lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 26 Oct 2017 08:26:16 +0200
From:   Jiri Pirko <jiri@...nulli.us>
To:     David Ahern <dsahern@...il.com>
Cc:     netdev@...r.kernel.org, jiri@...lanox.com, idosch@...lanox.com,
        johannes.berg@...el.com
Subject: Re: [PATCH net-next 3/3] mlxsw: spectrum_router: Return extack
 message on abort due to fib rules

Thu, Oct 26, 2017 at 07:08:05AM CEST, dsahern@...il.com wrote:
>Adding a FIB rule on a spectrum platform silently aborts FIB offload:
>    $ ip ru add pref 99 from all to 192.168.1.1 table 10
>    $ dmesg -c
>    [  623.144736] mlxsw_spectrum 0000:03:00.0: FIB abort triggered. Note that FIB entries are no longer being offloaded to this device.
>
>This patch reworks FIB rule handling to return a message to the user:
>    $ ip ru add pref 99 from all to 8.8.8.8 table 11
>    Error: spectrum: FIB rules not supported. Aborting offload.
>
>spectrum currently only checks whether the fib rule is a default rule or
>an l3mdev rule, both of which it knows how to handle. Any other it aborts
>FIB offload. Since the processing is fairly quick, move the code to inline
>with the user request rather than a work queue to allow a message to be
>returned if the offload is aborted. Change the delete handling to just return
>since it does nothing at the moment.
>
>Signed-off-by: David Ahern <dsahern@...il.com>
>---

[...]

>+static int mlxsw_sp_router_fib_rule_event(unsigned long event,
>+					  struct fib_notifier_info *info,
>+					  struct mlxsw_sp *mlxsw_sp)
>+{
>+	struct netlink_ext_ack *extack = info->extack;
>+	struct fib_rule_notifier_info *fr_info;
>+	struct fib_rule *rule;
>+	bool add_unsupported_msg = false;
>+
>+	/* nothing to do at the moment */
>+	if (event == FIB_EVENT_RULE_DEL)
>+		goto out;
>+
>+	fr_info = container_of(info, struct fib_rule_notifier_info, info);
>+	rule = fr_info->rule;
>+
>+	switch (info->family) {
>+	case AF_INET:
>+		if (!fib4_rule_default(rule) && !rule->l3mdev) {

Why don't we abort on removal of default rule?



>+			add_unsupported_msg = true;
>+			mlxsw_sp_router_fib_abort(mlxsw_sp);
>+		}
>+		break;
>+	case AF_INET6:
>+		if (!fib6_rule_default(rule) && !rule->l3mdev) {
>+			add_unsupported_msg = true;
>+			mlxsw_sp_router_fib_abort(mlxsw_sp);
>+		}
>+		break;
>+	case RTNL_FAMILY_IPMR:
>+		if (!ipmr_rule_default(rule) && !rule->l3mdev) {
>+			add_unsupported_msg = true;
>+			mlxsw_sp_router_fib_abort(mlxsw_sp);
>+		}
> 		break;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