|
 |
930fb9 |
From 06ce7afb4135de6ed92a286793cba5129f17f614 Mon Sep 17 00:00:00 2001
|
|
|
930fb9 |
From: Phil Sutter <psutter@redhat.com>
|
|
|
930fb9 |
Date: Mon, 26 Nov 2018 19:11:55 +0100
|
|
|
930fb9 |
Subject: [PATCH] ip-route: Fix nexthop encap parsing
|
|
|
930fb9 |
|
|
|
930fb9 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1625358
|
|
|
930fb9 |
Upstream Status: iproute2.git commit 05d978e0850a6
|
|
|
930fb9 |
|
|
|
930fb9 |
commit 05d978e0850a6a3bae1e6c5392d82f7b1496f86a
|
|
|
930fb9 |
Author: Phil Sutter <phil@nwl.cc>
|
|
|
930fb9 |
Date: Tue Nov 13 13:39:04 2018 +0100
|
|
|
930fb9 |
|
|
|
930fb9 |
ip-route: Fix nexthop encap parsing
|
|
|
930fb9 |
|
|
|
930fb9 |
When parsing nexthop parameters, a buffer of 4k bytes is provided. Yet,
|
|
|
930fb9 |
in lwt_parse_encap() and some functions called by it, buffer size was
|
|
|
930fb9 |
assumed to be 1k despite the actual size was provided. This led to
|
|
|
930fb9 |
spurious buffer size errors if the buffer was filled by previous nexthop
|
|
|
930fb9 |
parameters to exceed that 1k boundary.
|
|
|
930fb9 |
|
|
|
930fb9 |
Fixes: 1e5293056a02c ("lwtunnel: Add encapsulation support to ip route")
|
|
|
930fb9 |
Fixes: 5866bddd9aa9e ("ila: Add support for ILA lwtunnels")
|
|
|
930fb9 |
Fixes: ed67f83806538 ("ila: Support for checksum neutral translation")
|
|
|
930fb9 |
Fixes: 86905c8f057c0 ("ila: support for configuring identifier and hook types")
|
|
|
930fb9 |
Fixes: b15f440e78373 ("lwt: BPF support for LWT")
|
|
|
930fb9 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
930fb9 |
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
|
930fb9 |
---
|
|
|
930fb9 |
ip/iproute_lwtunnel.c | 14 +++++++-------
|
|
|
930fb9 |
1 file changed, 7 insertions(+), 7 deletions(-)
|
|
|
930fb9 |
|
|
|
930fb9 |
diff --git a/ip/iproute_lwtunnel.c b/ip/iproute_lwtunnel.c
|
|
|
930fb9 |
index 4ebfaa7..388cd19 100644
|
|
|
930fb9 |
--- a/ip/iproute_lwtunnel.c
|
|
|
930fb9 |
+++ b/ip/iproute_lwtunnel.c
|
|
|
930fb9 |
@@ -851,7 +851,7 @@ static int parse_encap_ila(struct rtattr *rta, size_t len,
|
|
|
930fb9 |
|
|
|
930fb9 |
argc--; argv++;
|
|
|
930fb9 |
|
|
|
930fb9 |
- if (rta_addattr64(rta, 1024, ILA_ATTR_LOCATOR, locator))
|
|
|
930fb9 |
+ if (rta_addattr64(rta, len, ILA_ATTR_LOCATOR, locator))
|
|
|
930fb9 |
return -1;
|
|
|
930fb9 |
|
|
|
930fb9 |
while (argc > 0) {
|
|
|
930fb9 |
@@ -865,7 +865,7 @@ static int parse_encap_ila(struct rtattr *rta, size_t len,
|
|
|
930fb9 |
