lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140310005220.GD5493@order.stressinduktion.org>
Date:	Mon, 10 Mar 2014 01:52:20 +0100
From:	Hannes Frederic Sowa <hannes@...essinduktion.org>
To:	David Miller <davem@...emloft.net>
Cc:	mkubecek@...e.cz, netdev@...r.kernel.org, kuznet@....inr.ac.ru,
	jmorris@...ei.org, yoshfuji@...ux-ipv6.org, kaber@...sh.net
Subject: Re: [PATCH net] ipv6: do not overwrite inetpeer metrics prematurely

On Sun, Mar 09, 2014 at 08:26:58PM -0400, David Miller wrote:
> In fact, thinking about this some more, it's almost silly to allocate
> this temporary array at all.
> 
> A different, potentially much cleaner approach, would be to pass the
> cfg->fc_mx down into the __ip6_ins_rt() code path.

Maybe some people call this a layering violation, but I like the idea! :)

> Then there is _no_ ambiguity.  These are metrics from a netlink
> request and we must write them into the final route which we end
> up with.

Exactly, we can be sure that we don't accidentally always lookup
the inetpeer if we try to reinsert a cloned route where !(rt->rt6i_flags &
(RTF_NONEXTHOP | RTF_GATEWAY)) validates to true and DST_HOST is set.

This addresses the feedback from my other mail because I think if
we insert interface routes (ip r a 2000::/xx dev foo) we don't set
RTF_NONEXTHOP. (Maybe we should change that in rtm_to_fib6_config.)

> This makes it's way down into fib6_add_rt2node(), and right before the
> insertion we make the metrics writable, clear them, and copy in the
> explicit values provided from the netlink message.
> 
> All of these operations can error, and that's fine, the call chain
> can handle errors signalled from here already.
> 
> Michal, Hannes, what do you think?

So we need to change __ip6_ins_rt to take fib6_config as the second
argument instead, still have the info pointer in fc_nlinfo and only have
to wrap the info pointer in ip6_ins_rt into another structure. fib6_add
seems to be straightforward from there.

Sounds good to me!

Thanks,

  Hannes

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