lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 12 Jul 2013 14:04:45 +0200
From:	Nicolas Dichtel <nicolas.dichtel@...nd.com>
To:	hannes@...essinduktion.org
CC:	netdev@...r.kernel.org, yoshfuji@...ux-ipv6.org,
	petrus.lt@...il.com, davem@...emloft.net
Subject: Re: [PATCH RFC] ipv6: fix route selection if kernel is not compiled
 with CONFIG_IPV6_ROUTER_PREF

Le 12/07/2013 10:51, Hannes Frederic Sowa a écrit :
> Hello Nicolas,
>
> On Thu, Jul 11, 2013 at 04:57:42PM +0200, Nicolas Dichtel wrote:
>> Le 11/07/2013 16:46, Hannes Frederic Sowa a écrit :
>>> On Thu, Jul 11, 2013 at 12:24:41PM +0200, Hannes Frederic Sowa wrote:
>>>> I fear, I'll need to do a bit more research.
>>>
>>> My proposal is to take my patch and check for RTF_ADDRCONF plus
>>> RTF_DYNAMIC,
>>> too. The RTF_DYNAMIC check would prevent routes created from icmpv6
>>> redirects
>>> entering an ecmp route set.
>>>
>>> Do you agree?
>> Yes.
>
> There is still some window where things go wrong now, I fear. If we have ecmp
> routes active and we update the pmtu of that rt6_info, we might end up with a
> route in the ecmp set, which might not get recountet if another ecmp route
> joins the set. I will have to think how to deal with this. Do you have an
> idea?
It's possible to add a glue to check this counter when we play with these flags, 
but it's ugly.

Maybe the check against RTF_EXPIRES is fundamentally wrong. Checking 
RTF_ADDRCONF|RTF_DYNAMIC should be enough, what do you think?

In another hand, we can discuss about the initial assumption, that was "only 
static routes are part of ECMP routes". I'm thinking of what are the consequence 
if we accept to accept all routes, without checking any flags.


Regards,
Nicolas
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists