From 0db72343113a2e1613a6a772859861f576c8bb3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mattias=20Walstr=C3=B6m?= Date: Wed, 13 May 2026 14:33:37 +0200 Subject: [PATCH 1/2] Upgrade FRR to 10.5.4 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Summary of Changes: bfdd: - cap IPv6 echo reflection to declared length - account for FP offset in echo length checks - fix recv errno filter logic in a few places - tighten SBFD reflector packet sanity checks - gate IPv6 echo reflection on known sessions - tighten auth header parsing skeleton - validate control packet length before session lookup bgpd: - Fix memleak when configuring rd - Validate if NHC BGPID TLV value is non-zero - Avoid having a dangling pointer after we free NHC attribute - Check if BGPID NHC TLV exists when IPv6 next-hop is link-local - Do not allocate NHC TLV with an extra trailer - migrate timers during peer_xfer_conn to fix stale route cleanup - honor 'no activate' for dynamic neighbors in peer-group - Return immediately when dynamic capability action is not valid - Validate BGP role capability when handling it dynamically - fix neighbor IP comparison for IPv6 memcmp return values - Don't mark nexthop as changed if a set next-hop unchanged is applied - Return BGP_PEER_INTERNAL when first peer's as type is set to auto - Update peer sort cache when remote-as auto is used and AS number changed - Check dynamic capability action before validating ENHE capability - Do not allocate stream if route-refresh capability is not received - Move rpki strict check to bgp_accept() - Fix memory leak for nhc attribute if ipv6 is link-local address - Fix compilation for Debian 11 when printing uint64 values - Return zero labels if no BOS found and it's not a withdraw label - Fix signed overflow in hexstr2num() - Check the length also when parsing ENCAP attr sub-TLVs - Validate prefixlen before subtracting when parsing labeled unicast NLRI - Reset the stream to attr_start + attribute_len when WITHDRAWN - Revalidate locally originated routes against RPKI changes - Check if prefixlen is not 0 when parsing flowspec stuff - Prevent len_string going negative when trying to display flowspec entries - fix import vrf on non existing vrf - fix no vrf import command - Free hostname for FQDN capability if the parsing goes wrong - Validate MP_REACH_NLRI attribute against incorrect next-hop - Fix dynamic FQDN capability handling - Check if the remaining length for subtracting TLV length is enough - Fix the end pointer boundaries for dynamic graceful restart capability - Add missing returns when parsing enhanced route-refresh - Return original as-path when reconciling AS versus AS4 - Do not process route-refresh for AFI/SAFI if it's not negotiated - Check if we are not overusing error_data buffer when unknown cap received - fix NHT for explicit link-local BGP peers - improve packet parsing for EVPN and ENCAP/VNC - Prevent heap use-after-free for tunnel encapsulation attribute - Return 0 if AS4 capability is malformed - close dynamic peer socket in ttl error path - fix logic handling EVPN_FLAG_DEFAULT_GW - avoid early return in MPLSVPN NLRI processing - remove unneeded asserts in packet reads eigrpd: - fix byte order in Hello TLV decode functions - Handling for malformed update packets - enforce minimum TLV length in Hello handler - reject invalid prefix mask len - skip unknown and ignored TLVs - Improve packet validation isisd: - Reject SRv6 Locator TLV with Loc-Size of zero - consume leftover bytes after FAD sub-sub-TLV loop - use correct min size values for srv6 subtlvs - improve validation of flex-algo decoder - Fix missing neighbor address Sub-TLVs after link-params change - add unit test for remove_excess_adjs() memory leak fix - fix memory leak in remove_excess_adjs() - fix edge condition in max_lsp_count computation ldpd: - improve tlv validation in several places lib: - Report IPv6 MTU and not IPv4 for if_update_state_mtu6 - disable warning in zlog.c to match master nhrpd: - stop debugging auth credentials - fix byte-order when comparing error code in shortcut path - guard against zbuf_pulln NULL on truncated packets - require auth for all received packet types - harden debug packet parsing against malformed input - validate AFI index in extension replies ospf6d: - move log call out of priv block - remove asserts in packet-handling paths - fix issues in ospf6 auth trailer code ospfd: - add LSA validation in the apiserver path - add validation in several places before accessing pceplib: - validate during of_list TLV decoding pimd: - fix NOCACHE MFC resync detection log, add vrf name too - use upstream-owned pim pointer in register and upstream timers - use upstream-owned pim pointer in MSDP update paths - avoid JP build deref through channel OIL - guard RP RPF-failure mroute delete on detached OIL - avoid null deref in upstream delete debug path - guard channel OIL detach against stale pointers - fix crash due to double free - Ensure igmp message is of proper size - Reject pim packets with a malformed header length - Fix out of bounds read in AutoRP code - igmpv3 never checks packet length and trusts the num-sources field - Do not allow a register-stop message if not received from the RP - Prevent received msg length from being larger than buffer - Remove unnecessary asserts - When receiving a register stop ensure we have enough data to read - Ensure a register packet has enough space to read S,G data - Ensure that header has space on packet ripngd: - fix data handling in several places tests: - Check if route-map with set nexthop unchanged does not prevent outgoing - Check if mixed peer-group remote-as types can be used with auto - Verify neighbor addr Sub-TLVs after link-params reset - Expect return code being 0, not -1 when AS4 is empty or ASN is 0 vrrpd: - replace some asserts - only support ethernet in GARP code - limit advertised timers to 12-bits Signed-off-by: Mattias Walström --- buildroot | 2 +- doc/ChangeLog.md | 1 + patches/frr/{10.5.3 => 10.5.4}/0001-Libyang4-compat.patch | 2 +- ...-Failed-without-c-23-this-adds-compatibility-layer.patch | 6 +++--- ...bra-don-t-resolve-nexthop-via-inactive-connected-r.patch | 2 +- 5 files changed, 7 insertions(+), 6 deletions(-) rename patches/frr/{10.5.3 => 10.5.4}/0001-Libyang4-compat.patch (98%) rename patches/frr/{10.5.3 => 10.5.4}/0002-Failed-without-c-23-this-adds-compatibility-layer.patch (96%) rename patches/frr/{10.5.3 => 10.5.4}/0003-zebra-don-t-resolve-nexthop-via-inactive-connected-r.patch (97%) diff --git a/buildroot b/buildroot index 168601af4..a40d69265 160000 --- a/buildroot +++ b/buildroot @@ -1 +1 @@ -Subproject commit 168601af48567b93bfe0d7bdae3cc8eb266718a5 +Subproject commit a40d69265ea75afd4a1833e1f6400195b12e67a5 diff --git a/doc/ChangeLog.md b/doc/ChangeLog.md index f3352da27..d80c55248 100644 --- a/doc/ChangeLog.md +++ b/doc/ChangeLog.md @@ -25,6 +25,7 @@ All notable changes to the project are documented in this file. - Upgrade Linux kernel to 6.18.25 (LTS) - Upgrade Buildroot to 2025.02.13 (LTS) +- Upgrade FRR to 10.5.4 - Add support for per-bridge multicast router port in operational, issue #395 - Add support for static ARP (IPv4) and neighbor cache (IPv6) entries per interface, issue #819. Static entries are installed as permanent kernel diff --git a/patches/frr/10.5.3/0001-Libyang4-compat.patch b/patches/frr/10.5.4/0001-Libyang4-compat.patch similarity index 98% rename from patches/frr/10.5.3/0001-Libyang4-compat.patch rename to patches/frr/10.5.4/0001-Libyang4-compat.patch index 863ab0f78..a7d727b93 100644 --- a/patches/frr/10.5.3/0001-Libyang4-compat.patch +++ b/patches/frr/10.5.4/0001-Libyang4-compat.patch @@ -1,4 +1,4 @@ -From 39ebf709e91a89f59e14ac1d1179df170448d09a Mon Sep 17 00:00:00 2001 +From 72ad44e1e215cded7c8bf3209203b5d1b32e179d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mattias=20Walstr=C3=B6m?= Date: Tue, 27 Jan 2026 22:54:59 +0100 Subject: [PATCH 1/3] Libyang4 compat diff --git a/patches/frr/10.5.3/0002-Failed-without-c-23-this-adds-compatibility-layer.patch b/patches/frr/10.5.4/0002-Failed-without-c-23-this-adds-compatibility-layer.patch similarity index 96% rename from patches/frr/10.5.3/0002-Failed-without-c-23-this-adds-compatibility-layer.patch rename to patches/frr/10.5.4/0002-Failed-without-c-23-this-adds-compatibility-layer.patch index 37b886321..59bd5947f 100644 --- a/patches/frr/10.5.3/0002-Failed-without-c-23-this-adds-compatibility-layer.patch +++ b/patches/frr/10.5.4/0002-Failed-without-c-23-this-adds-compatibility-layer.patch @@ -1,4 +1,4 @@ -From 6f7ff746c4016ea6e6d81c7abad088f5a86f8fbf Mon Sep 17 00:00:00 2001 +From 80634c421c695b191c54d94feda6fb6c32c17eb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mattias=20Walstr=C3=B6m?= Date: Fri, 30 Jan 2026 13:00:12 +0100 Subject: [PATCH 2/3] Failed without c++ 23, this adds compatibility layer @@ -67,10 +67,10 @@ index 97c7460079..8fe8b10c05 100644 #define zassert assert diff --git a/lib/zlog.c b/lib/zlog.c -index 157f3323cb..7e7b6f0c25 100644 +index eb9b1c236b..b1d23a08d9 100644 --- a/lib/zlog.c +++ b/lib/zlog.c -@@ -789,6 +789,51 @@ void _zlog_assert_failed(const struct xref_assert *xref, const char *extra, ...) +@@ -792,6 +792,51 @@ void _zlog_assert_failed(const struct xref_assert *xref, const char *extra, ...) abort(); } diff --git a/patches/frr/10.5.3/0003-zebra-don-t-resolve-nexthop-via-inactive-connected-r.patch b/patches/frr/10.5.4/0003-zebra-don-t-resolve-nexthop-via-inactive-connected-r.patch similarity index 97% rename from patches/frr/10.5.3/0003-zebra-don-t-resolve-nexthop-via-inactive-connected-r.patch rename to patches/frr/10.5.4/0003-zebra-don-t-resolve-nexthop-via-inactive-connected-r.patch index f68cb70d4..377975657 100644 --- a/patches/frr/10.5.3/0003-zebra-don-t-resolve-nexthop-via-inactive-connected-r.patch +++ b/patches/frr/10.5.4/0003-zebra-don-t-resolve-nexthop-via-inactive-connected-r.patch @@ -1,4 +1,4 @@ -From 868d13c0982a0633e4144d03776358837d92cd8b Mon Sep 17 00:00:00 2001 +From 939a6bd1c38f8fe37236696a862c659b8fa96b07 Mon Sep 17 00:00:00 2001 From: Joachim Wiberg Date: Sun, 22 Feb 2026 10:22:06 +0100 Subject: [PATCH 3/3] zebra: don't resolve nexthop via inactive connected route From 9c7ef5757123d6e65d8fa7849ed794725d043714 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mattias=20Walstr=C3=B6m?