misc/ifstat: fix incorrect output data in json mode

Due to this bug, in json mode (with the -j flag), the output was
always in absolute mode (as if passing in the -a flag) and not in
relative mode.

Signed-off-by: Chander Govindarajan <mail@chandergovind.org>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

f_flower: Treat port 0 as valid

It is not currently possible to add a filter matching on port 0 despite
it being a valid port number. This is caused by cited commit which
treats a value of 0 as an indication that the port was not specified.

Instead of inferring that a port range was specified by checking that both
the minimum and the maximum ports are non-zero, simply add a boolean
argument to parse_range() and set it after parsing a port range.

Before:

 # tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass
 Illegal "src_port"

 # tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass
 Illegal "dst_port"

 # tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass
 Illegal "src_port"

 # tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass
 Illegal "dst_port"

After:

 # tc filter add dev swp1 ingress pref 1 proto ip flower ip_proto udp src_port 0 action pass

 # tc filter add dev swp1 ingress pref 2 proto ip flower ip_proto udp dst_port 0 action pass

 # tc filter add dev swp1 ingress pref 3 proto ip flower ip_proto udp src_port 0-100 action pass

 # tc filter add dev swp1 ingress pref 4 proto ip flower ip_proto udp dst_port 0-100 action pass

 # tc filter show dev swp1 ingress | grep _port
   src_port 0
   dst_port 0
   src_port 0-100
   dst_port 0-100

Fixes: 767b6fd620dd ("tc: flower: fix port value truncation")
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Petr Machata <petrm@nvidia.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

uapi: update headers to 6.5-rc1

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc/taprio: fix parsing of "fp" option when it doesn't appear last

When installing a Qdisc this way:

tc qdisc replace dev $ifname handle 8001: parent root stab overhead 24 taprio \
num_tc 8 \
map 0 1 2 3 4 5 6 7 \
queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 \
base-time 0 \
sched-entry S 01 1216 \
sched-entry S fe 12368 \
fp P E E E E E E E \
flags 0x2

the parser will error out when it tries to parse the "fp" array and it
finds "flags" as one of the elements, expecting it to be one of "P" or
"E".

The way this is handled in the parsing of other array arguments of
variable size (max-sdu, map, queues etc) is to not fail, call PREV_ARG()
and attempt re-parsing the argument as something else. Do that for "fp"
as well.

Apparently mqprio handles this case correctly, so I must have forgotten
to apply the same treatment for taprio as well, during development.

Fixes: 5fbca3b469ec ("tc/taprio: add support for preemptible traffic classes")
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

f_flower: simplify cfm dump function

The standard print function can be used to print the cfm attributes in
both standard and json use cases. In this way no string buffer is needed
which simplifies the code.

Signed-off-by: Zahari Doychev <zdoychev@maxlinear.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ifstat: fix warning about conditional

Gcc with warnings enabled complains because the conditional.
  if ((long)(a - b) < 0)
could be construed as never true.  Change to simple comparison.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ct: check for invalid proto

Previously since proto was __u8 an invalid proto would
be allowed.  Gcc warns about never true conditional
since __u8 can never be negative.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ss: fix warning about empty if()

With all warnings enabled gcc wants brackets around the
empty if() clause. "Yes I really want an empty clause"

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

fix fallthrough warnings

In lib/utils.c comment for fallthrough was in wrong place
and one was missing in xfrm_state.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

dcb: fully initialize flag table

And make the flag table const since only used for lookup.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

Merge git://git.kernel.org/pub/scm/network/iproute2/iproute2-next

v6.4.0

man: fix typos found by Lintian

Signed-off-by: Luca Boccassi <bluca@debian.org>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

f_flower: add cfm support

Add support for matching on CFM Maintenance Domain level and opcode.

  # tc filter add dev ens6 ingress pref 1 proto cfm \
       flower cfm op 1 mdl 5 action ok

  # tc filter show dev ens6 ingress
    filter protocol cfm pref 1 flower chain 0
    filter protocol cfm pref 1 flower chain 0 handle 0x1
      eth_type 8902
      cfm mdl 5 op 1
      not_in_hw
            action order 1: gact action pass
             random type none pass val 0
             index 1 ref 1 bind 1

  # tc -j -p filter show dev ens6 ingress
    [ {
            "protocol": "cfm",
            "pref": 1,
            "kind": "flower",
            "chain": 0
        },{
            "protocol": "cfm",
            "pref": 1,
            "kind": "flower",
            "chain": 0,
            "options": {
                "handle": 1,
                "keys": {
                    "eth_type": "8902",
                    "cfm": {
                        "mdl": 5,
                        "op": 1
                    }
                },
                "not_in_hw": true,
                "actions": [ {
                        "order": 1,
                        "kind": "gact",
                        "control_action": {
                            "type": "pass"
                        },
                        "prob": {
                            "random_type": "none",
                            "control_action": {
                                "type": "pass"
                            },
                            "val": 0
                        },
                        "index": 1,
                        "ref": 1,
                        "bind": 1
                    } ]
            }
        } ]

Signed-off-by: Zahari Doychev <zdoychev@maxlinear.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

iplink: filter stats using RTEXT_FILTER_SKIP_STATS

Don't request statistics we do not intend to render. This avoids the
possibility of a truncated IFLA_VFINFO_LIST when statistics are not
requested as well as the fetching of unnecessary data.

Signed-off-by: Edwin Peer <edwin.peer@broadcom.com>
Cc: Edwin Peer <espeer@gmail.com>
Signed-off-by: Gal Pressman <gal@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

Update kernel headers

Update kernel headers to commit:
    cc7554954848 ("net: micrel: Change to receive timestamp in the frame for lan8841")

Signed-off-by: David Ahern <dsahern@kernel.org>

tc/taprio: print the offload xstats

When the kernel reports offload counters through TCA_STATS2 ->
TCA_STATS_APP for the taprio qdisc, decode and print them.

Usage:

 # Global stats
 $ tc -s qdisc show dev eth0 root
 # Per-tc stats
 $ tc -s class show dev eth0

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

f_flower: Add l2_miss support

Add the ability to match on packets that encountered a layer 2 miss in
bridge driver's FDB / MDB. Example:

 # tc filter add dev swp2 egress pref 1 proto all flower indev swp1 l2_miss 1 action drop
 # tc filter add dev swp2 egress pref 1 proto all flower indev swp1 l2_miss 0 action drop

 # tc filter show dev swp2 egress
 filter protocol all pref 1 flower chain 0
 filter protocol all pref 1 flower chain 0 handle 0x1
   indev swp1
   l2_miss 1
   not_in_hw
         action order 1: gact action drop
          random type none pass val 0
          index 1 ref 1 bind 1

 filter protocol all pref 1 flower chain 0 handle 0x2
   indev swp1
   l2_miss 0
   not_in_hw
         action order 1: gact action drop
          random type none pass val 0
          index 2 ref 1 bind 1

 # tc -j -p filter show dev swp2 egress
 [ {
         "protocol": "all",
         "pref": 1,
         "kind": "flower",
         "chain": 0
     },{
         "protocol": "all",
         "pref": 1,
         "kind": "flower",
         "chain": 0,
         "options": {
             "handle": 1,
             "indev": "swp1",
             "keys": {
                 "l2_miss": 1
             },
             "not_in_hw": true,
             "actions": [ {
 [...]
                 } ]
         }
     },{
         "protocol": "all",
         "pref": 1,
         "kind": "flower",
         "chain": 0,
         "options": {
             "handle": 2,
             "indev": "swp1",
             "keys": {
                 "l2_miss": 0
             },
             "not_in_hw": true,
             "actions": [ {
 [...]
                 } ]
         }
     } ]

Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

Merge branch 'dcb-rewr-subcmd' into next

Daniel Machon  says:

====================

========================================================================
Introduction:
========================================================================

This series introduces a new DCB subcommand: rewr, which is used to
configure the in-kernel DCB rewrite table [1].

Rewrite support is added as a separate DCB subcommand, rather than an
APP opt-in flag or similar. This goes in line with what we did to dcbnl,
where rewrite is a separate object.  Obviously this requires a bit more
code to implement the new command, but much of the existing dcb-app code
(especially the bookkeeping code) can be reused. In some cases a little
adaptation is needed.

========================================================================
dcb-rewr parameters:
========================================================================

Initially, I have only made support for the prio-pcp and prio-dscp
parameters, as DSCP and PCP  are the only selectors that currently have
a user [2] and to be honest, I am not even sure it makes sense to add
dgram, stream, ethtype rewrite support - At least the rewriter of Sparx5
does not support this. Any input here is much appreciated!

Examples:

Rewrite DSCP to 63 for packets with priority 1
$ dcb rewr add dev eth0 prio-dscp 1:63

Rewrite PCP 7 and DEI to 1 for packets with priority 1
$ dcb rewr add dev eth0 prio-pcp 1:7de

A new manpage has been added, to cover the new dcb-rewr subcommand, and
its parameters. Also I took the liberty to clean up a few things in the
dcb-app manpage.

========================================================================
Patch overview:
========================================================================

Patch  #1 Adds a new field 'attr' to the dcb_app_table struct, which is
          used to distinguish app and rewrite tables.

Patch  #2 Replaces uses of %d with %u for unsigned int.

Patch  #3 Moves colon out of callback functions.

Patch  #4 Renames protocl print functions from _key to _pid

Patch  #5 Modifies the _print_filtered() function for dcb-rewr reuse, by
          introducing new callbacks.

Patch  #6 Modifies existing dcb-app function dcb_app_table_remove_replaced
          for reuse by dcb-rewr

Patch  #7 Expose dcb-app functions required by dcb-rewr.

Patch  #8 Adds the new dcb-rewr subcommand with initial support for
          prio-pcp and prio-dscp rewrite.

Patch  #9 Introduces symbol for max DSCP value and updates accordingly.

Patch #10 Adds the dcb-rewr.8 manpage
Patch #11 Adds references to dcb-apptrust and dcb-rewr in the dcb.8
          manpage.

Patch #12 Cleans up the dcb-app.8 manpage.

[1] https://elixir.bootlin.com/linux/v6.4-rc1/source/net/dcb/dcbnl.c#L181
[2] https://elixir.bootlin.com/linux/v6.4-rc1/source/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c#L380

====================

Signed-off-by: David Ahern <dsahern@kernel.org>

man: dcb-app: clean up a few mistakes

While referencing the dcb-app manpage, I spotted a few mistakes. Lets
fix them.

Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

man: dcb: add additional references under 'SEE ALSO'

Add dcb-apptrust and dcb-rewr to the 'SEE ALSO' section of the dcb
manpage.

Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

man: dcb-rewr: add new manpage for dcb-rewr

Add a new manpage for dcb-rewr. Most of the content is copied over from
dcb-app, as the same set of commands and parameters (in reverse) applies
to dcb-rewr.

Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: rewr: add symbol for max DSCP value

A symbol, DCB_APP_PCP_MAX, for maximum PCP value, already exists. Lets
add a symbol DCB_APP_DSCP_MAX and update accordingly.

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: rewr: add new dcb-rewr subcommand

Add a new subcommand 'rewr' for configuring the in-kernel DCB rewrite
table. The rewrite table of the kernel is similar to the APP table,
therefore, much of the existing bookkeeping code from dcb-app, can be
reused in the dcb-rewr implementation.

Initially, only support for configuring PCP and DSCP-based rewrite has
been added.

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: app: expose functions required by dcb-rewr

In preparation for the dcb-rewr implementation, expose required
functions, and structs.

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: app: modify dcb_app_table_remove_replaced() for dcb-rewr reuse

When doing a replace command, entries are checked against selector and
protocol. Rewrite requires the check to be against selector and
priority.

Adapt the existing dcb_app_table_remove_replace function for this, by
using callback functions for selector, pid and prio checks.

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: app: modify dcb_app_print_filtered() for dcb-rewr reuse

Where dcb-app requires protocol to be the printed key, dcb-rewr requires
it to be the priority. Adapt existing dcb-app print functions for this.

dcb_app_print_filtered() has been modified, to take two callbacks; one
for printing the entire string (pid and prio), and one for the pid type
(dec, hex, dscp, pcp). This saves us for making one dedicated function
for each pid type for both app and rewr.

Also, printing the colon is now expected to be handled by the
print_pid_prio() callback.

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: app: rename dcb_app_print_key_*() functions

In preparation for changing the prototype of dcb_app_print_filtered(),
rename the _print_key_*() functions to _print_pid_*(), as the protocol
can both be key and value with the introduction of dcb-rewr.

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: app: move colon printing out of callbacks

In preparation for changing the prototype of dcb_app_print_filtered(),
move the colon printing out of the callbacks, and into
dcb_app_print_filtered().

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: app: replace occurrences of %d with %u for printing unsigned int

In preparation for changing the prototype of dcb_app_print_filtered(),
replace occurrences of %d for printing unsigned integer, with %u as it
ought to be.

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

dcb: app: add new dcbnl attribute field

Add a new field 'attr' to the dcb_app_table struct, in order to inject
different dcbnl get/set attributes for APP and rewrite.

Signed-off-by: Daniel Machon <daniel.machon@microchip.com>
Reviewed-by: Petr Machata <me@pmachata.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

uapi: update to bpf.h

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

rt_names: check for malloc() failure

Fixes issue reported by Gcc 13 analayzer.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ip-link: add support for nolocalbypass in vxlan

Add userspace support for the [no]localbypass vxlan netlink
attribute. With localbypass on (default), the vxlan driver processes
the packets destined to the local machine by itself, bypassing the
userspace nework stack. With nolocalbypass the packets are always
forwarded to the userspace network stack, so userspace programs,
such as tcpdump have a chance to process them.

Signed-off-by: Vladimir Nikishkin <vladimir@nikishkin.pw>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Andrea Claudi <aclaudi@redhat.com>
Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

Update kernel headers

Update kernel headers to commit:
    ae91f7e436f8 ("net/pppoe: fix a typo for the PPPOE_HASH_BITS_1 definition")

Signed-off-by: David Ahern <dsahern@kernel.org>

whitespace cleanups

Remove trailing whitespace.
Make sure there is space after keywords.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

treewide: fix indentation

Replace multiple whitespaces with tab where appropriate.
While at it, fix tc flower help message and remove some double
whitespaces.

Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Tested-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

Merge branch 'main' into next

Signed-off-by: David Ahern <dsahern@kernel.org>

rdma: make rd_attr_check static

Function defined and used in only one file.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

xfrm: make xfrm_stat_print_nokeys static

This function is only used in one file.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ip: make print_rta_gateway static

Function only used in one file.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

bridge: make print_vlan_info static

Function defined and used in only one file.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

libnetlink: drop unused rtnl_talk_iov

Function was defined but not used in current iproute2 code.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

utils: make local cmdline functions static

No need to expose these parts of command line parsing.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ipaddress: accept symbolic names

The function rtnl_addproto_a2n() was defined but never used.
Use it to allow for symbolic names, and fix the function signatures
so protocol value is consistently __u8.

Fixes: bdb8d8549ed9 ("ip: Support IP address protocol")
Cc: petrm@nvidia.com
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

uapi: update headers to 6.4-rc4

Minor addition to in.h

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

vxlan: make option printing more consistent

Add new helper function print_bool_opt() which prints
with no prefix and use it for vxlan options.

If the option matches the expected default value,
it is not printed if in non JSON mode unless the details
setting is repeated.

Use a table for the vxlan options. This will change
the order of the printing of options.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

vxlan: use print_nll for gbp and gpe

The Gbp and Gpe are presence, not booleans so use print_null()
for them

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

iproute_lwtunnel: fix array boundary check

seg6_mode_types is made up of 5 elements, so ARRAY_SIZE(seg6_mode_types)
evaluates to 5. Thus, when mode = 5, this function returns
seg6_mode_types[5], resulting in an out-of-bound access.

Fix this bailing out when mode is equal to or greater than 5.

Fixes: cf87da417bb4 ("iproute: add support for seg6 l2encap mode")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

vdpa: propagate error from cmd_dev_vstats_show()

Error potentially returned from mnlu_gen_socket_sndrcv() are propagated
for each and every invocation in vdpa. Let's do the same here.

Fixes: 6f97e9c9337b ("vdpa: Add support for reading vdpa device statistics")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Reviewed-by: Parav Pandit <parav@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ipstats: fix message reporting error

strerror() accepts any integer as arguments, but returns meaningful
error descriptions only for positive integers.

ipstats code uses strerror on a code path where either err is 0 or
-ENOMEM, thus resulting in a useless error message.

Fix this using errno and moving the error printing closer to the only
function populating it in this code path.

Fixes: df0b2c6d0098 ("ipstats: Add a shell of "show" command")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

bridge: vni: remove useless checks on vni

After the (d == NULL || vni == NULL) check, vni cannot be NULL anymore.

This remove two useless conditional checks on vni value:
- the first check cannot be true, so remove the whole conditional block
- the second check is always true, so remove the check

Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ip: remove double space before 'allmulti' flag

Current output:
$ ip -d link show vxlan0
79: vxlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether b6:f6:12:c3:2d:52 brd ff:ff:ff:ff:ff:ff promiscuity 0  allmulti 0 minmtu 68 maxmtu 65535

Resulting output:
$ ip -d link show vxlan0
79: vxlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether b6:f6:12:c3:2d:52 brd ff:ff:ff:ff:ff:ff promiscuity 0 allmulti 0 minmtu 68 maxmtu 65535

Fixes: e98683accc28 ("link: display 'allmulti' counter")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ll_type_n2a: use ARRAY_SIZE

Replace open coded version of array size computation.
And fix whitespace.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

mptcp: add support for implicit flag

Kernel supports implicit flag since commit d045b9eb95a9 ("mptcp:
introduce implicit endpoints"), included in v5.18.

Let's add support for displaying it to iproute2.

Before this change:
$ ip mptcp endpoint show
10.0.2.2 id 1 rawflags 10

After this change:
$ ip mptcp endpoint show
10.0.2.2 id 1 implicit

Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

CREDITS: add file

Record some of the historical contributors to iproute2.
Take Alexey out of README.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc/prio: handle possible truncated kernel response

Reported by -fanalyzer. If kernel did not send full qdisc
info, then uninitialized or null data could be referenced.

q_prio.c: In function ‘prio_print_opt’:
q_prio.c:105:57: warning: dereference of NULL ‘0’ [CWE-476] [-Wanalyzer-null-dereference]
  105 |         print_uint(PRINT_ANY, "bands", "bands %u ", qopt->bands);
      |                                                     ~~~~^~~~~~~
  ‘prio_print_opt’: event 1
    |
    |   98 |         if (opt == NULL)
    |      |            ^
    |      |            |
    |      |            (1) following ‘false’ branch (when ‘opt’ is non-NULL)...
    |
  ‘prio_print_opt’: event 2
    |
    |../include/uapi/linux/rtnetlink.h:228:38:
    |  228 | #define RTA_PAYLOAD(rta) ((int)((rta)->rta_len) - RTA_LENGTH(0))
    |      |                                ~~~~~~^~~~~~~~~~
    |      |                                      |
    |      |                                      (2) ...to here
../include/libnetlink.h:236:19: note: in expansion of macro ‘RTA_PAYLOAD’
    |  236 |         ({ data = RTA_PAYLOAD(rta) >= len ? RTA_DATA(rta) : NULL;       \
    |      |                   ^~~~~~~~~~~
q_prio.c:101:13: note: in expansion of macro ‘parse_rtattr_nested_compat’
    |  101 |         if (parse_rtattr_nested_compat(tb, TCA_PRIO_MAX, opt, qopt,
    |      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~
    |
  ‘prio_print_opt’: event 3
    |
    |../include/libnetlink.h:236:59:
    |  236 |         ({ data = RTA_PAYLOAD(rta) >= len ? RTA_DATA(rta) : NULL;       \
q_prio.c:101:13: note: in expansion of macro ‘parse_rtattr_nested_compat’
    |  101 |         if (parse_rtattr_nested_compat(tb, TCA_PRIO_MAX, opt, qopt,
    |      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~
    |
  ‘prio_print_opt’: events 4-5
    |
    |  105 |         print_uint(PRINT_ANY, "bands", "bands %u ", qopt->bands);
    |      |                                                     ~~~~^~~~~~~
    |      |                                                         |
    |      |                                                         (4) ...to here
    |      |                                                         (5) dereference of NULL ‘<unknown>’
    |

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

rdma/utils: fix some analyzer warnings

Add error checks for cases where analyzer thinks it is possible
to us a possibly NULL value.

utils.c: In function ‘get_port_from_argv’:
utils.c:76:17: warning: use of NULL where non-null expected [CWE-476] [-Wanalyzer-null-argument]
   76 |         slash = strchr(rd_argv(rd), '/');
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~
  ‘get_port_from_argv’: events 1-2
    |
    |   68 | static int get_port_from_argv(struct rd *rd, uint32_t *port,
    |      |            ^~~~~~~~~~~~~~~~~~
    |      |            |
    |      |            (1) entry to ‘get_port_from_argv’
    |......
    |   76 |         slash = strchr(rd_argv(rd), '/');
    |      |                        ~
    |      |                        |
    |      |                        (2) inlined call to ‘rd_argv’ from ‘get_port_from_argv’
    |
    +--> ‘rd_argv’: event 3
           |
           |   18 |         if (!rd_argc(rd))
           |      |            ^
           |      |            |
           |      |            (3) following ‘true’ branch...
           |
    <------+
    |
  ‘get_port_from_argv’: events 4-5
    |
    |   76 |         slash = strchr(rd_argv(rd), '/');
    |      |                 ^~~~~~~~~~~~~~~~~~~~~~~~
    |      |                 |
    |      |                 (4) ...to here
    |      |                 (5) argument 1 (‘<unknown>’) NULL where non-null expected
    |
In file included from rdma.h:10,
                 from utils.c:7:
/usr/include/string.h:246:14: note: argument 1 of ‘strchr’ must be non-null
  246 | extern char *strchr (const char *__s, int __c)
      |              ^~~~~~

