Received: by 2002:ab2:710b:0:b0:1ef:a325:1205 with SMTP id z11csp1112764lql; Tue, 12 Mar 2024 07:39:44 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVCurMqsjhViiecIuiea7z8IrgHfzbAkQ/dJ++KK1BzwfzrN8/370oLP7n3UzcahQAolGDgc+uYKTz51JbBDziNYULOwDHMDIEqoaX0fQ== X-Google-Smtp-Source: AGHT+IHAWotMNzpLh2/AIISHH4HFYd5GjtmdV6Fi+R66hWDSOc9UPu1l2QB+6hAwsuxGVuQQdFW3 X-Received: by 2002:a05:622a:489:b0:42e:d704:b5a2 with SMTP id p9-20020a05622a048900b0042ed704b5a2mr12006475qtx.5.1710254384136; Tue, 12 Mar 2024 07:39:44 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710254384; cv=pass; d=google.com; s=arc-20160816; b=hGWY92wh0ijnitzLWcT8mj0eOYOeIXo7SGF6VfEbMqTooPPIN5gO2JXammjEaCHGHJ 3awYQCJ+MgELt9Qj1yH4ADghiooUagZQnBpvhfbwup0z93+ZStJ/JliBtKCDLJQi+bvc wszoWbUtq5cozT32BUm60WHVUW8h/RjrWzFSum1a+P+aHTny7PFbsrifKzu0JW+orwRB wdVEp21ICwzzfZJQcM40tsddLOmz8k9PWZRGVhBcCQyWVl+cVp1hoHwIGy6B2QgtEOqh NjW5IqcmfW33qPc2ejnBJd4ItM6Zbyi6g4opzvPUJtzjUTFTd4KcA+j4Elumhp5hySWT 6kPA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:in-reply-to:subject:cc:to:from:date :dkim-signature; bh=XMJRtZVN7j/hb0lf5DmhVFdq1TvSh1Jy4166EHZPeco=; fh=5JkJdU87H+XrC8syQM4F2TIDiUfQybyeIxjz4vMaZnw=; b=1AF+vAd+79o+UhTIUOYBYNfQSSypeZ/zddXUxevTBE5NHDfZc5L98KiyaXf1AOCXsG 0+nSnyw5B2guitK5rF1JaPOIKAlzjbKDrc8j2sGPemI/r0g7z02IGDIZWZ9gPScPoysj V4FJoEyg5OuuTD0sEh47sFawet4cjJDW3wrGbqXks6a4iKvfvGv8lVkraXk5sBs5iXrs d871rSRgVgX4MYxJFTzCClRDWgGvJiUlGzNyBMbp+hEUzO7sLUBql64xvdOjsg5A1rTr c4rEzKssAkkd1ljGN1eSbGo8H+WtOnJ1By6d8EvduC+htTRyPl1AniupuW/gX1wg0YDT LqyQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Gx7jBqVl; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-100379-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-100379-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id o15-20020a05622a138f00b0042ef5ff938bsi864932qtk.616.2024.03.12.07.39.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Mar 2024 07:39:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-100379-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Gx7jBqVl; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-100379-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-100379-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id CAD5F1C2214E for ; Tue, 12 Mar 2024 14:39:43 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 097577BB16; Tue, 12 Mar 2024 14:39:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Gx7jBqVl" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 00FA87A72C for ; Tue, 12 Mar 2024 14:39:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710254356; cv=none; b=D9RofnznXwCtYHvRbO1Cx9ZLVFzKXoTKh5qPbDjDxSmTjwZpVDdBQ0s58NGnN3lhiIGTs8kMhVwkC5x0O9kx/U7/UfRHjkaXF7YHfHpxNenphx1IRFOnQFMyuoYw1BS4E1DOk7jNwZU4Dw52r0kocrEE+xyx1hbJkJl0aNepRAU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710254356; c=relaxed/simple; bh=6G228Lphk0rlkU29bdOENgX5OXrMOrVaqWm38EVzM0Y=; h=Date:From:To:cc:Subject:In-Reply-To:Message-ID:References: MIME-Version:Content-Type; b=lpoHBjQ275VsawSAioBDJgVG/jt5gfFSn2uxJ7S/81tDMCJmKmkwg+ivRMlo6+zFY3pmBaTaYC7TFo5p5wvOcefWAH2Hjy2oLH2IJwOsFoEzkah+KyBELbCpDz9n1//ctKzewcqT5VgcjCzwMEcj0hzh2lcYaOJZv/UuBmmXdh0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=Gx7jBqVl; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710254353; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=XMJRtZVN7j/hb0lf5DmhVFdq1TvSh1Jy4166EHZPeco=; b=Gx7jBqVlQWzGYSQKGIlmDPECiPZntPxp3oBfAxBUt4p9N0YhLeBPa1SNuwGCWEAIE+Hp+Y WiYRGtmiDVeeIQ6/B31Wr+Nwy70TYLXBJWHpMJn271fueLK2+cznSpCaCpDP/NmpnO823M viucHErMvbHFLvEJutYfSVYAEidx+0M= Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com [209.85.215.