Age | Commit message (Collapse) | Author |
|
Fix overlapping buffers passed to strncpy which is UB. format_host_rta_r writes
to the buffer passed to it, so hostname (derived from b1) & b1 partly overlap.
This gets worse with sys-libs/glibc-2.37 where the ip route output can be truncated,
but it was UB anyway and you can see it occurring w/ glibc-2.36.
Bug: https://lore.kernel.org/netdev/0011AC38-4823-4D0A-8580-B108D08959C2@gentoo.org/T/#u
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=30112
Thanks-to: Doug Freed <dwfreed@mtu.edu>
Signed-off-by: Sam James <sam@gentoo.org>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Currently Macsec print routines uses a 32 bit print routine
to print out the value of the packet number (PN) attribute, a
miss use of the 32 bit print routine is causing a miss print of
only the 32 least significant bit (LSB) of an extended packet
number (XPN) which is a 64 bit attribute.
Fixes: 6ce23b7c2d79 ("macsec: add Extended Packet Number support")
Signed-off-by: Emeel Hakim <ehakim@nvidia.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
The style standard is to use space after keywords.
Example:
if (expr)
verus
if(expr)
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Currently when configuring macsec with replay protection,
replay protection and window gets a default value of -1,
the above is leading to passing replay protection and
replay window attributes to the kernel while replay is
explicitly set to off, leading for an invalid argument
error when configured with extended packet number (XPN).
since the default window value which is 0xFFFFFFFF is
passed to the kernel and while XPN is configured the above
value is an invalid window value.
Example:
ip link add link eth2 macsec0 type macsec sci 1 cipher
gcm-aes-xpn-128 replay off
RTNETLINK answers: Invalid argument
Fix by passing the window attribute to the kernel only if replay is on
Fixes: b26fc590ce62 ("ip: add MACsec support")
Signed-off-by: Emeel Hakim <ehakim@nvidia.com>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Use SPDX instead of boilerplate text for ip and related
sub commands.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
These new events have been added in kernel commit f8c9dfbd875b ("mptcp:
add pm listener events") by Geliang Tang.
Two new MPTCP Netlink event types for PM listening socket creation and
closure have been recently added. They will be available in the future
v6.2 kernel.
They have been added because MPTCP for Linux, when not using the
in-kernel PM, depends on the userspace PM to create extra listening
sockets -- called "PM listeners" -- before announcing addresses and
ports. With the existing MPTCP Netlink events, a userspace PM can create
PM listeners at startup time, or in response to an incoming connection.
Creating sockets in response to connections is not optimal: ADD_ADDRs
can't be sent until the sockets are created and listen()ed, and if all
connections are closed then it may not be clear to the userspace PM
daemon that PM listener sockets should be cleaned up. Hence these new
events: PM listening sockets can be managed based on application
activity.
Note that the maximum event string size has to be increased by 2 to be
able to display LISTENER_CREATED without truncated it.
Also, as pointed by Mat, this event doesn't have any "token" attribute
so this attribute is now printed only if it is available.
Link: https://github.com/multipath-tcp/mptcp_net-next/issues/313
Cc: Geliang Tang <geliang.tang@suse.com>
Acked-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Conflicts:
devlink/devlink.c
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Extend at "ip xfrm policy" to allow policy offload to specific device.
The syntax and the code follow already established pattern from the
state offload.
The only difference between them is that direction was already mandatory
argument in policy configuration commands, so don't need to add direction
handling logic like it was done for the state offload.
The syntax is as follows:
$ ip xfrm policy .... offload packet dev <if-name>
Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Allow users to configure xfrm states with packet offload type.
Packet offload mode:
ip xfrm state offload packet dev <if-name> dir <in|out>
Crypto offload mode:
ip xfrm state offload crypto dev <if-name> dir <in|out>
ip xfrm state offload dev <if-name> dir <in|out>
The latter variant configures crypto offload mode and is needed
to provide backward compatibility.
Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
The offload in xfrm state requires to provide device and direction
in order to activate it. However, in the help section, device and
direction were displayed as an optional.
As a preparation to addition of packet offload, let's fix the help
section and refactor the code to be more clear.
Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Error messages should go on stderr.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
The MPLS statistics did not support oneline or JSON
in current code.
Fixes: 837552b445f5 ("iplink: add support for afstats subcommand")
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
ip-link-add supports netns argument just like ip-link-set. This commit
documents the existence of netns in help text and man page.
Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
The ip neigh command supports --json for "list" but not for "get". Add
json support for the "get" command so that it's possible to fetch
information about specific neighbors without regular expressions.
Fixes: aac7f725fa46 ("ipneigh: add color and json support")
Signed-off-by: Leonard Crestez <cdleonard@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Since my last commit "rtnetlink: add new function rtnl_echo_talk()" we
return the kernel rtnl exit code directly, which breaks some kernel
selftest checking. As there are still a lot of tests checking -2 as the
error return value, to keep backward compatibility, let's keep using
-2 for all the rtnl return values.
Reported-by: Ido Schimmel <idosch@idosch.org>
Fixes: 6c09257f1bf6 ("rtnetlink: add new function rtnl_echo_talk()")
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Tested-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Let's not keep unused code. The YAGNI means that this dead
code doesn't work now, and if it did it would have to change.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Conflicts:
include/uapi/linux/bpf.h
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Add MAB support in bridge(8) and ip(8), allowing these utilities to
enable / disable MAB and display its current status.
Signed-off-by: Hans Schultz <netdev@kapio-technology.com>
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Following commit 4e8a9914c4d4 ("ip-monitor: Include stats events in default
and "all" cases"), `ip monitor` fails to start on kernels which do not
contain linux.git commit 5fd0b838efac ("net: rtnetlink: Add UAPI toggle for
IFLA_OFFLOAD_XSTATS_L3_STATS") because the netlink group RTNLGRP_STATS
doesn't exist:
$ ip monitor
Failed to add stats group to list
When "stats" is not explicitly requested, ignore the error so that `ip
monitor` and `ip monitor all` continue to work on older kernels.
Note that the same change is not done for RTNLGRP_NEXTHOP because its value
is 32 and group numbers <= 32 are always supported; see the comment above
netlink_change_ngroups() in the kernel source. Therefore
NETLINK_ADD_MEMBERSHIP 32 does not error out even on kernels which do not
support RTNLGRP_NEXTHOP.
v2:
* Silently ignore a failure to implicitly add the stats group, instead of
printing a warning.
Reported-by: Stephen Hemminger <stephen@networkplumber.org>
Fixes: 4e8a9914c4d4 ("ip-monitor: Include stats events in default and "all" cases")
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
The command "ip --details link show canX" misses the closing bracket
`]' of the bitrate, the dbitrate and the termination arrays. The --json
output is not impacted.
Change the first argument of close_json_array() from PRINT_JSON to
PRINT_ANY to fix the problem. The second argument was already set
correctly.
Fixes: 67f3c7a5cc0d ("iplink_can: use PRINT_ANY to factorize code and fix signedness")
Reported-by: Marc Kleine-Budde <mkl@pengutronix.de>
Acked-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Support for xfrm metadata as lwtunnel metadata was added in kernel commit
2c2493b9da91 ("xfrm: lwtunnel: add lwtunnel support for xfrm interfaces in collect_md mode")
This commit adds the respective support in lwt routes.
Example use (consider ipsec1 as an xfrm interface in "external" mode):
ip route add 10.1.0.0/24 dev ipsec1 encap xfrm if_id 1
Or in the context of vrf, one can also specify the "link" property:
ip route add 10.1.0.0/24 dev ipsec1 encap xfrm if_id 1 link_dev eth15
Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
Reviewed-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Support for collect metadata mode was introduced in kernel commit
abc340b38ba2 ("xfrm: interface: support collect metadata mode")
This commit adds support for creating xfrm interfaces in this
mode.
Example use:
ip link add ipsec1 type xfrm external
Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
Reviewed-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Kernel commit 70e4272b4c81 ("net: bridge: add no_linklocal_learn bool
option") added the no_linklocal_learn bridge option that can be set via
sysfs or netlink.
Add iproute2 support, allowing it to query and set the option via
netlink.
The option is useful, for example, in scenarios where we want the bridge
to be able to refresh dynamic FDB entries that were added by user space
and are pointing to locked bridge ports, but do not want the bridge to
populate its FDB from EAPOL frames used for authentication.
Example:
$ ip -j -d link show dev br0 | jq ".[][\"linkinfo\"][\"info_data\"][\"no_linklocal_learn\"]"
0
$ cat /sys/class/net/br0/bridge/no_linklocal_learn
0
# ip link set dev br0 type bridge no_linklocal_learn 1
$ ip -j -d link show dev br0 | jq ".[][\"linkinfo\"][\"info_data\"][\"no_linklocal_learn\"]"
1
$ cat /sys/class/net/br0/bridge/no_linklocal_learn
1
# ip link set dev br0 type bridge no_linklocal_learn 0
$ ip -j -d link show dev br0 | jq ".[][\"linkinfo\"][\"info_data\"][\"no_linklocal_learn\"]"
0
$ cat /sys/class/net/br0/bridge/no_linklocal_learn
0
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Currently, when using `ip monitor`, family-specific rtnl multicast groups
(ex. RTNLGRP_IPV4_IFADDR) are used when specifying the '-family' option (or
one of its short forms) and an object type is specified (ex. `ip -4 monitor
addr`) but not when listening for changes to all object types (ex. `ip -4
monitor`). In that case, multicast groups for all families, regardless of
the '-family' option, are used. Depending on the object type, this leads to
ignoring the '-family' selection (MROUTE, ADDR, NETCONF), or printing stray
prefix headers with no event (ROUTE, RULE).
Rewrite the parameter parsing code so that per-family rtnl multicast groups
are selected in all cases.
The issue can be witnessed while running `ip -4 monitor label` at the same
time as the following command:
ip link add dummy0 address 02:00:00:00:00:01 up type dummy
The output includes:
[ROUTE][ROUTE][ADDR]9: dummy0 inet6 fe80::ff:fe00:1/64 scope link
valid_lft forever preferred_lft forever
Notice the stray "[ROUTE]" labels (related to filtered out ipv6 routes) and
the ipv6 ADDR entry. Those do not appear if using `ip -4 monitor label
route address`.
Fixes: aba5acdfdb34 ("(Logical change 1.3)")
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
It seems that stats were omitted from `ip monitor` and `ip monitor all`.
Since all other event types are included, include stats as well. Use the
same logic as for nexthops.
Fixes: a05a27c07cbf ("ipmonitor: Add monitoring support for stats events")
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
`ip monitor stats` listens for changes to nexthops and stats. It should
listen for stats only.
Fixes: a05a27c07cbf ("ipmonitor: Add monitoring support for stats events")
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Add a new function rtnl_echo_talk() that could be used when the
sub-component supports NLM_F_ECHO flag. With this function we can
remove the redundant code added by commit b264b4c6568c7 ("ip: add
NLM_F_ECHO support").
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Support the "dsa" kind of rtnl_link_ops exported by the kernel, and
export reads/writes to IFLA_DSA_MASTER.
Examples:
$ ip link set swp0 type dsa conduit eth1
$ ip -d link show dev swp0
(...)
dsa conduit eth0
$ ip -d -j link show swp0
[
{
"link": "eth1",
"linkinfo": {
"info_kind": "dsa",
"info_data": {
"conduit": "eth1"
}
},
}
]
Note that by construction and as shown in the example, the IFLA_LINK
reported by a DSA user port is identical to what is reported through
IFLA_DSA_MASTER. However IFLA_LINK is not writable, and overloading its
meaning to make it writable would clash with other users of IFLA_LINK
(vlan etc) for which writing this property does not make sense.
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
This counter is based on the same principle that the 'promiscuity' counter:
the flag ALLMULTI is displayed only when it is explicitly requested by the
userland. This counter enables to know if 'allmulti' is configured on an
interface.
