From 169d2540f161f5b398266b7a8081ce8265c50c29 Mon Sep 17 00:00:00 2001 From: Open vSwitch CI Date: Jun 08 2023 01:26:24 +0000 Subject: Import openvswitch2.17-2.17.0-104 from Fast DataPath --- diff --git a/SOURCES/openvswitch-2.17.0.patch b/SOURCES/openvswitch-2.17.0.patch index 78f8119..6a25d6e 100644 --- a/SOURCES/openvswitch-2.17.0.patch +++ b/SOURCES/openvswitch-2.17.0.patch @@ -51601,6 +51601,21 @@ index 33a1a92953..fff8e77db1 100644 conn_key_hash(parent_key, ct->hash_basis), &ct->alg_expectation_refs) { if (!conn_key_cmp(&node->parent_key, parent_key)) { +diff --git a/lib/cpu.c b/lib/cpu.c +index 2df003c51b..e7cbfcfe6e 100644 +--- a/lib/cpu.c ++++ b/lib/cpu.c +@@ -37,7 +37,9 @@ static bool x86_has_isa(uint32_t leaf, enum x86_reg reg, uint32_t bit) + { + uint32_t regs[4]; + +- ovs_assert(__get_cpuid_max(leaf & X86_LEAF_MASK, NULL) >= leaf); ++ if (__get_cpuid_max(leaf & X86_LEAF_MASK, NULL) < leaf) { ++ return false; ++ } + + __cpuid_count(leaf, 0, regs[EAX], regs[EBX], regs[ECX], regs[EDX]); + return (regs[reg] & ((uint32_t) 1 << bit)) != 0; diff --git a/lib/daemon-unix.c b/lib/daemon-unix.c index 34d45b82a1..31db2d2c7c 100644 --- a/lib/daemon-unix.c @@ -54133,7 +54148,7 @@ index b6b29c75e3..dbdd540d09 100644 free(queue); } diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c -index 620a451dec..387773e927 100644 +index 620a451dec..80506ae2d9 100644 --- a/lib/netdev-linux.c +++ b/lib/netdev-linux.c @@ -247,6 +247,14 @@ enum { @@ -54172,7 +54187,26 @@ index 620a451dec..387773e927 100644 nl_msg_end_nested(request, offset); nl_msg_end_nested(request, act_offset); } -@@ -2721,7 +2732,7 @@ tc_del_matchall_policer(struct netdev *netdev) +@@ -2698,8 +2709,16 @@ tc_add_matchall_policer(struct netdev *netdev, uint32_t kbits_rate, + + err = tc_transact(&request, &reply); + if (!err) { +- struct tcmsg *tc = +- ofpbuf_at_assert(reply, NLMSG_HDRLEN, sizeof *tc); ++ struct ofpbuf b = ofpbuf_const_initializer(reply->data, reply->size); ++ struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg); ++ struct tcmsg *tc = ofpbuf_try_pull(&b, sizeof *tc); ++ ++ if (!nlmsg || !tc) { ++ VLOG_ERR_RL(&rl, ++ "Failed to add match all policer, malformed reply"); ++ ofpbuf_delete(reply); ++ return EPROTO; ++ } + ofpbuf_delete(reply); + } + +@@ -2721,7 +2740,7 @@ tc_del_matchall_policer(struct netdev *netdev) } id = tc_make_tcf_id(ifindex, block_id, prio, TC_INGRESS); @@ -54181,7 +54215,7 @@ index 620a451dec..387773e927 100644 if (err) { return err; } -@@ -2970,12 +2981,18 @@ netdev_linux_set_qos(struct netdev *netdev_, +@@ -2970,12 +2989,18 @@ netdev_linux_set_qos(struct netdev *netdev_, /* Delete existing qdisc. */ error = tc_del_qdisc(netdev_); if (error) { @@ -54200,7 +54234,7 @@ index 620a451dec..387773e927 100644 