lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20170622.111642.1304217851524877946.davem@davemloft.net>
Date:   Thu, 22 Jun 2017 11:16:42 -0400 (EDT)
From:   David Miller <davem@...emloft.net>
To:     serhe.popovych@...il.com
Cc:     netdev@...r.kernel.org
Subject: Re: veth: Be more robust on network device creation when no
 attributes

From: Serhey Popovych <serhe.popovych@...il.com>
Date: Wed, 21 Jun 2017 12:12:24 +0300

> There are number of problems with configuration peer
> network device in absence of IFLA_VETH_PEER attributes
> where attributes for main network device shared with
> peer.
> 
> First it is not feasible to configure both network
> devices with same MAC address since this makes
> communication in such configuration problematic.
> 
> This case can be reproduced with following sequence:
> 
>   # ip link add address 02:11:22:33:44:55 type veth
>   # ip li sh
>   ...
>   26: veth0@...h1: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc \
>   noop state DOWN mode DEFAULT qlen 1000
>       link/ether 00:11:22:33:44:55 brd ff:ff:ff:ff:ff:ff
>   27: veth1@...h0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc \
>   noop state DOWN mode DEFAULT qlen 1000
>       link/ether 00:11:22:33:44:55 brd ff:ff:ff:ff:ff:ff
> 
> Second it is not possible to register both main and
> peer network devices with same name, that happens
> when name for main interface is given with IFLA_IFNAME
> and same attribute reused for peer.
> 
> This case can be reproduced with following sequence:
> 
>   # ip link add dev veth1a type veth
>   RTNETLINK answers: File exists
> 
> To fix both of the cases check if corresponding netlink
> attributes are taken from peer_tb when valid or
> name based on rtnl ops kind and random address is used.
> 
> Signed-off-by: Serhey Popovych <serhe.popovych@...il.com>

Applied.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