lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Aug 2019 13:17:06 +0300 From: Ido Schimmel <idosch@...sch.org> To: netdev@...r.kernel.org Cc: stephen@...workplumber.org, dsahern@...il.com, jiri@...lanox.com, mlxsw@...lanox.com, Ido Schimmel <idosch@...lanox.com> Subject: [PATCH iproute2] tc: Fix block-handle support for filter operations From: Ido Schimmel <idosch@...lanox.com> Commit e991c04d64c0 ("Revert "tc: Add batchsize feature for filter and actions"") reverted more than it should and broke shared block functionality. Fix this by restoring the original functionality. To reproduce: # tc qdisc add dev swp1 ingress_block 10 ingress # tc filter add block 10 proto ip pref 1 flower \ dst_ip 192.0.2.0/24 action drop Unknown filter "block", hence option "10" is unparsable Fixes: e991c04d64c0 ("Revert "tc: Add batchsize feature for filter and actions"") Signed-off-by: Ido Schimmel <idosch@...lanox.com> --- tc/tc_filter.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tc/tc_filter.c b/tc/tc_filter.c index 53759a7a8876..23e21d89d7d1 100644 --- a/tc/tc_filter.c +++ b/tc/tc_filter.c @@ -74,6 +74,7 @@ static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv) __u32 prio = 0; __u32 protocol = 0; int protocol_set = 0; + __u32 block_index = 0; __u32 chain_index; int chain_index_set = 0; char *fhandle = NULL; @@ -89,7 +90,21 @@ static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv) NEXT_ARG(); if (d[0]) duparg("dev", *argv); + if (block_index) { + fprintf(stderr, "Error: \"dev\" and \"block\" are mutually exclusive\n"); + return -1; + } strncpy(d, *argv, sizeof(d)-1); + } else if (matches(*argv, "block") == 0) { + NEXT_ARG(); + if (block_index) + duparg("block", *argv); + if (d[0]) { + fprintf(stderr, "Error: \"dev\" and \"block\" are mutually exclusive\n"); + return -1; + } + if (get_u32(&block_index, *argv, 0) || !block_index) + invarg("invalid block index value", *argv); } else if (strcmp(*argv, "root") == 0) { if (req.t.tcm_parent) { fprintf(stderr, @@ -184,6 +199,9 @@ static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv) fprintf(stderr, "Cannot find device \"%s\"\n", d); return 1; } + } else if (block_index) { + req.t.tcm_ifindex = TCM_IFINDEX_MAGIC_BLOCK; + req.t.tcm_block_index = block_index; } if (q) { -- 2.21.0
Powered by blists - more mailing lists