lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 7 Feb 2019 14:21:56 +0100
From:   Michal Kubecek <mkubecek@...e.cz>
To:     netdev@...r.kernel.org
Cc:     Phil Sutter <phil@....cc>, David Miller <davem@...emloft.net>
Subject: Re: [net-next PATCH] net: rtnetlink: Support alias interfaces with
 RTM_GETLINK

On Thu, Feb 07, 2019 at 02:02:15PM +0100, Phil Sutter wrote:
> On Thu, Feb 07, 2019 at 01:39:39PM +0100, Michal Kubecek wrote:
> 
> > But I still don't think it would be a good idea. It's bad enough that
> > (as I just learned to my surprise) "ip link del dummy1:0" deletes dummy1
> > without any complaint because ip uses SIOCGIFINDEX ioctl for ifindex
> > lookup.
> 
> I'm struggling a bit with all this. The original problem is iproute2
> commit 50b9950dd9011 ("link dump filter") which changed 'ip link show'
> to not use if_indextoname() when given just an interface name. So lookup
> happens by name (via RTM_GETLINK) and consequently 'ip link show eth0:1'
> doesn't give link stats of eth0 anymore.

I would rather consider it a bug that it ever did. It's quite harmless
with "show" but with "set" or "delete", the effect can be quite
disastrous.

We want to preserve backward compatibility in general but iproute2
commit 50b9950dd901 is 4.5 years old and nobody seems to have complained
about the change in behaviour until now.

> Given that iproute2 is supposed to be backwards compatible, the only
> valid option I see is to make sure netlink API calls like the above
> behave identical to the ioctl ones they replace. Which means allowing
> for 'ip link show eth0:42' even if there's no address with that label
> assigned to eth0 as well as your example above.

One reason why I don't like this idea is that iproute2 is not the only
user of rtnetlink interface. There is wicked and glibc for sure, most
likely also NetworkManager (don't remember) and systemd-networkd (didn't
check) and certainly many others I never heard of. Changing the logic
in kernel rtnetlink implementation would affect all of them.

If we want to restore the old behaviour of ip (which I'm not convinced
of), it would make more sense to me to strip the :* suffix in iproute2.

Michal Kubecek

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