libpfring: backport patch fixing compilation error for sa_data

Backport patch fixing compilation error for sa_data not well defined.
This is triggered only on platform that makes use of fortify string and
cause compilation error due to the fact that sa_data is not well defined
and his size is arbitrary.

Patch has been accepted in the PF_RING project and this is just a
backport.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit c3a50a9fac8f9d8665f8b012abd85bb9e461e865)

diff --git a/libs/libpfring/Makefile b/libs/libpfring/Makefile
index 0ef774b79b9d46f95da824621f31266390e9d450..1083d6ec78bb64a49f0644a8ddb030b5288d2297 100644 (file)
--- a/libs/libpfring/Makefile
+++ b/libs/libpfring/Makefile
@@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=libpfring
 PKG_VERSION:=8.4.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/ntop/PF_RING/tar.gz/$(PKG_VERSION)?

diff --git a/libs/libpfring/patches/101-kernel-pf_ring-better-define-sa_data-size.patch b/libs/libpfring/patches/101-kernel-pf_ring-better-define-sa_data-size.patch
new file mode 100644 (file)
index 0000000..7c27515
--- /dev/null
+++ b/libs/libpfring/patches/101-kernel-pf_ring-better-define-sa_data-size.patch
@@ -0,0 +1,72 @@
+From fae2437c2af80d3ea64f5bc9678a5b697772295b Mon Sep 17 00:00:00 2001
+From: Christian Marangi <ansuelsmth@gmail.com>
+Date: Mon, 18 Mar 2024 10:03:43 +0100
+Subject: [PATCH] kernel: pf_ring: better define sa_data size
+
+pfring_mod_bind() needs to specify the interface
+name using struct sockaddr that is defined as
+
+struct sockaddr { ushort sa_family; char sa_data[14]; };
+
+so the total interface name length is 13 chars (plus \0 trailer).
+
+Since sa_data size is arbitrary, define a more precise size for
+PF_RING socket use.
+
+This fix some compilation error with fortify string and makes the array
+handling more deterministic.
+
+Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
+---
+ kernel/pf_ring.c | 22 ++++++++++++++++++----
+ 1 file changed, 18 insertions(+), 4 deletions(-)
+
+--- a/kernel/pf_ring.c
++++ b/kernel/pf_ring.c
+@@ -155,6 +155,18 @@
+ #endif
+ #endif
+ 
++/*
++  pfring_mod_bind() needs to specify the interface
++      name using struct sockaddr that is defined as
++
++  struct sockaddr { ushort sa_family; char sa_data[14]; };
++
++  so the total interface name length is 13 chars (plus \0 trailer).
++  Since sa_data size is arbitrary, define a more precise size for
++  PF_RING socket use.
++*/
++#define RING_SA_DATA_LEN 14
++
+ /* ************************************************* */
+ 
+ #if(LINUX_VERSION_CODE >= KERNEL_VERSION(5,6,0))
+@@ -1029,7 +1041,7 @@ pf_ring_device *pf_ring_device_name_look
+         so the total interface name length is 13 chars (plus \0 trailer).
+         The check below is to trap this case.
+        */
+-      || ((l >= 13) && (strncmp(dev_ptr->device_name, name, 13) == 0)))
++      || ((l >= RING_SA_DATA_LEN - 1) && (strncmp(dev_ptr->device_name, name, RING_SA_DATA_LEN - 1) == 0)))
+        && device_net_eq(dev_ptr, net))
+       return dev_ptr;
+   }
+@@ -5571,15 +5583,15 @@ static int ring_bind(struct socket *sock
+    * Check legality
+    */
+   if (addr_len == sizeof(struct sockaddr)) {
+-    char name[sizeof(sa->sa_data)+1];
++    char name[RING_SA_DATA_LEN];
+ 
+     if (sa->sa_family != PF_RING)
+       return(-EINVAL);
+ 
+-    memcpy(name, sa->sa_data, sizeof(sa->sa_data));
++    memcpy(name, sa->sa_data, RING_SA_DATA_LEN - 1);
+ 
+     /* Add trailing zero if missing */
+-    name[sizeof(name)-1] = '\0';
++    name[RING_SA_DATA_LEN-1] = '\0';
+ 
+     debug_printk(2, "searching device %s\n", name);
+