lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 24 Jun 2013 18:44:24 +0200
From:	Nicolas Dichtel <nicolas.dichtel@...nd.com>
To:	David Miller <davem@...emloft.net>
CC:	netdev@...r.kernel.org
Subject: Re: [PATCH v2] ipv6: fix ecmp lookup when oif is specified

Le 24/06/2013 03:40, David Miller a écrit :
> From: Nicolas Dichtel <nicolas.dichtel@...nd.com>
> Date: Fri, 14 Jun 2013 10:32:58 +0200
>
>> There is no reason to skip ECMP lookup when oif is specified, but this implies
>> to check oif given by user when selecting another route.
>> When the new route does not match oif requirement, we simply keep the initial
>> one.
>>
>> Spotted-by: dingzhi <zhi.ding@...nd.com>
>> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
>
> IPV4 routing has elided the multipath lookup when the interface is specified
> for nearly two decades.
>
> So two things:
>
> 1) A decision that old must have a good reason, and you must do some
>     research to figure out exactly what that reason is.
>
> 2) If ipv4 is found to be wrong too, we must bring both ipv4 and ipv6
>     into the same behavior at the same time.
In fact, routing engines are different in forwarding case:

IPv4 case:
fl4->flowi4_oif is 0 when a packet is forwarded and this value is checked to 
select or not multipath functions.

IPv6 case:
The check is done against the argument oif (not fl6->flowi6_oif) of the function 
ip6_pol_route(). And this argument is set to the input interface by 
ip6_pol_route_input().

Functions call:
   - ip6_rcv_finish() -> ip6_route_input() -> ip6_route_input_lookup() -> 
fib6_rule_lookup() -> ip6_pol_route_input() -> ip6_pol_route()

Will you accept the patch if I remove only the check of oif argument in 
ip6_pol_route() (and leave ip6_pol_route_lookup() untouched).

My goal was only to have ECMP working in the forwarding case.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