dbs & (1 << TCP_DB))

+	if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << TCP_DB))

 		groups |= 1 << (SKNLGRP_INET_TCP_DESTROY - 1);

-	if (f->families & (1 << AF_INET) && f->dbs & (1 << UDP_DB))

+	if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << UDP_DB))

 		groups |= 1 << (SKNLGRP_INET_UDP_DESTROY - 1);

-	if (f->families & (1 << AF_INET6) && f->dbs & (1 << TCP_DB))

+	if (f->families & FAMILY_MASK(AF_INET6) && f->dbs & (1 << TCP_DB))

 		groups |= 1 << (SKNLGRP_INET6_TCP_DESTROY - 1);

-	if (f->families & (1 << AF_INET6) && f->dbs & (1 << UDP_DB))

+	if (f->families & FAMILY_MASK(AF_INET6) && f->dbs & (1 << UDP_DB))

 		groups |= 1 << (SKNLGRP_INET6_UDP_DESTROY - 1);

 	if (groups == 0)

-- 

2.21.0