ovs_assert((error == 0) == (netdev->tc != NULL)); } -@@ -5331,11 +5348,11 @@ static void +@@ -5331,11 +5356,11 @@ static void hfsc_tc_destroy(struct tc *tc) { struct hfsc *hfsc; @@ -54214,7 +54248,37 @@ index 620a451dec..387773e927 100644 hmap_remove(&hfsc->tc.queues, &hc->tc_queue.hmap_node); free(hc); } -@@ -5966,13 +5983,12 @@ tc_del_qdisc(struct netdev *netdev_) +@@ -5833,20 +5858,26 @@ static int + tc_parse_class(const struct ofpbuf *msg, unsigned int *handlep, + struct nlattr **options, struct netdev_queue_stats *stats) + { ++ struct ofpbuf b = ofpbuf_const_initializer(msg->data, msg->size); ++ struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg); ++ struct tcmsg *tc = ofpbuf_try_pull(&b, sizeof *tc); + static const struct nl_policy tca_policy[] = { + [TCA_OPTIONS] = { .type = NL_A_NESTED, .optional = false }, + [TCA_STATS2] = { .type = NL_A_NESTED, .optional = false }, + }; + struct nlattr *ta[ARRAY_SIZE(tca_policy)]; + +- if (!nl_policy_parse(msg, NLMSG_HDRLEN + sizeof(struct tcmsg), +- tca_policy, ta, ARRAY_SIZE(ta))) { ++ if (!nlmsg || !tc) { ++ VLOG_ERR_RL(&rl, "failed to parse class message, malformed reply"); ++ goto error; ++ } ++ ++ if (!nl_policy_parse(&b, 0, tca_policy, ta, ARRAY_SIZE(ta))) { + VLOG_WARN_RL(&rl, "failed to parse class message"); + goto error; + } + + if (handlep) { +- struct tcmsg *tc = ofpbuf_at_assert(msg, NLMSG_HDRLEN, sizeof *tc); + *handlep = tc->tcm_handle; + } + +@@ -5966,13 +5997,12 @@ tc_del_qdisc(struct netdev *netdev_) if (!tcmsg) { return ENODEV; } @@ -54231,7 +54295,7 @@ index 620a451dec..387773e927 100644 error = 0; } if (!error && netdev->tc) { -@@ -6295,7 +6311,14 @@ get_stats_via_netlink(const struct netdev *netdev_, struct netdev_stats *stats) +@@ -6295,7 +6325,14 @@ get_stats_via_netlink(const struct netdev *netdev_, struct netdev_stats *stats) if (ofpbuf_try_pull(reply, NLMSG_HDRLEN + sizeof(struct ifinfomsg))) { const struct nlattr *a = nl_attr_find(reply, 0, IFLA_STATS64); if (a && nl_attr_get_size(a) >= sizeof(struct rtnl_link_stats64)) { @@ -54247,7 +54311,7 @@ index 620a451dec..387773e927 100644 error = 0; } else { a = nl_attr_find(reply, 0, IFLA_STATS); -@@ -6411,6 +6434,9 @@ netdev_linux_update_via_netlink(struct netdev_linux *netdev) +@@ -6411,6 +6448,9 @@ netdev_linux_update_via_netlink(struct netdev_linux *netdev) if (netdev_linux_netnsid_is_remote(netdev)) { nl_msg_put_u32(&request, IFLA_IF_NETNSID, netdev->netnsid); } @@ -58280,10 +58344,27 @@ index fcaddf10ad..71039e24f1 100644 /* Attempts to guess the content type of a stream whose first few bytes were diff --git a/lib/tc.c b/lib/tc.c -index adb2d3182a..7242ea5e2f 100644 +index adb2d3182a..bbadb6972a 100644 --- a/lib/tc.c +++ b/lib/tc.c -@@ -84,6 +84,11 @@ struct flower_key_to_pedit { +@@ -36,6 +36,7 @@ + #include + + #include "byte-order.h" ++#include "coverage.h" + #include "netlink-socket.h" + #include "netlink.h" + #include "openvswitch/ofpbuf.h" +@@ -67,6 +68,8 @@ + + VLOG_DEFINE_THIS_MODULE(tc); + ++COVERAGE_DEFINE(tc_netlink_malformed_reply); ++ + static struct vlog_rate_limit error_rl = VLOG_RATE_LIMIT_INIT(60, 5); + + static enum tc_offload_policy tc_policy = TC_POLICY_NONE; +@@ -84,6 +87,11 @@ struct flower_key_to_pedit { int boundary_shift; }; @@ -58295,7 +58376,7 @@ index adb2d3182a..7242ea5e2f 100644 static struct flower_key_to_pedit flower_pedit_map[] = { { TCA_PEDIT_KEY_EX_HDR_TYPE_IP4, -@@ -395,8 +400,14 @@ static const struct nl_policy tca_flower_policy[] = { +@@ -395,8 +403,14 @@ static const struct nl_policy tca_flower_policy[] = { [TCA_FLOWER_KEY_ENC_IPV6_DST_MASK] = { .type = NL_A_UNSPEC, .min_len = sizeof(struct in6_addr), .optional = true, }, @@ -58310,7 +58391,7 @@ index adb2d3182a..7242ea5e2f 100644 [TCA_FLOWER_KEY_FLAGS] = { .type = NL_A_BE32, .optional = true, }, [TCA_FLOWER_KEY_FLAGS_MASK] = { .type = NL_A_BE32, .optional = true, }, [TCA_FLOWER_KEY_IP_TTL] = { .type = NL_A_U8, -@@ -568,16 +579,17 @@ nl_parse_flower_vlan(struct nlattr **attrs, struct tc_flower *flower) +@@ -568,16 +582,17 @@ nl_parse_flower_vlan(struct nlattr **attrs, struct tc_flower *flower) flower->key.encap_eth_type[0] = nl_attr_get_be16(attrs[TCA_FLOWER_KEY_ETH_TYPE]); @@ -58330,7 +58411,7 @@ index adb2d3182a..7242ea5e2f 100644 } if (!attrs[TCA_FLOWER_KEY_VLAN_ETH_TYPE]) { -@@ -590,17 +602,18 @@ nl_parse_flower_vlan(struct nlattr **attrs, struct tc_flower *flower) +@@ -590,17 +605,18 @@ nl_parse_flower_vlan(struct nlattr **attrs, struct tc_flower *flower) } flower->key.encap_eth_type[1] = flower->key.encap_eth_type[0]; @@ -58351,7 +58432,7 @@ index adb2d3182a..7242ea5e2f 100644 } } -@@ -705,15 +718,17 @@ flower_tun_geneve_opt_check_len(struct tun_metadata *key, +@@ -705,15 +721,17 @@ flower_tun_geneve_opt_check_len(struct tun_metadata *key, const struct geneve_opt *opt, *opt_mask; int len, cnt = 0; @@ -58372,7 +58453,7 @@ index adb2d3182a..7242ea5e2f 100644 } cnt += sizeof(struct geneve_opt) / 4 + opt->length; -@@ -721,6 +736,11 @@ flower_tun_geneve_opt_check_len(struct tun_metadata *key, +@@ -721,6 +739,11 @@ flower_tun_geneve_opt_check_len(struct tun_metadata *key, } return 0; @@ -58384,7 +58465,7 @@ index adb2d3182a..7242ea5e2f 100644 } static int -@@ -758,7 +778,15 @@ nl_parse_flower_tunnel(struct nlattr **attrs, struct tc_flower *flower) +@@ -758,7 +781,15 @@ nl_parse_flower_tunnel(struct nlattr **attrs, struct tc_flower *flower) flower->key.tunnel.ipv6.ipv6_dst = nl_attr_get_in6_addr(attrs[TCA_FLOWER_KEY_ENC_IPV6_DST]); } @@ -58401,7 +58482,7 @@ index adb2d3182a..7242ea5e2f 100644 