Fixes: 40df8263a0f0 ("rdma: Add dev object")
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

nstat: fix potential NULL deref

Reported as:
    CC       nstat
nstat.c: In function ‘load_ugly_table’:
nstat.c:205:24: warning: dereference of NULL ‘p’ [CWE-476] [-Wanalyzer-null-dereference]
  205 |                 while (*p) {
      |                        ^~
  ‘main’: events 1-14
    |
    |  575 | int main(int argc, char *argv[])
    |      |     ^~~~
    |      |     |
    |      |     (1) entry to ‘main’
    |......
    |  635 |         if (scan_interval > 0) {
    |      |            ~
    |      |            |
    |      |            (2) following ‘true’ branch...
    |  636 |                 if (time_constant == 0)
    |      |                     ~~~~~~~~~~~~~~~~~~
    |      |                                   |
    |      |                                   (3) ...to here
    |......
    |  640 |                 if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
    |      |                    ~      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                    |      |
    |      |                    |      (4) when ‘socket’ succeeds
    |      |                    (5) following ‘false’ branch (when ‘fd >= 0’)...
    |......
    |  644 |                 if (bind(fd, (struct sockaddr *)&sun, 2+1+strlen(sun.sun_path+1)) < 0) {
    |      |                    ~                                      ~~~~~~~~~~~~~~~~~~~~~~
    |      |                    |                                      |
    |      |                    (7) following ‘false’ branch...        (6) ...to here
    |......
    |  648 |                 if (listen(fd, 5) < 0) {
    |      |                    ~~~~~~~~~~~~~~
    |      |                    ||
    |      |                    |(8) ...to here
    |      |                    |(9) when ‘listen’ succeeds
    |      |                    (10) following ‘false’ branch...
    |......
    |  652 |                 if (daemon(0, 0)) {
    |      |                    ~~~~~~~~~~~~~
    |      |                    ||
    |      |                    |(11) ...to here
    |      |                    (12) following ‘false’ branch...
    |......
    |  656 |                 signal(SIGPIPE, SIG_IGN);
    |      |                 ~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                 |
    |      |                 (13) ...to here
    |  657 |                 signal(SIGCHLD, sigchild);
    |  658 |                 server_loop(fd);
    |      |                 ~~~~~~~~~~~~~~~
    |      |                 |
    |      |                 (14) calling ‘server_loop’ from ‘main’
    |
    +--> ‘server_loop’: events 15-16
           |
           |  472 | static void server_loop(int fd)
           |      |             ^~~~~~~~~~~
           |      |             |
           |      |             (15) entry to ‘server_loop’
           |......
           |  483 |         load_netstat();
           |      |         ~~~~~~~~~~~~~~
           |      |         |
           |      |         (16) calling ‘load_netstat’ from ‘server_loop’
           |
           +--> ‘load_netstat’: events 17-20
                  |
                  |  302 | static void load_netstat(void)
                  |      |             ^~~~~~~~~~~~
                  |      |             |
                  |      |             (17) entry to ‘load_netstat’
                  |......
                  |  306 |         if (fp) {
                  |      |            ~
                  |      |            |
                  |      |            (18) following ‘true’ branch (when ‘fp’ is non-NULL)...
                  |  307 |                 load_ugly_table(fp);
                  |      |                 ~~~~~~~~~~~~~~~~~~~
                  |      |                 |
                  |      |                 (19) ...to here
                  |      |                 (20) calling ‘load_ugly_table’ from ‘load_netstat’
                  |
                  +--> ‘load_ugly_table’: events 21-26
                         |
                         |  178 | static void load_ugly_table(FILE *fp)
                         |      |             ^~~~~~~~~~~~~~~
                         |      |             |
                         |      |             (21) entry to ‘load_ugly_table’
                         |  179 | {
                         |  180 |         char *buf = NULL;
                         |      |               ~~~
                         |      |               |
                         |      |               (22) ‘buf’ is NULL
                         |......
                         |  186 |         while ((nread = getline(&buf, &buflen, fp)) != -1) {
                         |      |                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                         |      |                                                     |
                         |      |                                                     (23) following ‘true’ branch...
                         |......
                         |  192 |                 p = strchr(buf, ':');
                         |      |                     ~~~~~~~~~~~~~~~~
                         |      |                     |
                         |      |                     (24) ...to here
                         |      |                     (25) when ‘strchr’ returns non-NULL
                         |  193 |                 if (!p) {
                         |      |                    ~
                         |      |                    |
                         |      |                    (26) following ‘false’ branch (when ‘p’ is non-NULL)...
                         |
                       ‘load_ugly_table’: event 27
                         |
                         |cc1:
                         | (27): ...to here
                         |
                       ‘load_ugly_table’: events 28-40
                         |
                         |  205 |                 while (*p) {
                         |      |                        ^~
                         |      |                        |
                         |      |                        (28) following ‘true’ branch...
                         |      |                        (40) dereference of NULL ‘p’
                         |......
                         |  208 |                         if ((next = strchr(p, ' ')) != NULL)
                         |      |                            ~        ~~~~~~~~~~~~~~
                         |      |                            |        |
                         |      |                            |        (29) ...to here
                         |      |                            |        (30) when ‘strchr’ returns NULL
                         |      |                            (31) following ‘false’ branch (when ‘next’ is NULL)...
                         |  209 |                                 *next++ = 0;
                         |  210 |                         else if ((next = strchr(p, '\n')) != NULL)
                         |      |                                 ~        ~~~~~~~~~~~~~~~
                         |      |                                 |        |
                         |      |                                 |        (32) ...to here
                         |      |                                 |        (33) when ‘strchr’ returns NULL
                         |      |                                 (34) following ‘false’ branch (when ‘next’ is NULL)...
                         |  211 |                                 *next++ = 0;
                         |  212 |                         if (off < sizeof(idbuf)) {
                         |      |                            ~~~~~~~~~~~~~~~~~~~~
                         |      |                            |    |
                         |      |                            |    (35) ...to here
                         |      |                            (36) following ‘false’ branch...
                         |......
                         |  216 |                         n = malloc(sizeof(*n));
                         |      |                             ~~~~~~~~~~~~~~~~~~
                         |      |                             |
                         |      |                             (37) ...to here
                         |  217 |                         if (!n) {
                         |      |                            ~
                         |      |                            |
                         |      |                            (38) following ‘false’ branch (when ‘n’ is non-NULL)...
                         |......
                         |  221 |                         n->id = strdup(idbuf);
                         |      |                                 ~~~~~~~~~~~~~
                         |      |                                 |
                         |      |                                 (39) ...to here
                         |
nstat.c:254:35: warning: dereference of NULL ‘n’ [CWE-476] [-Wanalyzer-null-dereference]
  254 |                                 n = n->next;
      |                                 ~~^~~~~~~~~
  ‘main’: events 1-14
    |
    |  575 | int main(int argc, char *argv[])
    |      |     ^~~~
    |      |     |
    |      |     (1) entry to ‘main’
    |......
    |  635 |         if (scan_interval > 0) {
    |      |            ~
    |      |            |
    |      |            (2) following ‘true’ branch...
    |  636 |                 if (time_constant == 0)
    |      |                     ~~~~~~~~~~~~~~~~~~
    |      |                                   |
    |      |                                   (3) ...to here
    |......
    |  640 |                 if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
    |      |                    ~      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                    |      |
    |      |                    |      (4) when ‘socket’ succeeds
    |      |                    (5) following ‘false’ branch (when ‘fd >= 0’)...
    |......
    |  644 |                 if (bind(fd, (struct sockaddr *)&sun, 2+1+strlen(sun.sun_path+1)) < 0) {
    |      |                    ~                                      ~~~~~~~~~~~~~~~~~~~~~~
    |      |                    |                                      |
    |      |                    (7) following ‘false’ branch...        (6) ...to here
    |......
    |  648 |                 if (listen(fd, 5) < 0) {
    |      |                    ~~~~~~~~~~~~~~
    |      |                    ||
    |      |                    |(8) ...to here
    |      |                    |(9) when ‘listen’ succeeds
    |      |                    (10) following ‘false’ branch...
    |......
    |  652 |                 if (daemon(0, 0)) {
    |      |                    ~~~~~~~~~~~~~
    |      |                    ||
    |      |                    |(11) ...to here
    |      |                    (12) following ‘false’ branch...
    |......
    |  656 |                 signal(SIGPIPE, SIG_IGN);
    |      |                 ~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                 |
    |      |                 (13) ...to here
    |  657 |                 signal(SIGCHLD, sigchild);
    |  658 |                 server_loop(fd);
    |      |                 ~~~~~~~~~~~~~~~
    |      |                 |
    |      |                 (14) calling ‘server_loop’ from ‘main’
    |
    +--> ‘server_loop’: events 15-16
           |
           |  472 | static void server_loop(int fd)
           |      |             ^~~~~~~~~~~
           |      |             |
           |      |             (15) entry to ‘server_loop’
           |......
           |  483 |         load_netstat();
           |      |         ~~~~~~~~~~~~~~
           |      |         |
           |      |         (16) calling ‘load_netstat’ from ‘server_loop’
           |
           +--> ‘load_netstat’: events 17-20
                  |
                  |  302 | static void load_netstat(void)
                  |      |             ^~~~~~~~~~~~
                  |      |             |
                  |      |             (17) entry to ‘load_netstat’
                  |......
                  |  306 |         if (fp) {
                  |      |            ~
                  |      |            |
                  |      |            (18) following ‘true’ branch (when ‘fp’ is non-NULL)...
                  |  307 |                 load_ugly_table(fp);
                  |      |                 ~~~~~~~~~~~~~~~~~~~
                  |      |                 |
                  |      |                 (19) ...to here
                  |      |                 (20) calling ‘load_ugly_table’ from ‘load_netstat’
                  |
                  +--> ‘load_ugly_table’: events 21-25
                         |
                         |  178 | static void load_ugly_table(FILE *fp)
                         |      |             ^~~~~~~~~~~~~~~
                         |      |             |
                         |      |             (21) entry to ‘load_ugly_table’
                         |......
                         |  186 |         while ((nread = getline(&buf, &buflen, fp)) != -1) {
                         |      |                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                         |      |                                                     |
                         |      |                                                     (22) following ‘true’ branch...
                         |......
                         |  192 |                 p = strchr(buf, ':');
                         |      |                     ~~~~~~~~~~~~~~~~
                         |      |                     |
                         |      |                     (23) ...to here
                         |      |                     (24) when ‘strchr’ returns non-NULL
                         |  193 |                 if (!p) {
                         |      |                    ~
                         |      |                    |
                         |      |                    (25) following ‘false’ branch (when ‘p’ is non-NULL)...
                         |
                       ‘load_ugly_table’: event 26
                         |
                         |cc1:
                         | (26): ...to here
                         |
                       ‘load_ugly_table’: events 27-28
                         |
                         |  205 |                 while (*p) {
                         |      |                        ^
                         |      |                        |
                         |      |                        (27) following ‘false’ branch...
                         |......
                         |  228 |                 nread = getline(&buf, &buflen, fp);
                         |      |                         ~
                         |      |                         |
                         |      |                         (28) inlined call to ‘getline’ from ‘load_ugly_table’
                         |
                         +--> ‘getline’: event 29
                                |
                                |/usr/include/bits/stdio.h:120:10:
                                |  120 |   return __getdelim (__lineptr, __n, '\n', __stream);
                                |      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                                |      |          |
                                |      |          (29) ...to here
                                |
                         <------+
                         |
                       ‘load_ugly_table’: events 30-36
                         |
                         |nstat.c:229:20:
                         |  229 |                 if (nread == -1) {
                         |      |                    ^
                         |      |                    |
                         |      |                    (30) following ‘false’ branch...
                         |......
                         |  234 |                 count2 = count_spaces(buf);
                         |      |                          ~~~~~~~~~~~~~~~~~
                         |      |                          |
                         |      |                          (31) ...to here
                         |......
                         |  239 |                         if (!p) {
                         |      |                            ~
                         |      |                            |
                         |      |                            (32) following ‘false’ branch (when ‘p’ is non-NULL)...
                         |......
                         |  244 |                         *p = 0;
                         |      |                         ~~~~~~
                         |      |                            |
                         |      |                            (33) ...to here
                         |  245 |                         if (sscanf(p+1, "%llu", &n->val) != 1) {
                         |      |                            ~
                         |      |                            |
                         |      |                            (34) following ‘false’ branch...
                         |......
                         |  251 |                         if (skip)
                         |      |                            ~
                         |      |                            |
                         |      |                            (35) ...to here
                         |......
                         |  254 |                                 n = n->next;
                         |      |                                 ~~~~~~~~~~~
                         |      |                                   |
                         |      |                                   (36) dereference of NULL ‘n’
                         |

