lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 13 Aug 2010 12:49:33 -0700
From:	Ben Greear <greearb@...delatech.com>
To:	Brian Haley <brian.haley@...com>
CC:	netdev@...r.kernel.org
Subject: Re: [iproute2] iproute2:  Fix 'addr flush secondary' logic.

On 08/12/2010 12:00 PM, Brian Haley wrote:
> On 08/11/2010 06:48 PM, Ben Greear wrote:
>> Looks like the code was broken in several different places.
>>
>> * It ran only a single filter if there were multiple.
>> * Don't want to flush in a loop if you are doing primary
>>    because otherwise promoted seconaries will get deleted
>>    for each additional loop (10 in upstream code).
>> * No idea what a while (0); statement at the end of a for
>>    loop does, but I don't think it needed to be there!

Attached is an updated patch to fix some of the errors you
mentioned.  It also fixes a bug when '-s -s' is used:  The old
code modified the ifa flags, which made it not handle the check
for primary v/s secondary correctly in the next filter.


Here are my testing commands:

Another thing you might find interesting is to run 'ip monitor'
in another window.  It should show the secondaries getting deleted
before the primaries if you flush all (with my modification).  Without
my patch, you should see only the primary being deleted in each
round.

[root@...03-10G-09 lanforge]# cat /proc/sys/net/ipv4/conf/all/promote_secondaries
1

[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.101/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.102/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.103/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip -s -s addr flush dev eth3
5: eth3    inet 172.16.223.102/16 scope global secondary eth3
5: eth3    inet 172.16.223.103/16 scope global secondary eth3
5: eth3    inet 172.16.223.101/16 scope global eth3

*** Round 1, deleting 3 addresses ***
*** Flush is complete after 1 round ***

[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.101/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.102/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.103/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip -s  addr flush dev eth3

*** Round 1, deleting 3 addresses ***
*** Flush is complete after 1 round ***

[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.101/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.102/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.103/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr show dev eth3
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
     link/ether 00:0c:bd:00:9b:1b brd ff:ff:ff:ff:ff:ff
     inet 172.16.223.101/16 scope global eth3
     inet 172.16.223.102/16 scope global secondary eth3
     inet 172.16.223.103/16 scope global secondary eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr flush dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr show dev eth3
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
     link/ether 00:0c:bd:00:9b:1b brd ff:ff:ff:ff:ff:ff


[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.101/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.102/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr add 172.16.223.103/16 dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr show dev eth3
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
     link/ether 00:0c:bd:00:9b:1b brd ff:ff:ff:ff:ff:ff
     inet 172.16.223.101/16 scope global eth3
     inet 172.16.223.102/16 scope global secondary eth3
     inet 172.16.223.103/16 scope global secondary eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr flush dev eth3 primary
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr show dev eth3
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
     link/ether 00:0c:bd:00:9b:1b brd ff:ff:ff:ff:ff:ff
     inet 172.16.223.102/16 scope global eth3
     inet 172.16.223.103/16 scope global secondary eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr flush dev eth3 secondary
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr show dev eth3
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
     link/ether 00:0c:bd:00:9b:1b brd ff:ff:ff:ff:ff:ff
     inet 172.16.223.102/16 scope global eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr flush dev eth3 secondary
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr show dev eth3
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
     link/ether 00:0c:bd:00:9b:1b brd ff:ff:ff:ff:ff:ff
     inet 172.16.223.102/16 scope global eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr flush dev eth3
[root@...03-10G-09 lanforge]# ./local/sbin/ip addr show dev eth3
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
     link/ether 00:0c:bd:00:9b:1b brd ff:ff:ff:ff:ff:ff


Thanks,
Ben

-- 
Ben Greear <greearb@...delatech.com>
Candela Technologies Inc  http://www.candelatech.com


View attachment "iproute_flush.patch" of type "text/plain" (4991 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