lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 27 Mar 2007 15:30:08 +0200
From:	Muli Ben-Yehuda <muli@...ibm.com>
To:	Thomas Graf <tgraf@...g.ch>
Cc:	davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: [NET] fib_rules: Flush route cache after rule modifications

On Tue, Mar 27, 2007 at 03:21:59PM +0200, Thomas Graf wrote:

> The results of FIB rules lookups are cached in the routing cache
> except for IPv6 as no such cache exists. So far, it was the
> responsibility of the user to flush the cache after modifying any
> rules. This lead to many false bug reports due to misunderstanding
> of this concept.
> 
> This patch automatically flushes the route cache after inserting
> or deleting a rule.
> 
> Signed-off-by: Thomas Graf <tgraf@...g.ch>
> 
> Index: net-2.6.22/include/net/fib_rules.h
> ===================================================================
> --- net-2.6.22.orig/include/net/fib_rules.h	2007-03-27 13:54:52.000000000 +0200
> +++ net-2.6.22/include/net/fib_rules.h	2007-03-27 14:16:24.000000000 +0200
> @@ -59,6 +59,10 @@ struct fib_rules_ops
>  	u32			(*default_pref)(void);
>  	size_t			(*nlmsg_payload)(struct fib_rule *);
>  
> +	/* Called after modifications to the rules set, must flush
> +	 * the route cache if one exists. */
> +	void			(*flush_cache)(void);
> +
>  	int			nlgroup;
>  	struct nla_policy	*policy;
>  	struct list_head	*rules_list;
> Index: net-2.6.22/net/core/fib_rules.c
> ===================================================================
> --- net-2.6.22.orig/net/core/fib_rules.c	2007-03-27 13:53:29.000000000 +0200
> +++ net-2.6.22/net/core/fib_rules.c	2007-03-27 13:59:20.000000000 +0200
> @@ -44,6 +44,12 @@ static void rules_ops_put(struct fib_rul
>  		module_put(ops->owner);
>  }
>  
> +static void flush_route_cache(struct fib_rules_ops *ops)
> +{
> +	if (ops->flush_cache)
> +		ops->flush_cache();
> +}
> +
>  int fib_rules_register(struct fib_rules_ops *ops)
>  {
>  	int err = -EEXIST;
> @@ -315,6 +321,7 @@ static int fib_nl_newrule(struct sk_buff
>  
>  	notify_rule_change(RTM_NEWRULE, rule, ops, nlh, NETLINK_CB(skb).pid);
>  	rules_ops_put(ops);
> +	flush_route_cache(ops);
>  	return 0;
>  
>  errout_free:
> @@ -405,6 +412,7 @@ static int fib_nl_delrule(struct sk_buff
>  				   NETLINK_CB(skb).pid);
>  		fib_rule_put(rule);
>  		rules_ops_put(ops);
> +		flush_route_cache(ops);
>  		return 0;
>  	}

That looks like a bug - shouldn't we flush the cache first, then do
the rules_ops_put()?

Cheers,
Muli
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