lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 3 Mar 2015 23:28:06 -0800 From: Scott Feldman <sfeldma@...il.com> To: David Miller <davem@...emloft.net> Cc: Netdev <netdev@...r.kernel.org>, Jiří Pírko <jiri@...nulli.us>, Roopa Prabhu <roopa@...ulusnetworks.com> Subject: Re: [PATCH net-next v3 0/7] switchdev: add IPv4 routing offload On Tue, Mar 3, 2015 at 9:38 PM, David Miller <davem@...emloft.net> wrote: > From: sfeldma@...il.com > Date: Tue, 3 Mar 2015 15:31:53 -0800 > >> v3: >> >> Changes based on v2 review comments: >> >> - Move check for custom rules up earlier in patch set, to keep git bisect >> safe. >> - Simplify the route add/modify failure handling to simple try until >> failure, and then on failure, undo everything. The switchdev driver >> will return err when route can normally be installed to device, but >> the install fails for one reason or another (no space left on device, >> etc). If a failure happens, uninstall all routes from the device, >> punting forwarding for all routes back to the kernel. >> - Scan route's full nexthop list, ensuring all nexthop devs belong >> to the same switchdev device, otherwise don't try to install route >> to device. > > Getting really close. > > I think you have to make some minor adjustments to the > fib_flush_external() cases. > > First of all, that code that unloads the entries from the hardware > should clear the RTNH_F_EXTERNAL flag. In v3, the setting and clearing of RTNH_F_EXTERNAL moved to the driver, the implementer of the add/del ndo ops. So RTNH_F_EXTERNAL does get cleared by the driver on fib_flush_external(). We could add an additional clear above the driver, just in case the driver screwed up and forgot to clear it. Driver bug in that case; not sure where to draw the line. > Secondly, if you call fib_flush_external() because an add returned an > error, you have to set some boolean state which prevents the next new > route insert from loading only that new route into the hardware > because that's exactly what will happen with your current > implementation. I guess we could add a net.ipv4.fib_hw_screwed. But that kills other innocent switch devices on same netns. Or is it a private driver bool, which gets set on first install err, and is checked on subsequent installs? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists