Tobias Jungel [Sun, 13 Nov 2016 14:21:46 +0000 (15:21 +0100)]
cache_mngr: add include callback v2
This patch adds change_func_v2_t to add a more detailed callback in
case of a cache change. The change function is registered using the new
nl_cache_mngr_add_cache_v2. In case the new change function is set,
nl_cache_include_v2 and thus cache_include_v2 will be used to perform the cache
inclusion.
The parameter of change_func_v2_t are the following:
* struct nl_cache * => cache
* struct nl_object * => the old/deleted nl_object
* struct nl_object * => the new nl_object
* uint64_t => the result of nl_object_diff64 in case of a change
* int => NL_ACT_*
* void * => data
Thomas Haller [Wed, 30 Nov 2016 14:09:41 +0000 (15:09 +0100)]
lib: use MSG_PEEK by default for nl_recvmsgs()
The MSG_PEEK API of recvmsg() should be avoid because it requires an additional
syscall. But worse is to choose a too small buffer size and failing to receive
the message.
A user who is aware of the issue can avoid MSG_PEEK by either
nl_socket_disable_msg_peek()/nl_socket_enable_msg_peek() or by setting
a buffer size via nl_socket_set_msg_buf_size().
By default however we now use MSG_PEEK. This is more important since commit 90c6ebec9bd7a where the link dump request can be rather large.
Thomas Haller [Tue, 29 Nov 2016 21:41:46 +0000 (22:41 +0100)]
link: set ifi_change flags for rtnl_link_build_add_request()
For the add-request, we should set ifi_change flags together with the
ifi_flags. A similar thing is done by rtnl_link_build_change_request()
in commit 34ccb7210f1238f89229c117dc3d28cea7ae00bb.
Thomas Haller [Tue, 29 Nov 2016 11:38:03 +0000 (12:38 +0100)]
lib/route: pass sizeof() argument to nl_memcpy()
nl_memcpy() internally already never copies more then
nla_len(tb). The previous code might overflow if the
netlink attribute is longer then the size of the destination.
Thomas Haller [Tue, 29 Nov 2016 11:33:27 +0000 (12:33 +0100)]
nl-link-stats: prefer RTNL_LINK_STATS_MAX over __RTNL_LINK_STATS_MAX
The result is basically the same, but I feel that __RTNL_LINK_STATS_MAX
is an internal variable that shouldn't be used. Thus, let's iterate
instead until <= MAX.
Tobias Klauser [Tue, 29 Nov 2016 07:50:31 +0000 (08:50 +0100)]
lib/route: add rx_nohandler link stats field
A new counter rx_nohandler was added to the link stats in kernel commit 6e7333d315a7 ("net: add rx_nohandler stat counter"). Wire it up in the
libnl link stats as well.
Tobias Klauser [Tue, 29 Nov 2016 08:13:01 +0000 (09:13 +0100)]
src: nl-link-stats: use correct rtnl link stats maximum
Use __RTNL_LINK_STATS_MAX instead of RTNL_LINK_STATS_MAX when iterating
over all rtnl link stat counters. Otherwise, the last stat counter will
always be missing, as RTNL_LINK_STATS_MAX is the value of the last valid
index.
Tobias Klauser [Tue, 15 Nov 2016 15:35:48 +0000 (16:35 +0100)]
lib/route: keep link stats minlen compatible with kernel < 4.6
Since linux/if_link.h was synced in libnl commit d533736e2258 ("vxlan:
add support for additional VXLAN attributes."), the minlen check in
validate_nla() fails on kernels < 4.6 - or more precisely, on kernels
not containing kernel commit 6e7333d315a7 ("net: add rx_nohandler stat
counter"). The check fails because rtnl_link_stats and rtnl_link_stats64
sent by the kernel don't have the rx_nohandler member yet, but libnl
expects them to have it.
Account for this by decreasing the minlen by one member and add an
explanatory comment.
https://github.com/thom311/libnl/pull/116
Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
Jef Oliver [Mon, 7 Nov 2016 21:33:58 +0000 (13:33 -0800)]
lib/route: SRIOV Set Functionality
* This patch adds functionality to set attributes on an SRIOV
VF object.
* This patch adds functionality to append attributes to the
link change request sent to the kernel.
