| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1562195132-9829-1-git-send-email-mrv@mojatatu.com>
Date: Wed, 3 Jul 2019 19:05:31 -0400
From: Roman Mashak <mrv@...atatu.com>
To: stephen@...workplumber.org
Cc: netdev@...r.kernel.org, kernel@...atatu.com, jhs@...atatu.com,
xiyou.wangcong@...il.com, jiri@...nulli.us,
Roman Mashak <mrv@...atatu.com>
Subject: [PATCH iproute2 1/2] tc: added mask parameter in skbedit action
Add 32-bit missing mask attribute in iproute2/tc, which has been long
supported by the kernel side.
Signed-off-by: Roman Mashak <mrv@...atatu.com>
---
tc/m_skbedit.c | 30 ++++++++++++++++++++++++++----
1 file changed, 26 insertions(+), 4 deletions(-)
diff --git a/tc/m_skbedit.c b/tc/m_skbedit.c
index b6b839f8ef6c..f47c9705a990 100644
--- a/tc/m_skbedit.c
+++ b/tc/m_skbedit.c
@@ -33,7 +33,7 @@ static void explain(void)
fprintf(stderr, "Usage: ... skbedit <[QM] [PM] [MM] [PT] [IF]>\n"
"QM = queue_mapping QUEUE_MAPPING\n"
"PM = priority PRIORITY\n"
- "MM = mark MARK\n"
+ "MM = mark MARK[/MASK]\n"
"PT = ptype PACKETYPE\n"
"IF = inheritdsfield\n"
"PACKETYPE = is one of:\n"
@@ -41,6 +41,7 @@ static void explain(void)
"QUEUE_MAPPING = device transmit queue to use\n"
"PRIORITY = classID to assign to priority field\n"
"MARK = firewall mark to set\n"
+ "MASK = mask applied to firewall mark (0xffffffff by default)\n"
"note: inheritdsfield maps DS field to skb->priority\n");
}
@@ -61,7 +62,7 @@ parse_skbedit(struct action_util *a, int *argc_p, char ***argv_p, int tca_id,
struct rtattr *tail;
unsigned int tmp;
__u16 queue_mapping, ptype;
- __u32 flags = 0, priority, mark;
+ __u32 flags = 0, priority, mark, mask;
__u64 pure_flags = 0;
struct tc_skbedit sel = { 0 };
@@ -89,12 +90,26 @@ parse_skbedit(struct action_util *a, int *argc_p, char ***argv_p, int tca_id,
}
ok++;
} else if (matches(*argv, "mark") == 0) {
- flags |= SKBEDIT_F_MARK;
+ char *slash;
+
NEXT_ARG();
+ slash = strchr(*argv, '/');
+ if (slash)
+ *slash = '\0';
+
+ flags |= SKBEDIT_F_MARK;
if (get_u32(&mark, *argv, 0)) {
fprintf(stderr, "Illegal mark\n");
return -1;
}
+
+ if (slash) {
+ if (get_u32(&mask, slash + 1, 0)) {
+ fprintf(stderr, "Illegal mask\n");
+ return -1;
+ }
+ flags |= SKBEDIT_F_MASK;
+ }
ok++;
} else if (matches(*argv, "ptype") == 0) {
@@ -133,7 +148,7 @@ parse_skbedit(struct action_util *a, int *argc_p, char ***argv_p, int tca_id,
if (matches(*argv, "index") == 0) {
NEXT_ARG();
if (get_u32(&sel.index, *argv, 10)) {
- fprintf(stderr, "Pedit: Illegal \"index\"\n");
+ fprintf(stderr, "skbedit: Illegal \"index\"\n");
return -1;
}
argc--;
@@ -159,6 +174,9 @@ parse_skbedit(struct action_util *a, int *argc_p, char ***argv_p, int tca_id,
if (flags & SKBEDIT_F_MARK)
addattr_l(n, MAX_MSG, TCA_SKBEDIT_MARK,
&mark, sizeof(mark));
+ if (flags & SKBEDIT_F_MASK)
+ addattr_l(n, MAX_MSG, TCA_SKBEDIT_MASK,
+ &mask, sizeof(mask));
if (flags & SKBEDIT_F_PTYPE)
addattr_l(n, MAX_MSG, TCA_SKBEDIT_PTYPE,
&ptype, sizeof(ptype));
@@ -206,6 +224,10 @@ static int print_skbedit(struct action_util *au, FILE *f, struct rtattr *arg)
print_uint(PRINT_ANY, "mark", " mark %u",
rta_getattr_u32(tb[TCA_SKBEDIT_MARK]));
}
+ if (tb[TCA_SKBEDIT_MASK]) {
+ print_uint(PRINT_ANY, "mask", "/0x%x",
+ rta_getattr_u32(tb[TCA_SKBEDIT_MASK]));
+ }
if (tb[TCA_SKBEDIT_PTYPE] != NULL) {
ptype = rta_getattr_u16(tb[TCA_SKBEDIT_PTYPE]);
if (ptype == PACKET_HOST)
--
2.7.4
Powered by blists - more mailing lists