| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
| |
Don't define _GNU_SOURCE on the command line. Instead, use
AC_USE_SYSTEM_EXTENSIONS which embeds it in "include/config.h".
Also, fix flex files to ensure "include/config.h" is included as first,
and that we get _GNU_SOURCE defined before including anything else. This
is achieved by include "include/nl-default.h" as %top{}.
|
| |
|
|
| |
We have those defines. Use them throughout.
|
| |
|
|
|
|
|
|
|
|
|
| |
For building all of our source files, we should include first
"config.h". This ensures that we have for example NL_DEBUG available.
Actually, "config.h" is included by "nl-default.h". In turn this means,
all our source files should first include "nl-default.h", which drags in
a set of default headers.
Fix the lex/yacc files for that.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
rtnl_act_append() either takes ownership of the argument, or does
nothing (on error). This pattern is hard to get right. In the past,
there were various bugs at this place.
Add two wrappers _rtnl_act_append_get() and _rtnl_act_append_take()
which consistently don't take ownership of the pointer or take it.
Also, in functions like rtnl_flower_append_action() only set the mask
after successfully modifying the data.
|
| |
|
|
|
|
| |
Using rtnl_act_append() correctly is hard.
Fixes: ef46de143206 ('route/cls: add flower classifier')
|
| |
|
|
|
|
| |
As we now copy all linux headers, and we have include/linux-private
in our include search path, just include the linux headers as we commonly
do.
|
| |
|
|
|
|
|
| |
We have copies of the linux headers in include/linux-private.
For those files, include the copies explicitly.
No practice there is no difference, since we build with :-Ilinux-private".
|
| | |
|
| | |
|
| |
|
|
|
| |
Move all the declarations from "netlink-private/types.h" to places
closer to where they are used.
|
| |
|
|
|
| |
It's a private header only for lib/route (libnl-route-3). We already
have a similar header. Move the content to "lib/route/tc-api.h".
|
| |
|
|
|
|
|
|
| |
This header is entirely private to lib/route (libnl-route-3).
Move the header there, it should not be used by anybody else.
Note that libnl-route-3 exports symbols from this private header. That
is ugly, make that clearer by adding comments.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have "include/netlink-private/netlink.h", which is private
API used internally.
However, it's confusing where "include/netlink-private/netlink.h" can be
used. For example, it contains some "libnl-route-3.so" specific
extensions like "link_lookup()", hence you would think that it
can only be used with libraries that also use "libnl-route-3.so".
Well, since it's a header, you actually can also use it for example
under "lib/xfrm/", you couldn't just use those declarations because they
are implemented and accessible only under "lib/route/"
In a first step to clean this up, and move helper to separate headers,
add "include/nl-aux-{core,route}" headers with certain clear usage.
Clear in the sense who may use those headers, and what the
implementation of those headers may use.
|
| |
|
|
|
|
|
|
|
|
| |
"base/nl-base-utils.h" (formerly "netlink-private/utils.h") contains
no libnl3 specific references, just a bunch of C helpers.
It's also a header-only "library", so it can be freely used by all our
C-code.
Move it to a separate directory, to make that clear.
|
| |
|
|
|
| |
We should have things with "nl" prefix in our headers. Also, netlink-private/netlink.h
is not header-only, preferably header-only stuff is in netlink-private/utils.h
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the use of the previous min()/min_t()/max()/max_t().
- min_t()/max_t() required a type, and would do plain assignment, which
C would not complain about. It is thus a cumbersome and not very safe
pattern. Avoid it.
- min()/max() did better, it used typeof() to preserve the argument types
and automatically detect it. However, it also required that both
arguments had the same integer type, which is unnecessarily strict.
_NL_MIN()/_NL_MAX() does better. It accepts arguments of any integer
types, but has a static assertions that they match in signedness.
So it's more flexible to use than min()/max() and still quite safe.
Prefer the new macros.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The following API has been added:
rtnl_flower_set_ipv4_src
rtnl_flower_get_ipv4_src
rtnl_flower_set_ipv4_dst
rtnl_flower_get_ipv4_dst
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@westermo.com>
https://github.com/thom311/libnl/pull/309
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@westermo.com>
Fixes: ef46de143206 ('route/cls: add flower classifier')
https://github.com/thom311/libnl/pull/316
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The if statement was wrong and always true. Drop it,
the remaining code handles the cases of no flags already
correctly.
