| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Aug 2019 13:17:06 +0300
From: Ido Schimmel <idosch@...sch.org>
To: netdev@...r.kernel.org
Cc: stephen@...workplumber.org, dsahern@...il.com, jiri@...lanox.com,
mlxsw@...lanox.com, Ido Schimmel <idosch@...lanox.com>
Subject: [PATCH iproute2] tc: Fix block-handle support for filter operations
From: Ido Schimmel <idosch@...lanox.com>
Commit e991c04d64c0 ("Revert "tc: Add batchsize feature for filter and
actions"") reverted more than it should and broke shared block
functionality. Fix this by restoring the original functionality.
To reproduce:
# tc qdisc add dev swp1 ingress_block 10 ingress
# tc filter add block 10 proto ip pref 1 flower \
dst_ip 192.0.2.0/24 action drop
Unknown filter "block", hence option "10" is unparsable
Fixes: e991c04d64c0 ("Revert "tc: Add batchsize feature for filter and actions"")
Signed-off-by: Ido Schimmel <idosch@...lanox.com>
---
tc/tc_filter.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/tc/tc_filter.c b/tc/tc_filter.c
index 53759a7a8876..23e21d89d7d1 100644
--- a/tc/tc_filter.c
+++ b/tc/tc_filter.c
@@ -74,6 +74,7 @@ static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv)
__u32 prio = 0;
__u32 protocol = 0;
int protocol_set = 0;
+ __u32 block_index = 0;
__u32 chain_index;
int chain_index_set = 0;
char *fhandle = NULL;
@@ -89,7 +90,21 @@ static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv)
NEXT_ARG();
if (d[0])
duparg("dev", *argv);
+ if (block_index) {
+ fprintf(stderr, "Error: \"dev\" and \"block\" are mutually exclusive\n");
+ return -1;
+ }
strncpy(d, *argv, sizeof(d)-1);
+ } else if (matches(*argv, "block") == 0) {
+ NEXT_ARG();
+ if (block_index)
+ duparg("block", *argv);
+ if (d[0]) {
+ fprintf(stderr, "Error: \"dev\" and \"block\" are mutually exclusive\n");
+ return -1;
+ }
+ if (get_u32(&block_index, *argv, 0) || !block_index)
+ invarg("invalid block index value", *argv);
} else if (strcmp(*argv, "root") == 0) {
if (req.t.tcm_parent) {
fprintf(stderr,
@@ -184,6 +199,9 @@ static int tc_filter_modify(int cmd, unsigned int flags, int argc, char **argv)
fprintf(stderr, "Cannot find device \"%s\"\n", d);
return 1;
}
+ } else if (block_index) {
+ req.t.tcm_ifindex = TCM_IFINDEX_MAGIC_BLOCK;
+ req.t.tcm_block_index = block_index;
}
if (q) {
--
2.21.0
Powered by blists - more mailing lists