Signed-off-by: Jef Oliver <jef.oliver@intel.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Jef Oliver [Mon, 7 Nov 2016 21:33:54 +0000 (13:33 -0800)]
lib/route: SRIOV Parse and Read support
* This patch adds support for parsing SRIOV VF specific
information on a link.
* Adds LINK_ATTR_VF_LIST to add to link->ce_mask.
* Extends the rtnl_link object to include 'l_vf_list', a member
to carry information for SRIOV VFs.
* Adds rtnl_link_sriov, a private structure to fill link->l_vf_list.
* This patch adds support for reading parsed SRIOV VF specific
informatino on a link.
* This patch adds support for freeing stored SRIOV VF specific
information on a link.
Signed-off-by: Jef Oliver <jef.oliver@intel.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Egerer [Tue, 25 Oct 2016 15:38:19 +0000 (17:38 +0200)]
xfrm: fix xfrm security context management
The data structure of choice when adding/processing a security context
for xfrm is struct xfrm(nl)_user_sec_ctx. The previous code did however
use the (also exported) struct xfrm(nl)_sec_ctx. While sizeof(struct
xfrm(nl)_*sec_ctx) yields the same result, the interpretation of one of
the data structures as the other one messes up the contents.
With this fix, the wrong data structure has been replaced with the
correct one. Also -- since the size of the context string is not known
-- one can now call xfrmnl_sa_get_sec_ctx with ctx_str being NULL, thus
retrieving the length of the context string.
A new capability has been introduced, to test whether libnl3 supports
the modified semantics of this function.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
Jef Oliver [Wed, 5 Oct 2016 20:20:35 +0000 (13:20 -0700)]
lib/route: Export correct ipgre functionality
* Rename rtnl_link_get_pmtudisc to rtnl_link_ipgre_get_pmtudisc
in ipgre.c, making the function correctly match the exported
functionality in ipgre.h. This fixes an error when trying to
use the function, returning an incorrect type usage due to the
link module already having a function of the same name.
* Export rtnl_link_is_[ipgre/ipgretap] allowing for usage per
documentation.
Reported-by: Sharada Shiddibhavi <sharada.shiddibhavi@intel.com> Signed-off-by: Jef Oliver <jef.oliver@intel.com>
Thomas Haller [Sat, 5 Nov 2016 16:00:53 +0000 (17:00 +0100)]
vxlan: don't store vxlan flags as ce_mask
The ce_mask is there to indicate whether a certain attribute is
set or not. The VXLAN flags are different, because the flag is
either set or not. It cannot have the meaning of being missing.
Therefore, it should not be stored as a VXLAN_ATTR in ce_mask.
Thomas Haller [Sat, 5 Nov 2016 15:41:20 +0000 (16:41 +0100)]
vxlan: restore previous VXLAN_ATTR flag values
The VXLAN_ATTR flags are internal and not public API.
Still, they are exposed as part of nl_object_diff().
There is no reason to change previous behavior, restore
the previous numeric values.
Thomas Haller [Sat, 5 Nov 2016 15:31:24 +0000 (16:31 +0100)]
vxlan: remove redundant enable/disable API from vxlan
The enable/disable API is redundant and increases the library
in binary size and documentation. There should be one sensible way
to do something, not several.
Yes, there is prior act to that like rtnl_link_vxlan_disable_proxy().
That doesn't mean it should be repeated.
Thomas Haller [Tue, 27 Sep 2016 07:52:11 +0000 (09:52 +0200)]
macvlan: adjust types and merge MACVLAN_HAS_MACCOUNT and MACVLAN_HAS_MACDATA
mvi_maccount only makes sense together with the data. They should be
treated as one setting, and both should be consistent.
That means, if there are no addresses, mvi_maccount should always be set to
zero. This is regardless of whether the mvi_mask indicates that MACVLAN_HAS_MACADDR
is set. Similarly, if mvi_maccount is larger then zero, the mvi_macaddr
must point to some valid addresses.
The only exception is, when mvi_maccount is zero, mvi_macaddr may be
NULL or point to some data of zero allocated bytes.
Also, ensure that uint32_t is used for all the types that compare with
mvi_maccount.
Thomas Haller [Sat, 24 Sep 2016 12:42:57 +0000 (14:42 +0200)]
bridge: change return values for rtnl_link_bridge_get_hwmode()
Unfortunately, libnl3 is rather inconsistent about the getters.
- some return the value directly, and don't have a dedicated
error return value.
