| Age | Commit message (Collapse) | Author |
|---|
|
74d7ed1308
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2365853
Change-Id: Ia80cffaf5ba4869fb49b09c40f9efc25f8f9c0cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2365853
Change-Id: I52273ead494050c8b904bd44df28b8b3c5c632bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2365853
Change-Id: I0b04a0c2bd044cf11c2f9612b22f8cbc13fb3739
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Change-Id: I32e4e1bd434b9d04f976079b1c21fc9673f615f3
|
|
f508c3728d -s ours am: 20f7640553 -s ours
am skip reason: Merged-In I8d00346e706ffd8004e4fbc2013ad9ad6ca40876 with SHA-1 33a089c661 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/libnl/+/20949030
Change-Id: Idc9dd9f9095e0d71e4914dabebddc8c948ad5169
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
f508c3728d -s ours
am skip reason: Merged-In I8d00346e706ffd8004e4fbc2013ad9ad6ca40876 with SHA-1 33a089c661 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/libnl/+/20949030
Change-Id: Ice8f3e81296ca287425161e46a6fa49698bcd760
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 264720040
Merged-In: I8d00346e706ffd8004e4fbc2013ad9ad6ca40876
Change-Id: Ib013160db5986390636ee35467007f9f33fa0a8b
|
|
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2377869
Change-Id: I9fb68ce809d89c8938798679a135b6107251de39
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2377869
Change-Id: I91f6b532770e3f2a683028001e2378035343ac17
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2377869
Change-Id: I0f0f7ec355742d5d22e7715061d0cf019ca0b8c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
This project was upgraded with external_updater.
Usage: tools/external_updater/updater.sh update libnl
For more info, check https://cs.android.com/android/platform/superproject/+/master:tools/external_updater/README.md
Test: TreeHugger
Change-Id: Iaa2d85afdd8dbf7571d3a1f64f031628e9903ca5
|
|
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2257629
Change-Id: I92c725de5c194e8e28653739832af2895292f647
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2257629
Change-Id: I8d00346e706ffd8004e4fbc2013ad9ad6ca40876
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/external/libnl/+/2257629
Change-Id: I0682b8227da808a4127feb3fc0863e055273a40e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Add macsec support for libnl
Change-Id: I63bbafdbb2275ed6528555a1fe08789473097b1d
|
|
|
|
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@westermo.com>
https://github.com/thom311/libnl/pull/319
|
|
https://github.com/thom311/libnl/pull/327
|
|
https://github.com/thom311/libnl/pull/324
Fixes: 5d6e43ebef12 ('lib/route: SRIOV Parse and Read support')
|
|
https://github.com/thom311/libnl/pull/325
|
|
|
|
https://github.com/thom311/libnl/pull/326
|
|
|
|
Signed-off-by: Magnus Öberg <magnus.oberg@westermo.se>
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@gmail.com>
https://github.com/thom311/libnl/pull/317
|
|
|
|
The following API has been added:
rtnl_flower_set_ipv4_src
rtnl_flower_get_ipv4_src
rtnl_flower_set_ipv4_dst
rtnl_flower_get_ipv4_dst
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@westermo.com>
https://github.com/thom311/libnl/pull/309
|
|
Signed-off-by: Volodymyr Bendiuga <volodymyr.bendiuga@westermo.com>
Fixes: ef46de143206 ('route/cls: add flower classifier')
https://github.com/thom311/libnl/pull/316
|
|
https://github.com/thom311/libnl/pull/314
|
|
Based-on-patch-by: Susant Sahani <susant@redhat.com>
https://src.fedoraproject.org/rpms/libnl3/pull-request/4
|
|
`make check` swallows the output, which is kinda important
to debug a problem. I guess, I could print the log file, but
it seems simpler to just run the test directly.
While at it, run it a few times. It's fast enough, and with
the randomization, it might actually hit a faulty code path.
|
|
|
|
|
|
|
|
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=2081279
Fixes: b50be8fa869b ('rtnl/route: use cleanup attribute in "lib/route/route_obj.c"')
|
|
The cache ops needs to be included in a cloned link for link methods
to work as expected.
