lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Jun 2013 15:11:18 +0200 From: Veaceslav Falico <vfalico@...hat.com> To: netdev@...r.kernel.org Cc: vfalico@...hat.com, fubar@...ibm.com, andy@...yhouse.net, davem@...emloft.net, linux@...2.net, nicolas.2p.debian@...e.fr, rick.jones2@...com, nikolay@...hat.com, mkubecek@...e.cz Subject: [PATCH v3 net-next 0/6] bonding: prepare to and add arp_all_targets Hi, This patchset does some cleanup, fixes a few flaws and adds a new parameter to control whether the slave should stay up when any of arp_ip_targets are up or all of them are up (i.e. if the slave should go down if even one target from arp_ip_targets fail). The patches 1-5 basically prepare the bonding code to work properly with this new parameter, however it's not depending on them. All comments are really welcome. v2->v3: Fix "[6/6] bonding: add helper function bond_get_targets_ip(targets, ip)", per Nikolay's advice, to use _bh spinlock, remove useless rtnl_lock() and use jiffies for new arp_ip_target last arp, instead of slave_last_rx(). As Michal suggested, initialize the target_last_arp_rx[] the same as the default last_arp_rx, to avoid flapping. Also, don't fail while removing the last arp_ip_target, and instead just print a warning - otherwise it might break existing scripts. v1->v2: Drop "[1/6] bonding: verify if bond has ip only once on arp validate", per Jay's advice, it's really useless as a standalone patch (though the change itself will appear in 2/6). Fix "[2/6] bonding: add helper function bond_get_targets_ip(targets, ip)", per Nikolay's advice, to verify if source ip != 0.0.0.0, otherwise we might update 'null' arp_ip_targets' last_rx. Also, address style. Drop "[5/6] bonding: don't swap arp's ips on validation for backup slave", per Jay's advice, though it does address cyclic failover issue - it disables a good optimization. Instead, update the documentation and fix the cyclic loop issue in the following patch. Add "bonding: don't trust arp requests unless active slave really works", this patch fixes the cyclic loop that occurs when we can't reach arp_ip_target and fool ourselves with our own generated arp requests. It's done by checking if we currently have a current active slave and if this slave received at least one arp reply after its 'nomination' to active. Add "bonding: doc: some details on backup slave arp validation", this patch describes a bit more in detail how the backup slave arp validation works. Fix "[6/6] bonding: add an option to fail when any of arp_ip_target is inaccessible", per Nikolay's advice, to correctly handle adding/removing hosts in arp_ip_target - we need to shift/initialize all slave's target_last_arp_rx. Also, don't fail module loading on arp_all_targets misconfiguration, just disable it, and some minor style fixes. Thanks! Veaceslav Falico (6): bonding: add helper function bond_get_targets_ip(targets, ip) bonding: don't add duplicate targets to arp_ip_target bonding: don't validate arp if we don't have to bonding: don't trust arp requests unless active slave really works bonding: doc: some details on backup slave arp validation bonding: add an option to fail when any of arp_ip_target is inaccessible Documentation/networking/bonding.txt | 23 ++++++ drivers/net/bonding/bond_main.c | 70 +++++++++++++++---- drivers/net/bonding/bond_sysfs.c | 125 ++++++++++++++++++++++++---------- drivers/net/bonding/bonding.h | 46 ++++++++++++- 4 files changed, 212 insertions(+), 52 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists