lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 18 Oct 2017 12:45:55 +0100 (WEST)
From:   David Miller <davem@...emloft.net>
To:     dsahern@...il.com
Cc:     netdev@...r.kernel.org, jiri@...lanox.com, idosch@...lanox.com,
        kjlx@...pleofstupid.com, yoshfuji@...ux-ipv6.org
Subject: Re: [PATCH v2 net-next 0/5] mlxsw: spectrum_router: Add extack
 messages for RIF and VRF overflow

From: David Ahern <dsahern@...il.com>
Date: Mon, 16 Oct 2017 09:36:49 -0700

> Currently, exceeding the number of VRF instances or the number of router
> interfaces either fails with a non-intuitive EBUSY:
>     $ ip li set swp1s1.6 vrf vrf-1s1-6 up
>     RTNETLINK answers: Device or resource busy
> 
> or fails silently (IPv6) since the checks are done in a work queue. This
> set adds support for the address validator notifier to spectrum which
> allows ext-ack based messages to be returned on failure.
> 
> To make that happen the IPv6 version needs to be converted from atomic
> to blocking (patch 2), and then support for extack needs to be added
> to the notifier (patch 3). Patch 1 reworks the locking in ipv6_add_addr
> to work better in the atomic and non-atomic code paths. Patches 4 and 5
> add the validator notifier to spectrum and then plumb the extack argument
> through spectrum_router.
> 
> With this set, VRF overflows fail with:
>    $ ip li set swp1s1.6 vrf vrf-1s1-6 up
>    Error: spectrum: Exceeded number of supported VRF.
> 
> and RIF overflows fail with:
>    $ ip addr add dev swp1s2.191 10.12.191.1/24
>    Error: spectrum: Exceeded number of supported router interfaces.
> 
> v1 -> v2
> - fix error path in ipv6_add_addr: reset rt to NULL (Ido comment) and
>   add in6_dev_put on ifa once the hold has been done
> 
> RFC -> v1
> - addressed various comments from Ido
> - refactored ipv6_add_addr to allow ifa's to be allocated with
>   GFP_KERNEL as requested by DaveM

This doesn't apply cleanly to net-next, specifically the mlxsw driver
changes.

Please respin, thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