lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 26 Oct 2017 09:40:46 +0300
From:   Ido Schimmel <idosch@...sch.org>
To:     Jiri Pirko <jiri@...nulli.us>
Cc:     David Ahern <dsahern@...il.com>, netdev@...r.kernel.org,
        jiri@...lanox.com, idosch@...lanox.com, johannes.berg@...el.com
Subject: Re: [PATCH net-next 3/3] mlxsw: spectrum_router: Return extack
 message on abort due to fib rules

On Thu, Oct 26, 2017 at 08:26:16AM +0200, Jiri Pirko wrote:
> Thu, Oct 26, 2017 at 07:08:05AM CEST, dsahern@...il.com wrote:
> >Adding a FIB rule on a spectrum platform silently aborts FIB offload:
> >    $ ip ru add pref 99 from all to 192.168.1.1 table 10
> >    $ dmesg -c
> >    [  623.144736] mlxsw_spectrum 0000:03:00.0: FIB abort triggered. Note that FIB entries are no longer being offloaded to this device.
> >
> >This patch reworks FIB rule handling to return a message to the user:
> >    $ ip ru add pref 99 from all to 8.8.8.8 table 11
> >    Error: spectrum: FIB rules not supported. Aborting offload.
> >
> >spectrum currently only checks whether the fib rule is a default rule or
> >an l3mdev rule, both of which it knows how to handle. Any other it aborts
> >FIB offload. Since the processing is fairly quick, move the code to inline
> >with the user request rather than a work queue to allow a message to be
> >returned if the offload is aborted. Change the delete handling to just return
> >since it does nothing at the moment.
> >
> >Signed-off-by: David Ahern <dsahern@...il.com>
> >---
> 
> [...]
> 
> >+static int mlxsw_sp_router_fib_rule_event(unsigned long event,
> >+					  struct fib_notifier_info *info,
> >+					  struct mlxsw_sp *mlxsw_sp)
> >+{
> >+	struct netlink_ext_ack *extack = info->extack;
> >+	struct fib_rule_notifier_info *fr_info;
> >+	struct fib_rule *rule;
> >+	bool add_unsupported_msg = false;
> >+
> >+	/* nothing to do at the moment */
> >+	if (event == FIB_EVENT_RULE_DEL)
> >+		goto out;
> >+
> >+	fr_info = container_of(info, struct fib_rule_notifier_info, info);
> >+	rule = fr_info->rule;
> >+
> >+	switch (info->family) {
> >+	case AF_INET:
> >+		if (!fib4_rule_default(rule) && !rule->l3mdev) {
> 
> Why don't we abort on removal of default rule?

This was discussed during initial VRF offload submission. Users need to
be able to re-order the rule for the local table after the l3mdev rule.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