- 18 Feb, 2016 2 commits
-
-
Stephen Hemminger authored
-
Nicolas Cavallari authored
netns_map_add() does a malloc of (sizeof (struct nsid_cache) + strlen(name)) and then proceed with strcpy() of name into the zero-length member at the end of the nsid_cache structure. The nul-terminator is written outside of the allocated memory and may overwrite the allocator's internal structure. This can trigger a segmentation fault on i386 uclibc with names of size 8: after the corruption occurs, the call to closedir() on netns_map_init() crashes while freeing the DIR structure. Here is the relevant valgrind output: ==1251== Memcheck, a memory error detector ==1251== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==1251== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==1251== Command: ./ip netns ==1251== ==1251== Invalid write of size 1 ==1251== at 0x4011975: strcpy (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==1251== by 0x8058B00: netns_map_add (ipnetns.c:181) ==1251== by 0x8058E2A: netns_map_init (ipnetns.c:226) ==1251== by 0x8058E79: do_netns (ipnetns.c:776) ==1251== by 0x804D9FF: do_cmd (ip.c:110) ==1251== by 0x804D814: main (ip.c:300)
-
- 09 Feb, 2016 27 commits
-
-
Stephen Hemminger authored
Support for the new rx_nohandler statistic. This code is designed to handle the case where the kernel reported statistic structure is smaller than the larger structure in later releases (and vice versa). Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
-
Stephen Hemminger authored
-
Stephen Hemminger authored
This reverts commit f9dec657. Since this code is not in upstream kernel, it shouldn't be in iproute2
-
Stephen Hemminger authored
-
Roopa Prabhu authored
This patch adds support to add mpls multipath routes. example: ip -f mpls route add 100 \ nexthop as 200 via inet 10.1.1.2 dev swp1 \ nexthop as 700 via inet 10.1.1.6 dev swp2 Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
It seems that I've made a mistake when I exported these, instead of a space in the end I've put a newline character which is wrong and breaks the single line output. Fixes: 7d6bc3b8 ("bonding: export 3ad actor and partner port state") Reported-by: Sam Tannous <stannous@cumulusnetworks.com> Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_NF_CALL_(IP|IP6|ARP)TABLES attributes in iproute2 so it can change their values. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_STARTUP_QUERY_INTVL attribute in iproute2 so it can change the startup query interval. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_QUERY_RESPONSE_INTVL attribute in iproute2 so it can change the query response interval. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_QUERY_INTVL attribute in iproute2 so it can change the query interval. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_QUERIER_INTVL attribute in iproute2 so it can change the querier interval. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_MEMBERSHIP_INTVL attribute in iproute2 so it can change the membership interval. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_LAST_MEMBER_INTVL attribute in iproute2 so it can change the last member interval. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_STARTUP_QUERY_CNT attribute in iproute2 so it can change the startup query count. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_LAST_MEMBER_CNT attribute in iproute2 so it can change the last member count value. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_HASH_MAX attribute in iproute2 so it can change the maximum hashed entries. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_HASH_ELASTICTITY attribute in iproute2 so it can change the hash elasticity value. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_QUERIER attribute in iproute2 so it can toggle the mcast querier value. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_QUERY_USE_IFADDR attribute in iproute2 so it can toggle the multicast_query_use_ifaddr val. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_SNOOPING attribute in iproute2 so it can change the multicast snooping value. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_MCAST_ROUTER attribute in iproute2 so it can change the multicast router value. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_VLAN_DEFAULT_PVID attribute in iproute2 so it can change the default pvid. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_GROUP_ADDR attribute in iproute2 so it can change the group address. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
This patch implements support for the IFLA_BR_GROUP_FWD_MASK attribute in iproute2 so it can change the group forwarding mask. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
Netlink already provides hello_timer, tcn_timer, topology_change_timer and gc_timer, so let's make them visible. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
