From ef7f9fae2e1838e7c7d211f72581f4eb2e7efc71 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <sthemmin@microsoft.com>
Date: Thu, 20 Dec 2018 09:17:05 -0800
Subject: [PATCH 1/7] uapi/in.h: Allow class-e address assignment

While most distributions long ago switched to the iproute2 suite
of utilities, which allow class-e (240.0.0.0/4) address assignment,
distributions relying on busybox, toybox and other forms of
ifconfig cannot assign class-e addresses without this kernel patch.

While CIDR has been obsolete for 2 decades, and a survey of all the
open source code in the world shows the IN_whatever macros are also
obsolete... rather than obsolete CIDR from this ioctl entirely, this
patch merely enables class-e assignment, sanely.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 include/uapi/linux/in.h | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/include/uapi/linux/in.h b/include/uapi/linux/in.h
index a4f143b3..92242d20 100644
--- a/include/uapi/linux/in.h
+++ b/include/uapi/linux/in.h
@@ -266,10 +266,14 @@ struct sockaddr_in {
 
 #define	IN_CLASSD(a)		((((long int) (a)) & 0xf0000000) == 0xe0000000)
 #define	IN_MULTICAST(a)		IN_CLASSD(a)
-#define IN_MULTICAST_NET	0xF0000000
+#define	IN_MULTICAST_NET	0xe0000000
 
-#define	IN_EXPERIMENTAL(a)	((((long int) (a)) & 0xf0000000) == 0xf0000000)
-#define	IN_BADCLASS(a)		IN_EXPERIMENTAL((a))
+#define	IN_BADCLASS(a)		((((long int) (a) ) == 0xffffffff)
+#define	IN_EXPERIMENTAL(a)	IN_BADCLASS((a))
+
+#define	IN_CLASSE(a)		((((long int) (a)) & 0xf0000000) == 0xf0000000)
+#define	IN_CLASSE_NET		0xffffffff
+#define	IN_CLASSE_NSHIFT	0
 
 /* Address to accept any incoming messages. */
 #define	INADDR_ANY		((unsigned long int) 0x00000000)

From 2db63d290b6df93e48eb6f0674813e7e47753dce Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <sthemmin@microsoft.com>
Date: Thu, 20 Dec 2018 09:18:29 -0800
Subject: [PATCH 2/7] uapi/netlink.h: rename NETLINK_DUMP_STRICT_CHK ->
 NETLINK_GET_STRICT_CHK

NETLINK_DUMP_STRICT_CHK can be used for all GET requests,
dumps as well as doit handlers.  Replace the DUMP in the
name with GET make that clearer.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 include/uapi/linux/netlink.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/uapi/linux/netlink.h b/include/uapi/linux/netlink.h
index 2966171b..2c28d329 100644
--- a/include/uapi/linux/netlink.h
+++ b/include/uapi/linux/netlink.h
@@ -153,7 +153,7 @@ enum nlmsgerr_attrs {
 #define NETLINK_LIST_MEMBERSHIPS	9
 #define NETLINK_CAP_ACK			10
 #define NETLINK_EXT_ACK			11
-#define NETLINK_DUMP_STRICT_CHK		12
+#define NETLINK_GET_STRICT_CHK		12
 
 struct nl_pktinfo {
 	__u32	group;

From c579ec14a753a90f7f624ef0ee22053397d27c8f Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <sthemmin@microsoft.com>
Date: Thu, 20 Dec 2018 09:19:33 -0800
Subject: [PATCH 3/7] uapi/iptunnel: make TUNNEL_FLAGS available

ip l add dev tun type gretap external
ip r a 10.0.0.1 encap ip dst 192.168.152.171 id 1000 dev gretap

For gretap Key example when the command set the id but don't set the
TUNNEL_KEY flags. There is no key field in the send packet

In the lwtunnel situation, some TUNNEL_FLAGS should can be set by
userspace

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 include/uapi/linux/if_tunnel.h | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/include/uapi/linux/if_tunnel.h b/include/uapi/linux/if_tunnel.h
index ecdc7666..c7f0a5e6 100644
--- a/include/uapi/linux/if_tunnel.h
+++ b/include/uapi/linux/if_tunnel.h
@@ -160,4 +160,24 @@ enum {
 };
 
 #define IFLA_VTI_MAX	(__IFLA_VTI_MAX - 1)
+
+#define TUNNEL_CSUM		__cpu_to_be16(0x01)
+#define TUNNEL_ROUTING		__cpu_to_be16(0x02)
+#define TUNNEL_KEY		__cpu_to_be16(0x04)
+#define TUNNEL_SEQ		__cpu_to_be16(0x08)
+#define TUNNEL_STRICT		__cpu_to_be16(0x10)
+#define TUNNEL_REC		__cpu_to_be16(0x20)
+#define TUNNEL_VERSION		__cpu_to_be16(0x40)
+#define TUNNEL_NO_KEY		__cpu_to_be16(0x80)
+#define TUNNEL_DONT_FRAGMENT    __cpu_to_be16(0x0100)
+#define TUNNEL_OAM		__cpu_to_be16(0x0200)
+#define TUNNEL_CRIT_OPT		__cpu_to_be16(0x0400)
+#define TUNNEL_GENEVE_OPT	__cpu_to_be16(0x0800)
+#define TUNNEL_VXLAN_OPT	__cpu_to_be16(0x1000)
+#define TUNNEL_NOCACHE		__cpu_to_be16(0x2000)
+#define TUNNEL_ERSPAN_OPT	__cpu_to_be16(0x4000)
+
+#define TUNNEL_OPTIONS_PRESENT \
+		(TUNNEL_GENEVE_OPT | TUNNEL_VXLAN_OPT | TUNNEL_ERSPAN_OPT)
+
 #endif /* _IF_TUNNEL_H_ */

From 261a5290dd24ffeb3535ce135832690cfd85ba2d Mon Sep 17 00:00:00 2001
From: Petr Vorel <pvorel@suse.cz>
Date: Tue, 18 Dec 2018 20:29:04 +0100
Subject: [PATCH 4/7] testsuite: Fix colorize

bash and dash require for escape sequence to use 'echo -e' or printf
(but working on zsh). Choosing printf as it's implementation is IMHO
more portable than echo implementations.
dash also require to use \033[0; as escape sequence instead of \e[0;

NOTE: \e[0; kept in lib/color.c as it's not problematic for C code
(working when run ip on various shells).

Fixes: 7e2f71b4 ("testsuite: colorize test result output")

Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Stephen Hemminger <sthemmin@microsoft.com>
---
 testsuite/Makefile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/testsuite/Makefile b/testsuite/Makefile
index 9b0f1c15..7f247bbc 100644
--- a/testsuite/Makefile
+++ b/testsuite/Makefile
@@ -85,11 +85,11 @@ endif
 		TC="$$i/tc/tc" IP="$$i/ip/ip" SS=$$i/misc/ss DEV="$(DEV)" IPVER="$@" SNAME="$$i" \
 		ERRF="$(RESULTS_DIR)/$@.$$o.err" $(PREFIX) tests/$@ > $(RESULTS_DIR)/$@.$$o.out; \
 		if [ "$$?" = "127" ]; then \
-			echo "\e[1;35mSKIPPED\e[0m"; \
+			printf "\033[1;35mSKIPPED\033[0m\n"; \
 		elif [ -e "$(RESULTS_DIR)/$@.$$o.err" ]; then \
-			echo "\e[0;31mFAILED\e[0m"; \
+			printf "\033[0;31mFAILED\033[0m\n"; \
 		else \
-			echo "\e[0;32mPASS\e[0m"; \
+			printf "\033[0;32mPASS\033[0m\n"; \
 		fi; \
 		rm "$$TMP_ERR" "$$TMP_OUT"; \
 		sudo dmesg > $(RESULTS_DIR)/$@.$$o.dmesg; \

From 72cdb77d1a31afde5eb998eefe596db5d48d72cd Mon Sep 17 00:00:00 2001
From: Eric Dumazet <edumazet@google.com>
Date: Fri, 21 Dec 2018 22:53:35 -0800
Subject: [PATCH 5/7] nstat: fix load_ugly_table() limits

A recent change reduced max line length from 4096 to 2048 bytes,
but we already have lines above the 2048 threshold, and we keep
adding more SNMP counters in linux.

Switch to getline() and do not worry about future kernel changes.

Fixes: da8034a01904 ("misc: avoid snprintf warnings in ss and nstat")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 misc/nstat.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/misc/nstat.c b/misc/nstat.c
index 88f1c769..653580ea 100644
--- a/misc/nstat.c
+++ b/misc/nstat.c
@@ -177,11 +177,13 @@ static int count_spaces(const char *line)
 
 static void load_ugly_table(FILE *fp)
 {
-	char buf[2048];
+	char *buf = NULL;
+	size_t buflen = 0;
+	ssize_t nread;
 	struct nstat_ent *db = NULL;
 	struct nstat_ent *n;
 
-	while (fgets(buf, sizeof(buf), fp) != NULL) {
+	while ((nread = getline(&buf, &buflen, fp)) != -1) {
 		char idbuf[4096];
 		int  off;
 		char *p;
@@ -218,7 +220,8 @@ static void load_ugly_table(FILE *fp)
 			p = next;
 		}
 		n = db;
-		if (fgets(buf, sizeof(buf), fp) == NULL)
+		nread = getline(&buf, &buflen, fp);
+		if (nread == -1)
 			abort();
 		count2 = count_spaces(buf);
 		if (count2 > count1)
@@ -237,6 +240,7 @@ static void load_ugly_table(FILE *fp)
 				n = n->next;
 		} while (p > buf + off + 2);
 	}
+	free(buf);
 
 	while (db) {
 		n = db;

From cb65a9cb81c95028bc97f421b0c4cfbf749f621c Mon Sep 17 00:00:00 2001
From: wenxu <wenxu@ucloud.cn>
Date: Mon, 24 Dec 2018 16:49:44 +0800
Subject: [PATCH 6/7] iprule: Add tun_id filed in the selector

ip rule add from all iif gretap tun_id 2000 lookup 200

Signed-off-by: wenxu <wenxu@ucloud.cn>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 ip/iprule.c        | 33 +++++++++++++++++++++++++++++++++
 man/man8/ip-rule.8 |  4 +++-
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/ip/iprule.c b/ip/iprule.c
index 0f8fc6d9..9a7173d0 100644
--- a/ip/iprule.c
+++ b/ip/iprule.c
@@ -71,6 +71,7 @@ static struct
 	unsigned int tos, tosmask;
 	unsigned int pref, prefmask;
 	unsigned int fwmark, fwmask;
+	uint64_t tun_id;
 	char iif[IFNAMSIZ];
 	char oif[IFNAMSIZ];
 	struct fib_rule_uid_range range;
@@ -174,6 +175,18 @@ static bool filter_nlmsg(struct nlmsghdr *n, struct rtattr **tb, int host_len)
 			return false;
 	}
 
+	if (filter.tun_id) {
+		__u64 tun_id = 0;
+
+		if (tb[FRA_TUN_ID]) {
+			tun_id = ntohll(rta_getattr_u64(tb[FRA_TUN_ID]));
+			if (filter.tun_id != tun_id)
+				return false;
+		} else {
+			return false;
+		}
+	}
+
 	table = frh_get_table(frh, tb);
 	if (filter.tb > 0 && filter.tb ^ table)
 		return false;
@@ -340,6 +353,12 @@ int print_rule(struct nlmsghdr *n, void *arg)
 		}
 	}
 
