lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 16 Mar 2018 16:23:08 -0300
From:   Marcelo Ricardo Leitner <marcelo.leitner@...il.com>
To:     netdev@...r.kernel.org
Cc:     marcelo.leitner@...il.com, Alexander Aring <aring@...atatu.com>,
        Jiri Pirko <jiri@...nulli.us>, Jakub Kicinski <kubakici@...pl>
Subject: [PATCH RFC 0/2] Add support for warnings to extack

Currently we have the limitation that warnings cannot be reported though
extack. For example, when tc flower failed to get offloaded but got
installed on software datapath. The hardware failure is not fatal and
thus extack is not even shared with the driver, so the error is simply
omitted from any logging.

The idea here is to allow such kind of warnings to get through and be
available for the sysadmin or the tool managing such commands (like Open
vSwitch), so that if this happens, we will have such log message in a
file later.

The first patch extends extack to support more than one message and with
different log level (currently only error and warning). The second
shares extack with the drivers regardless of skip_sw.

The iproute patch also follows.

This kernel change is backward compatible with older iproute because
iproute will only process the last message, which should be the error
one in case of failure, or a warning if it suceeded. 

The iproute change is compatible with older kernels because it will find
only one message to be processed and will handle it properly.

With this patches, this is now possible:
# tc qdisc add dev p7p1 ingress
# tc filter add dev p7p1 parent ffff: protocol ip prio 1 flower \
	src_mac ec:13:db:00:00:00 dst_mac ec:14:c2:00:00:00 \
	src_ip 56.0.0.0 dst_ip 55.0.0.0 action drop
Warning: TC offload is disabled on net device.
# echo $?
0

Marcelo Ricardo Leitner (2):
  netlink: extend extack so it can carry more than one message
  sched: pass extack through even if skip_sw is not set

 include/linux/netlink.h  | 50 +++++++++++++++++++++++++++++-------------------
 include/net/pkt_cls.h    |  3 +--
 net/netlink/af_netlink.c | 12 +++++++-----
 3 files changed, 38 insertions(+), 27 deletions(-)

-- 
2.14.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