* [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups
@ 2018-01-18 10:32 Wolfgang Bumiller
2018-01-18 10:32 ` [PATCH iproute2] tc/lexer: let quotes actually start strings Wolfgang Bumiller
` (3 more replies)
0 siblings, 4 replies; 10+ messages in thread
From: Wolfgang Bumiller @ 2018-01-18 10:32 UTC (permalink / raw)
To: netdev
Cc: Stephen Hemminger, Jamal Hadi Salim, Cong Wang, Jiri Pirko,
David S . Miller
The iproute2 part allows the the actual use of the already existing
quoted string parsing.
The kernel side fixes an oob read in em_nbyte and allows 'layer 0' in
cmp and nbyte (and em_text whose existence surprised me given that I did
not see it exposed via iproute2) to actually match layer 0 rather than
being the same as specifying layer 1.
I seem to have stumbled upon a layer of dust (says git-blame).
Trying to match mac addresses I felt that the examples found online
using the 'u32' filter were rather inconvenient, particularly given
that there's the 'nbyte' filter around that could just memcmp the
entire a byte sequence at once.
Wolfgang Bumiller (1; 2):
tc/lexer: let quotes actually start strings
tc/emp_ematch.l | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
net: sched: em_nbyte: don't add the data offset twice
net_sched: fix TCF_LAYER_LINK case in tcf_get_base_ptr
include/net/pkt_cls.h | 2 +-
net/sched/em_nbyte.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--
2.11.0
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH iproute2] tc/lexer: let quotes actually start strings
2018-01-18 10:32 [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups Wolfgang Bumiller
@ 2018-01-18 10:32 ` Wolfgang Bumiller
2018-01-18 10:32 ` [PATCH net 1/2] net: sched: em_nbyte: don't add the data offset twice Wolfgang Bumiller
` (2 subsequent siblings)
3 siblings, 0 replies; 10+ messages in thread
From: Wolfgang Bumiller @ 2018-01-18 10:32 UTC (permalink / raw)
To: netdev
Cc: Stephen Hemminger, Jamal Hadi Salim, Cong Wang, Jiri Pirko,
David S . Miller
The lexer will go with the longest match, so previously
the starting double quotes of a string would be swallowed by
the [^ \t\r\n()]+ pattern leaving the user no way to
actually use strings with escape sequences.
Fix this by not allowing this case to start with double
quotes.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
tc/emp_ematch.l | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/emp_ematch.l b/tc/emp_ematch.l
index dc106759..d7a99304 100644
--- a/tc/emp_ematch.l
+++ b/tc/emp_ematch.l
@@ -137,7 +137,7 @@
")" {
return yylval.i = *yytext;
}
-[^ \t\r\n()]+ {
+[^" \t\r\n()][^ \t\r\n()]* {
yylval.b = bstr_alloc(yytext);
if (yylval.b == NULL)
return ERROR;
--
2.11.0
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH net 1/2] net: sched: em_nbyte: don't add the data offset twice
2018-01-18 10:32 [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups Wolfgang Bumiller
2018-01-18 10:32 ` [PATCH iproute2] tc/lexer: let quotes actually start strings Wolfgang Bumiller
@ 2018-01-18 10:32 ` Wolfgang Bumiller
2018-01-24 19:53 ` David Miller
2018-01-18 10:32 ` [PATCH net 2/2] net_sched: fix TCF_LAYER_LINK case in tcf_get_base_ptr Wolfgang Bumiller
2018-01-18 10:59 ` [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups Jiri Pirko
3 siblings, 1 reply; 10+ messages in thread
From: Wolfgang Bumiller @ 2018-01-18 10:32 UTC (permalink / raw)
To: netdev
Cc: Stephen Hemminger, Jamal Hadi Salim, Cong Wang, Jiri Pirko,
David S . Miller
'ptr' is shifted by the offset and then validated,
the memcmp should not add it a second time.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
net/sched/em_nbyte.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sched/em_nbyte.c b/net/sched/em_nbyte.c
index df3110d69585..07c10bac06a0 100644
--- a/net/sched/em_nbyte.c
+++ b/net/sched/em_nbyte.c
@@ -47,15 +47,15 @@ static int em_nbyte_match(struct sk_buff *skb, struct tcf_ematch *em,
unsigned char *ptr = tcf_get_base_ptr(skb, nbyte->hdr.layer);
ptr += nbyte->hdr.off;
if (!tcf_valid_offset(skb, ptr, nbyte->hdr.len))
return 0;
- return !memcmp(ptr + nbyte->hdr.off, nbyte->pattern, nbyte->hdr.len);
+ return !memcmp(ptr, nbyte->pattern, nbyte->hdr.len);
}
static struct tcf_ematch_ops em_nbyte_ops = {
.kind = TCF_EM_NBYTE,
.change = em_nbyte_change,
.match = em_nbyte_match,
.owner = THIS_MODULE,
--
2.11.0
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH net 2/2] net_sched: fix TCF_LAYER_LINK case in tcf_get_base_ptr
2018-01-18 10:32 [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups Wolfgang Bumiller
2018-01-18 10:32 ` [PATCH iproute2] tc/lexer: let quotes actually start strings Wolfgang Bumiller
2018-01-18 10:32 ` [PATCH net 1/2] net: sched: em_nbyte: don't add the data offset twice Wolfgang Bumiller
@ 2018-01-18 10:32 ` Wolfgang Bumiller
2018-01-24 19:53 ` David Miller
2018-01-18 10:59 ` [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups Jiri Pirko
3 siblings, 1 reply; 10+ messages in thread
From: Wolfgang Bumiller @ 2018-01-18 10:32 UTC (permalink / raw)
To: netdev
Cc: Stephen Hemminger, Jamal Hadi Salim, Cong Wang, Jiri Pirko,
David S . Miller
TCF_LAYER_LINK and TCF_LAYER_NETWORK returned the same pointer as
skb->data points to the network header.