flower->key.tunnel.tp_dst = nl_attr_get_be16(attrs[TCA_FLOWER_KEY_ENC_UDP_DST_PORT]); } -@@ -937,24 +965,21 @@ nl_parse_flower_ip(struct nlattr **attrs, struct tc_flower *flower) { +@@ -937,24 +968,21 @@ nl_parse_flower_ip(struct nlattr **attrs, struct tc_flower *flower) { key->icmp_code = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ICMPV4_CODE]); mask->icmp_code = @@ -58431,7 +58512,7 @@ index adb2d3182a..7242ea5e2f 100644 mask->icmp_type = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ICMPV6_TYPE_MASK]); } -@@ -1006,14 +1031,14 @@ static const struct nl_policy pedit_policy[] = { +@@ -1006,14 +1034,14 @@ static const struct nl_policy pedit_policy[] = { static int nl_parse_act_pedit(struct nlattr *options, struct tc_flower *flower) { @@ -58449,7 +58530,7 @@ index adb2d3182a..7242ea5e2f 100644 size_t keys_ex_size, left; int type, i = 0, err; -@@ -1068,7 +1093,7 @@ nl_parse_act_pedit(struct nlattr *options, struct tc_flower *flower) +@@ -1068,7 +1096,7 @@ nl_parse_act_pedit(struct nlattr *options, struct tc_flower *flower) int diff = flower_off + (keys->off - mf); ovs_be32 *dst = (void *) (rewrite_key + diff); ovs_be32 *dst_m = (void *) (rewrite_mask + diff); @@ -58458,7 +58539,7 @@ index adb2d3182a..7242ea5e2f 100644 uint32_t zero_bits; mask_word = htonl(ntohl(keys->mask) << m->boundary_shift); -@@ -1083,8 +1108,13 @@ nl_parse_act_pedit(struct nlattr *options, struct tc_flower *flower) +@@ -1083,8 +1111,13 @@ nl_parse_act_pedit(struct nlattr *options, struct tc_flower *flower) mask &= htonl(UINT32_MAX << zero_bits); } @@ -58474,7 +58555,7 @@ index adb2d3182a..7242ea5e2f 100644 } } -@@ -1092,7 +1122,6 @@ nl_parse_act_pedit(struct nlattr *options, struct tc_flower *flower) +@@ -1092,7 +1125,6 @@ nl_parse_act_pedit(struct nlattr *options, struct tc_flower *flower) i++; } @@ -58482,7 +58563,7 @@ index adb2d3182a..7242ea5e2f 100644 action->type = TC_ACT_PEDIT; return 0; -@@ -1305,7 +1334,23 @@ get_user_hz(void) +@@ -1305,7 +1337,23 @@ get_user_hz(void) static void nl_parse_tcf(const struct tcf_t *tm, struct tc_flower *flower) { @@ -58507,7 +58588,7 @@ index adb2d3182a..7242ea5e2f 100644 } static int -@@ -1314,8 +1359,8 @@ nl_parse_act_gact(struct nlattr *options, struct tc_flower *flower) +@@ -1314,8 +1362,8 @@ nl_parse_act_gact(struct nlattr *options, struct tc_flower *flower) struct nlattr *gact_attrs[ARRAY_SIZE(gact_policy)]; const struct tc_gact *p; struct nlattr *gact_parms; @@ -58517,7 +58598,7 @@ index adb2d3182a..7242ea5e2f 100644 if (!nl_parse_nested(options, gact_policy, gact_attrs, ARRAY_SIZE(gact_policy))) { -@@ -1335,8 +1380,9 @@ nl_parse_act_gact(struct nlattr *options, struct tc_flower *flower) +@@ -1335,8 +1383,9 @@ nl_parse_act_gact(struct nlattr *options, struct tc_flower *flower) return EINVAL; } @@ -58529,7 +58610,7 @@ index adb2d3182a..7242ea5e2f 100644 return 0; } -@@ -1357,9 +1403,9 @@ nl_parse_act_mirred(struct nlattr *options, struct tc_flower *flower) +@@ -1357,9 +1406,9 @@ nl_parse_act_mirred(struct nlattr *options, struct tc_flower *flower) struct nlattr *mirred_attrs[ARRAY_SIZE(mirred_policy)]; const struct tc_mirred *m; const struct nlattr *mirred_parms; @@ -58540,7 +58621,7 @@ index adb2d3182a..7242ea5e2f 100644 if (!nl_parse_nested(options, mirred_policy, mirred_attrs, ARRAY_SIZE(mirred_policy))) { -@@ -1387,8 +1433,8 @@ nl_parse_act_mirred(struct nlattr *options, struct tc_flower *flower) +@@ -1387,8 +1436,8 @@ nl_parse_act_mirred(struct nlattr *options, struct tc_flower *flower) action->type = TC_ACT_OUTPUT; mirred_tm = mirred_attrs[TCA_MIRRED_TM]; @@ -58551,7 +58632,7 @@ index adb2d3182a..7242ea5e2f 100644 return 0; } -@@ -1487,7 +1533,9 @@ nl_parse_act_ct(struct nlattr *options, struct tc_flower *flower) +@@ -1487,7 +1536,9 @@ nl_parse_act_ct(struct nlattr *options, struct tc_flower *flower) if (ipv4_max) { ovs_be32 addr = nl_attr_get_be32(ipv4_max); @@ -58562,7 +58643,7 @@ index adb2d3182a..7242ea5e2f 100644 } } else if (ipv6_min) { action->ct.range.ip_family = AF_INET6; -@@ -1496,7 +1544,9 @@ nl_parse_act_ct(struct nlattr *options, struct tc_flower *flower) +@@ -1496,7 +1547,9 @@ nl_parse_act_ct(struct nlattr *options, struct tc_flower *flower) if (ipv6_max) { struct in6_addr addr = nl_attr_get_in6_addr(ipv6_max); @@ -58573,7 +58654,7 @@ index adb2d3182a..7242ea5e2f 100644 } } -@@ -1504,6 +1554,10 @@ nl_parse_act_ct(struct nlattr *options, struct tc_flower *flower) +@@ -1504,6 +1557,10 @@ nl_parse_act_ct(struct nlattr *options, struct tc_flower *flower) action->ct.range.port.min = nl_attr_get_be16(port_min); if (port_max) { action->ct.range.port.max = nl_attr_get_be16(port_max); @@ -58584,7 +58665,7 @@ index adb2d3182a..7242ea5e2f 100644 } } } -@@ -1698,24 +1752,89 @@ static const struct nl_policy act_policy[] = { +@@ -1698,24 +1755,89 @@ static const struct nl_policy act_policy[] = { [TCA_ACT_STATS] = { .type = NL_A_NESTED, .optional = false, }, }; @@ -58683,7 +58764,7 @@ index adb2d3182a..7242ea5e2f 100644 int err = 0; if (!nl_parse_nested(action, act_policy, action_attrs, -@@ -1763,21 +1882,8 @@ nl_parse_single_action(struct nlattr *action, struct tc_flower *flower, +@@ -1763,21 +1885,8 @@ nl_parse_single_action(struct nlattr *action, struct tc_flower *flower, flower->act_cookie.len = nl_attr_get_size(act_cookie); } @@ -58707,7 +58788,63 @@ index adb2d3182a..7242ea5e2f 100644 } #define TCA_ACT_MIN_PRIO 1 -@@ -1964,14 +2070,23 @@ tc_dump_tc_chain_start(struct tcf_id *id, struct nl_dump *dump) +@@ -1869,18 +1978,19 @@ int + parse_netlink_to_tc_flower(struct