lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 3 Aug 2016 09:58:09 +0900
From:	Lorenzo Colitti <lorenzo@...gle.com>
To:	David Miller <davem@...emloft.net>
Cc:	John Stultz <john.stultz@...aro.org>,
	David Ahern <dsa@...ulusnetworks.com>,
	Mateusz Bajorski <mateusz.bajorski@...ia.com>,
	lkml <linux-kernel@...r.kernel.org>,
	Guodong Xu <guodong.xu@...aro.org>,
	Dmitry Shmidt <dimitrysh@...gle.com>,
	Chih-hung Hsieh <chh@...gle.com>,
	Eric Caruso <ejcaruso@...gle.com>,
	Rom Lemarchand <romlem@...gle.com>
Subject: Re: [Regression?] fib_rules: Added NLM_F_EXCL support to
 fib_nl_newrule breaks Android userspace

On Wed, Aug 3, 2016 at 3:00 AM, David Miller <davem@...emloft.net> wrote:
> > index 96161b8..ce19c5b 100644
> > --- a/include/uapi/linux/fib_rules.h
> > +++ b/include/uapi/linux/fib_rules.h
> > @@ -49,6 +49,8 @@ enum {
> >         FRA_TABLE,      /* Extended table id */
> >         FRA_FWMASK,     /* mask for netfilter mark */
> >         FRA_OIFNAME,
> > +       FRA_UID_START,  /* UID range */
> > +       FRA_UID_END,
> >         __FRA_MAX
> >  };
> ...
> > Lorenzo/Rom: Fyi, you've got another upstream feature collision to work out.
>
> It is very difficult for us to take Android networking bug reports
> against upstream seriously as long as these kind of situations
> continue to exist.

I'm to blame for this one. The specific issue here is the RTA_xxx enum
- Android code assumes RTA_UID = 18, but the MPLS change that John
pointed out added RTA_VIA = 18. A bad cherry-pick to android-4.4 put
RTA_UID after RTA_VIA.

The problem is that the UID routing patches were never accepted
upstream, and because FRA_xxx and RTA_xxx are enums, there's no safe
way to add a new value out of tree like there would be with other
identifiers such as setsockopt values.

I'm going to make another attempt to upstream the UID routing code
soon. If that doesn't make it, then we could attempt to reserve a
couple RTA_xxx and FRA_xxx values for local use.

Powered by blists - more mailing lists