lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 6 Feb 2017 14:01:07 -0800
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     David Ahern <dsa@...ulusnetworks.com>
Cc:     netdev@...r.kernel.org
Subject: Re: [PATCH iproute2] ip route: Make name of protocol 0 consistent

On Thu,  2 Feb 2017 09:22:06 -0800
David Ahern <dsa@...ulusnetworks.com> wrote:

> iproute2 can inconsistently show the name of protocol 0 if a route with
> a custom protocol is added. For example:
>   dsa@...tman:~$ ip -6 ro ls table all | egrep 'proto none|proto unspec'
>   local ::1 dev lo  table local  proto none  metric 0  pref medium
>   local fe80::225:90ff:fecb:1c18 dev lo  table local  proto none  metric 0  pref medium
>   local fe80::92e2:baff:fe5c:da5d dev lo  table local  proto none  metric 0  pref medium
> 
> protocol 0 is pretty printed as "none". Add a route with a custom protocol:
>   dsa@...tman:~$ sudo ip -6 ro add  2001:db8:200::1/128 dev eth0 proto 123
> 
> And now display has switched from "none" to "unspec":
>   dsa@...tman:~$ ip -6 ro ls table all | egrep 'proto none|proto unspec'
>   local ::1 dev lo  table local  proto unspec  metric 0  pref medium
>   local fe80::225:90ff:fecb:1c18 dev lo  table local  proto unspec  metric 0  pref medium
>   local fe80::92e2:baff:fe5c:da5d dev lo  table local  proto unspec  metric 0  pref medium
> 
> The rt_protos file has the id to name mapping as "unspec" while
> rtnl_rtprot_tab[0] has "none". The presence of a custom protocol id
> triggers reading the rt_protos file and overwriting the string in
> rtnl_rtprot_tab. All of this is logic from 2004 and earlier.
> 
> The simplest change to achieve consistency is to update the rt_protos
> file to use "none" instead of "unspec".
> 
> Signed-off-by: David Ahern <dsa@...ulusnetworks.com>
> ---
>  etc/iproute2/rt_protos | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/etc/iproute2/rt_protos b/etc/iproute2/rt_protos
> index 82cf9c46cf6f..21af85b9d7e1 100644
> --- a/etc/iproute2/rt_protos
> +++ b/etc/iproute2/rt_protos
> @@ -1,7 +1,7 @@
>  #
>  # Reserved protocols.
>  #
> -0	unspec
> +0	none
>  1	redirect
>  2	kernel
>  3	boot

This doesn't look like a good solution, you loose the value of unspec.

Just to clarify. You added a custom protocol value to netlink.
And then you are using upstream iproute2 source to display the value.

The correct behavior in that case would be for upstream ip route show command to display
a numeric value (rather than a symbolic name).

But if you are shipping your own version of iproute then add an additional entry
to rt_protos with your new name, and for sanity update the local copy of rtnetlink.h

Of course, submitting your custom protocol upstream is the best long term solution.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