+	if (tb[FRA_TUN_ID]) {
+		__u64 tun_id = ntohll(rta_getattr_u64(tb[FRA_TUN_ID]));
+
+		print_u64(PRINT_ANY, "tun_id", "tun_id %llu ", tun_id);
+	}
+
 	table = frh_get_table(frh, tb);
 	if (table) {
 		print_string(PRINT_ANY, "table",
@@ -583,6 +602,13 @@ static int iprule_list_flush_or_save(int argc, char **argv, int action)
 				   &filter.range.end) != 2)
 				invarg("invalid UID range\n", *argv);
 
+		} else if (matches(*argv, "tun_id") == 0) {
+			__u64 tun_id;
+
+			NEXT_ARG();
+			if (get_u64(&tun_id, *argv, 0))
+				invarg("\"tun_id\" value is invalid\n", *argv);
+			filter.tun_id = tun_id;
 		} else if (matches(*argv, "lookup") == 0 ||
 			   matches(*argv, "table") == 0) {
 			__u32 tid;
@@ -779,6 +805,13 @@ static int iprule_modify(int cmd, int argc, char **argv)
 			if (rtnl_rtprot_a2n(&proto, *argv))
 				invarg("\"protocol\" value is invalid\n", *argv);
 			addattr8(&req.n, sizeof(req), FRA_PROTOCOL, proto);
+		} else if (matches(*argv, "tun_id") == 0) {
+			__u64 tun_id;
+
+			NEXT_ARG();
+			if (get_be64(&tun_id, *argv, 0))
+				invarg("\"tun_id\" value is invalid\n", *argv);
+			addattr64(&req.n, sizeof(req), FRA_TUN_ID, tun_id);
 		} else if (matches(*argv, "table") == 0 ||
 			   strcmp(*argv, "lookup") == 0) {
 			NEXT_ARG();
diff --git a/man/man8/ip-rule.8 b/man/man8/ip-rule.8
index 1455a49a..2c12bf64 100644
--- a/man/man8/ip-rule.8
+++ b/man/man8/ip-rule.8
@@ -54,7 +54,9 @@ ip-rule \- routing policy database management
 .IR NUMBER "-" NUMBER " ] ] [ "
 .BR dport " [ "
 .IR NUMBER " | "
-.IR NUMBER "-" NUMBER " ] ]"
+.IR NUMBER "-" NUMBER " ] ] [ "
+.B  tun_id
+.IR TUN_ID " ]"
 .BR
 
 

From f0cabaca38e5fafb455373e2d2747afecc7299fd Mon Sep 17 00:00:00 2001
From: Leon Romanovsky <leonro@mellanox.com>
Date: Sun, 30 Dec 2018 15:34:09 +0200
Subject: [PATCH 7/7] rdma: Fix incorrectly handled NLA validation

mnl_attr_type_valid() receives maximum attribute type, which means that
we were supposed to supply the latest valid netlink attribute and not
the number of attributes. Such coding mistake caused to failures while
NLA attributes were extended.

Fixes: 74bd75c2b68d ("rdma: Add basic infrastructure for RDMA tool")
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 rdma/utils.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rdma/utils.c b/rdma/utils.c
index 1a0cf568..c7023367 100644
--- a/rdma/utils.c
+++ b/rdma/utils.c
@@ -425,8 +425,8 @@ int rd_attr_cb(const struct nlattr *attr, void *data)
 	const struct nlattr **tb = data;
 	int type;
 
-	if (mnl_attr_type_valid(attr, RDMA_NLDEV_ATTR_MAX) < 0)
-		/* We received uknown attribute */
+	if (mnl_attr_type_valid(attr, RDMA_NLDEV_ATTR_MAX - 1) < 0)
+		/* We received unknown attribute */
 		return MNL_CB_OK;
 
 	type = mnl_attr_get_type(attr);