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
When user space configures the kernel with netlink messages, it can set the
NLM_F_ECHO flag to request the kernel to send the applied configuration back
to the caller. This allows user space to retrieve configuration information
that are filled by the kernel (either because these parameters can only be
set by the kernel or because user space let the kernel choose a default
value).
NLM_F_ACK is also supplied incase the kernel doesn't support NLM_F_ECHO
and we will wait for the reply forever. Just like the update in
iplink.c, which I plan to post a patch to kernel later.
A new parameter -echo is added when user want to get feedback from kernel.
e.g.
# ip -echo addr add 192.168.0.1/24 dev eth1
3: eth1 inet 192.168.0.1/24 scope global eth1
valid_lft forever preferred_lft forever
# ip -j -p -echo addr del 192.168.0.1/24 dev eth1
[ {
"deleted": true,
"index": 3,
"dev": "eth1",
"family": "inet",
"local": "192.168.0.1",
"prefixlen": 24,
"scope": "global",
"label": "eth1",
"valid_life_time": 4294967295,
"preferred_life_time": 4294967295
} ]
Suggested-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
As described in RFC 8986 [1], processing operations carried out by SRv6
End, End.X and End.T (End* for short) behaviors can be modified or
extended using the "flavors" mechanism. This patch adds the support for
PSP,USP,USD flavors (defined in [1]) and for NEXT-C-SID flavor (defined
in [2]) in SRv6 End* behaviors. Specifically, we add a new optional
attribute named "flavors" that can be leveraged by the user to enable
specific flavors while creating an SRv6 End* behavior instance.
Multiple flavors can be specified together by separating them using
commas.
If a specific flavor (or a combination of flavors) is not supported by the
underlying Linux kernel, an error message is reported to the user and the
creation of the specific behavior instance is aborted.
When the flavors attribute is omitted, the regular SRv6 End* behavior is
performed.
Flavors such as PSP, USP and USD do not accept additional configuration
attributes. Conversely, the NEXT-C-SID flavor can be configured to support
user-provided Locator-Block and Locator-Node Function lengths using,
respectively, the lblen and the nflen attributes.
Both lblen and nflen values must be evenly divisible by 8 and their sum
must not exceed 128 bit (i.e. the C-SID container size).
If the lblen attribute is omitted, the default value chosen by the Linux
kernel is 32-bit. If the nflen attribute is omitted, the default value
chosen by the Linux kernel is 16-bit.
Some examples:
ip -6 route add 2001:db8::1 encap seg6local action End flavors next-csid dev eth0
ip -6 route add 2001:db8::2 encap seg6local action End flavors next-csid lblen 48 nflen 16 dev eth0
Standard Output:
ip -6 route show 2001:db8::2
2001:db8::2 encap seg6local action End flavors next-csid lblen 48 nflen 16 dev eth0 metric 1024 pref medium
JSON Output:
ip -6 -j -p route show 2001:db8::2
[ {
"dst": "2001:db8::2",
"encap": "seg6local",
"action": "End",
"flavors": [ "next-csid" ],
"lblen": 48,
"nflen": 16,
"dev": "eth0",
"metric": 1024,
"flags": [ ],
"pref": "medium"
} ]
[1] - https://datatracker.ietf.org/doc/html/rfc8986
[2] - https://datatracker.ietf.org/doc/html/draft-ietf-spring-srv6-srh-compression
Signed-off-by: Paolo Lungaroni <paolo.lungaroni@uniroma2.it>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
This patch adds support for extended packet number (XPN).
XPN can be configured by passing 'cipher gcm-aes-xpn-128' as part of
the ip link add command using macsec type.
In addition, using 'xpn' keyword instead of the 'pn', passing a 12
bytes salt using the 'salt' keyword and passing short secure channel
id (ssci) using the 'ssci' keyword as part of the ip macsec command
is required (see example).
e.g:
create a MACsec device on link eth0 with enabled xpn
# ip link add link eth0 macsec0 type macsec port 11
encrypt on cipher gcm-aes-xpn-128
configure a secure association on the device
# ip macsec add macsec0 tx sa 0 xpn 1024 on ssci 5
salt 838383838383838383838383
key 01 81818181818181818181818181818181
configure a secure association on the device with ssci = 5
# ip macsec add macsec0 tx sa 0 xpn 1024 on ssci 5
salt 838383838383838383838383
key 01 82828282828282828282828282828282
Signed-off-by: Emeel Hakim <ehakim@nvidia.com>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
IWYU reports several headers are not explicitly
included by ipstats.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Fix build error for musl
| /usr/src/debug/iproute2/5.19.0-r0/iproute2-5.19.0/ip/ipstats.c:231: undefined reference to `MIN'
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
|
|
Conflicts:
vdpa/include/uapi/linux/vdpa.h
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
This patch adds the support for the reduced version of the H.Encaps and
H.L2Encaps behaviors as defined in RFC 8986 [1].
H.Encaps.Red and H.L2Encaps.Red SRv6 behaviors are an optimization of the
H.Encaps and H.L2Encaps aiming to reduce the length of the SID List carried
in the pushed SRH. Specifically, the reduced version of the behaviors
removes the first SID contained in the SID List (i.e. SRv6 Policy) by
storing it into the IPv6 Destination Address. When SRv6 Policy is made of
only one SID, the reduced version of the behaviors omits the SRH at all and
pushes that SID directly into the IPv6 DA.
Some examples:
ip -6 route add 2001:db8::1 encap seg6 mode encap.red segs fcf0:1::e,fcf0:2::d6 dev eth0
ip -6 route add 2001:db8::2 encap seg6 mode l2encap.red segs fcf0:1::d2 dev eth0
Standard Output:
ip -6 route show 2001:db8::1
2001:db8::1 encap seg6 mode encap.red segs 2 [ fcf0:1::e fcf0:2::d6 ] dev eth0 metric 1024 pref medium
JSON Output:
ip -6 -j -p route show 2001:db8::1
[ {
"dst": "2001:db8::1",
"encap": "seg6",
"mode": "encap.red",
"segs": [ "fcf0:1::e","fcf0:2::d6" ],
"dev": "eth0",
"metric": 1024,
"flags": [ ],
"pref": "medium"
} ]
[1] - https://datatracker.ietf.org/doc/html/rfc8986
Signed-off-by: Paolo Lungaroni <paolo.lungaroni@uniroma2.it>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
With the following command sequence:
ip link add dummy0 type dummy
ip neigh add 192.168.0.1 dev dummy0
ip neigh get 192.168.0.1 dev dummy0
when running the last command under valgrind, it reports
32,768 bytes in 1 blocks are definitely lost in loss record 2 of 2
at 0x483F7B5: malloc (vg_replace_malloc.c:381)
by 0x17A0EC: rtnl_recvmsg (libnetlink.c:838)
by 0x17A3D1: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040)
by 0x17B894: __rtnl_talk (libnetlink.c:1141)
by 0x17B894: rtnl_talk (libnetlink.c:1147)
by 0x12E49B: ipneigh_get (ipneigh.c:728)
by 0x1174CB: do_cmd (ip.c:136)
by 0x116F7C: main (ip.c:324)
Free the answer obtained from rtnl_talk().
Fixes: 62842362370b ("ipneigh: neigh get support")
Suggested-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
When running the command `ip mptcp limits` under valgrind, it reports
32,768 bytes in 1 blocks are definitely lost in loss record 1 of 1
at 0x483F7B5: malloc (vg_replace_malloc.c:381)
by 0x17A0BC: rtnl_recvmsg (libnetlink.c:838)
by 0x17A3A1: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040)
by 0x17B864: __rtnl_talk (libnetlink.c:1141)
by 0x17B864: rtnl_talk (libnetlink.c:1147)
by 0x16837D: mptcp_limit_get_set (ipmptcp.c:436)
by 0x1174CB: do_cmd (ip.c:136)
by 0x116F7C: main (ip.c:324)
Free the answer obtained from rtnl_talk().