Error: DEADCODE (CWE-561):
libnl-3.6.0/lib/route/cls/u32.c:361: dead_error_condition: The condition "!(u->cu_mask & 0)" must be true.
libnl-3.6.0/lib/route/cls/u32.c:366: dead_error_line: Execution cannot reach this statement: "if (!(u->cu_mask & 0x20)) {...".
# 364| }
# 365|···
# 366|-> if (!(u->cu_mask & U32_ATTR_SELECTOR)) {
# 367| nl_dump(p, "no-selector");
# 368| } else {
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Workaround coverity warnings like:
Error: CLANG_WARNING:
libnl-3.6.0/lib/netfilter/exp.c:428:7: warning[deadcode.DeadStores]: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
# 426| }
# 427|···
# 428|-> if ((err = nfnl_exp_build_tuple(msg, exp, CTA_EXPECT_NAT)) < 0)
# 429| goto nla_put_failure;
# 430|···
|
| | |
|
| |
|
|
|
|
| |
The problem here is not really NOMEM (because rtnl_tc_data_peek() wouldn't
allocate new memory. The problem is, that the cls instance has no such data
field. Return -NLE_INVAL instead.
|
| |
|
|
|
|
| |
nl_object_clone() already does a shallow clone using memcpy(). So all
simple fields are already initialized. We only need the oo_clone() implementation
to get the deep-copy right.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We often require that a valid output pointer is passed to the
getters. But here, let's be forgiving. Being more forgiving
may be inconsistent, but on the safe side: the user is still
welcome to assume they must provide a valid output pointer.
Also, we always need to initialize the output mask, not only
with `f->cf_mask & FLOWER_ATTR_DST_MAC_MASK`. The reason is that
the caller cannot know whether the mask is present, so conditionally
initializing the output is error prone (it requires the caller
to NUL initialize first). Also, "f->cf_dst_mac_mask" really should
be zero initialized, if the mask indicates that it's unset. This
means, we can just always memcpy the mask.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a subset of functions.
Implemented api:
rtnl_flower_set_proto;
rtnl_flower_get_proto;
rtnl_flower_set_vlan_id;
rtnl_flower_get_vlan_id;
rtnl_flower_set_vlan_prio;
rtnl_flower_get_vlan_prio;
rtnl_flower_set_vlan_ethtype;
rtnl_flower_set_dst_mac;
rtnl_flower_get_dst_mac;
rtnl_flower_set_src_mac;
rtnl_flower_get_src_mac;
rtnl_flower_set_ip_dscp;
rtnl_flower_get_ip_dscp;
rtnl_flower_set_flags;
rtnl_flower_append_action;
rtnl_flower_del_action;
rtnl_flower_get_action;
[thaller@redhat.com: squashed commit "route:cls:flower: use parentheses in
macro definitions"]
[thaller@redhat.com: squashed commit "cls:flower: add TCA_FLOWER_FLAGS
to flower_policy"]
[thaller@redhat.com: squashed commit "cls:flower: vlan priority is
uint8_t, not uint16_t"]
[thaller@redhat.com: squashed commit "route:cls:flower: substitute nl_data*
with uint8_t mac[ETH_ALEN]"]
[thaller@redhat.com: drop non-existing TCA_FLOWER_POLICE. That was
never merged to upstream kernel. While at it, use decimal numbers
for the bitshift.]
[thaller@redhat.com: fix build by including <linux/if_ether.h> in
"types.h".]
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@westermo.se>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Spit the function into 2 parts:
- where first being responsible for memory allocation/cloning
- and second for populating the destination object
Make proper cloning of 'action' attribute. For now, only the
first action in chain is included in the clone.
Signed-off-by: Magnus Öberg <magnus.oberg@westermo.se>
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@westermo.se>
[thaller@redhat.com: fix using the correct cleanup macros]
https://github.com/thom311/libnl/pull/245
|
| |
|
|
|
|
|
|
|
|
|
| |
rtnl_tc_clone() first does a shallow-copy (nl_data_clone()), and then
calls the to_clone() implementation. We need the shallow-copy, because
we want that by default all simple fields get cloned automatically.