- some don't check whether the attribute was set and just
return the default value
- some fail with -NLE_INVAL or -NLE_NOATTR if the value is
unset.
I think the best pattern is to fail if the attribue is unset.
However, the return value should be negative to indicate an error,
while 0 should mean success.
Jef Oliver [Thu, 1 Sep 2016 00:27:09 +0000 (17:27 -0700)]
lib/route: Support IFLA_BRIDGE_MODE
This patch adds support for hardware assisted bridge modes stored
in IFLA_AF_SPEC[IFLA_BRIDGE_MODE].
This patch adds rtnl_link_[g/s]et_hwmode() functions, allowing
for getting and setting the hardware mode for a bridged link.
This patch adds the convenience functions for translating between
integer and string names for hardware modes.
This patch adds rtnl_link_bridge_set_self(), a function that
stores flags in IFLA_AF_SPEC[IFLA_BRIDGE_FLAGS], an attribute
that tells the kernel whether it should apply settings to the
virtual bridge device or the hardware device itself. This requires
hardware that supports the hardware flags.
This patch adds bridge_fill_af(), a function to fill IFLA_AF_SPEC
with AF_BRIDGE specific information.
Signed-off-by: Jef Oliver <jef.oliver@intel.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds ao_fill_af_no_nest to struct rtnl_link_af_ops.
When set to non-zero, this will override the nested AF attribute
and allow nesting of attributes directly into IFLA_AF_SPEC.
Signed-off-by: Jef Oliver <jef.oliver@intel.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Update copy of kernel header 'if_macsec.h' to Linux 4.8-rc5, so that
upstream commit 2ccbe2cb79f2f74ab739252299b6f9ff27586f2c ("macsec: limit
ICV length to 16 octets") is included. Return -NLE_INVAL when trying to
configure an ICV length greater than 16 octets.
Jef Oliver [Sat, 27 Aug 2016 02:19:51 +0000 (19:19 -0700)]
lib/route: modify link/bridge to set attributes
This patch modifies link/bridge to set link attributes in a
request message. It adds set support for currently implemented
functionality.
This patch adds bridge_fill_pi, a function to fill in the
IFLA_PROTINFO nested attribute.
This patch modifies the bridge_ops structure to support
modifications made to properly set RTM_SETLINK during modifcation
of a link, append the NLA_F_NESTED flag to IFLA_PROTINFO, and
to call the newly added bridge_fill_pi.
Signed-off-by: Jef Oliver <jef.oliver@intel.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Jef Oliver [Sat, 27 Aug 2016 02:19:50 +0000 (19:19 -0700)]
lib/route: set IFLA_PROTINFO attribute in request message
This patch adds the functionality to set IFLA_PROTINFO in a
request. This allows for appending protocol specific information
to a request message.
This patch adds ao_fill_pi to the rtnl_link_af_ops structure. This
registers a function to fill the IFLA_PROTINFO attribute. This
function follows the makeup of ao_fill_af.
This patch adds ao_fill_pi_flags to the rtnl_link_af_ops
structure. This registers an extra flag that can be bitmasked
onto the IFLA_PROTINFO definition. This is useful for address
families that require NLA_F_NESTED.
This patch adds a function named af_fill_pi, which is called by
build_link_msg. This function calls the registered function
pointers for an address family to fill IFLA_PROTINFO and to
bitmask any extra flags.
Signed-off-by: Jef Oliver <jef.oliver@intel.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Jef Oliver [Sat, 27 Aug 2016 02:19:49 +0000 (19:19 -0700)]
lib/route: allow override of message type during link change
When rtnl_link_build_change_request() builds a change request,
it sets the message type to RTM_NEWLINK by default. If the
request fails, it changes the type to RTM_SETLINK, and resubmits.
For some address families, this will result in a requested change
never being applied by the kernel. An exmaple of this is the Linux
bridge. When a netlink message of type RTM_NEWLINK is recieved,
rather than failing, it simply ignores the message and does not
return a failure.
To fix this, this patch implements an override for address
families that require it. The override can be set when an address
family registers itself in libnl.
This patch adds ao_override_rtm to the rtnl_link_af_ops structure.
This patch adds a static function named af_request_type.
This patch modifies rtnl_link_build_change_request to call
af_request_type to properly set the request type if an address
family wishes to override.