Netlink already export these values, we just need to make them visible. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
Nikolay Aleksandrov authored
Netlink returns the bridge_id and designated_root, we just need to make them visible. Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
-
- 07 Feb, 2016 5 commits
-
-
Roopa Prabhu authored
There is no intuitive option to add static fdb entries today. 'temp' seems to have a side effect of adding 'static' fdb entries. But the name and intent of 'temp' does not say anything about it being static. example: bridge fdb add operates as follows: $bridge fdb add 00:01:02:03:04:05 dev eth0 master $bridge fdb add 00:01:02:03:04:06 dev eth0 master temp $bridge fdb add 00:01:02:03:04:07 dev eth0 master local $bridge fdb show 00:01:02:03:04:05 dev eth0 permanent 00:01:02:03:04:06 dev eth0 static 00:01:02:03:04:07 dev eth0 permanent 00:01:02:03:04:08 dev eth0 <<== dynamic, ageable learned mac This patch adds a new bridge fdb type 'static' which makes sure NUD_NOARP and NUD_REACHABLE is set for static entries. This effectively is nothing but what 'temp' does today. But the name 'temp' is misleading. After the patch: $bridge fdb add 00:01:02:03:04:06 dev eth0 master static $bridge fdb show 00:01:02:03:04:06 dev eth0 static 'temp' could ideally be a dynamic mac that can age (ie just NUD_REACHABLE). But, 'temp' sets 'NUD_NOARP' and 'NUD_REACHABLE'. Too late to change 'temp' now. But, we are thinking of introduing a 'dynamic' keyword after this patch that only sets NUD_REACHABLE. Signed-off-by: Wilson Kok <wkok@cumulusnetworks.com> Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
-
Daniel Borkmann authored
Don't reimplement them and rather use the macros from the gelf header, that is, GELF_ST_BIND()/GELF_ST_TYPE(). Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Daniel Borkmann authored
Provide some more hints to the user/developer when relos have been found that don't point to ld64 imm instruction. Ran couple of times into relos generated by clang [1], where the compiler tried to uninline inlined functions with eBPF and emitted BPF_JMP | BPF_CALL opcodes. If this seems the case, give a hint that the user should do a work-around to use always_inline annotation. [1] https://llvm.org/bugs/show_bug.cgi?id=26243#c3Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Daniel Borkmann authored
With a bit larger, branchy eBPF programs f.e. already ~BPF_MAXINSNS/7 in size, it happens rather quickly that bpf(2) rejects also valid programs when only the verifier log buffer size we have in tc is too small. Change that, so by default we don't do any logging, and only in error case we retry with logging enabled. If we should fail providing a reasonable dump of the verifier analysis, retry few times with a larger log buffer so that we can at least give the user a chance to debug the program. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: John Fastabend <john.r.fastabend@intel.com>
-
Daniel Borkmann authored
Add a couple of improvements to tc's BPF api, that facilitate program development. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
- 05 Feb, 2016 3 commits
-
-
Paolo Abeni authored
This change add the ability to create lwt/flow based/externally controlled geneve device and to select the udp destination port used by a full geneve tunnel. Signed-off-by: Paolo Abeni <pabeni@redhat.com>
-
Nicolas Dichtel authored
Commit 8f80d450 ("tc: fix compilation with old gcc (< 4.6)") was reverted to ease the merge of the net-next branch. Here is the new version. Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Roopa Prabhu authored
'ip monitor all' is broken on older kernels. This patch fixes 'ip monitor all' to match 'all' and not 'all-nsid'. It moves parsing arg 'all-nsid' to after parsing 'all'. Before: $ip monitor all NETLINK_LISTEN_ALL_NSID: Protocol not available After: $ip monitor all [NEIGH]Deleted 10.0.0.1 dev eth1 lladdr c4:54:44:4f:b2:dd STALE Fixes: 449b824a ("ipmonitor: allows to monitor in several netns") Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
-
- 02 Feb, 2016 3 commits
-
-
Daniel Borkmann authored
Add a test that symbol from relocation entry is actually related to map section and bail out with an error message if it's not the case; in relation to [1]. [1] https://llvm.org/bugs/show_bug.cgi?id=26243Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org>
-
Gustavo Zacarias authored
We need limits.h for PATH_MAX, fixes: rt_names.c:364:13: error: ‘PATH_MAX’ undeclared (first use in this function) Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-
Zhang Shengju authored
the warning was: iproute.c:301:12: warning: 'val' may be used uninitialized in this function [-Wmaybe-uninitialized] features &= ~RTAX_FEATURE_ECN; ^ iproute.c:575:10: note: 'val' was declared here __u32 val; ^ Signed-off-by: Zhang Shengju <zhangshengju@cmss.chinamobile.com>
-