But it means, we *must* take care of all pointers in the to_clone()
implementation, and must never return without fixing them. Otherwise
we will do a double free. An early "return -NLE_NOMEM;" leaves the
pointer unchanged, and two objects own the same data (double free
and use-after-free says hello).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To comply with the latest POSIX standard, in Yacc compatibility mode
(options `-y`/`--yacc`) Bison now generates prototypes for yyerror and
yylex. In some situations, this is breaking compatibility: if the user
has already declared these functions but with some differences (e.g., to
declare them as static, or to use specific attributes), the generated
parser will fail to compile. To disable these prototypes, #define yyerror
(to `yyerror`), and likewise for yylex.
refer: https://git.savannah.gnu.org/cgit/bison.git/tree/NEWS
GNU Bison 3.8
https://github.com/thom311/libnl/issues/294
https://github.com/thom311/libnl/pull/295
|
| |
|
|
|
|
| |
The destination object doesn't have to be allocated because it's
passed as _dst argument. Also, the function doesn't have to copy plain
fields.
|
| |
|
|
|
|
|
| |
The source tree of libnl3 is fairly simple. We can afford thinking
and reasoning about it as one. Don't spread out the .gitignore files,
instead ignore all files consistently via the ignore file in the top
level directory.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also fixes a few wrong SPDX license identifiers, where the original
license comment indicates GPL-2.0-only.
This is not done manually, but by running the following script:
---
#!/bin/bash
# Tool to drop license comments, adding SPDX license identifiers, while preserving
# copyright comments. The point is not to manually do this task, but perform some
# hacked up string replacement.
_cp() {
/bin/cp "$@"
}
_cat() {
/bin/cat "$@"
}
in_file() {
local T=$(mktemp)
_cp -f "$1" "$T"
_cat "$T"
rm -f "$T"
}
out_file() {
local T=$(mktemp)
_cat - > "$T"
_cp -f "$T" "$1"
rm -f "$T"
}
join() {
_cat "$@" | awk '{ printf("%s#x#", $0)}'
}
unjoin() {
_cat - | sed 's/#x#/\n/g'
}
files_all() {
git ls-files |
grep -v '\.png$' |
grep -v '^include/linux-private/'
}
adjust() {
NEWLINES='\(#x#\)\+'
COPYRIGHTS='\(\( \* Copyright (c) 20..\(-20..\|, 20..\)\? [^#]\+#x#\)\+\( \*#x# \* \(Stolen[^#]*\|Based on [^#]*\)#x#\)\?\)'
_cat - |
\
sed '1s%^\(/\* SPDX-License-Identifier: LGPL-2.1-only \*/\|\)#x#/\*#x# \* [^#]*#x# \*#x# \*[ ]\+This library is free software; you can redistribute it and/or#x# \*[ ]\+modify it under the terms of the GNU Lesser General Public#x# \*[ ]\+License as published by the Free Software Foundation version 2.1#x# \*[ ]\+of the License.#x# \*#x#'"$COPYRIGHTS"' \*/'"$NEWLINES"'%/\* SPDX-License-Identifier: LGPL-2.1-only \*/#x#/*#x#\2 */#x##x#%' |
\
sed '1s%^/\*#x# \* [^#]*#x# \*#x# \*[ ]\+This library is free software; you can redistribute it and/or#x# \*[ ]\+modify it under the terms of the GNU Lesser General Public#x# \*[ ]\+License as published by the Free Software Foundation version 2.1#x# \*[ ]\+of the License.#x# \*/'"$NEWLINES"'%/\* SPDX-License-Identifier: LGPL-2.1-only \*/#x##x#%' |
\
sed '1s%^\(\)/\*#x# \* [^#]*#x# \*#x# \*[ ]\+This library is free software; you can redistribute it and/or#x# \*[ ]\+modify it under the terms of the GNU Lesser General Public#x# \*[ ]\+License as published by the Free Software Foundation version 2.1#x# \*[ ]\+of the License.#x# \*#x#'"$COPYRIGHTS"' \*/'"$NEWLINES"'%/\* SPDX-License-Identifier: LGPL-2.1-only \*/#x#/*#x#\2 */#x##x#%' |
\
sed '1s%^\(/\* SPDX-License-Identifier: LGPL-2.1-only \*/\|\)#x#/\*#x# \* [^#]*#x# \*#x# \*[ ]\+This library is free software; you can redistribute it and/or#x# \*[ ]\+modify it under the terms of the GNU General Public License as#x# \*[ ]\+published by the Free Software Foundation version 2 of the License.#x# \*#x#'"$COPYRIGHTS"' \*/'"$NEWLINES"'%/\* SPDX-License-Identifier: GPL-2.0-only \*/#x#/*#x#\2 */#x##x#%'
}
FILES=( $(files_all) )
for f in "${FILES[@]}"; do
echo "processing \"$f\"..."
in_file "$f" | join | adjust | unjoin | out_file "$f"
done
|
| |
|
|
|
|
| |
The convention is that negative values are errors. Positive values are undefined,
but when in doubt, they are not errors. In these cases it makes no difference. The
code won't return positive values.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There wasn't really a bug previously, but it's ugly and raises
questions about the correct use of strncpy().