Signed-off-by: Jef Oliver <jef.oliver@intel.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Jeff Squyres [Thu, 18 Aug 2016 22:40:27 +0000 (15:40 -0700)]
compat: add linux/socket.h for __kernel_sa_family_t
The __kernel_sa_family_t type is not present on older systems (e.g.,
RHEL 6), and libnl3 will not built without it. Copy
/usr/include/linux/socket.h from a RHEL7 system to
include/linux-private/linux/socket.h so that it will be found by the
build system.
Fortunately, this socket.h is small and self-contained; it contains
very little (and does not #include any other files) beyond necessary
type.
https://github.com/thom311/libnl/pull/107
Signed-off-by: Jeff Squyres <jsquyres@cisco.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
André Draszik [Thu, 25 Aug 2016 12:15:01 +0000 (13:15 +0100)]
src: switch to using strerror_l() instead of strerror_r()
glibc provides two versions of strerror_r(), which
can be chosen between using feature test macros
_GNU_SOURCE and _POSIX_C_SOURCE. libnl is built using
the former, hence we get the glibc special version,
and all code so far has been written for this.
Other C libraries like musl on the other hand only try
to be posix compliant, and only ever provide the posix
version of strerror_r(), which has a different signature.
Uses in libnl hence generally cause printf() of an *int*
with a *string format* specifier for that reason.
Additionally, strerror_r() has been deprecated:
http://austingroupbugs.net/view.php?id=655
Switch to using strerror_l().
Signed-off-by: André Draszik <adraszik@tycoint.com> Reviewed-by: Stephane Ayotte <sayotte@tycoint.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
André Draszik [Thu, 25 Aug 2016 12:15:00 +0000 (13:15 +0100)]
lib: switch to using strerror_l() instead of strerror_r()
glibc provides two versions of strerror_r(), which
can be chosen between using feature test macros
_GNU_SOURCE and _POSIX_C_SOURCE. libnl is built using
the former, hence we get the glibc special version,
and all code so far has been written for this.
Other C libraries like musl on the other hand only try
to be posix compliant, and only ever provide the posix
version of strerror_r(), which has a different signature.
Uses in libnl hence generally cause printf() of an *int*
with a *string format* specifier for that reason.
Additionally, strerror_r() has been deprecated:
http://austingroupbugs.net/view.php?id=655
Switch to using strerror_l() (via our wrapper just
introduced).
Signed-off-by: André Draszik <adraszik@tycoint.com> Reviewed-by: Stephane Ayotte <sayotte@tycoint.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
André Draszik [Thu, 25 Aug 2016 12:14:59 +0000 (13:14 +0100)]
lib: add utility function nl_strerror_l()
libnl currently uses strerror_r() throughout, but this is
problematic because there is a non-standard GNU version
implemented in glibc, and the standard POSIX version, which
differ in signature. When using glibc, one can choose
between the two versions using feature test macros
_GNU_SOURCE and _POSIX_C_SOURCE.
Given libnl is built using the former, we always get the
glibc special version, and all code so far has been written
for that non-standard version.
Other C libraries like musl on the other hand only try
to be posix compliant, and only ever provide the posix
version of strerror_r(), which has a different signature.
The alternative is to use strerror_l() rather than
strerror_r() http://austingroupbugs.net/view.php?id=655
- this will avoid the non-confirming versions issue
- strerror_l() is now recommended by POSIX to replace
strerror_r() usage
So rather than changing all uses of strerror_r() to be in
line with posix, we are going to switch to the recommended
interface strerror_l().
Since strerror_l() is slightly more difficuly to use, we
add a little (private) wrapper that we can use from all
current callsites of strerror_r().
Signed-off-by: André Draszik <adraszik@tycoint.com> Reviewed-by: Stephane Ayotte <sayotte@tycoint.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
Tobias Jungel [Thu, 4 Aug 2016 08:01:43 +0000 (10:01 +0200)]
route/addr: address attributes based on object
addr_id_attrs_get returned a fixed set of attributes for AF_INET. This
leads to an invalid cache in case the default cache manager is used.
The error was cause by nl_object_identical, which checkes the ce_mask
of an object against the req_attrs. For route/addr objects the ce_mask
may contain the ADDR_ATTR_PEER, but the addr_id_attrs_get always
includes this attribute. Thus nl_object_identical fails always in case
no peer exists, which is the default for local addresses.
Peter Wu [Mon, 8 Aug 2016 09:58:50 +0000 (11:58 +0200)]
cli: add noreturn attributes
Teach static code analyzers (such as Clang static analyzer) that code
following nl_cli_fatal can never be executed. Avoids false positives
such as detecting use of NULL pointers when that cannot happen.
Signed-off-by: Peter Wu <peter@lekensteyn.nl> Signed-off-by: Thomas Haller <thaller@redhat.com>
Peter Wu [Mon, 8 Aug 2016 10:04:01 +0000 (12:04 +0200)]
trivial: whitespace-only fixes for src and lib
Fixes alignment, lines with just whitespace and mixed tab/space
indentation. Searched, reviewed and optionally fixed in vim using
regex ^\t* [\t ]*\([^*us ]\|$\)\|\t\+$
- Fix typos in extern "C" wrappers.
- 'class' is a reserved word, change to cls.
- int -> enum casts are not automatic.
- Static strings must be of type const char*
- Add a few implicit header dependencies explicitly.
Thomas Haller [Tue, 28 Jun 2016 14:56:22 +0000 (16:56 +0200)]
route/addr: fix handling peer addresses for IPv4 addresses
For IPv4, a "normal" route has IFA_LOCAL and IFA_ADDRESS set
to the same destination. An address with a explicit peer, has
them differing. A peer of 0.0.0.0 is also valid and must
be treated different from a normal address.
unshare -n
ip link add T type dummy
ip link set T up
ip addr add 192.168.5.10 peer 192.168.5.10/24 dev T
ip addr add 192.168.5.10/24 dev T
#RTNETLINK answers: File exists
ip addr add 192.168.5.10 peer 192.168.6.10/24 dev T
ip addr add 192.168.5.10 peer 0.0.0.0/24 dev T
Previously, that would give:
nl-addr-list
#192.168.5.10/24 inet dev T scope global <permanent>
#192.168.5.10 peer 192.168.6.10/24 inet dev T scope global <permanent>
#192.168.5.10/24 inet dev T scope global <permanent>
With this change, we properly get:
nl-addr-list
#192.168.5.10/24 inet dev T scope global <permanent>
#192.168.5.10/24 peer 192.168.6.10 inet dev T scope global <permanent>
#192.168.5.10/24 peer 0.0.0.0 inet dev T scope global <permanent>
Thomas Haller [Tue, 28 Jun 2016 14:56:21 +0000 (16:56 +0200)]
route/addr: fix ID comparison for AF_INET and AF_INET6 addresses
For AF_INET/IPv4 addresses, the ID equality comparison must include
the net-part of the peer address:
unshare -n
ip link add T type dummy
ip link set T up
ip addr add 192.168.5.10/24 dev T
ip addr add 192.168.5.10 peer 192.168.6.1/24 dev T
ip addr add 192.168.5.10 peer 192.168.7.1/24 dev T
ip addr add 192.168.5.10 peer 192.168.7.2/24 dev T
# RTNETLINK answers: File exists
ip addr change 192.168.5.10 peer 192.168.7.2/24 dev T
ip addr show | grep 192.168.7.
# inet 192.168.5.10 peer 192.168.7.1/24 scope global T
For AF_INET6/IPv6 addresses, the prefix length of the address
is not part of the ID:
unshare -n
ip link add T type dummy
ip link set T up
ip addr add 192.168.7.10/24 dev T
ip addr add 192.168.7.10/23 dev T
ip addr add 1:2:3:4:5::1/64 dev T
ip addr add 1:2:3:4:5::1/63 dev T
# RTNETLINK answers: File exists
ip addr change 1:2:3:4:5::1/63 dev T
ip addr show | grep 1:2:3:4:5::1
# inet6 1:2:3:4:5::1/64 scope global
Thomas Haller [Mon, 27 Jun 2016 18:06:07 +0000 (20:06 +0200)]
xfrm: allow avoiding buffer overflow for key in xfrmnl_sa_get_*_params()
The previous API of xfrmnl_sa_get_*_params() would always require
a @key buffer, but it was not possible to avoid buffer overflow
because the required size was unknown.
That is not really fixable, because the old API is broken.
Now, allow omitting the @key argument to only request the @key_size.
That allows the caller to ask beforehand how large the @key buffer
must be: ((@key_size + 7) / 8).