ofpbuf *reply, struct tcf_id *id, + struct tc_flower *flower, bool terse) + { +- struct tcmsg *tc; ++ struct ofpbuf b = ofpbuf_const_initializer(reply->data, reply->size); ++ struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg); ++ struct tcmsg *tc = ofpbuf_try_pull(&b, sizeof *tc); + struct nlattr *ta[ARRAY_SIZE(tca_policy)]; + const char *kind; + +- if (NLMSG_HDRLEN + sizeof *tc > reply->size) { ++ if (!nlmsg || !tc) { ++ COVERAGE_INC(tc_netlink_malformed_reply); + return EPROTO; + } + + memset(flower, 0, sizeof *flower); + +- tc = ofpbuf_at_assert(reply, NLMSG_HDRLEN, sizeof *tc); +- + flower->key.eth_type = (OVS_FORCE ovs_be16) tc_get_minor(tc->tcm_info); + flower->mask.eth_type = OVS_BE16_MAX; + id->prio = tc_get_major(tc->tcm_info); +@@ -1894,8 +2004,7 @@ parse_netlink_to_tc_flower(struct ofpbuf *reply, struct tcf_id *id, + return EAGAIN; + } + +- if (!nl_policy_parse(reply, NLMSG_HDRLEN + sizeof *tc, +- tca_policy, ta, ARRAY_SIZE(ta))) { ++ if (!nl_policy_parse(&b, 0, tca_policy, ta, ARRAY_SIZE(ta))) { + VLOG_ERR_RL(&error_rl, "failed to parse tca policy"); + return EPROTO; + } +@@ -1916,13 +2025,17 @@ parse_netlink_to_tc_flower(struct ofpbuf *reply, struct tcf_id *id, + int + parse_netlink_to_tc_chain(struct ofpbuf *reply, uint32_t *chain) + { ++ struct ofpbuf b = ofpbuf_const_initializer(reply->data, reply->size); ++ struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg); ++ struct tcmsg *tc = ofpbuf_try_pull(&b, sizeof *tc); + struct nlattr *ta[ARRAY_SIZE(tca_chain_policy)]; +- struct tcmsg *tc; + +- tc = ofpbuf_at_assert(reply, NLMSG_HDRLEN, sizeof *tc); ++ if (!nlmsg || !tc) { ++ COVERAGE_INC(tc_netlink_malformed_reply); ++ return EPROTO; ++ } + +- if (!nl_policy_parse(reply, NLMSG_HDRLEN + sizeof *tc, +- tca_chain_policy, ta, ARRAY_SIZE(ta))) { ++ if (!nl_policy_parse(&b, 0, tca_chain_policy, ta, ARRAY_SIZE(ta))) { + VLOG_ERR_RL(&error_rl, "failed to parse tca chain policy"); + return EINVAL; + } +@@ -1964,14 +2077,23 @@ tc_dump_tc_chain_start(struct tcf_id *id, struct nl_dump *dump) } int @@ -58732,7 +58869,7 @@ index adb2d3182a..7242ea5e2f 100644 int tc_get_flower(struct tcf_id *id, struct tc_flower *flower) { -@@ -1980,6 +2095,7 @@ tc_get_flower(struct tcf_id *id, struct tc_flower *flower) +@@ -1980,6 +2102,7 @@ tc_get_flower(struct tcf_id *id, struct tc_flower *flower) int error; request_from_tcf_id(id, 0, RTM_GETTFILTER, NLM_F_ECHO, &request); @@ -58740,7 +58877,7 @@ index adb2d3182a..7242ea5e2f 100644 error = tc_transact(&request, &reply); if (error) { return error; -@@ -2399,14 +2515,14 @@ nl_msg_put_act_flags(struct ofpbuf *request) { +@@ -2399,14 +2522,14 @@ nl_msg_put_act_flags(struct ofpbuf *request) { * first_word_mask/last_word_mask - the mask to use for the