= Date: Wed, 13 May 2026 14:39:46 +0200 Subject: [PATCH 2/2] confd: yang: Put some limits on custom mac addresses Not correct MAC address for example multicast bit set, caused `ip` to exit with failure code, resulting in that configuration was not applied. --- doc/ChangeLog.md | 1 + src/confd/yang/confd/infix-if-bridge.yang | 4 ++-- src/confd/yang/confd/infix-interfaces.yang | 15 ++++++++++++--- ...4-29.yang => infix-interfaces@2026-05-13.yang} | 0 4 files changed, 15 insertions(+), 5 deletions(-) rename src/confd/yang/confd/{infix-interfaces@2026-04-29.yang => infix-interfaces@2026-05-13.yang} (100%) diff --git a/doc/ChangeLog.md b/doc/ChangeLog.md index d80c55248..069206a6d 100644 --- a/doc/ChangeLog.md +++ b/doc/ChangeLog.md @@ -17,6 +17,7 @@ All notable changes to the project are documented in this file. - Handle unclean daemon exits better, e.g., `dbus-daemon` crashing and leaving a stale pidfile behind, causing it to refuse to be restarted - Fix occasional blank or garbled `[ OK ]` lines at startup +- Fix MAC address input validation in infix-interfaces YANG. [v26.04.0][] - 2026-04-30 ------------------------- diff --git a/src/confd/yang/confd/infix-if-bridge.yang b/src/confd/yang/confd/infix-if-bridge.yang index 3e4d32a2a..7c5eff40b 100644 --- a/src/confd/yang/confd/infix-if-bridge.yang +++ b/src/confd/yang/confd/infix-if-bridge.yang @@ -939,8 +939,8 @@ submodule infix-if-bridge { must "not(../ip:ipv4/ip:address or ../ip:ipv6/ip:address)" { error-message "Bridge ports cannot have IP addresses configured."; } - must "not(derived-from-or-self(../if:type, 'infix-ift:wifi')) or ../infix-if:wifi/infix-if:access-point" { - error-message "WiFi interfaces can only be bridge ports when configured as Access Points."; + must "not(derived-from-or-self(../if:type, 'infix-ift:wifi')) or ../infix-if:wifi/infix-if:access-point or ../infix-if:wifi/infix-if:mesh-point" { + error-message "WiFi interfaces can only be bridge ports when configured as Access Points or Mesh Points."; } description "Bridge association and port specific settings."; uses bridge-port-common; diff --git a/src/confd/yang/confd/infix-interfaces.yang b/src/confd/yang/confd/infix-interfaces.yang index 03c9c8a61..f4de3640f 100644 --- a/src/confd/yang/confd/infix-interfaces.yang +++ b/src/confd/yang/confd/infix-interfaces.yang @@ -41,6 +41,11 @@ module infix-interfaces { contact "kernelkit@googlegroups.com"; description "Linux bridge and lag extensions for ietf-interfaces."; + revision 2026-05-13 { + description "Add limitations on custom mac addresses on interfaces, now needs to be a correct unicast mac-address"; + reference "internal"; + } + revision 2026-04-29 { description "Add operational state for multicast router ports per bridge."; reference "internal"; @@ -235,8 +240,12 @@ module infix-interfaces { case static { leaf static { - description "Statically configured interface address on protocol sub-layer, e.g., MAC."; - type yang:phys-address; + description "Statically configured unicast MAC address."; + type yang:mac-address { + pattern '[0-9a-fA-F][02468aAcCeE]:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}:[0-9a-fA-F]{2}' { + error-message "Must be a unicast MAC address (multicast bit must not be set)."; + } + } } } @@ -247,7 +256,7 @@ module infix-interfaces { leaf offset { description "Static offset added to the chassis MAC address."; - type yang:phys-address; + type yang:mac-address; } } } diff --git a/src/confd/yang/confd/infix-interfaces@2026-04-29.yang b/src/confd/yang/confd/infix-interfaces@2026-05-13.yang similarity index 100% rename from src/confd/yang/confd/infix-interfaces@2026-04-29.yang rename to src/confd/yang/confd/infix-interfaces@2026-05-13.yang