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

netem: fix NULL deref on allocation failure

q_netem.c: In function ‘get_distribution’:
q_netem.c:159:35: warning: dereference of possibly-NULL ‘data’ [CWE-690] [-Wanalyzer-possible-null-dereference]
  159 |                         data[n++] = x;
      |                         ~~~~~~~~~~^~~
  ‘netem_parse_opt’: events 1-24
    |
    |  192 | static int netem_parse_opt(struct qdisc_util *qu, int argc, char **argv,
    |      |            ^~~~~~~~~~~~~~~
    |      |            |
    |      |            (1) entry to ‘netem_parse_opt’
    |......
    |  212 |         for ( ; argc > 0; --argc, ++argv) {
    |      |                 ~~~~~~~~
    |      |                      |
    |      |                      (2) following ‘true’ branch (when ‘argc > 0’)...
    |  213 |                 if (matches(*argv, "limit") == 0) {
    |      |                    ~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                    ||
    |      |                    |(3) ...to here
    |      |                    (4) following ‘true’ branch...
    |......
    |  219 |                 } else if (matches(*argv, "latency") == 0 ||
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                           ||                              |
    |      |                           |(5) ...to here                 (8) following ‘true’ branch...
    |      |                           (6) following ‘true’ branch...
    |  220 |                            matches(*argv, "delay") == 0) {
    |      |                            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                            |
    |      |                            (7) ...to here
    |......
    |  243 |                 } else if (matches(*argv, "loss") == 0 ||
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                           ||                           |
    |      |                           |(9) ...to here              (12) following ‘true’ branch...
    |      |                           (10) following ‘true’ branch...
    |  244 |                            matches(*argv, "drop") == 0) {
    |      |                            ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                            |
    |      |                            (11) ...to here
    |......
    |  366 |                 } else if (matches(*argv, "ecn") == 0) {
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~
    |      |                           ||
    |      |                           |(13) ...to here
    |      |                           (14) following ‘true’ branch...
    |  367 |                         present[TCA_NETEM_ECN] = 1;
    |  368 |                 } else if (matches(*argv, "reorder") == 0) {
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                           ||
    |      |                           |(15) ...to here
    |      |                           (16) following ‘true’ branch...
    |......
    |  383 |                 } else if (matches(*argv, "corrupt") == 0) {
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                           ||
    |      |                           |(17) ...to here
    |      |                           (18) following ‘true’ branch...
    |......
    |  398 |                 } else if (matches(*argv, "gap") == 0) {
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~
    |      |                           ||
    |      |                           |(19) ...to here
    |      |                           (20) following ‘true’ branch...
    |......
    |  404 |                 } else if (matches(*argv, "duplicate") == 0) {
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                           ||
    |      |                           |(21) ...to here
    |      |                           (22) following ‘true’ branch...
    |......
    |  417 |                 } else if (matches(*argv, "distribution") == 0) {
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                           ||
    |      |                           |(23) ...to here
    |      |                           (24) following ‘false’ branch...
    |
  ‘netem_parse_opt’: event 25
    |
    |../include/utils.h:50:29:
    |   50 | #define NEXT_ARG() do { argv++; if (--argc <= 0) incomplete_command(); } while(0)
    |      |                         ~~~~^~
    |      |                             |
    |      |                             (25) ...to here
q_netem.c:418:25: note: in expansion of macro ‘NEXT_ARG’
    |  418 |                         NEXT_ARG();
    |      |                         ^~~~~~~~
    |
  ‘netem_parse_opt’: event 26
    |
    |../include/utils.h:50:36:
    |   50 | #define NEXT_ARG() do { argv++; if (--argc <= 0) incomplete_command(); } while(0)
    |      |                                    ^
    |      |                                    |
    |      |                                    (26) following ‘false’ branch (when ‘argc != 0’)...
q_netem.c:418:25: note: in expansion of macro ‘NEXT_ARG’
    |  418 |                         NEXT_ARG();
    |      |                         ^~~~~~~~
    |
  ‘netem_parse_opt’: events 27-29
    |
    |  419 |                         dist_data = calloc(sizeof(dist_data[0]), MAX_DIST);
    |      |                                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                                     |
    |      |                                     (27) ...to here
    |      |                                     (28) this call could return NULL
    |  420 |                         dist_size = get_distribution(*argv, dist_data, MAX_DIST);
    |      |                                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                                     |
    |      |                                     (29) calling ‘get_distribution’ from ‘netem_parse_opt’
    |
    +--> ‘get_distribution’: events 30-31
           |
           |  124 | static int get_distribution(const char *type, __s16 *data, int maxdata)
           |      |            ^~~~~~~~~~~~~~~~
           |      |            |
           |      |            (30) entry to ‘get_distribution’
           |......
           |  135 |         if (f == NULL) {
           |      |            ~
           |      |            |
           |      |            (31) following ‘false’ branch (when ‘f’ is non-NULL)...
           |
         ‘get_distribution’: event 32
           |
           |cc1:
           | (32): ...to here
           |
         ‘get_distribution’: events 33-35
           |
           |  142 |         while (getline(&line, &len, f) != -1) {
           |      |                ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
           |      |                                        |
           |      |                                        (33) following ‘true’ branch...
           |......
           |  145 |                 if (*line == '\n' || *line == '#')
           |      |                    ~~~~~~
           |      |                    ||
           |      |                    |(34) ...to here
           |      |                    (35) following ‘false’ branch...
           |
         ‘get_distribution’: event 36
           |
           |cc1:
           | (36): ...to here
           |
         ‘get_distribution’: events 37-41
           |
           |  150 |                         if (endp == p)
           |      |                            ^
           |      |                            |
           |      |                            (37) following ‘false’ branch...
           |......
           |  153 |                         if (n >= maxdata) {
           |      |                            ~
           |      |                            |
           |      |                            (38) ...to here
           |      |                            (39) following ‘false’ branch (when ‘n < maxdata’)...
           |......
           |  159 |                         data[n++] = x;
           |      |                         ~~~~~~~~~~~~~
           |      |                               |   |
           |      |                               |   (41) ‘data + (long unsigned int)n * 2’ could be NULL: unchecked value from (28)
           |      |                               (40) ...to here
           |

Fixes: c1b81cb5fe92 ("netem potential dist table overflow")
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

m_action: fix warning of overwrite of const string

The function get_action_kind() searches first for the given
action, then rescans on failure for "gact". In the process,
it would overwrite the argument.  Avoid the warning
by using a const argument and not copying.

The problem dates back to pre-git history.

m_action.c: In function ‘get_action_kind’:
m_action.c:126:17: warning: write to string literal [-Wanalyzer-write-to-string-literal]
  126 |                 strcpy(str, "gact");
      |                 ^~~~~~~~~~~~~~~~~~~
  ‘do_action’: events 1-6
    |
    |  853 | int do_action(int argc, char **argv)
    |      |     ^~~~~~~~~
    |      |     |
    |      |     (1) entry to ‘do_action’
    |......
    |  858 |         while (argc > 0) {
    |      |                ~~~~~~~~
    |      |                     |
    |      |                     (2) following ‘true’ branch...
    |  859 |
    |  860 |                 if (matches(*argv, "add") == 0) {
    |      |                    ~~~~~~~~~~~~~~~~~~~~~~
    |      |                    ||
    |      |                    |(3) ...to here
    |      |                    (4) following ‘false’ branch...
    |  861 |                         ret =  tc_action_modify(RTM_NEWACTION,
    |      |                                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                                |
    |      |                                (5) ...to here
    |      |                                (6) calling ‘tc_action_modify’ from ‘do_action’
    |  862 |                                                 NLM_F_EXCL | NLM_F_CREATE,
    |      |                                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~
    |  863 |                                                 &argc, &argv);
    |      |                                                 ~~~~~~~~~~~~~
    |
    +--> ‘tc_action_modify’: events 7-8
           |
           |  715 | static int tc_action_modify(int cmd, unsigned int flags,
           |      |            ^~~~~~~~~~~~~~~~
           |      |            |
           |      |            (7) entry to ‘tc_action_modify’
           |......
           |  735 |         if (parse_action(&argc, &argv, TCA_ACT_TAB, &req.n)) {
           |      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |             |
           |      |             (8) calling ‘parse_action’ from ‘tc_action_modify’
           |
           +--> ‘parse_action’: events 9-18
                  |
                  |  203 | int parse_action(int *argc_p, char ***argv_p, int tca_id, struct nlmsghdr *n)
                  |      |     ^~~~~~~~~~~~
                  |      |     |
                  |      |     (9) entry to ‘parse_action’
                  |......
                  |  217 |         if (argc <= 0)
                  |      |            ~
                  |      |            |
                  |      |            (10) following ‘false’ branch...
                  |......
                  |  220 |         tail2 = addattr_nest(n, MAX_MSG, tca_id);
                  |      |                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                 |
                  |      |                 (11) ...to here
                  |  221 |
                  |  222 |         while (argc > 0) {
                  |      |                ~~~~~~~~
                  |      |                     |
                  |      |                     (12) following ‘true’ branch...
                  |  223 |
                  |  224 |                 memset(k, 0, sizeof(k));
                  |      |                 ~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                 |
                  |      |                 (13) ...to here
                  |  225 |
                  |  226 |                 if (strcmp(*argv, "action") == 0) {
                  |      |                    ~
                  |      |                    |
                  |      |                    (14) following ‘true’ branch (when the strings are equal)...
                  |  227 |                         argc--;
                  |      |                         ~~~~~~
                  |      |                             |
                  |      |                             (15) ...to here
                  |......
                  |  231 |                         if (!gact_ld)
                  |      |                            ~
                  |      |                            |
                  |      |                            (16) following ‘true’ branch...
                  |  232 |                                 get_action_kind("gact");
                  |      |                                 ~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                                 |
                  |      |                                 (17) ...to here
                  |      |                                 (18) calling ‘get_action_kind’ from ‘parse_action’
                  |
                  +--> ‘get_action_kind’: events 19-24
                         |
                         |   86 | static struct action_util *get_action_kind(char *str)
                         |      |                            ^~~~~~~~~~~~~~~
                         |      |                            |
                         |      |                            (19) entry to ‘get_action_kind’
                         |......
                         |  114 |         if (a == NULL)
                         |      |            ~
                         |      |            |
                         |      |            (20) following ‘true’ branch (when ‘a’ is NULL)...
                         |  115 |                 goto noexist;
                         |      |                 ~~~~
                         |      |                 |
                         |      |                 (21) ...to here
                         |......
                         |  124 |         if (!looked4gact) {
                         |      |            ~
                         |      |            |
                         |      |            (22) following ‘true’ branch (when ‘looked4gact == 0’)...
                         |  125 |                 looked4gact = 1;
                         |  126 |                 strcpy(str, "gact");
                         |      |                 ~~~~~~~~~~~~~~~~~~~
                         |      |                 |
                         |      |                 (23) ...to here
                         |      |                 (24) write to string literal here
                         |

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc_exec: don't dereference NULL on calloc failure

Reported as:
tc_exec.c: In function ‘do_exec’:
tc_exec.c:103:18: warning: dereference of NULL ‘eu’ [CWE-476] [-Wanalyzer-null-dereference]
  103 |         return eu->parse_eopt(eu, argc, argv);
      |                ~~^~~~~~~~~~~~
  ‘do_exec’: events 1-6
    |
    |   81 | int do_exec(int argc, char **argv)
    |      |     ^~~~~~~
    |      |     |
    |      |     (1) entry to ‘do_exec’
    |......
    |   86 |         if (argc < 1) {
    |      |            ~
    |      |            |
    |      |            (2) following ‘false’ branch (when ‘argc > 0’)...
    |......
    |   91 |         if (matches(*argv, "help") == 0) {
    |      |            ~~~~~~~~~~~~~~~~~~~~~~~
    |      |            ||
    |      |            |(3) ...to here
    |      |            (4) following ‘true’ branch...
    |......
    |   96 |         strncpy(kind, *argv, sizeof(kind) - 1);
    |      |         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |         |
    |      |         (5) ...to here
    |   97 |
    |   98 |         eu = get_exec_kind(kind);
    |      |              ~~~~~~~~~~~~~~~~~~~
    |      |              |
    |      |              (6) calling ‘get_exec_kind’ from ‘do_exec’
    |
    +--> ‘get_exec_kind’: events 7-10
           |
           |   40 | static struct exec_util *get_exec_kind(const char *name)
           |      |                          ^~~~~~~~~~~~~
           |      |                          |
           |      |                          (7) entry to ‘get_exec_kind’
           |......
           |   63 |         if (eu == NULL)
           |      |            ~
           |      |            |
           |      |            (8) following ‘true’ branch (when ‘eu’ is NULL)...
           |   64 |                 goto noexist;
           |      |                 ~~~~
           |      |                 |
           |      |                 (9) ...to here
           |......
           |   72 |         if (eu) {
           |      |            ~
           |      |            |
           |      |            (10) following ‘false’ branch (when ‘eu’ is NULL)...
           |
         ‘get_exec_kind’: event 11
           |
           |cc1:
           | (11): ...to here
           |
    <------+
    |
  ‘do_exec’: events 12-13
    |
    |   98 |         eu = get_exec_kind(kind);
    |      |              ^~~~~~~~~~~~~~~~~~~
    |      |              |
    |      |              (12) return of NULL to ‘do_exec’ from ‘get_exec_kind’
    |......
    |  103 |         return eu->parse_eopt(eu, argc, argv);
    |      |                ~~~~~~~~~~~~~~
    |      |                  |
    |      |                  (13) dereference of NULL ‘eu’
    |

Fixes: 4bd624467bc6 ("tc: built-in eBPF exec proxy")
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc_util fix unitialized warning

tc_util.c: In function ‘parse_action_control_slash_spaces’:
tc_util.c:488:28: warning: use of uninitialized value ‘result2’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
  488 |                 *result2_p = result2;
      |                 ~~~~~~~~~~~^~~~~~~~~
  ‘parse_action_control_slash_spaces’: events 1-5
    |
    |  455 | static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p,
    |      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |            |
    |      |            (1) entry to ‘parse_action_control_slash_spaces’
    |......
    |  461 |         int result1 = -1, result2;
    |      |                           ~~~~~~~
    |      |                           |
    |      |                           (2) region created on stack here
    |      |                           (3) capacity: 4 bytes
    |......
    |  467 |                 switch (ok) {
    |      |                 ~~~~~~
    |      |                 |
    |      |                 (4) following ‘case 0:’ branch...
    |......
    |  475 |                         ret = parse_action_control(&argc, &argv,
    |      |                               ~
    |      |                               |
    |      |                               (5) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’
    |
    +--> ‘parse_action_control’: events 6-7
           |
           |  432 |         return __parse_action_control(argc_p, argv_p, result_p,
           |      |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |                |
           |      |                (6) ...to here
           |      |                (7) calling ‘__parse_action_control’ from ‘parse_action_control_slash_spaces’
           |  433 |                                       allow_num, false);
           |      |                                       ~~~~~~~~~~~~~~~~~
           |
         ‘__parse_action_control’: events 8-11
           |
           |  371 | static int __parse_action_control(int *argc_p, char ***argv_p, int *result_p,
           |      |            ^~~~~~~~~~~~~~~~~~~~~~
           |      |            |
           |      |            (8) entry to ‘__parse_action_control’
           |......
           |  378 |         if (!argc)
           |      |            ~
           |      |            |
           |      |            (9) following ‘false’ branch (when ‘argc != 0’)...
           |  379 |                 return -1;
           |  380 |         if (action_a2n(*argv, &result, allow_num) == -1) {
           |      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |             |
           |      |             (10) ...to here
           |      |             (11) calling ‘action_a2n’ from ‘__parse_action_control’
           |
           +--> ‘action_a2n’: events 12-16
                  |
                  |  335 | int action_a2n(char *arg, int *result, bool allow_num)
                  |      |     ^~~~~~~~~~
                  |      |     |
                  |      |     (12) entry to ‘action_a2n’
                  |......
                  |  356 |         for (iter = a2n; iter->a; iter++) {
                  |      |                          ~~~~
                  |      |                          |
                  |      |                          (13) following ‘true’ branch...
                  |  357 |                 if (matches(arg, iter->a) != 0)
                  |      |                     ~~~~~~~~~~~~~~~~~~~~~
                  |      |                     |
                  |      |                     (14) ...to here
                  |......
                  |  366 |         if (result)
                  |      |            ~
                  |      |            |
                  |      |            (15) following ‘true’ branch (when ‘result’ is non-NULL)...
                  |  367 |                 *result = n;
                  |      |                 ~~~~~~~~~~~
                  |      |                         |
                  |      |                         (16) ...to here
                  |
           <------+
           |
         ‘__parse_action_control’: event 17
           |
           |  380 |         if (action_a2n(*argv, &result, allow_num) == -1) {
           |      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |             |
           |      |             (17) returning to ‘__parse_action_control’ from ‘action_a2n’
           |
    <------+
    |
  ‘parse_action_control_slash_spaces’: event 18
    |
    |  475 |                         ret = parse_action_control(&argc, &argv,
    |      |                               ^
    |      |                               |
    |      |                               (18) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’
    |
    +--> ‘parse_action_control’: event 19
           |
           |  432 |         return __parse_action_control(argc_p, argv_p, result_p,
           |      |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |                |
           |      |                (19) returning to ‘parse_action_control_slash_spaces’ from ‘__parse_action_control’
           |  433 |                                       allow_num, false);
           |      |                                       ~~~~~~~~~~~~~~~~~
           |
    <------+
    |
  ‘parse_action_control_slash_spaces’: events 20-24
    |
    |  477 |                         if (ret)
    |      |                            ^
    |      |                            |
    |      |                            (20) following ‘false’ branch...
    |  478 |                                 return ret;
    |  479 |                         ok++;
    |      |                         ~~~~
    |      |                           |
    |      |                           (21) ...to here
    |......
    |  487 |         if (ok == 2)
    |      |            ~
    |      |            |
    |      |            (22) following ‘true’ branch (when ‘ok == 2’)...
    |  488 |                 *result2_p = result2;
    |      |                 ~~~~~~~~~~~~~~~~~~~~
    |      |                            |
    |      |                            (23) ...to here
    |      |                            (24) use of uninitialized value ‘result2’ here
    |
tc_util.c:488:28: warning: use of uninitialized value ‘result2’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
  488 |                 *result2_p = result2;
      |                 ~~~~~~~~~~~^~~~~~~~~
  ‘parse_action_control_slash’: events 1-5
    |
    |  505 | int parse_action_control_slash(int *argc_p, char ***argv_p,
    |      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |     |
    |      |     (1) entry to ‘parse_action_control_slash’
    |......
    |  510 |         char *p = strchr(*argv, '/');
    |      |                   ~~~~~~~~~~~~~~~~~~
    |      |                   |
    |      |                   (2) when ‘strchr’ returns NULL
    |  511 |
    |  512 |         if (!p)
    |      |            ~
    |      |            |
    |      |            (3) following ‘true’ branch (when ‘p’ is NULL)...
    |  513 |                 return parse_action_control_slash_spaces(argc_p, argv_p,
    |      |                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                        |
    |      |                        (4) ...to here
    |      |                        (5) calling ‘parse_action_control_slash_spaces’ from ‘parse_action_control_slash’
    |  514 |                                                          result1_p, result2_p,
    |      |                                                          ~~~~~~~~~~~~~~~~~~~~~
    |  515 |                                                          allow_num);
    |      |                                                          ~~~~~~~~~~
    |
    +--> ‘parse_action_control_slash_spaces’: events 6-10
           |
           |  455 | static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p,
           |      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |            |
           |      |            (6) entry to ‘parse_action_control_slash_spaces’
           |......
           |  461 |         int result1 = -1, result2;
           |      |                           ~~~~~~~
           |      |                           |
           |      |                           (7) region created on stack here
           |      |                           (8) capacity: 4 bytes
           |......
           |  467 |                 switch (ok) {
           |      |                 ~~~~~~
           |      |                 |
           |      |                 (9) following ‘case 0:’ branch...
           |......
           |  475 |                         ret = parse_action_control(&argc, &argv,
           |      |                               ~
           |      |                               |
           |      |                               (10) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’
           |
           +--> ‘parse_action_control’: events 11-12
                  |
                  |  432 |         return __parse_action_control(argc_p, argv_p, result_p,
                  |      |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                |
                  |      |                (11) ...to here
                  |      |                (12) calling ‘__parse_action_control’ from ‘parse_action_control_slash_spaces’
                  |  433 |                                       allow_num, false);
                  |      |                                       ~~~~~~~~~~~~~~~~~
                  |
                ‘__parse_action_control’: events 13-16
                  |
                  |  371 | static int __parse_action_control(int *argc_p, char ***argv_p, int *result_p,
                  |      |            ^~~~~~~~~~~~~~~~~~~~~~
                  |      |            |
                  |      |            (13) entry to ‘__parse_action_control’
                  |......
                  |  378 |         if (!argc)
                  |      |            ~
                  |      |            |
                  |      |            (14) following ‘false’ branch (when ‘argc != 0’)...
                  |  379 |                 return -1;
                  |  380 |         if (action_a2n(*argv, &result, allow_num) == -1) {
                  |      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |             |
                  |      |             (15) ...to here
                  |      |             (16) calling ‘action_a2n’ from ‘__parse_action_control’
                  |
                  +--> ‘action_a2n’: events 17-21
                         |
                         |  335 | int action_a2n(char *arg, int *result, bool allow_num)
                         |      |     ^~~~~~~~~~
                         |      |     |
                         |      |     (17) entry to ‘action_a2n’
                         |......
                         |  356 |         for (iter = a2n; iter->a; iter++) {
                         |      |                          ~~~~
                         |      |                          |
                         |      |                          (18) following ‘true’ branch...
                         |  357 |                 if (matches(arg, iter->a) != 0)
                         |      |                     ~~~~~~~~~~~~~~~~~~~~~
                         |      |                     |
                         |      |                     (19) ...to here
                         |......
                         |  366 |         if (result)
                         |      |            ~
                         |      |            |
                         |      |            (20) following ‘true’ branch (when ‘result’ is non-NULL)...
                         |  367 |                 *result = n;
                         |      |                 ~~~~~~~~~~~
                         |      |                         |
                         |      |                         (21) ...to here
                         |
                  <------+
                  |
                ‘__parse_action_control’: event 22
                  |
                  |  380 |         if (action_a2n(*argv, &result, allow_num) == -1) {
                  |      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |             |
                  |      |             (22) returning to ‘__parse_action_control’ from ‘action_a2n’
                  |
           <------+
           |
         ‘parse_action_control_slash_spaces’: event 23
           |
           |  475 |                         ret = parse_action_control(&argc, &argv,
           |      |                               ^
           |      |                               |
           |      |                               (23) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’
           |
           +--> ‘parse_action_control’: event 24
                  |
                  |  432 |         return __parse_action_control(argc_p, argv_p, result_p,
                  |      |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                |
                  |      |                (24) returning to ‘parse_action_control_slash_spaces’ from ‘__parse_action_control’
                  |  433 |                                       allow_num, false);
                  |      |                                       ~~~~~~~~~~~~~~~~~
                  |
           <------+
           |
         ‘parse_action_control_slash_spaces’: events 25-29
           |
           |  477 |                         if (ret)
           |      |                            ^
           |      |                            |
           |      |                            (25) following ‘false’ branch...
           |  478 |                                 return ret;
           |  479 |                         ok++;
           |      |                         ~~~~
           |      |                           |
           |      |                           (26) ...to here
           |......
           |  487 |         if (ok == 2)
           |      |            ~
           |      |            |
           |      |            (27) following ‘true’ branch (when ‘ok == 2’)...
           |  488 |                 *result2_p = result2;
           |      |                 ~~~~~~~~~~~~~~~~~~~~
           |      |                            |
           |      |                            (28) ...to here
           |      |                            (29) use of uninitialized value ‘result2’ here
           |

Fixes: e67aba559581 ("tc: actions: add helpers to parse and print control actions")
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc_filter: fix unitialized warning

When run with -fanalyzer.