first/last read * (as we read entire words). */ static void @@ -58758,7 +58895,7 @@ index adb2d3182a..7242ea5e2f 100644 max_offset = m->offset + m->size; start_offset = ROUND_DOWN(m->offset, 4); -@@ -2473,7 +2589,8 @@ csum_update_flag(struct tc_flower *flower, +@@ -2473,7 +2596,8 @@ csum_update_flag(struct tc_flower *flower, static int nl_msg_put_flower_rewrite_pedits(struct ofpbuf *request, @@ -58768,7 +58905,7 @@ index adb2d3182a..7242ea5e2f 100644 { struct { struct tc_pedit sel; -@@ -2497,12 +2614,12 @@ nl_msg_put_flower_rewrite_pedits(struct ofpbuf *request, +@@ -2497,12 +2621,12 @@ nl_msg_put_flower_rewrite_pedits(struct ofpbuf *request, continue; } @@ -58784,7 +58921,7 @@ index adb2d3182a..7242ea5e2f 100644 if (j == 0) { mask_word &= first_word_mask; -@@ -2556,6 +2673,29 @@ nl_msg_put_flower_acts_release(struct ofpbuf *request, uint16_t act_index) +@@ -2556,6 +2680,29 @@ nl_msg_put_flower_acts_release(struct ofpbuf *request, uint16_t act_index) nl_msg_end_nested(request, act_offset); } @@ -58814,7 +58951,7 @@ index adb2d3182a..7242ea5e2f 100644 static int nl_msg_put_flower_acts(struct ofpbuf *request, struct tc_flower *flower) { -@@ -2572,20 +2712,22 @@ nl_msg_put_flower_acts(struct ofpbuf *request, struct tc_flower *flower) +@@ -2572,20 +2719,22 @@ nl_msg_put_flower_acts(struct ofpbuf *request, struct tc_flower *flower) action = flower->actions; for (i = 0; i < flower->action_count; i++, action++) { @@ -58843,7 +58980,7 @@ index adb2d3182a..7242ea5e2f 100644 } } break; -@@ -2792,13 +2934,16 @@ nl_msg_put_flower_tunnel(struct ofpbuf *request, struct tc_flower *flower) +@@ -2792,13 +2941,16 @@ nl_msg_put_flower_tunnel(struct ofpbuf *request, struct tc_flower *flower) struct in6_addr *ipv6_dst_mask = &flower->mask.tunnel.ipv6.ipv6_dst; struct in6_addr *ipv6_src = &flower->key.tunnel.ipv6.ipv6_src; struct in6_addr *ipv6_dst = &flower->key.tunnel.ipv6.ipv6_dst; @@ -58861,7 +58998,7 @@ index adb2d3182a..7242ea5e2f 100644 if (ipv4_dst_mask || ipv4_src_mask) { nl_msg_put_be32(request, TCA_FLOWER_KEY_ENC_IPV4_DST_MASK, -@@ -2824,8 +2969,15 @@ nl_msg_put_flower_tunnel(struct ofpbuf *request, struct tc_flower *flower) +@@ -2824,8 +2976,15 @@ nl_msg_put_flower_tunnel(struct ofpbuf *request, struct tc_flower *flower) nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TTL, ttl); nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TTL_MASK, ttl_mask); } @@ -58878,7 +59015,7 @@ index adb2d3182a..7242ea5e2f 100644 } if (id_mask) { nl_msg_put_be32(request, TCA_FLOWER_KEY_ENC_KEY_ID, id); -@@ -2914,13 +3066,13 @@ nl_msg_put_flower_options(struct ofpbuf *request, struct tc_flower *flower) +@@ -2914,13 +3073,13 @@ nl_msg_put_flower_options(struct ofpbuf *request, struct tc_flower *flower) FLOWER_PUT_MASKED_VALUE(icmp_code, TCA_FLOWER_KEY_ICMPV6_CODE); FLOWER_PUT_MASKED_VALUE(icmp_type, TCA_FLOWER_KEY_ICMPV6_TYPE); } @@ -58897,7 +59034,7 @@ index adb2d3182a..7242ea5e2f 100644 if (host_eth_type == ETH_P_IP) { FLOWER_PUT_MASKED_VALUE(ipv4.ipv4_src, TCA_FLOWER_KEY_IPV4_SRC); FLOWER_PUT_MASKED_VALUE(ipv4.ipv4_dst, TCA_FLOWER_KEY_IPV4_DST); -@@ -2993,12 +3145,79 @@ nl_msg_put_flower_options(struct ofpbuf *request, struct tc_flower *flower) +@@ -2993,12 +3152,79 @@ nl_msg_put_flower_options(struct ofpbuf *request, struct tc_flower *flower) return 0; } @@ -58978,7 +59115,7 @@ index adb2d3182a..7242ea5e2f 100644 return false; } -@@ -3011,8 +3230,8 @@ cmp_tc_flower_match_action(const struct tc_flower *a, +@@ -3011,8 +3237,8 @@ cmp_tc_flower_match_action(const struct tc_flower *a, uint8_t key_b = ((uint8_t *)&b->key)[i] & mask; if (key_a != key_b) { @@ -58989,7 +59126,7 @@ index adb2d3182a..7242ea5e2f 100644 return false; } } -@@ -3022,14 +3241,15 @@ cmp_tc_flower_match_action(const struct tc_flower *a, +@@ -3022,14 +3248,15 @@ cmp_tc_flower_match_action(const struct tc_flower *a, const struct tc_action *action_b = b->actions; if (a->action_count != b->action_count) { @@ -59008,6 +59145,24 @@ index adb2d3182a..7242ea5e2f 100644 return false; } } +@@ -3063,8 +3290,15 @@ tc_replace_flower(struct tcf_id *id, struct tc_flower *flower) + + error = tc_transact(&request, &reply); + if (!error) { +- struct tcmsg *tc = +- ofpbuf_at_assert(reply, NLMSG_HDRLEN, sizeof *tc); ++ struct ofpbuf b = ofpbuf_const_initializer(reply->data, reply->size); ++ struct nlmsghdr *nlmsg = ofpbuf_try_pull(&b, sizeof *nlmsg); ++ struct tcmsg *tc = ofpbuf_try_pull(&b, sizeof *tc); ++ ++ if (!nlmsg || !tc) { ++ COVERAGE_INC(tc_netlink_malformed_reply); ++ ofpbuf_delete(reply); ++ return EPROTO; ++ } + + id->prio = tc_get_major(tc->tcm_info); + id->handle = tc->tcm_handle; diff --git a/lib/tc.h b/lib/tc.h index a147ca461d..35068cbd89 100644 --- a/lib/tc.h diff --git a/SPECS/openvswitch2.17.spec b/SPECS/openvswitch2.17.spec index edb86d3..7fcf8c4 100644 --- a/SPECS/openvswitch2.17.spec +++ b/SPECS/openvswitch2.17.spec @@ -63,7 +63,7 @@ Summary: Open vSwitch Group: System Environment/Daemons daemon/database/utilities URL: http://www.openvswitch.org/ Version: 2.17.0 -Release: 103%{?dist} +Release: 104%{?dist} # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL @@ -749,6 +749,13 @@ exit 0 %endif %changelog +* Wed Jun 07 2023 Open vSwitch CI - 2.17.0-104 +- Merging upstream branch-2.17 [RH git: 262456bdbd] + Commit list: + e01ea8e7ef cpu: Fix cpuid check for some AMD processors. (#2211747) + 111c7be319 tc: Fix crash on malformed reply from kernel. + + * Fri Jun 02 2023 Open vSwitch CI - 2.17.0-103 - Merging upstream branch-2.17 [RH git: 9a6c8fa9be] Commit list: