lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 8 Sep 2015 11:55:18 +0200
From:	Nicolas Dichtel <nicolas.dichtel@...nd.com>
To:	roopa <roopa@...ulusnetworks.com>, davem@...emloft.net
Cc:	mkubecek@...e.cz, Mazziesaccount@...il.com,
	hannes@...essinduktion.org, kuznet@....inr.ac.ru,
	jmorris@...ei.org, yoshfuji@...ux-ipv6.org, netdev@...r.kernel.org
Subject: Re: [PATCH net v3] ipv6: fix multipath route replace error recovery

Le 08/09/2015 02:42, roopa a écrit :
> On 9/6/15, 1:46 PM, Roopa Prabhu wrote:
>> From: Roopa Prabhu <roopa@...ulusnetworks.com>
>>
>> Problem:
>> The ecmp route replace support for ipv6 in the kernel, deletes the
>> existing ecmp route too early, ie when it installs the first nexthop.
>> If there is an error in installing the subsequent nexthops, its too late
>> to recover the already deleted existing route
>>
>> This patch fixes the problem with the following:
>> a) Changes the existing multipath route add code to a two stage process:
>>    build rt6_infos + insert them
>>     ip6_route_add rt6_info creation code is moved into
>>     ip6_route_info_create.
>> b) This ensures that all errors are caught during building rt6_infos
>>    and we fail early
>>
> The other way I have been thinking of solving the problem is to mark the sibling
> routes being replaced with some state
> ...so they can be restored on error. Still figuring out a way to do this in a
> clean and non-intrusive way.
If I'm not wrong, the only error which may result to an inconsistent list of
nexthops is ENOMEM (after your patch). I'm not sure it's worth to add too much
complexity to the code to handle this error.

> Or maybe  just save the sibling routes (rt6_infos) being replaced in a list and
> re-insert them on error.
Yes, but we can also fail to re-insert the route.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