tc_filter.c: In function ‘tc_filter_list’:
tc_filter.c:718:17: warning: use of uninitialized value ‘chain_index’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
  718 |                 addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ‘do_chain’: events 1-4
    |
    |  772 | int do_chain(int argc, char **argv)
    |      |     ^~~~~~~~
    |      |     |
    |      |     (1) entry to ‘do_chain’
    |  773 | {
    |  774 |         if (argc < 1)
    |      |            ~
    |      |            |
    |      |            (2) following ‘true’ branch (when ‘argc <= 0’)...
    |  775 |                 return tc_filter_list(RTM_GETCHAIN, 0, NULL);
    |      |                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                        |
    |      |                        (3) ...to here
    |      |                        (4) calling ‘tc_filter_list’ from ‘do_chain’
    |
    +--> ‘tc_filter_list’: events 5-8
           |
           |  582 | static int tc_filter_list(int cmd, int argc, char **argv)
           |      |            ^~~~~~~~~~~~~~
           |      |            |
           |      |            (5) entry to ‘tc_filter_list’
           |......
           |  597 |         __u32 chain_index;
           |      |               ~~~~~~~~~~~
           |      |               |
           |      |               (6) region created on stack here
           |      |               (7) capacity: 4 bytes
           |......
           |  601 |         while (argc > 0) {
           |      |                ~~~~~~~~
           |      |                     |
           |      |                     (8) following ‘false’ branch (when ‘argc <= 0’)...
           |
         ‘tc_filter_list’: event 9
           |
           |../include/uapi/linux/pkt_sched.h:72:35:
           |   72 | #define TC_H_MAKE(maj,min) (((maj)&TC_H_MAJ_MASK)|((min)&TC_H_MIN_MASK))
           |      |                             ~~~~~~^~~~~~~~~~~~~~~
           |      |                                   |
           |      |                                   (9) ...to here
tc_filter.c:698:26: note: in expansion of macro ‘TC_H_MAKE’
           |  698 |         req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);
           |      |                          ^~~~~~~~~
           |
         ‘tc_filter_list’: events 10-16
           |
           |  702 |         if (d[0]) {
           |      |            ^
           |      |            |
           |      |            (10) following ‘false’ branch...
           |......
           |  707 |         } else if (block_index) {
           |      |                   ~~~~~~~~~~~~
           |      |                   ||
           |      |                   |(11) ...to here
           |      |                   (12) following ‘false’ branch...
           |......
           |  717 |         if (filter_chain_index_set)
           |      |            ~~~~~~~~~~~~~~~~~~~~~~~
           |      |            ||
           |      |            |(13) ...to here
           |      |            (14) following ‘true’ branch...
           |  718 |                 addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index);
           |      |                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |                 |
           |      |                 (15) ...to here
           |      |                 (16) use of uninitialized value ‘chain_index’ here
           |
tc_filter.c:718:17: warning: use of uninitialized value ‘chain_index’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
  718 |                 addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ‘do_filter’: events 1-4
    |
    |  744 | int do_filter(int argc, char **argv)
    |      |     ^~~~~~~~~
    |      |     |
    |      |     (1) entry to ‘do_filter’
    |  745 | {
    |  746 |         if (argc < 1)
    |      |            ~
    |      |            |
    |      |            (2) following ‘true’ branch (when ‘argc <= 0’)...
    |  747 |                 return tc_filter_list(RTM_GETTFILTER, 0, NULL);
    |      |                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                        |
    |      |                        (3) ...to here
    |      |                        (4) calling ‘tc_filter_list’ from ‘do_filter’
    |
    +--> ‘tc_filter_list’: events 5-8
           |
           |  582 | static int tc_filter_list(int cmd, int argc, char **argv)
           |      |            ^~~~~~~~~~~~~~
           |      |            |
           |      |            (5) entry to ‘tc_filter_list’
           |......
           |  597 |         __u32 chain_index;
           |      |               ~~~~~~~~~~~
           |      |               |
           |      |               (6) region created on stack here
           |      |               (7) capacity: 4 bytes
           |......
           |  601 |         while (argc > 0) {
           |      |                ~~~~~~~~
           |      |                     |
           |      |                     (8) following ‘false’ branch (when ‘argc <= 0’)...
           |
         ‘tc_filter_list’: event 9
           |
           |../include/uapi/linux/pkt_sched.h:72:35:
           |   72 | #define TC_H_MAKE(maj,min) (((maj)&TC_H_MAJ_MASK)|((min)&TC_H_MIN_MASK))
           |      |                             ~~~~~~^~~~~~~~~~~~~~~
           |      |                                   |
           |      |                                   (9) ...to here
tc_filter.c:698:26: note: in expansion of macro ‘TC_H_MAKE’
           |  698 |         req.t.tcm_info = TC_H_MAKE(prio<<16, protocol);
           |      |                          ^~~~~~~~~
           |
         ‘tc_filter_list’: events 10-16
           |
           |  702 |         if (d[0]) {
           |      |            ^
           |      |            |
           |      |            (10) following ‘false’ branch...
           |......
           |  707 |         } else if (block_index) {
           |      |                   ~~~~~~~~~~~~
           |      |                   ||
           |      |                   |(11) ...to here
           |      |                   (12) following ‘false’ branch...
           |......
           |  717 |         if (filter_chain_index_set)
           |      |            ~~~~~~~~~~~~~~~~~~~~~~~
           |      |            ||
           |      |            |(13) ...to here
           |      |            (14) following ‘true’ branch...
           |  718 |                 addattr32(&req.n, sizeof(req), TCA_CHAIN, chain_index);
           |      |                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
           |      |                 |
           |      |                 (15) ...to here
           |      |                 (16) use of uninitialized value ‘chain_index’ here
           |

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

iproute_lwtunnel: fix possible use of NULL when malloc() fails

iproute_lwtunnel.c: In function ‘parse_srh’:
iproute_lwtunnel.c:903:9: warning: use of possibly-NULL ‘srh’ where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument]
  903 |         memset(srh, 0, srhlen);
      |         ^~~~~~~~~~~~~~~~~~~~~~
  ‘parse_srh’: events 1-2
    |
    |  902 |         srh = malloc(srhlen);
    |      |               ^~~~~~~~~~~~~~
    |      |               |
    |      |               (1) this call could return NULL
    |  903 |         memset(srh, 0, srhlen);
    |      |         ~~~~~~~~~~~~~~~~~~~~~~
    |      |         |
    |      |         (2) argument 1 (‘srh’) from (1) could be NULL where non-null expected
    |
In file included from iproute_lwtunnel.c:13:
/usr/include/string.h:61:14: note: argument 1 of ‘memset’ must be non-null
   61 | extern void *memset (void *__s, int __c, size_t __n) __THROW __nonnull ((1));
      |              ^~~~~~
iproute_lwtunnel.c: In function ‘parse_encap_seg6’:
iproute_lwtunnel.c:980:9: warning: use of possibly-NULL ‘tuninfo’ where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument]
  980 |         memset(tuninfo, 0, sizeof(*tuninfo) + srhlen);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ‘parse_encap_seg6’: events 1-2
    |
    |  934 | static int parse_encap_seg6(struct rtattr *rta, size_t len, int *argcp,
    |      |            ^~~~~~~~~~~~~~~~
    |      |            |
    |      |            (1) entry to ‘parse_encap_seg6’
    |......
    |  976 |         srh = parse_srh(segbuf, hmac, encap);
    |      |               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |               |
    |      |               (2) calling ‘parse_srh’ from ‘parse_encap_seg6’
    |
    +--> ‘parse_srh’: events 3-5
           |
           |  882 | static struct ipv6_sr_hdr *parse_srh(char *segbuf, int hmac, bool encap)
           |      |                            ^~~~~~~~~
           |      |                            |
           |      |                            (3) entry to ‘parse_srh’
           |......
           |  922 |         if (hmac) {
           |      |            ~
           |      |            |
           |      |            (4) following ‘false’ branch (when ‘hmac == 0’)...
           |......
           |  931 |         return srh;
           |      |                ~~~
           |      |                |
           |      |                (5) ...to here
           |
    <------+
    |
  ‘parse_encap_seg6’: events 6-8
    |
    |  976 |         srh = parse_srh(segbuf, hmac, encap);
    |      |               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |               |
    |      |               (6) returning to ‘parse_encap_seg6’ from ‘parse_srh’
    |......
    |  979 |         tuninfo = malloc(sizeof(*tuninfo) + srhlen);
    |      |                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                   |
    |      |                   (7) this call could return NULL
    |  980 |         memset(tuninfo, 0, sizeof(*tuninfo) + srhlen);
    |      |         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |         |
    |      |         (8) argument 1 (‘tuninfo’) from (7) could be NULL where non-null expected
    |
/usr/include/string.h:61:14: note: argument 1 of ‘memset’ must be non-null
   61 | extern void *memset (void *__s, int __c, size_t __n) __THROW __nonnull ((1));
      |              ^~~~~~
iproute_lwtunnel.c: In function ‘parse_rpl_srh’:
iproute_lwtunnel.c:1018:21: warning: dereference of possibly-NULL ‘srh’ [CWE-690] [-Wanalyzer-possible-null-dereference]
 1018 |         srh->hdrlen = (srhlen >> 3) - 1;
      |         ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~
  ‘parse_rpl_srh’: events 1-2
    |
    | 1016 |         srh = calloc(1, srhlen);
    |      |               ^~~~~~~~~~~~~~~~~
    |      |               |
    |      |               (1) this call could return NULL
    | 1017 |
    | 1018 |         srh->hdrlen = (srhlen >> 3) - 1;
    |      |         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                     |
    |      |                     (2) ‘srh’ could be NULL: unchecked value from (1)
    |

Fixes: 00e76d4da37f ("iproute: add helper functions for SRH processing")
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ipmaddr: fix dereference of NULL on malloc() failure

Found by -fanalyzer. This is a bug since beginning of initial
versions of ip multicast support (pre git).

ipmaddr.c: In function ‘read_dev_mcast’:
ipmaddr.c:105:25: warning: dereference of possibly-NULL ‘ma’ [CWE-690] [-Wanalyzer-possible-null-dereference]
  105 |                         memcpy(ma, &m, sizeof(m));
      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~
  ‘do_multiaddr’: events 1-4
    |
    |  354 | int do_multiaddr(int argc, char **argv)
    |      |     ^~~~~~~~~~~~
    |      |     |
    |      |     (1) entry to ‘do_multiaddr’
    |  355 | {
    |  356 |         if (argc < 1)
    |      |            ~
    |      |            |
    |      |            (2) following ‘true’ branch (when ‘argc <= 0’)...
    |  357 |                 return multiaddr_list(0, NULL);
    |      |                        ~~~~~~~~~~~~~~~~~~~~~~~
    |      |                        |
    |      |                        (3) ...to here
    |      |                        (4) calling ‘multiaddr_list’ from ‘do_multiaddr’
    |
    +--> ‘multiaddr_list’: events 5-10
           |
           |  255 | static int multiaddr_list(int argc, char **argv)
           |      |            ^~~~~~~~~~~~~~
           |      |            |
           |      |            (5) entry to ‘multiaddr_list’
           |......
           |  262 |         while (argc > 0) {
           |      |                ~~~~~~~~
           |      |                     |
           |      |                     (6) following ‘false’ branch (when ‘argc <= 0’)...
           |......
           |  275 |         if (!filter.family || filter.family == AF_PACKET)
           |      |            ~ ~~~~~~~~~~~~~
           |      |            |       |
           |      |            |       (7) ...to here
           |      |            (8) following ‘true’ branch...
           |  276 |                 read_dev_mcast(&list);
           |      |                 ~~~~~~~~~~~~~~~~~~~~~
           |      |                 |
           |      |                 (9) ...to here
           |      |                 (10) calling ‘read_dev_mcast’ from ‘multiaddr_list’
           |
           +--> ‘read_dev_mcast’: events 11-12
                  |
                  |   82 | static void read_dev_mcast(struct ma_info **result_p)
                  |      |             ^~~~~~~~~~~~~~
                  |      |             |
                  |      |             (11) entry to ‘read_dev_mcast’
                  |......
                  |   87 |         if (!fp)
                  |      |            ~
                  |      |            |
                  |      |            (12) following ‘false’ branch (when ‘fp’ is non-NULL)...
                  |
                ‘read_dev_mcast’: event 13
                  |
                  |cc1:
                  | (13): ...to here
                  |
                ‘read_dev_mcast’: events 14-17
                  |
                  |   90 |         while (fgets(buf, sizeof(buf), fp)) {
                  |      |                ^~~~~
                  |      |                |
                  |      |                (14) following ‘true’ branch...
                  |   91 |                 char hexa[256];
                  |   92 |                 struct ma_info m = { .addr.family = AF_PACKET };
                  |      |                                ~
                  |      |                                |
                  |      |                                (15) ...to here
                  |......
                  |  103 |                         struct ma_info *ma = malloc(sizeof(m));
                  |      |                                              ~~~~~~~~~~~~~~~~~
                  |      |                                              |
                  |      |                                              (16) this call could return NULL
                  |  104 |
                  |  105 |                         memcpy(ma, &m, sizeof(m));
                  |      |                         ~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                         |
                  |      |                         (17) ‘ma’ could be NULL: unchecked value from (16)
                  |
ipmaddr.c: In function ‘read_igmp’:
ipmaddr.c:152:17: warning: dereference of possibly-NULL ‘ma’ [CWE-690] [-Wanalyzer-possible-null-dereference]
  152 |                 memcpy(ma, &m, sizeof(m));
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~
  ‘do_multiaddr’: events 1-4
    |
    |  354 | int do_multiaddr(int argc, char **argv)
    |      |     ^~~~~~~~~~~~
    |      |     |
    |      |     (1) entry to ‘do_multiaddr’
    |  355 | {
    |  356 |         if (argc < 1)
    |      |            ~
    |      |            |
    |      |            (2) following ‘true’ branch (when ‘argc <= 0’)...
    |  357 |                 return multiaddr_list(0, NULL);
    |      |                        ~~~~~~~~~~~~~~~~~~~~~~~
    |      |                        |
    |      |                        (3) ...to here
    |      |                        (4) calling ‘multiaddr_list’ from ‘do_multiaddr’
    |
    +--> ‘multiaddr_list’: events 5-10
           |
           |  255 | static int multiaddr_list(int argc, char **argv)
           |      |            ^~~~~~~~~~~~~~
           |      |            |
           |      |            (5) entry to ‘multiaddr_list’
           |......
           |  262 |         while (argc > 0) {
           |      |                ~~~~~~~~
           |      |                     |
           |      |                     (6) following ‘false’ branch (when ‘argc <= 0’)...
           |......
           |  275 |         if (!filter.family || filter.family == AF_PACKET)
           |      |              ~~~~~~~~~~~~~
           |      |                    |
           |      |                    (7) ...to here
           |  276 |                 read_dev_mcast(&list);
           |  277 |         if (!filter.family || filter.family == AF_INET)
           |      |            ~
           |      |            |
           |      |            (8) following ‘true’ branch...
           |  278 |                 read_igmp(&list);
           |      |                 ~~~~~~~~~~~~~~~~
           |      |                 |
           |      |                 (9) ...to here
           |      |                 (10) calling ‘read_igmp’ from ‘multiaddr_list’
           |
           +--> ‘read_igmp’: events 11-14
                  |
                  |  116 | static void read_igmp(struct ma_info **result_p)
                  |      |             ^~~~~~~~~
                  |      |             |
                  |      |             (11) entry to ‘read_igmp’
                  |......
                  |  126 |         if (!fp)
                  |      |            ~
                  |      |            |
                  |      |            (12) following ‘false’ branch (when ‘fp’ is non-NULL)...
                  |  127 |                 return;
                  |  128 |         if (!fgets(buf, sizeof(buf), fp)) {
                  |      |            ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |            | |
                  |      |            | (13) ...to here
                  |      |            (14) following ‘false’ branch...
                  |
                ‘read_igmp’: event 15
                  |
                  |cc1:
                  | (15): ...to here
                  |
                ‘read_igmp’: events 16-19
                  |
                  |  133 |         while (fgets(buf, sizeof(buf), fp)) {
                  |      |                ^~~~~
                  |      |                |
                  |      |                (16) following ‘true’ branch...
                  |......
                  |  136 |                 if (buf[0] != '\t') {
                  |      |                     ~~~~~~
                  |      |                        |
                  |      |                        (17) ...to here
                  |......
                  |  151 |                 ma = malloc(sizeof(m));
                  |      |                      ~~~~~~~~~~~~~~~~~
                  |      |                      |
                  |      |                      (18) this call could return NULL
                  |  152 |                 memcpy(ma, &m, sizeof(m));
                  |      |                 ~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                 |
                  |      |                 (19) ‘ma’ could be NULL: unchecked value from (18)
                  |
ipmaddr.c: In function ‘read_igmp6’:
ipmaddr.c:181:25: warning: dereference of possibly-NULL ‘ma’ [CWE-690] [-Wanalyzer-possible-null-dereference]
  181 |                         memcpy(ma, &m, sizeof(m));
      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~
  ‘do_multiaddr’: events 1-4
    |
    |  354 | int do_multiaddr(int argc, char **argv)
    |      |     ^~~~~~~~~~~~
    |      |     |
    |      |     (1) entry to ‘do_multiaddr’
    |  355 | {
    |  356 |         if (argc < 1)
    |      |            ~
    |      |            |
    |      |            (2) following ‘true’ branch (when ‘argc <= 0’)...
    |  357 |                 return multiaddr_list(0, NULL);
    |      |                        ~~~~~~~~~~~~~~~~~~~~~~~
    |      |                        |
    |      |                        (3) ...to here
    |      |                        (4) calling ‘multiaddr_list’ from ‘do_multiaddr’
    |
    +--> ‘multiaddr_list’: events 5-10
           |
           |  255 | static int multiaddr_list(int argc, char **argv)
           |      |            ^~~~~~~~~~~~~~
           |      |            |
           |      |            (5) entry to ‘multiaddr_list’
           |......
           |  262 |         while (argc > 0) {
           |      |                ~~~~~~~~
           |      |                     |
           |      |                     (6) following ‘false’ branch (when ‘argc <= 0’)...
           |......
           |  275 |         if (!filter.family || filter.family == AF_PACKET)
           |      |              ~~~~~~~~~~~~~
           |      |                    |
           |      |                    (7) ...to here
           |......
           |  279 |         if (!filter.family || filter.family == AF_INET6)
           |      |            ~
           |      |            |
           |      |            (8) following ‘true’ branch...
           |  280 |                 read_igmp6(&list);
           |      |                 ~~~~~~~~~~~~~~~~~
           |      |                 |
           |      |                 (9) ...to here
           |      |                 (10) calling ‘read_igmp6’ from ‘multiaddr_list’
           |
           +--> ‘read_igmp6’: events 11-12
                  |
                  |  159 | static void read_igmp6(struct ma_info **result_p)
                  |      |             ^~~~~~~~~~
                  |      |             |
                  |      |             (11) entry to ‘read_igmp6’
                  |......
                  |  164 |         if (!fp)
                  |      |            ~
                  |      |            |
                  |      |            (12) following ‘false’ branch (when ‘fp’ is non-NULL)...
                  |
                ‘read_igmp6’: event 13
                  |
                  |cc1:
                  | (13): ...to here
                  |
                ‘read_igmp6’: events 14-17
                  |
                  |  167 |         while (fgets(buf, sizeof(buf), fp)) {
                  |      |                ^~~~~
                  |      |                |
                  |      |                (14) following ‘true’ branch...
                  |  168 |                 char hexa[256];
                  |  169 |                 struct ma_info m = { .addr.family = AF_INET6 };
                  |      |                                ~
                  |      |                                |
                  |      |                                (15) ...to here
                  |......
                  |  179 |                         struct ma_info *ma = malloc(sizeof(m));
                  |      |                                              ~~~~~~~~~~~~~~~~~
                  |      |                                              |
                  |      |                                              (16) this call could return NULL
                  |  180 |
                  |  181 |                         memcpy(ma, &m, sizeof(m));
                  |      |                         ~~~~~~~~~~~~~~~~~~~~~~~~~
                  |      |                         |
                  |      |                         (17) ‘ma’ could be NULL: unchecked value from (16)
                  |

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

lib/fs: fix file leak in task_get_name

Fixes the problem identified -fanalyzer.
Why did rdma choose to reimplement the same function as
exiting glibc pthread_getname().

fs.c: In function ‘get_task_name’:
fs.c:355:12: warning: leak of FILE ‘f’ [CWE-775] [-Wanalyzer-file-leak]
  355 |         if (!fgets(name, len, f))
      |            ^
  ‘get_task_name’: events 1-9
    |
    |  345 |         if (!pid)
    |      |            ^
    |      |            |
    |      |            (1) following ‘false’ branch (when ‘pid != 0’)...
    |......
    |  348 |         if (snprintf(path, sizeof(path), "/proc/%d/comm", pid) >= sizeof(path))
    |      |            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |            ||
    |      |            |(2) ...to here
    |      |            (3) following ‘false’ branch...
    |......
    |  351 |         f = fopen(path, "r");
    |      |             ~~~~~~~~~~~~~~~~
    |      |             |
    |      |             (4) ...to here
    |      |             (5) opened here
    |  352 |         if (!f)
    |      |            ~
    |      |            |
    |      |            (6) assuming ‘f’ is non-NULL
    |      |            (7) following ‘false’ branch (when ‘f’ is non-NULL)...
    |......
    |  355 |         if (!fgets(name, len, f))
    |      |            ~ ~~~~~~~~~~~~~~~~~~~
    |      |            | |
    |      |            | (8) ...to here
    |      |            (9) following ‘true’ branch...
    |
  ‘get_task_name’: event 10
    |
    |cc1:
    | (10): ...to here
    |
  ‘get_task_name’: event 11
    |
    |  355 |         if (!fgets(name, len, f))
    |      |            ^
    |      |            |
    |      |            (11) ‘f’ leaks here; was opened at (5)
    |
fs.c:355:12: warning: leak of ‘f’ [CWE-401] [-Wanalyzer-malloc-leak]
  ‘get_task_name’: events 1-9
    |
    |  345 |         if (!pid)
    |      |            ^
    |      |            |
    |      |            (1) following ‘false’ branch (when ‘pid != 0’)...
    |......
    |  348 |         if (snprintf(path, sizeof(path), "/proc/%d/comm", pid) >= sizeof(path))
    |      |            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |            ||
    |      |            |(2) ...to here
    |      |            (3) following ‘false’ branch...
    |......
    |  351 |         f = fopen(path, "r");
    |      |             ~~~~~~~~~~~~~~~~
    |      |             |
    |      |             (4) ...to here
    |      |             (5) allocated here
    |  352 |         if (!f)
    |      |            ~
    |      |            |
    |      |            (6) assuming ‘f’ is non-NULL
    |      |            (7) following ‘false’ branch (when ‘f’ is non-NULL)...
    |......
    |  355 |         if (!fgets(name, len, f))
    |      |            ~ ~~~~~~~~~~~~~~~~~~~
    |      |            | |
    |      |            | (8) ...to here
    |      |            (9) following ‘true’ branch...
    |
  ‘get_task_name’: event 10
    |
    |cc1:
    | (10): ...to here
    |
  ‘get_task_name’: event 11
    |
    |  355 |         if (!fgets(name, len, f))
    |      |            ^
    |      |            |
    |      |            (11) ‘f’ leaks here; was allocated at (5)

Fixes: 81bfd01a4c9e ("lib: move get_task_name() from rdma")
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

Add MAINTAINERS file

Record the maintainers of subsections of iproute2.
The subtree maintainers are based off of most recent current
patches and maintainer of kernel portion of that subsystem.

Acked-by: Nikolay Aleksandrov <razor@blackwall.org>
Acked-by: Petr Machata <me@pmachata.org> # For DCB
Acked-by: Parav Pandit <parav@nvidia.com>
Acked-by: Jiri Pirko <jiri@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

iproute2: optimize code and fix some mem-leak risk

Signed-off-by: zhaoshuang <izhaoshuang@163.com>
Reviewed-by: Pawel Chmielewski <pawel.chmielewski@intel.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ipnetns: fix fd leak with 'ip netns set'

There is no reason to open this netns file. set_netnsid_from_name() uses
netns_get_fd() for this purpose and uses the returned fd.

Reported-by: Stephen Hemminger <stephen@networkplumber.org>
Fixes: d182ee1307c7 ("ipnetns: allow to get and set netns ids")
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ip-rule: more manual page grammer fixes

Add missing articles and replace use of passive voice.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

rdma: Report device protocol

Add support for reporting the device protocol.

11: mlx5_0: node_type ca protocol roce fw 12.28.2006
    node_guid 248a:0703:004b:f094 sys_image_guid 248a:0703:004b:f094
12: mlx5_1: node_type ca protocol ib fw 12.28.2006
    node_guid 248a:0703:0049:d4f0 sys_image_guid 248a:0703:0049:d4f0
13: mlx5_2: node_type ca protocol ib fw 12.28.2006
    node_guid 248a:0703:0049:d4f1 sys_image_guid 248a:0703:0049:d4f0
19: siw0: node_type rnic protocol iw node_guid 0200:00ff:fe00:0000
    sys_image_guid 0200:00ff:fe00:0000

Signed-off-by: Kamal Heib <kheib@redhat.com>
Acked-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

Merge branch 'main' into next

Signed-off-by: David Ahern <dsahern@kernel.org>

remove unnecessary checks for NULL before calling free()

The function free() handles the case wher argument is NULL
by doing nothing. So the extra checks are not needed.

Found by modified version of kernel coccinelle script.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

uapi: add capability.h

All kernel header files should come from local copy of sanitized
headers, rather than relying on what Linux distribution ships.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

uapi: update kernel headers 6.4-rc1

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

fixed the grammar in ip-rule(8) man page

a small grammatical error has been idenfied in the ip-rule(8) man page

Signed-off-by: Bilal Khan <bilalkhanrecovered@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

Merge git://git.kernel.org/pub/scm/network/iproute2/iproute2-next

v6.3.0

devlink: Fix dumps where interface map is used

The devlink utility stores an interface map that can be used to map an
interface name to a devlink port and vice versa. The map is populated by
issuing a devlink port dump via 'DEVLINK_CMD_PORT_GET' command.

Cited commits started to populate the map only when it is actually
needed. One such case is when a dump (e.g., shared buffer dump) only
returns devlink port handles. When pretty printing is required, the
utility will consult the map to translate the devlink port handles to
the corresponding interface names.

The above is problematic as it means that the port dump response(s) will
be queued to the same receive buffer as the response(s) of the dump that
triggered the port dump, resulting in a failed dump [1].

Fix by using a different netlink socket for the population of the
interface map.

[1]
$ devlink sb tc bind show
kernel answers: Device or resource busy
Failed to create index map
//0:
  sb 0 tc 4 type egress pool 4 threshold 9
kernel answers: Device or resource busy
[...]
$ echo $?
1

Fixes: 5cddbb274eab ("devlink: load port-ifname map on demand")
Fixes: 63d84b1fc98d ("devlink: load ifname map on demand from ifname_map_rev_lookup() as well")
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

bridge: link: Add support for neigh_vlan_suppress option

Add support for the per-port neigh_vlan_suppress option. Example:

 # bridge link set dev swp1 neigh_vlan_suppress on
 # bridge -d -j -p link show dev swp1
 [ {
         "ifindex": 62,
         "ifname": "swp1",
         "flags": [ "BROADCAST","NOARP","UP","LOWER_UP" ],
         "mtu": 1500,
         "master": "br0",
         "state": "forwarding",
         "priority": 32,
         "cost": 100,
         "hairpin": false,
         "guard": false,
         "root_block": false,
         "fastleave": false,
         "learning": true,
         "flood": true,
         "mcast_flood": true,
         "bcast_flood": true,
         "mcast_router": 1,
         "mcast_to_unicast": false,
         "neigh_suppress": false,
         "neigh_vlan_suppress": true,
         "vlan_tunnel": false,
         "isolated": false,
         "locked": false,
         "mab": false,
         "mcast_n_groups": 0,
         "mcast_max_groups": 0
     } ]
 # bridge -d link show dev swp1
 62: swp1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100
     hairpin off guard off root_block off fastleave off learning on flood on mcast_flood on bcast_flood on mcast_router 1 mcast_to_unicast off neigh_suppress off neigh_vlan_suppress on vlan_tunnel off isolated off locked off mab off mcast_n_groups 0 mcast_max_groups 0

 # bridge link set dev swp1 neigh_vlan_suppress off
 # bridge -d -j -p link show dev swp1
 [ {
         "ifindex": 62,
         "ifname": "swp1",
         "flags": [ "BROADCAST","NOARP","UP","LOWER_UP" ],
         "mtu": 1500,
         "master": "br0",
         "state": "forwarding",
         "priority": 32,
         "cost": 100,
         "hairpin": false,
         "guard": false,
         "root_block": false,
         "fastleave": false,
         "learning": true,
         "flood": true,
         "mcast_flood": true,
         "bcast_flood": true,
         "mcast_router": 1,
         "mcast_to_unicast": false,
         "neigh_suppress": false,
         "neigh_vlan_suppress": false,
         "vlan_tunnel": false,
         "isolated": false,
         "locked": false,
         "mab": false,
         "mcast_n_groups": 0,
         "mcast_max_groups": 0
     } ]
 # bridge -d link show dev swp1
 62: swp1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 master br0 state forwarding priority 32 cost 100
     hairpin off guard off root_block off fastleave off learning on flood on mcast_flood on bcast_flood on mcast_router 1 mcast_to_unicast off neigh_suppress off neigh_vlan_suppress off vlan_tunnel off isolated off locked off mab off mcast_n_groups 0 mcast_max_groups 0

Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

bridge: vlan: Add support for neigh_suppress option

Add support for the per-VLAN neigh_suppress option. Example:

 # bridge vlan set vid 10 dev swp1 neigh_suppress on
 # bridge -d -j -p vlan show dev swp1 vid 10
 [ {
         "ifname": "swp1",
         "vlans": [ {
                 "vlan": 10,
                 "state": "forwarding",
                 "mcast_router": 1,
                 "neigh_suppress": true
             } ]
     } ]
 # bridge -d vlan show dev swp1 vid 10
 port              vlan-id
 swp1              10
                     state forwarding mcast_router 1 neigh_suppress on

 # bridge vlan set vid 10 dev swp1 neigh_suppress off
 # bridge -d -j -p vlan show dev swp1 vid 10
 [ {
         "ifname": "swp1",
         "vlans": [ {
                 "vlan": 10,
                 "state": "forwarding",
                 "mcast_router": 1,
                 "neigh_suppress": false
             } ]
     } ]
 # bridge -d vlan show dev swp1 vid 10
 port              vlan-id
 swp1              10
                     state forwarding mcast_router 1 neigh_suppress off

Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: David Ahern <dsahern@kernel.org>

Merge branch 'preemptible-traffic-classes' into next

Vladimir Oltean  says:

====================

This is the iproute2 support for the tc program to make use of the
kernel features added in commit f7d29571ab0a ("Merge branch
'add-kernel-tc-mqprio-and-tc-taprio-support-for-preemptible-traffic-classes'").

====================

Signed-off-by: David Ahern <dsahern@kernel.org>

tc/taprio: add support for preemptible traffic classes

Add support for the same kind of "fp" array argument as in mqprio,
except here we already have some handling for per-tc entries (max-sdu).
We just need to expand that logic such that we also add (and parse) the
FP adminStatus property of each traffic class.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

tc/mqprio: add support for preemptible traffic classes

Add support for the "fp" argument in tc-mqprio, which takes an array
of letters "E" (for express) or "P" (for preemptible), one per traffic
class, and transforms them into TCA_MQPRIO_TC_ENTRY_FP u32 attributes of
the TCA_MQPRIO_TC_ENTRY nest. We also dump these new netlink attributes
when they come from the kernel.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

utils: add max() definition

There is already a min() definition, add this below it.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David Ahern <dsahern@kernel.org>

Merge remote-tracking branch 'main/main' into next

Signed-off-by: David Ahern <dsahern@kernel.org>

tc/taprio: break up help text into multiple lines

Currently, the output of "tc qdisc add dev lo taprio help" looks
absolutely horrible, it looks better in the source code. Put new lines
in the output everywhere where the text switches to a new line in the
source code.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc/mqprio: break up synopsis into multiple lines

tc-taprio(8) has a synopsis which is much easier to follow, because it
breaks up the command line arguments on multiple lines. Do this in
tc-mqprio(8) too.

Also, the highlighting (bold) of the keywords is all wrong. Take the
opportunity to fix that.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc/mqprio: use words in man page to express min_rate/max_rate dependency on bw_rlimit

It is confusing and easy to get lost in the soup of brackets when trying
to explain that min_rate and max_rate are only accepted as optional
arguments when "shaper" takes the value "bw_rlimit".

Before (synopsis):

[ shaper dcb| [ bw_rlimit min_rate min_rate1 min_rate2 ...  max_rate max_rate1 max_rate2 ...  ]]

After (synopsis):

[ shaper dcb|bw_rlimit ] [ min_rate min_rate1 min_rate2 ... ] [ max_rate max_rate1 max_rate2 ...  ]

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc/mqprio: fix stray ] in man page synopsis

The closing ] bracket doesn't close anything, it is extraneous.
Remove it.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc/taprio: add a size table to the examples from the man page

Since kernel commit a3d91b2c6f6b ("net/sched: taprio: warn about missing
size table"), the kernel emits a warning netlink extack if the user
doesn't specify a stab. We want the user be aware of the fact that the
L1 overhead is determined by taprio exactly based on the overhead of the
stab, so we want to encourage users to add a size table to the Qdisc.
Teach them how.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

tc/taprio: add max-sdu to the man page SYNOPSIS section

Although the max-sdu argument is documented in the PARAMETERS section,
it is absent from the SYNOPSIS. Add it there too.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

Merge branch 'main' into next

Signed-off-by: David Ahern <dsahern@kernel.org>

Update kernel headers

Update kernel headers to commit:
    fbc1449d385d ("Merge tag 'mlx5-updates-2023-04-20' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux")

Signed-off-by: David Ahern <dsahern@kernel.org>

iplink: fix help of 'netns' arg

'ip link set foo netns /proc/1/ns/net' is a valid command.
Let's update the doc accordingly.

Fixes: 0dc34c7713bb ("iproute2: Add processless network namespace support")
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

iplink: use the same token NETNSNAME everywhere

Use NETNSNAME everywhere to ensure consistency between man pages and help
of the 'ip' command.

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

ip: bridge_slave: Fix help message indentation

Use tabs instead of spaces to be consistent with the rest of the
options.

Before:

$ ip link help bridge_slave
Usage: ... bridge_slave [ fdb_flush ]
[...]
                        [ vlan_tunnel {on | off} ]
                        [ isolated {on | off} ]
                        [ locked {on | off} ]
                       [ mab {on | off} ]
                        [ backup_port DEVICE ] [ nobackup_port ]

After:

$ ip link help bridge_slave
Usage: ... bridge_slave [ fdb_flush ]
[...]
                        [ vlan_tunnel {on | off} ]
                        [ isolated {on | off} ]
                        [ locked {on | off} ]
                        [ mab {on | off} ]
                        [ backup_port DEVICE ] [ nobackup_port ]

Fixes: 05f1164fe811 ("bridge: link: Add MAC Authentication Bypass (MAB) support")
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

whitespace cleanup

Remove trailing blanks.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

lwtunnel: use sizeof() on segbuf

Avoid assuming that segbuf is 1024 bytes. Use sizeof() in
places where it is being updated.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>