Unfortunately, omitting the key against previous versions of libnl
leads to a crash. And passing a key against older versions makes it
impossible to avoid buffer-overflow.
Another option would be to add functions like
xfrmnl_sa_get_crypto_params_keylen() so the user can query the required
buffer size by calling that instead of xfrmnl_sa_get_crypto_params().
However, then the user also requires a backport of the new API
and this will not be possible against older libnl3 versions either.
Thus, if the user already requires the fix, he can just as well
require a backport of this patch and then safely call xfrmnl_sa_get_crypto_params()
without @key argument. This way has the advantage/disadvantage, that
it can detect the presence of the patch at runtime.
The cumbersome way to get it right would be:
unsiged key_len;
char *key;
int r;
if (!nl_has_capability(17 /*NL_CAPABILITY_XFRM_SA_KEY_SIZE*/)) {
/* no way to use this API safely. Abort. */
return -NLE_OPNOTSUPP;
}
r = xfrmnl_sa_get_crypto_params(sa, NULL, &key_len, NULL);
if (r < 0)
return r;
key = malloc((key_len + 7) / 8);
if (!key)
return -NLE_NOMEM;
r = xfrmnl_sa_get_crypto_params(sa, NULL, &key_len, &key);
if (r < 0) {
free(key);
return r;
}
...
Sabrina Dubroca [Tue, 7 Jun 2016 10:27:54 +0000 (12:27 +0200)]
pass flags through ->io_compare op
Currently rtnl_link_info_data_compare doesn't pass
flags (LOOSE_COMPARISON) to the ->io_compare op, so we cannot do a match
on only the attributes that are actually set in the filter object used
in a cache lookup via nl_cache_find().
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Thomas Haller <thaller@redhat.com>
Thomas Egerer [Fri, 10 Jun 2016 09:57:57 +0000 (11:57 +0200)]
xfrm: attach only one xfrm alg attribute to netlink message
The kernel only uses the xfrm alg auth attribute if the xfrm alg auth
truncated attribute is not present. Hence sending both attributes in one
message does not make sense.
This piece of code also removes the call to nla_reserve in favor of the
NLA_PUT macro.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
http://lists.infradead.org/pipermail/libnl/2016-June/002139.html
Thomas Egerer [Fri, 10 Jun 2016 09:57:55 +0000 (11:57 +0200)]
xfrm: fix memory leak for encap original address
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
http://lists.infradead.org/pipermail/libnl/2016-June/002141.html
Thomas Egerer [Fri, 10 Jun 2016 09:57:53 +0000 (11:57 +0200)]
xfrm: fix segfault when using encapsulation templates
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
http://lists.infradead.org/pipermail/libnl/2016-June/002140.html
Thomas Egerer [Mon, 6 Jun 2016 13:21:35 +0000 (15:21 +0200)]
xfrm: make character pointers in setters const
All of these pointers are either strcpy'd or memcpy'd and usually const
in a calling application. Changing them to const in the header does not
break the compatibility and allows for users with const pointers to use
the library without compiler warnings.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com> Signed-off-by: Thomas Haller <thaller@redhat.com>
http://lists.infradead.org/pipermail/libnl/2016-June/002137.html
Thomas Egerer [Tue, 31 May 2016 15:30:03 +0000 (17:30 +0200)]
xfrm: check length of alg_name before strcpying it
If the parameter alg_name points to a string longer then what libnl
accepts as alg_name, the call to strcpy may write far beyond the
particular data structure.
Instead of truncating the string (using strncpy) this patch adds a check
and returns -1 for strings being longer than 63 bytes.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com> Signed-off-by: Thomas Haller <thaller@redhat.com> Fixes: 917154470895520a77f527343f3a0cc1605934b0
http://lists.infradead.org/pipermail/libnl/2016-May/002133.html
Thomas Egerer [Tue, 31 May 2016 15:29:58 +0000 (17:29 +0200)]
xfrm: fix buffer overflow when copying keys
A colleague of mine came to notice that -- when adding keys to the
xfrm-part of libnl -- memcpy is given newlen, which copies sizeof(struct
xfrmnl_...) plus keysize instead of only the keysize.
This patch uses a keysize parameter to only copy the required number of
bytes.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com> Signed-off-by: Thomas Haller <thaller@redhat.com> Fixes: 917154470895520a77f527343f3a0cc1605934b0
http://lists.infradead.org/pipermail/libnl/2016-May/002132.html