lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Feb 2015 21:55:41 -0500 From: Andy Gospodarek <gospo@...ulusnetworks.com> To: Jay Vosburgh <jay.vosburgh@...onical.com> Cc: Alexey Dobriyan <adobriyan@...il.com>, davem@...emloft.net, vfalico@...il.com, andy@...yhouse.net, netdev@...r.kernel.org Subject: Re: [PATCH] bonding: ban stacked bonding support On Fri, Feb 20, 2015 at 03:14:00PM -0800, Jay Vosburgh wrote: > Alexey Dobriyan <adobriyan@...il.com> wrote: > > >Does Linux support it at all? > > > >In short: if you add bonding master as a slave, and then release it, > >it will no longer be a IFF_BONDING creating problems like described at > >https://bugzilla.kernel.org/show_bug.cgi?id=89541 > > > > echo +bond1 >/sys/class/net/bonding_masters > > echo 1 >/sys/class/net/bond1/bonding/mode > > echo +bond2 >/sys/class/net/bonding_masters > > echo +bond2 >/sys/class/net/bond1/bonding/slaves > > echo -bond2 >/sys/class/net/bond1/bonding/slaves > > echo -bond2 >/sys/class/net/bonding_masters > > > > cat /proc/net/bonding/bond2 # should not exist > > [oops] > > > >Signed-off-by: Alexey Dobriyan <adobriyan@...il.com> > > I think it's time to disallow stacking like this; it never > really worked quite right as far as I can remember, and I thought it was > disallowed at some point in the past. I don't believe the stacked bonds > function correctly for receive in the current kernel, either, although > I'd have to test it again to confirm that. > > The usual case for desiring to stack bonds is an active-backup > pair of LACP / 802.3ad bonds (such as the bugzilla referenced above), > but the 802.3ad mode handles this situation internally, so no stack is > necessary. Completely agree. > > >--- > > > > drivers/net/bonding/bond_main.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > >--- a/drivers/net/bonding/bond_main.c > >+++ b/drivers/net/bonding/bond_main.c > >@@ -1248,6 +1248,11 @@ int bond_enslave(struct net_device *bond_dev, struct net_device *slave_dev) > > slave_dev->name); > > } > > > >+ if (slave_dev->flags & IFF_MASTER) { > >+ netdev_dbg(bond_dev, "stacked bonding not supported\n"); > >+ return -EBUSY; > >+ } > >+ > > /* already enslaved */ > > if (slave_dev->flags & IFF_SLAVE) { > > netdev_dbg(bond_dev, "Error: Device was already enslaved\n"); > > Instead of a separate block for IFF_MASTER, the IFF_SLAVE line > could be replaced with something like: > > if (netif_is_bond_slave(slave_dev) || netif_is_bond_master(slave_dev)) { > netdev_dbg(bond_dev, "Error: Device is bond slave or master\n"); > > With that caveat: I would say adding the check for netif_is_bond_master() is critical since a check for only IFF_MASTER would fail when trying to add a bridge to a bond and that failure would not be desireable. Fix that and you can also add: Signed-off-by: Andy Gospodarek <gospo@...ulusnetworks.com> to your next post. > > Signed-off-by: Jay Vosburgh <jay.vosburgh@...onical.com> > > This is probably a good candidate for -stable as well. Agree (Though netif_is_bond_master() was added in 3.10; luckily it would be an easy backport.) > > -J > > --- > -Jay Vosburgh, jay.vosburgh@...onical.com > -- > To unsubscribe from this list: send the line "unsubscribe netdev" in > the body of a message to majordomo@...r.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists