lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <573F091E.9050205@nokia.com>
Date:	Fri, 20 May 2016 14:54:54 +0200
From:	Mateusz Bajorski <mateusz.bajorski@...ia.com>
To:	<netdev@...r.kernel.org>
Subject: ip rule duplicates

Hi,

When we add the same rule again with flag NLM_F_EXCL we expect that we 
receive error:
RTNETLINK answers: File exists
This behaviour is already in ip routing part.

I have noticed that iproute2 when adds new rule it attach flag 
NLM_F_EXCL to call.
(see 
http://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/tree/ip/iprule.c#n334)

Next thing what I found is that this flag is not handled from kernel side.

I implemented this feature and I tested this with qemu x86 on:
linux-4.5.4
linux (git)
linux-stable (git)
Tested with ipv4 and ipv6.

current behaviour with ipv4:
localhost ~ # ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
localhost ~ # ip rule add from 10.46.177.97 lookup 104 pref 1005
localhost ~ # ip rule add from 10.46.177.97 lookup 104 pref 1005
localhost ~ # ip rule
0: from all lookup local
1005: from 10.46.177.97 lookup 104
1005: from 10.46.177.97 lookup 104
32766: from all lookup main
32767: from all lookup default

expected behavior after patch:
localhost ~ # ip rule
0:    from all lookup local
32766:    from all lookup main
32767:    from all lookup default
localhost ~ # ip rule add from 10.46.177.97 lookup 104 pref 1005
localhost ~ # ip rule add from 10.46.177.97 lookup 104 pref 1005
RTNETLINK answers: File exists
localhost ~ # ip rule
0:    from all lookup local
1005:    from 10.46.177.97 lookup 104
32766:    from all lookup main
32767:    from all lookup default


There was already topic regarding this but I don't see any changes 
merged and problem still occurs.
(see http://marc.info/?l=linux-netdev&m=113577886110391&w=2)

-- 

Best regards,

Mateusz Bajorski

View attachment "0001-Added-NLM_F_EXCL-support-to-fib_nl_newrule.patch" of type "text/x-patch" (1689 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