invarg("\"csum-mode\" value is invalid\n",
|
|
|
930fb9 |
*argv);
|
|
|
930fb9 |
|
|
|
930fb9 |
- ret = rta_addattr8(rta, 1024, ILA_ATTR_CSUM_MODE,
|
|
|
930fb9 |
+ ret = rta_addattr8(rta, len, ILA_ATTR_CSUM_MODE,
|
|
|
930fb9 |
(__u8)csum_mode);
|
|
|
930fb9 |
|
|
|
930fb9 |
argc--; argv++;
|
|
|
930fb9 |
@@ -879,7 +879,7 @@ static int parse_encap_ila(struct rtattr *rta, size_t len,
|
|
|
930fb9 |
invarg("\"ident-type\" value is invalid\n",
|
|
|
930fb9 |
*argv);
|
|
|
930fb9 |
|
|
|
930fb9 |
- ret = rta_addattr8(rta, 1024, ILA_ATTR_IDENT_TYPE,
|
|
|
930fb9 |
+ ret = rta_addattr8(rta, len, ILA_ATTR_IDENT_TYPE,
|
|
|
930fb9 |
(__u8)ident_type);
|
|
|
930fb9 |
|
|
|
930fb9 |
argc--; argv++;
|
|
|
930fb9 |
@@ -893,7 +893,7 @@ static int parse_encap_ila(struct rtattr *rta, size_t len,
|
|
|
930fb9 |
invarg("\"hook-type\" value is invalid\n",
|
|
|
930fb9 |
*argv);
|
|
|
930fb9 |
|
|
|
930fb9 |
- ret = rta_addattr8(rta, 1024, ILA_ATTR_HOOK_TYPE,
|
|
|
930fb9 |
+ ret = rta_addattr8(rta, len, ILA_ATTR_HOOK_TYPE,
|
|
|
930fb9 |
(__u8)hook_type);
|
|
|
930fb9 |
|
|
|
930fb9 |
argc--; argv++;
|
|
|
930fb9 |
@@ -1016,7 +1016,7 @@ static int parse_encap_bpf(struct rtattr *rta, size_t len, int *argcp,
|
|
|
930fb9 |
if (get_unsigned(&headroom, *argv, 0) || headroom == 0)
|
|
|
930fb9 |
invarg("headroom is invalid\n", *argv);
|
|
|
930fb9 |
if (!headroom_set)
|
|
|
930fb9 |
- rta_addattr32(rta, 1024, LWT_BPF_XMIT_HEADROOM,
|
|
|
930fb9 |
+ rta_addattr32(rta, len, LWT_BPF_XMIT_HEADROOM,
|
|
|
930fb9 |
headroom);
|
|
|
930fb9 |
headroom_set = 1;
|
|
|
930fb9 |
} else if (strcmp(*argv, "help") == 0) {
|
|
|
930fb9 |
@@ -1057,7 +1057,7 @@ int lwt_parse_encap(struct rtattr *rta, size_t len, int *argcp, char ***argvp)
|
|
|
930fb9 |
exit(-1);
|
|
|
930fb9 |
}
|
|
|
930fb9 |
|
|
|
930fb9 |
- nest = rta_nest(rta, 1024, RTA_ENCAP);
|
|
|
930fb9 |
+ nest = rta_nest(rta, len, RTA_ENCAP);
|
|
|
930fb9 |
switch (type) {
|
|
|
930fb9 |
case LWTUNNEL_ENCAP_MPLS:
|
|
|
930fb9 |
ret = parse_encap_mpls(rta, len, &argc, &argv);
|
|
|
930fb9 |
@@ -1090,7 +1090,7 @@ int lwt_parse_encap(struct rtattr *rta, size_t len, int *argcp, char ***argvp)
|
|
|
930fb9 |
|
|
|
930fb9 |
rta_nest_end(rta, nest);
|
|
|
930fb9 |
|
|
|
930fb9 |
- ret = rta_addattr16(rta, 1024, RTA_ENCAP_TYPE, type);
|
|
|
930fb9 |
+ ret = rta_addattr16(rta, len, RTA_ENCAP_TYPE, type);
|
|
|
930fb9 |
|
|
|
930fb9 |
*argcp = argc;
|
|
|
930fb9 |
*argvp = argv;
|
|
|
930fb9 |
--
|
|
|
930fb9 |
1.8.3.1
|
|
|
930fb9 |
|