Signed-off-by: Jacques de Laval <Jacques.De.Laval@westermo.com>
https://github.com/thom311/libnl/pull/311
|
|
|
|
|
|
valgrind reported this memory leak to me in testing an application that
I'm building:
==1807969== 24 bytes in 1 blocks are definitely lost in loss record 2 of 12
==1807969== at 0x4849464: calloc (vg_replace_malloc.c:1328)
==1807969== by 0x160F2F: nl_addr_alloc (addr.c:184)
==1807969== by 0x160F2F: nl_addr_build (addr.c:215)
==1807969== by 0x15CEF1: xfrmnl_sa_parse (sa.c:693)
==1807969== by 0x18F95D: parse_sa (xfrm_monitor.c:82)
==1807969== by 0x18FC5A: parse_nlmsg (xfrm_monitor.c:170)
==1807969== by 0x18FC5A: xfrm_cb (xfrm_monitor.c:181)
==1807969== by 0x169D21: nl_cb_call (netlink.h:138)
==1807969== by 0x169D21: recvmsgs (nl.c:868)
==1807969== by 0x16A42C: nl_recvmsgs_report (nl.c:1051)
==1807969== by 0x16A42C: nl_recvmsgs (nl.c:1075)
==1807969== by 0x16A42C: nl_recvmsgs_default (nl.c:1089)
==1807969== by 0x18FD6F: monitor_xfrm (xfrm_monitor.c:233)
==1807969== by 0x49D8B19: start_thread (pthread_create.c:443)
==1807969== by 0x4A5C8F3: clone (clone.S:100)
when calling xfrmnl_sa_parse, we accidentally get a refcount of 2 on the
selector source and destination addresses. The nl_addr_build calls for
these addresses set the count to one, and the subsequent calls to
xfrmnl_sel_set_[s|d]addr increase the reference count to two.
One of the references is dropped when we call xfrmnl_sa_put, which calls
down through xfrmnl_sa_free_data->xfrmnl_sel_put->nl_addr_put(), but the
other reference count is leaked, leading to the above leak of both the
saddr and daddr pointers.
Not sure if this is the ideal fix, but it works for me, we just drop
the refrence count incremented by the call to set_[s|d]addr.
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
https://github.com/thom311/libnl/pull/312
|
|
https://github.com/thom311/libnl/pull/310
|
|
Error: UNINIT (CWE-457):
libnl-3.6.0/lib/xfrm/ae.c:377: var_decl: Declaring variable "ae_id" without initializer.
libnl-3.6.0/lib/xfrm/ae.c:402: uninit_use_in_call: Using uninitialized value "ae_id". Field "ae_id.flags" is uninitialized when calling "nlmsg_append".
# 400| return -NLE_NOMEM;
# 401|···
# 402|-> if (nlmsg_append(msg, &ae_id, sizeof(ae_id), NLMSG_ALIGNTO) < 0)
# 403| goto nla_put_failure;
# 404|···
Error: UNINIT (CWE-457):
libnl-3.6.0/lib/xfrm/ae.c:377: var_decl: Declaring variable "ae_id" without initializer.
libnl-3.6.0/lib/xfrm/ae.c:402: uninit_use_in_call: Using uninitialized value "ae_id". Field "ae_id.reqid" is uninitialized when calling "nlmsg_append".
# 400| return -NLE_NOMEM;
# 401|···
# 402|-> if (nlmsg_append(msg, &ae_id, sizeof(ae_id), NLMSG_ALIGNTO) < 0)
# 403| goto nla_put_failure;
# 404|···
Error: UNINIT (CWE-457):
libnl-3.6.0/lib/xfrm/ae.c:377: var_decl: Declaring variable "ae_id" without initializer.
libnl-3.6.0/lib/xfrm/ae.c:402: uninit_use_in_call: Using uninitialized value "ae_id". Field "ae_id.saddr" is uninitialized when calling "nlmsg_append".
# 400| return -NLE_NOMEM;
# 401|···
# 402|-> if (nlmsg_append(msg, &ae_id, sizeof(ae_id), NLMSG_ALIGNTO) < 0)
# 403| goto nla_put_failure;
# 404|···
|
|
Error: REVERSE_INULL (CWE-476):
libnl-3.6.0/lib/route/nexthop_encap.c:35: deref_ptr: Directly dereferencing pointer "rtnh_encap->ops".
libnl-3.6.0/lib/route/nexthop_encap.c:37: check_after_deref: Null-checking "rtnh_encap->ops" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
# 35| nh_encap_type2str(rtnh_encap->ops->encap_type));
# 36|···
# 37|-> if (rtnh_encap->ops && rtnh_encap->ops->dump)
# 38| rtnh_encap->ops->dump(rtnh_encap->priv, dp);
# 39| }
|
|
rtnl_qdisc_mqprio_set_*()
rtnl_qdisc_mqprio_set_priomap() would access the input array prio after
len.
Also these setters did the wrong argument checking (arguably, the caller
is not supposed to provide an invalid argument, so that part is less
severe).
Coverity:
Error: OVERRUN (CWE-119):
libnl-3.6.0/lib/route/qdisc/mqprio.c:363: cond_at_most: Checking "len / 2UL > 16UL" implies that "len" may be up to 33 on the false branch.
libnl-3.6.0/lib/route/qdisc/mqprio.c:366: overrun-buffer-arg: Overrunning array "mqprio->qm_count" of 32 bytes by passing it to a function which accesses it at byte offset 65 using argument "len * 2UL" (which evaluates to 66). [Note: The source code implementation of the function has been overridden by a builtin model.]
# 364| return -NLE_RANGE;
# 365|···
# 366|-> memcpy(mqprio->qm_count, count, len * sizeof(uint16_t));
# 367| memcpy(mqprio->qm_offset, offset, len * sizeof(uint16_t));
# 368| mqprio->qm_mask |= SCH_MQPRIO_ATTR_QUEUE;
Error: OVERRUN (CWE-119):
libnl-3.6.0/lib/route/qdisc/mqprio.c:363: cond_at_most: Checking "len / 2UL > 16UL" implies that "len" may be up to 33 on the false branch.
libnl-3.6.0/lib/route/qdisc/mqprio.c:367: overrun-buffer-arg: Overrunning array "mqprio->qm_offset" of 32 bytes by passing it to a function which accesses it at byte offset 65 using argument "len * 2UL" (which evaluates to 66). [Note: The source code implementation of the function has been overridden by a builtin model.]
# 365|···
# 366| memcpy(mqprio->qm_count, count, len * sizeof(uint16_t));
# 367|-> memcpy(mqprio->qm_offset, offset, len * sizeof(uint16_t));
# 368| mqprio->qm_mask |= SCH_MQPRIO_ATTR_QUEUE;
# 369|···
Error: OVERRUN (CWE-119):
libnl-3.6.0/lib/route/qdisc/mqprio.c:496: cond_at_most: Checking "len / 8UL > 16UL" implies that "len" may be up to 135 on the false branch.
libnl-3.6.0/lib/route/qdisc/mqprio.c:499: overrun-buffer-arg: Overrunning array "mqprio->qm_min_rate" of 128 bytes by passing it to a function which accesses it at byte offset 1079 using argument "len * 8UL" (which evaluates to 1080). [Note: The source code implementation of the function has been overridden by a builtin model.]
# 497| return -NLE_RANGE;
# 498|···
# 499|-> memcpy(mqprio->qm_min_rate, min, len * sizeof(uint64_t));
# 500| mqprio->qm_mask |= SCH_MQPRIO_ATTR_MIN_RATE;
# 501|···
Error: OVERRUN (CWE-119):
libnl-3.6.0/lib/route/qdisc/mqprio.c:545: cond_at_most: Checking "len / 8UL > 16UL" implies that "len" may be up to 135 on the false branch.
libnl-3.6.0/lib/route/qdisc/mqprio.c:548: overrun-buffer-arg: Overrunning array "mqprio->qm_max_rate" of 128 bytes by passing it to a function which accesses it at byte offset 1079 using argument "len * 8UL" (which evaluates to 1080). [Note: The source code implementation of the function has been overridden by a builtin model.]
# 546| return -NLE_RANGE;
# 547|···
# 548|-> memcpy(mqprio->qm_max_rate, max, len * sizeof(uint64_t));
# 549| mqprio->qm_mask |= SCH_MQPRIO_ATTR_MAX_RATE;
# 550|···
Fixes: 25cf1d39eded ('route:qdisc: add MQPRIO Qdisc'
|
|
Coverity:
Error: OVERRUN (CWE-119):
libnl-3.6.0/lib/route/link/sriov.c:653: overrun-buffer-arg: Overrunning array "stb" of 6 8-byte elements by passing it to a function which accesses it at element index 8 (byte offset 71) u
# 651|···
# 652| if (t[IFLA_VF_STATS]) {
# 653|-> err = nla_parse_nested(stb, IFLA_VF_STATS_MAX,
# 654| t[IFLA_VF_STATS],
# 655| sriov_stats_policy);
Fixes: 5d6e43ebef12 ('lib/route: SRIOV Parse and Read support')
|
|
|
|
|
|
|
|
Coverity thinks that we can bitshift by a negative number:
Error: BAD_SHIFT (CWE-682):
libnl-3.6.0/lib/socket.c:69: return_constant: Function call "time(NULL)" may return -1.
libnl-3.6.0/lib/socket.c:69: assignment: Assigning: "t" = "time(NULL)". The value of "t" is now 4294967295.
libnl-3.6.0/lib/socket.c:73: assignment: Assigning: "idx_state" = "t ^ (t >> 16) ^ 0x3047U". The value of "idx_state" is now 12359.
libnl-3.6.0/lib/socket.c:78: assignment: Assigning: "n" = "idx_state". The value of "n" is now -53177.
libnl-3.6.0/lib/socket.c:94: assignment: Assigning: "n" = "(n + 13) % 32". The value of "n" is now -12.
libnl-3.6.0/lib/socket.c:95: negative_shift: In expression "used_ports_map[i] >> n", shifting by a negative amount has undefined behavior. The shift amount, "n", is -12.
# 93| for (m = 0; m < 32; m++) {
# 94| n = (n + 13) % 32;
# 95|-> if (1UL & (used_ports_map[i] >> n))
# 96| continue;
# 97|···
Error: BAD_SHIFT (CWE-682):
libnl-3.6.0/lib/socket.c:69: return_constant: Function call "time(NULL)" may return -1.
libnl-3.6.0/lib/socket.c:69: assignment: Assigning: "t" = "time(NULL)". The value of "t" is now 4294967295.
libnl-3.6.0/lib/socket.c:73: assignment: Assigning: "idx_state" = "t ^ (t >> 16) ^ 0x3047U". The value of "idx_state" is now 12359.
libnl-3.6.0/lib/socket.c:78: assignment: Assigning: "n" = "idx_state". The value of "n" is now -53177.
libnl-3.6.0/lib/socket.c:94: assignment: Assigning: "n" = "(n + 13) % 32". The value of "n" is now -12.
libnl-3.6.0/lib/socket.c:98: negative_shift: In expression "1UL << n", shifting by a negative amount has undefined behavior. The shift amount, "n", is -12.
# 96| continue;
# 97|···
# 98|-> used_ports_map[i] |= (1UL << n);
# 99| n += (i * 32);
# 100|···
I don't see how that can happen. "n" was type int (32 bit, in practice),
but was initialized from an uint16_t (idx_state). Thus the number is positive
and small. Then we keep adding small numbers and modulo 32.
Anyway, try to silence the warning by using unsigned.
|
