From 7bf62cc8b556b5046f9bbd37687376fe9ea175bb Mon Sep 17 00:00:00 2001 From: Sven Eckelmann Date: Thu, 8 Nov 2018 00:00:26 +0100 Subject: [PATCH 1/2] batman-adv: Merge bugfixes from 2018.4 * Use explicit tvlv padding for ELP packets * Expand merged fragment buffer for full packet Signed-off-by: Sven Eckelmann --- batman-adv/Makefile | 2 +- ...xplicit-tvlv-padding-for-ELP-packets.patch | 55 +++++++++++++++++++ ...d-merged-fragment-buffer-for-full-pa.patch | 44 +++++++++++++++ 3 files changed, 100 insertions(+), 1 deletion(-) create mode 100644 batman-adv/patches/0022-batman-adv-Use-explicit-tvlv-padding-for-ELP-packets.patch create mode 100644 batman-adv/patches/0023-batman-adv-Expand-merged-fragment-buffer-for-full-pa.patch diff --git a/batman-adv/Makefile b/batman-adv/Makefile index 69e800a..74ef4b8 100644 --- a/batman-adv/Makefile +++ b/batman-adv/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=batman-adv PKG_VERSION:=2018.1 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_HASH:=b866b28dbbe5c9238abbdf5abbc30fc526dea56898ce4c1bd76d5c017843048b PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz diff --git a/batman-adv/patches/0022-batman-adv-Use-explicit-tvlv-padding-for-ELP-packets.patch b/batman-adv/patches/0022-batman-adv-Use-explicit-tvlv-padding-for-ELP-packets.patch new file mode 100644 index 0000000..3285e47 --- /dev/null +++ b/batman-adv/patches/0022-batman-adv-Use-explicit-tvlv-padding-for-ELP-packets.patch @@ -0,0 +1,55 @@ +From: Sven Eckelmann +Date: Tue, 30 Oct 2018 12:17:10 +0100 +Subject: [PATCH] batman-adv: Use explicit tvlv padding for ELP packets + +The announcement messages of batman-adv COMPAT_VERSION 15 have the +possibility to announce additional information via a dynamic TVLV part. +This part is optional for the ELP packets and currently not parsed by the +Linux implementation. Still out-of-tree versions are using it to transport +things like neighbor hashes to optimize the rebroadcast behavior. + +Since the ELP broadcast packets are smaller than the minimal ethernet +packet, it often has to be padded. This is often done (as specified in +RFC894) with octets of zero and thus work perfectly fine with the TVLV +part (making it a zero length and thus empty). But not all ethernet +compatible hardware seems to follow this advice. To avoid ambiguous +situations when parsing the TVLV header, just force the 4 bytes (TVLV +length + padding) after the required ELP header to zero. + +Fixes: a4b88af77e28 ("batman-adv: ELP - adding basic infrastructure") +Reported-by: Linus Lüssing +Signed-off-by: Sven Eckelmann + +Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/974337ee9773c4bd0a2d5c322306cf2bea445e11 +--- + net/batman-adv/bat_v_elp.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/net/batman-adv/bat_v_elp.c b/net/batman-adv/bat_v_elp.c +index 83b46654449df72ceda6ca3177f72e7faf0603ab..9aa3c7b2e9bad6c50b2939b6dbf5a9a2e713b93b 100644 +--- a/net/batman-adv/bat_v_elp.c ++++ b/net/batman-adv/bat_v_elp.c +@@ -339,19 +339,21 @@ static void batadv_v_elp_periodic_work(struct work_struct *work) + */ + int batadv_v_elp_iface_enable(struct batadv_hard_iface *hard_iface) + { ++ static const size_t tvlv_padding = sizeof(__be32); + struct batadv_elp_packet *elp_packet; + unsigned char *elp_buff; + u32 random_seqno; + size_t size; + int res = -ENOMEM; + +- size = ETH_HLEN + NET_IP_ALIGN + BATADV_ELP_HLEN; ++ size = ETH_HLEN + NET_IP_ALIGN + BATADV_ELP_HLEN + tvlv_padding; + hard_iface->bat_v.elp_skb = dev_alloc_skb(size); + if (!hard_iface->bat_v.elp_skb) + goto out; + + skb_reserve(hard_iface->bat_v.elp_skb, ETH_HLEN + NET_IP_ALIGN); +- elp_buff = skb_put_zero(hard_iface->bat_v.elp_skb, BATADV_ELP_HLEN); ++ elp_buff = skb_put_zero(hard_iface->bat_v.elp_skb, ++ BATADV_ELP_HLEN + tvlv_padding); + elp_packet = (struct batadv_elp_packet *)elp_buff; + + elp_packet->packet_type = BATADV_ELP; diff --git a/batman-adv/patches/0023-batman-adv-Expand-merged-fragment-buffer-for-full-pa.patch b/batman-adv/patches/0023-batman-adv-Expand-merged-fragment-buffer-for-full-pa.patch new file mode 