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-612-6BA6fyAFN7GDnRxt7lHTjQ-1; Tue, 12 Mar 2024 10:39:12 -0400 X-MC-Unique: 6BA6fyAFN7GDnRxt7lHTjQ-1 Received: by mail-pg1-f197.google.com with SMTP id 41be03b00d2f7-5ce67a3f275so2851153a12.0 for ; Tue, 12 Mar 2024 07:39:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710254351; x=1710859151; h=mime-version:references:message-id:in-reply-to:subject:cc:to:from :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=XMJRtZVN7j/hb0lf5DmhVFdq1TvSh1Jy4166EHZPeco=; b=oupj0O9DG7WplYnugjGj8zFeWt2DoRGEfgQ8Z/lk7+rkjF9H4nU1Pn0eaL5obvzIBF REF8uN0mTq8MFe+kPMapCKMivjpa2o3WGjyu6ACg7g1Fi7aCoXDTFtSxDJACSAAYjZt5 PqhQOPOSMi9pK20d+IAGG0BTUca/J7CFZH/Jc99TxZVzW3WAo2DlXiWPWoULLwWkHg79 l5HzbV5RRC/MilFIyIjBhxKcA5P++sq6Ta8VfDffqhWD43UeA62Z6EvMMyQzqOswdHIX XVW2QgOE5ZcVtLVUh3Dd1Dtv2fk3uG5jUwWK0NyEe7/o7FwVIy7Dc4hMhEapyGO6F8CM tM9A== X-Gm-Message-State: AOJu0YwyWmia0IMriV4otc61HfBVUAARCEaAvcn2Y0Qm6rZ2JoNtUYp7 Xudw7EZ7wLTKgCd/75zR5iEatucwXcVUHUouZgomEpcXP5GkFa39ALU3SaKFE4bHsCcJH6ydKMA 8of8wUUJjvKF9bM99SupgngzsejLZWRaQLDSkLwBiBFj0ndl5aaTW5D6Dn5gQ+A== X-Received: by 2002:a05:6a20:3b86:b0:1a1:484b:bb72 with SMTP id b6-20020a056a203b8600b001a1484bbb72mr5382584pzh.51.1710254351255; Tue, 12 Mar 2024 07:39:11 -0700 (PDT) X-Received: by 2002:a05:6a20:3b86:b0:1a1:484b:bb72 with SMTP id b6-20020a056a203b8600b001a1484bbb72mr5382568pzh.51.1710254350762; Tue, 12 Mar 2024 07:39:10 -0700 (PDT) Received: from fc37-ani ([27.6.216.53]) by smtp.googlemail.com with ESMTPSA id q66-20020a17090a17c800b0029bb1631819sm694127pja.0.2024.03.12.07.39.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Mar 2024 07:39:10 -0700 (PDT) Date: Tue, 12 Mar 2024 20:09:03 +0530 (IST) From: Ani Sinha To: Shradha Gupta cc: linux-kernel@vger.kernel.org, linux-hyperv@vger.kernel.org, "K. Y. Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Long Li , Michael Kelley , Olaf Hering , Shradha Gupta Subject: Re: [PATCH v2] hv/hv_kvp_daemon: Handle IPv4 and Ipv6 combination for keyfile format In-Reply-To: <1710247112-7414-1-git-send-email-shradhagupta@linux.microsoft.com> Message-ID: <2d4aeba3-79db-67f7-9d38-5a55788e7cc7@redhat.com> References: <1710247112-7414-1-git-send-email-shradhagupta@linux.microsoft.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII On Tue, 12 Mar 2024, Shradha Gupta wrote: > If the network configuration strings are passed as a combination of IPv and > IPv6 addresses, the current KVP daemon doesnot handle it for the keyfile > configuration format. > With these changes, the keyfile config generation logic scans through the > list twice to generate IPv4 and IPv6 sections for the configuration files > to handle this support. > > Built-on: Rhel9 > Tested-on: Rhel9(IPv4 only, IPv6 only, IPv4 and IPv6 combination) > Signed-off-by: Shradha Gupta > --- > Changes in v2 > * Use calloc to avoid initialization later > * Return standard error codes > * Free the output_str pointer on completion > * Add out-of bound checks while writing to buffers > --- > tools/hv/hv_kvp_daemon.c | 173 +++++++++++++++++++++++++++++---------- > 1 file changed, 132 insertions(+), 41 deletions(-) > > diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c > index 318e2dad27e0..ae65be004eb1 100644 > --- a/tools/hv/hv_kvp_daemon.c > +++ b/tools/hv/hv_kvp_daemon.c > @@ -76,6 +76,12 @@ enum { > DNS > }; > > +enum { > + IPV4 = 1, > + IPV6, > + IP_TYPE_MAX > +}; > + > static int in_hand_shake; > > static char *os_name = ""; > @@ -102,6 +108,7 @@ static struct utsname uts_buf; > > #define MAX_FILE_NAME 100 > #define ENTRIES_PER_BLOCK 50 > +#define MAX_IP_ENTRIES 64 > > struct kvp_record { > char key[HV_KVP_EXCHANGE_MAX_KEY_SIZE]; > @@ -1171,6 +1178,18 @@ static int process_ip_string(FILE *f, char *ip_string, int type) > return 0; > } > > +int ip_version_check(const char *input_addr) > +{ > + struct in6_addr addr; > + > + if (inet_pton(AF_INET, input_addr, &addr)) > + return IPV4; > + else if (inet_pton(AF_INET6, input_addr, &addr)) > + return IPV6; > + else > + return -EINVAL; > +} > + > /* > * Only IPv4 subnet strings needs to be converted to plen > * For IPv6 the subnet is already privided in plen format > @@ -1197,14 +1216,71 @@ static int kvp_subnet_to_plen(char *subnet_addr_str) > return plen; > } > > +static int process_dns_gateway_nm(FILE *f, char *ip_string, int type, > + int ip_sec) > +{ > + char addr[INET6_ADDRSTRLEN], *output_str; > + int ip_offset = 0, error = 0, ip_ver; > + char *param_name; > + > + output_str = (char *)calloc(INET6_ADDRSTRLEN * MAX_IP_ENTRIES, > + sizeof(char)); Can we define INET6_ADDRSTRLEN * MAX_IP_ENTRIES as something like OUTSTR_BUF_SZ or some such? Then it becomes more readable here and below. > + > + if (!output_str) > + return -ENOMEM; > + > + memset(addr, 0, sizeof(addr)); > + > + if (type == DNS) { > + param_name = "dns"; > + } else if (type == GATEWAY) { > + param_name = "gateway"; > + } else { > + error = -EINVAL; > + goto cleanup; > + } If you move the above check before you allocate memory for output_str, you can return right away without doing a free(). > + > + while (parse_ip_val_buffer(ip_string, &ip_offset, addr, > + (MAX_IP_ADDR_SIZE * 2))) { > + ip_ver = ip_version_check(addr); > + if (ip_ver < 0) > + continue; > + > + if ((ip_ver == IPV4 && ip_sec == IPV4) || > + (ip_ver == IPV6 && ip_sec == IPV6)) { > + if (((INET6_ADDRSTRLEN * MAX_IP_ENTRIES) - strlen(output_str)) > > + (strlen(addr))) { > + strcat(output_str, addr); > + strcat(output_str, ","); Your bound check does not take into consideration one additional character (the ","). It should be (INET6_ADDRSTRLEN * MAX_IP_ENTRIES) - strlen(output_str) > strlen(addr) + 1 > + } > + memset(addr, 0, sizeof(addr)); > + > + } else { > + memset(addr, 0, sizeof(addr)); if you do memset() at the beginning of the loop, you do not need to do this separately for both branches. Plus there would be no need to do this at the beginning of the function as well. So you could do something like: while(1) { memset(addr ...); if (!parse_ip_val_buffer(...)) break; ... } > + continue; > + } > + } > + > + if (strlen(output_str)) { // remove the last comma character > + output_str[strlen(output_str) - 1] = '\0'; > + error = fprintf(f, "%s=%s\n", param_name, output_str); > + if (error < 0) > + goto cleanup; You need to free memory regardless of whether there is an error or not. > + } > + > +cleanup: > + free(output_str); > + return error; > +} > + > static int process_ip_string_nm(FILE *f, char *ip_string, char *subnet, > - int is_ipv6) > + int ip_sec) > { > char addr[INET6_ADDRSTRLEN]; > char subnet_addr[INET6_ADDRSTRLEN]; > int error, i = 0; > int ip_offset = 0, subnet_offset = 0; > - int plen; > + int plen, ip_ver; > > memset(addr, 0, sizeof(addr)); > memset(subnet_addr, 0, sizeof(subnet_addr)); > @@ -1216,10 +1292,16 @@ static int process_ip_string_nm(FILE *f, char *ip_string, char *subnet, > subnet_addr, > (MAX_IP_ADDR_SIZE * > 2))) { > - if (!is_ipv6) > + ip_ver = ip_version_check(addr); > + if (ip_ver < 0) > + continue; > + > + if (ip_ver == IPV4 && ip_sec == IPV4) > plen = kvp_subnet_to_plen((char *)subnet_addr); > - else > + else if (ip_ver == IPV6 && ip_sec == IPV6) > plen = atoi(subnet_addr); > + else > + continue; > > if (plen < 0) > return plen; > @@ -1238,12 +1320,11 @@ static int process_ip_string_nm(FILE *f, char *ip_string, char *subnet, > > static int kvp_set_ip_info(char *if_name, struct hv_kvp_ipaddr_value *new_val) > { > - int error = 0; > + int error = 0, ip_type; > char if_filename[PATH_MAX]; > char nm_filename[PATH_MAX]; > FILE *ifcfg_file, *nmfile; > char cmd[PATH_MAX]; > - int is_ipv6 = 0; > char *mac_addr; > int str_len; > > @@ -1421,52 +1502,62 @@ static int kvp_set_ip_info(char *if_name, struct hv_kvp_ipaddr_value *new_val) > if (error) > goto setval_error; > > - if (new_val->addr_family & ADDR_FAMILY_IPV6) { > - error = fprintf(nmfile, "\n[ipv6]\n"); > - if (error < 0) > - goto setval_error; > - is_ipv6 = 1; > - } else { > - error = fprintf(nmfile, "\n[ipv4]\n"); > - if (error < 0) > - goto setval_error; > - } > - > /* > - * Now we populate the keyfile format > + * The keyfile format expects the IPv6 and IPv4 configuration in > + * different sections. Therefore we iterate through the list twice, > + * once to populate the IPv4 section and the next time for IPv6 > */ > + ip_type = IPV4; > + do { > + if (ip_type == IPV4) { > + error = fprintf(nmfile, "\n[ipv4]\n"); > + if (error < 0) > + goto setval_error; > + } else { > + error = fprintf(nmfile, "\n[ipv6]\n"); > + if (error < 0) > + goto setval_error; > + } > > - if (new_val->dhcp_enabled) { > - error = kvp_write_file(nmfile, "method", "", "auto"); > - if (error < 0) > - goto setval_error; > - } else { > - error = kvp_write_file(nmfile, "method", "", "manual"); > + /* > + * Now we populate the keyfile format > + */ > + > + if (new_val->dhcp_enabled) { > + error = kvp_write_file(nmfile, "method", "", "auto"); > + if (error < 0) > + goto setval_error; > + } else { > + error = kvp_write_file(nmfile, "method", "", "manual"); > + if (error < 0) > + goto setval_error; > + } > + > + /* > + * Write the configuration for ipaddress, netmask, gateway and > + * name services > + */ > + error = process_ip_string_nm(nmfile, (char *)new_val->ip_addr, > + (char *)new_val->sub_net, > + ip_type); > if (error < 0) > goto setval_error; > - } > > - /* > - * Write the configuration for ipaddress, netmask, gateway and > - * name services > - */ > - error = process_ip_string_nm(nmfile, (char *)new_val->ip_addr, > - (char *)new_val->sub_net, is_ipv6); > - if (error < 0) > - goto setval_error; > - > - /* we do not want ipv4 addresses in ipv6 section and vice versa */ > - if (is_ipv6 != is_ipv4((char *)new_val->gate_way)) { > - error = fprintf(nmfile, "gateway=%s\n", (char *)new_val->gate_way); > + error = process_dns_gateway_nm(nmfile, > + (char *)new_val->gate_way, > + GATEWAY, ip_type); > if (error < 0) > goto setval_error; > - } > > - if (is_ipv6 != is_ipv4((char *)new_val->dns_addr)) { > - error = fprintf(nmfile, "dns=%s\n", (char *)new_val->dns_addr); > + error = process_dns_gateway_nm(nmfile, > + (char *)new_val->dns_addr, DNS, > + ip_type); > if (error < 0) > goto setval_error; > - } > + > + ip_type++; > + } while (ip_type < IP_TYPE_MAX); > + > fclose(nmfile); > fclose(ifcfg_file); > > -- > 2.34.1 > >