Fixes: 7e0767cd862b ("add support for mptcp netlink interface")
Suggested-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
With the following command sequence:
ip mptcp endpoint add 127.0.0.1 id 1
ip mptcp endpoint show id 1
when running the last command under valgrind, it reports
32,768 bytes in 1 blocks are definitely lost in loss record 2 of 2
at 0x483F7B5: malloc (vg_replace_malloc.c:381)
by 0x17A0AC: rtnl_recvmsg (libnetlink.c:838)
by 0x17A391: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040)
by 0x17B854: __rtnl_talk (libnetlink.c:1141)
by 0x17B854: rtnl_talk (libnetlink.c:1147)
by 0x168A56: mptcp_addr_show (ipmptcp.c:334)
by 0x1174CB: do_cmd (ip.c:136)
by 0x116F7C: main (ip.c:324)
Free the answer obtained from rtnl_talk().
Fixes: 7e0767cd862b ("add support for mptcp netlink interface")
Suggested-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Running a command like `ip addr show dev lo` under valgrind informs us that
32,768 bytes in 1 blocks are definitely lost in loss record 4 of 4
at 0x483577F: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x16CBE2: rtnl_recvmsg (libnetlink.c:775)
by 0x16CF04: __rtnl_talk_iov (libnetlink.c:954)
by 0x16E257: __rtnl_talk (libnetlink.c:1059)
by 0x16E257: rtnl_talk (libnetlink.c:1065)
by 0x115CB1: ipaddr_link_get (ipaddress.c:1833)
by 0x11A0D1: ipaddr_list_flush_or_save (ipaddress.c:2030)
by 0x1152EB: do_cmd (ip.c:115)
by 0x114D6F: main (ip.c:321)
After calling store_nlmsg(), the original buffer should be freed. That is
the pattern used elsewhere through the rtnl_dump_filter() call chain.
Fixes: 884709785057 ("ip address: Set device index in dump request")
Reported-by: Binu Gopalakrishnapillai <binug@nvidia.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Benjamin Poirier <bpoirier@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
In bpf program, only the program name is unique. Before this patch, if there
are multiple programs with the same section name, only the first program
will be attached. With program name support, users could specify the exact
program they want to attach.
Note this feature is only supported when iproute2 build with libbpf.
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
The commit cited below added a new column to print_stats64(). However it
then updated only one size_columns() call site, neglecting to update the
remaining three. As a result, in those not-updated invocations,
size_columns() now accesses a vararg argument that is not being passed,
which is undefined behavior.
Fixes: cebf67a35d8a ("show rx_otherehost_dropped stat in ip link show")
CC: Tariq Toukan <tariqt@nvidia.com>
CC: Itay Aveksis <itayav@nvidia.com>
Signed-off-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
In print_stats64(), the last size_columns() invocation passes number of
carrier changes as one of the arguments. The value is decoded as a 32-bit
quantity, but size_columns() expects a 64-bit one. This is undefined
behavior.
The reason valgrind does not cite this is that the previous size_columns()
invocations prime the ABI area used for the value transfer. When these
other invocations are commented away, valgrind does complain that
"conditional jump or move depends on uninitialised value", as would be
expected.
Fixes: 49437375b6c1 ("ip: dynamically size columns when printing stats")
Signed-off-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
For values near the 64-bit boundary, the iterative application of
powi *= 10 causes powi to overflow without the termination condition of
powi >= val having ever been satisfied. Instead, when determining the
length of the number, iterate val /= 10 and terminate when it's a single
digit.
Fixes: 49437375b6c1 ("ip: dynamically size columns when printing stats")
CC: Tariq Toukan <tariqt@nvidia.com>
CC: Itay Aveksis <itayav@nvidia.com>
Signed-off-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
|
Add per port priority support for active slave re-selection during
bonding failover. A higher number means higher priority.
This option is only valid for active-backup(1), balance-tlb (5) and
balance-alb (6) mode.
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Acked-by: Jonathan Toppins <jtoppins@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
In print_tunnel json output, a typo makes it impossible to know the
value of udp6_csum_rx, printing instead udp6_csum_tx two times.
Fixed getting rid of the typo.
Fixes: 98453b65800f ("ip/l2tp: add JSON support")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|