For example,
void genl_family_set_name(struct genl_family *family, const char *name)
{
strncpy(family->gf_name, name, GENL_NAMSIZ-1);
was in fact correct, because family->gf_name will (presumably) always have a NUL
character as last position.
Still use _nl_strncpy*() wrappers, to avoid raising such questions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the build with musl libc.
Additionally, several changes were made to account for changes to the
headers:
- ip_mp_alg.h was removed, since it was removed in linux commit e06e7c61
(v2.6.23), and the last use of those constants was removed in libnl
commit 535e8316.
- Uses of TCF_META_ID_SK_ROUTE_CAPS were updated to
__TCF_META_ID_SK_ROUTE_CAPS, since it was renamed in linux commit
e20e6940 (v3.1).
- Uses of IF_CARRIER_DOWN and IF_CARRIER_UP were replaced with their
values, 0 and 1, since they are not in linux/if.h (they appear to be
libnl-specific, added in libnl commit 3540e44b).
https://github.com/thom311/libnl/pull/222
|
| | |
|
| |
|
|
|
|
|
| |
ISO C requires that the pointer operand to the binary + operator be to
a complete object type[0].
[0] http://port70.net/~nsz/c/c11/n1570.html#6.5.6p2
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Coverity says:
Error: BUFFER_SIZE_WARNING (CWE-120): [#def1]
libnl-3.4.0/lib/route/cls/ematch/text.c:94: buffer_size_warning: Calling strncpy with a maximum size argument of 16 bytes on destination array "t->cfg.algo" of size 16 bytes might leave the destination string unterminated.
# 92| struct text_data *t = rtnl_ematch_data(e);
# 93|
# 94|-> strncpy(t->cfg.algo, algo, sizeof(t->cfg.algo));
# 95| }
# 96|
Error: BUFFER_SIZE_WARNING (CWE-120): [#def11]
libnl-3.4.0/lib/xfrm/sa.c:1192: buffer_size_warning: Calling strncpy with a maximum size argument of 64 bytes on destination array "auth->alg_name" of size 64 bytes might leave the destination string unterminated.
# 1190| }
# 1191|
# 1192|-> strncpy(auth->alg_name, tmpl->auth->alg_name, sizeof(auth->alg_name));
# 1193| auth->alg_key_len = tmpl->auth->alg_key_len;
# 1194| memcpy(auth->alg_key, tmpl->auth->alg_key, (tmpl->auth->alg_key_len + 7) / 8);
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
rtnl_act_append() cannot add more than TCA_ACT_MAX_PRIO actions to the
same list. Because of that rtnl_basic_add_action() and
rtnl_u32_add_action() should not increment the reference counter of the
given action until it is successfully added to the filter's list.
Signed-off-by: Ilya Pronin <ipronin@twitter.com>
Fixes: e5d9b828f6ec64fd77854578fbf1c33f214f3ac4
https://github.com/thom311/libnl/pull/201
|
| |
|
|
|
|
|
|
|
|
|
| |
In this commit, we implement ematch_tree_clone(), which is basis of
cgroup_clone() interface. The whole ematch tree is deep-copied except
the e_ops filed.
Also, a new unit test is added for testing the interface, which named as
check-ematch-tree-clone.c located in tests directory.
https://github.com/thom311/libnl/pull/176
|
| |
|
|
|
| |
rtnl_act_append() does not clone the object, it takes it over
and thus the source object is destroyed.
|
| |
|
|
|
|
|
| |
This simple classifier allows any traffic pass through.
Useful as an example for port mirroring.
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@westermo.se>
|
| | |
|
| | |
|
| |
|
|
| |
This is what ->, [] and & are for.
|
| |
|
|
|
|
|
|
|
| |
If rtnl_u32_add_key is called too many times, sel->nkeys will wrap from
255 to 0, effectively killing all the previous rtnl_u32_add_key
calls (while having an inaccessible chunk of memory sitting beyond the
accessible part of the ->keys array). Not sure NOMEM is the best error
code, but that's at least something users would already have to be
prepared to handle.
|