100644 index 0000000..7133976 --- /dev/null +++ b/batman-adv/patches/0023-batman-adv-Expand-merged-fragment-buffer-for-full-pa.patch @@ -0,0 +1,44 @@ +From: Sven Eckelmann +Date: Wed, 7 Nov 2018 23:09:12 +0100 +Subject: [PATCH] batman-adv: Expand merged fragment buffer for full packet + +The complete size ("total_size") of the fragmented packet is stored in the +fragment header and in the size of the fragment chain. When the fragments +are ready for merge, the skbuff's tail of the first fragment is expanded to +have enough room after the data pointer for at least total_size. This means +that it gets expanded by total_size - first_skb->len. + +But this is ignoring the fact that after expanding the buffer, the fragment +header is pulled by from this buffer. Assuming that the tailroom of the +buffer was already 0, the buffer after the data pointer of the skbuff is +now only total_size - len(fragment_header) large. When the merge function +is then processing the remaining fragments, the code to copy the data over +to the merged skbuff will cause an skb_over_panic when it tries to actually +put enough data to fill the total_size bytes of the packet. + +The size of the skb_pull must therefore also be taken into account when the +buffer's tailroom is expanded. + +Fixes: 9b3eab61754d ("batman-adv: Receive fragmented packets and merge") +Reported-by: Martin Weinelt +Co-authored-by: Linus Lüssing +Signed-off-by: Sven Eckelmann + +Origin: other, https://patchwork.open-mesh.org/patch/17616/ +--- + net/batman-adv/fragmentation.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/net/batman-adv/fragmentation.c b/net/batman-adv/fragmentation.c +index 0fddc17106bd8a0e3f064fee9adba7c226f34682..5b71a289d04fc80de6c20e7a24d621727c77825a 100644 +--- a/net/batman-adv/fragmentation.c ++++ b/net/batman-adv/fragmentation.c +@@ -275,7 +275,7 @@ batadv_frag_merge_packets(struct hlist_head *chain) + kfree(entry); + + packet = (struct batadv_frag_packet *)skb_out->data; +- size = ntohs(packet->total_size); ++ size = ntohs(packet->total_size) + hdr_size; + + /* Make room for the rest of the fragments. */ + if (pskb_expand_head(skb_out, 0, size - skb_out->len, GFP_ATOMIC) < 0) { From c00a1bfbbfea767e65a9c8706cfbb9cd7de3be7b Mon Sep 17 00:00:00 2001 From: Sven Eckelmann Date: Thu, 8 Nov 2018 00:00:26 +0100 Subject: [PATCH 2/2] alfred: Merge bugfixes from 2018.4 * Fix detection of own packets for IPv4 mode * Request MAC resolution for IPv4 address not in ARP cache Signed-off-by: Sven Eckelmann --- alfred/Makefile | 2 +- ...tection-of-own-packets-for-IPv4-mode.patch | 37 ++++++++ ...AC-resolution-for-IPv4-address-not-i.patch | 84 +++++++++++++++++++ 3 files changed, 122 insertions(+), 1 deletion(-) create mode 100644 alfred/patches/0001-alfred-Fix-detection-of-own-packets-for-IPv4-mode.patch create mode 100644 alfred/patches/0002-alfred-Request-MAC-resolution-for-IPv4-address-not-i.patch diff --git a/alfred/Makefile b/alfred/Makefile index ef260ad..646a2ab 100644 --- a/alfred/Makefile +++ b/alfred/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=alfred PKG_VERSION:=2018.1 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_HASH:=808fa6acf65c7a8e26405115176a5587157f746108cbe5dd974788eb05416d76 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz diff --git a/alfred/patches/0001-alfred-Fix-detection-of-own-packets-for-IPv4-mode.patch b/alfred/patches/0001-alfred-Fix-detection-of-own-packets-for-IPv4-mode.patch new file mode 100644 index 0000000..576ca8c --- /dev/null +++ b/alfred/patches/0001-alfred-Fix-detection-of-own-packets-for-IPv4-mode.patch @@ -0,0 +1,37 @@ +From: Sven Eckelmann +Date: Mon, 29 Oct 2018 18:05:42 +0100 +Subject: [PATCH] alfred: Fix detection of own packets for IPv4 mode + +The incoming packet address is checked for a match against the local +interface addresses to avoid processing its own packets. The IPv4 +implementation used the same code but only initialized 4 of the 16 bytes of +the address in the recv function. The interface initialization code in +netsock_set_interfaces set all unused bytes to zero but recv_alfred_packet +was modified to use 12 random bytes from the stack. + +Both functions must work the same way and first set the address bytes to +zero and overwrite the actual used bytes with the address bytes. Otherwise, +the result of netsock_set_interfaces for own packets is random in the IPv4 +implementation. + +Fixes: c7da798113a2 ("alfred: IPv4 multicast distribution support.") +Signed-off-by: Sven Eckelmann +Tested-by: Jonathan Haws + +Origin: upstream, https://git.open-mesh.org/alfred.git/commit/db842ed210d00345619e0ebc45a4d0d840e0b7e5 +--- + recv.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/recv.c b/recv.c +index 59d759cfba816d3dd7ed4a56fd3269730093bcfd..5ff4bb5df2354d7f2310e2105ee385b9365b0c4b 100644 +--- a/recv.c ++++ b/recv.c +@@ -416,6 +416,7 @@ int recv_alfred_packet(struct globals *globals, struct interface *interface, + + packet = (struct alfred_tlv *)buf; + ++ memset(&alfred_source, 0, sizeof(alfred_source)); + if (globals->ipv4mode) { + memcpy(&alfred_source, &source4.sin_addr, sizeof(source4.sin_addr)); + } else { diff --git a/alfred/patches/0002-alfred-Request-MAC-resolution-for-IPv4-address-not-i.patch b/alfred/patches/0002-alfred-Request-MAC-resolution-for-IPv4-address-not-i.patch new file mode 100644 index 0000000..f60da7d --- /dev/null +++ b/alfred/patches/0002-alfred-Request-MAC-resolution-for-IPv4-address-not-i.patch @@ -0,0 +1,84 @@ +From: Jonathan Haws +Date: Mon, 29 Oct 2018 11:57:59 -0600 +Subject: [PATCH] alfred: Request MAC resolution for IPv4 address not in ARP cache + +When using IPv4, if the remote server is not yet in the ARP cache, the +MAC resolution will fail and data appear to not be shared via alfred. +Add a routine (modified from batctl sources) to request MAC resolution +by simply sending a datagram to the discard port (UDP/9). This adds the +remote MAC to the ARP cache, resulting in successful MAC resolution. + +Fixes: c7da798113a2 ("alfred: IPv4 multicast distribution support.") +Signed-off-by: Jonathan Haws +Tested-by: Gary Zou +Signed-off-by: Sven Eckelmann + +Origin: upstream, https://git.open-mesh.org/alfred.git/commit/5610d5bf8f4447b4d689aede638b4e92ae343340 +--- + util.c | 34 ++++++++++++++++++++++++++++++++-- + 1 file changed, 32 insertions(+), 2 deletions(-) + +diff --git a/util.c b/util.c +index dd3f00fa6280d7de04a11acb8485c11cead3d0a4..07947929dfe2d5a22ca16f5bf33846d7365c771e 100644 +--- a/util.c ++++ b/util.c +@@ -30,6 +30,7 @@ + #include + #include + #include ++#include + #include "alfred.h" + + int time_diff(struct timespec *tv1, struct timespec *tv2, +@@ -80,11 +81,35 @@ bool is_valid_ether_addr(uint8_t addr[ETH_ALEN]) + return true; + } + ++static void ipv4_request_mac_resolve(const alfred_addr *addr) ++{ ++ const struct sockaddr *sockaddr; ++ struct sockaddr_in inet4; ++ size_t sockaddr_len; ++ int sock; ++ char t = 0; ++ ++ sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); ++ if (sock < 0) ++ return; ++ ++ memset(&inet4, 0, sizeof(inet4)); ++ inet4.sin_family = AF_INET; ++ inet4.sin_port = htons(9); ++ inet4.sin_addr.s_addr = addr->ipv4.s_addr; ++ sockaddr = (const struct sockaddr *)&inet4; ++ sockaddr_len = sizeof(inet4); ++ ++ sendto(sock, &t, sizeof(t), 0, sockaddr, sockaddr_len); ++ close(sock); ++} ++ + int ipv4_arp_request(struct interface *interface, const alfred_addr *addr, + struct ether_addr *mac) + { + struct arpreq arpreq; + struct sockaddr_in *sin; ++ int retries = 1; + + memset(&arpreq, 0, sizeof(arpreq)); + memset(mac, 0, ETH_ALEN); +@@ -96,8 +121,13 @@ int ipv4_arp_request(struct interface *interface, const alfred_addr *addr, + strncpy(arpreq.arp_dev, interface->interface, sizeof(arpreq.arp_dev)); + arpreq.arp_dev[sizeof(arpreq.arp_dev) - 1] = '\0'; + +- if (ioctl(interface->netsock, SIOCGARP, &arpreq) < 0) +- return -1; ++ while ((ioctl(interface->netsock, SIOCGARP, &arpreq) < 0) || !(arpreq.arp_flags & ATF_COM)) { ++ ipv4_request_mac_resolve(addr); ++ usleep(200000); ++ ++ if (retries-- == 0) ++ break; ++ } + + if (arpreq.arp_flags & ATF_COM) { + memcpy(mac, arpreq.arp_ha.sa_data, sizeof(*mac));