Use skb_mac_header instead.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
Alternatively this could return skb->head directly, but
'sk_buff->mac_header' is documented as 'Link layer header' and this
seemed more clear. Since on the first read I thought "it looks fine"
while in fact skb->head comes before skb->data, so this seems less
confusing.
include/net/pkt_cls.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h
index 8e08b6da72f3..753ac9361154 100644
--- a/include/net/pkt_cls.h
+++ b/include/net/pkt_cls.h
@@ -522,7 +522,7 @@ static inline unsigned char * tcf_get_base_ptr(struct sk_buff *skb, int layer)
{
switch (layer) {
case TCF_LAYER_LINK:
- return skb->data;
+ return skb_mac_header(skb);
case TCF_LAYER_NETWORK:
return skb_network_header(skb);
case TCF_LAYER_TRANSPORT:
--
2.11.0
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups
2018-01-18 10:32 [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups Wolfgang Bumiller
` (2 preceding siblings ...)
2018-01-18 10:32 ` [PATCH net 2/2] net_sched: fix TCF_LAYER_LINK case in tcf_get_base_ptr Wolfgang Bumiller
@ 2018-01-18 10:59 ` Jiri Pirko
3 siblings, 0 replies; 10+ messages in thread
From: Jiri Pirko @ 2018-01-18 10:59 UTC (permalink / raw)
To: Wolfgang Bumiller
Cc: netdev, Stephen Hemminger, Jamal Hadi Salim, Cong Wang, David S . Miller
Thu, Jan 18, 2018 at 11:32:33AM CET, w.bumiller@proxmox.com wrote:
>The iproute2 part allows the the actual use of the already existing
>quoted string parsing.
Makes no sense to send iproute2 patch which is not related with the
kernel ones in the same set. Please send it separatelly.
>
>The kernel side fixes an oob read in em_nbyte and allows 'layer 0' in
>cmp and nbyte (and em_text whose existence surprised me given that I did
>not see it exposed via iproute2) to actually match layer 0 rather than
>being the same as specifying layer 1.
>
>I seem to have stumbled upon a layer of dust (says git-blame).
>Trying to match mac addresses I felt that the examples found online
>using the 'u32' filter were rather inconvenient, particularly given
>that there's the 'nbyte' filter around that could just memcmp the
>entire a byte sequence at once.
>
>Wolfgang Bumiller (1; 2):
> tc/lexer: let quotes actually start strings
>
> tc/emp_ematch.l | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> net: sched: em_nbyte: don't add the data offset twice
> net_sched: fix TCF_LAYER_LINK case in tcf_get_base_ptr
"net: sched:" or "net_sched:"? - please, try to be consistent
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH net 1/2] net: sched: em_nbyte: don't add the data offset twice
2018-01-18 10:32 ` [PATCH net 1/2] net: sched: em_nbyte: don't add the data offset twice Wolfgang Bumiller
@ 2018-01-24 19:53 ` David Miller
0 siblings, 0 replies; 10+ messages in thread
From: David Miller @ 2018-01-24 19:53 UTC (permalink / raw)
To: w.bumiller; +Cc: netdev, stephen, jhs, xiyou.wangcong, jiri
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Thu, 18 Jan 2018 11:32:35 +0100
> 'ptr' is shifted by the offset and then validated,
> the memcmp should not add it a second time.
>
> Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Applied.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH net 2/2] net_sched: fix TCF_LAYER_LINK case in tcf_get_base_ptr
2018-01-18 10:32 ` [PATCH net 2/2] net_sched: fix TCF_LAYER_LINK case in tcf_get_base_ptr Wolfgang Bumiller
@ 2018-01-24 19:53 ` David Miller
0 siblings, 0 replies; 10+ messages in thread
From: David Miller @ 2018-01-24 19:53 UTC (permalink / raw)
To: w.bumiller; +Cc: netdev, stephen, jhs, xiyou.wangcong, jiri
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Thu, 18 Jan 2018 11:32:36 +0100
> TCF_LAYER_LINK and TCF_LAYER_NETWORK returned the same pointer as
> skb->data points to the network header.
> Use skb_mac_header instead.
>
> Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Applied with Subject changed to be more consistent "net: sched:"
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH iproute2] tc/lexer: let quotes actually start strings
2018-01-22 10:53 [PATCH iproute2] tc/lexer: let quotes actually start strings Wolfgang Bumiller
2018-01-22 17:09 ` Stephen Hemminger
@ 2018-01-24 16:51 ` Stephen Hemminger
1 sibling, 0 replies; 10+ messages in thread
From: Stephen Hemminger @ 2018-01-24 16:51 UTC (permalink / raw)
To: Wolfgang Bumiller; +Cc: netdev
On Mon, 22 Jan 2018 11:53:46 +0100
Wolfgang Bumiller <w.bumiller@proxmox.com> wrote:
> The lexer will go with the longest match, so previously
> the starting double quotes of a string would be swallowed by
> the [^ \t\r\n()]+ pattern leaving the user no way to
> actually use strings with escape sequences.
> Fix this by not allowing this case to start with double
> quotes.
>
> Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Looks good, applied.
Don't think ematch is that widely used; or someone would have noticed.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH iproute2] tc/lexer: let quotes actually start strings
2018-01-22 10:53 [PATCH iproute2] tc/lexer: let quotes actually start strings Wolfgang Bumiller
@ 2018-01-22 17:09 ` Stephen Hemminger
2018-01-24 16:51 ` Stephen Hemminger
1 sibling, 0 replies; 10+ messages in thread
From: Stephen Hemminger @ 2018-01-22 17:09 UTC (permalink / raw)
To: Wolfgang Bumiller; +Cc: netdev
On Mon, 22 Jan 2018 11:53:46 +0100
Wolfgang Bumiller <w.bumiller@proxmox.com> wrote:
> The lexer will go with the longest match, so previously
> the starting double quotes of a string would be swallowed by
> the [^ \t\r\n()]+ pattern leaving the user no way to
> actually use strings with escape sequences.
> Fix this by not allowing this case to start with double
> quotes.
>
> Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
> ---
This is the same patch you posted earlier. It looked fine, just that
it needs some time for people on mailing list to review.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [PATCH iproute2] tc/lexer: let quotes actually start strings
@ 2018-01-22 10:53 Wolfgang Bumiller
2018-01-22 17:09 ` Stephen Hemminger
2018-01-24 16:51 ` Stephen Hemminger
0 siblings, 2 replies; 10+ messages in thread
From: Wolfgang Bumiller @ 2018-01-22 10:53 UTC (permalink / raw)
To: netdev; +Cc: Stephen Hemminger
The lexer will go with the longest match, so previously
the starting double quotes of a string would be swallowed by
the [^ \t\r\n()]+ pattern leaving the user no way to
actually use strings with escape sequences.
Fix this by not allowing this case to start with double
quotes.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
(Resent as separate thread)
tc/emp_ematch.l | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/emp_ematch.l b/tc/emp_ematch.l
index dc106759..d7a99304 100644
--- a/tc/emp_ematch.l
+++ b/tc/emp_ematch.l
@@ -137,7 +137,7 @@
")" {
return yylval.i = *yytext;
}
-[^ \t\r\n()]+ {
+[^" \t\r\n()][^ \t\r\n()]* {
yylval.b = bstr_alloc(yytext);
if (yylval.b == NULL)
return ERROR;
--
2.11.0
^ permalink raw reply related [flat|nested] 10+ messages in thread
end of thread, other threads:[~2018-01-24 19:53 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-18 10:32 [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups Wolfgang Bumiller
2018-01-18 10:32 ` [PATCH iproute2] tc/lexer: let quotes actually start strings Wolfgang Bumiller
2018-01-18 10:32 ` [PATCH net 1/2] net: sched: em_nbyte: don't add the data offset twice Wolfgang Bumiller
2018-01-24 19:53 ` David Miller
2018-01-18 10:32 ` [PATCH net 2/2] net_sched: fix TCF_LAYER_LINK case in tcf_get_base_ptr Wolfgang Bumiller
2018-01-24 19:53 ` David Miller
2018-01-18 10:59 ` [PATCH net+iproute2 0/2] nbyte, cmp and text filter fixups Jiri Pirko
2018-01-22 10:53 [PATCH iproute2] tc/lexer: let quotes actually start strings Wolfgang Bumiller
2018-01-22 17:09 ` Stephen Hemminger
2018-01-24 16:51 ` Stephen Hemminger
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.