lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sat, 15 Jun 2019 11:04:30 -0400
From:   Doug Ledford <dledford@...hat.com>
To:     Denis Kirjanov <kirjanov@...il.com>
Cc:     Denis Kirjanov <kda@...ux-powerpc.org>, davem@...emloft.net,
        netdev@...r.kernel.org, linux-rdma@...r.kernel.org,
        mkubecek@...e.cz
Subject: Re: [PATCH 2/2] ipoib: show VF broadcast address

On Sat, 2019-06-15 at 11:49 +0300, Denis Kirjanov wrote:
> On 6/14/19, Doug Ledford <dledford@...hat.com> wrote:
> > On Fri, 2019-06-14 at 15:32 +0200, Denis Kirjanov wrote:
> > > in IPoIB case we can't see a VF broadcast address for but
> > > can see for PF
> > > 
> > > Before:
> > > 11: ib1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2044 qdisc
> > > pfifo_fast
> > > state UP mode DEFAULT group default qlen 256
> > >     link/infiniband
> > > 80:00:00:66:fe:80:00:00:00:00:00:00:24:8a:07:03:00:a4:3e:7c brd
> > > 00:ff:ff:ff:ff:12:40:1b:ff:ff:00:00:00:00:00:00:ff:ff:ff:ff
> > >     vf 0 MAC 14:80:00:00:66:fe, spoof checking off, link-state
> > > disable,
> > > trust off, query_rss off
> > > ...
> > 
> > The above Before: output should be used as the After: portion of
> > the
> > previous commit message.  The previos commit does not fully resolve
> > the
> > problem, but yet the commit message acts as though it does.
> > 
> > > After:
> > > 11: ib1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2044 qdisc
> > > pfifo_fast
> > > state UP mode DEFAULT group default qlen 256
> > >     link/infiniband
> > > 80:00:00:66:fe:80:00:00:00:00:00:00:24:8a:07:03:00:a4:3e:7c brd
> > > 00:ff:ff:ff:ff:12:40:1b:ff:ff:00:00:00:00:00:00:ff:ff:ff:ff
> > >     vf 0     link/infiniband
> > > 80:00:00:66:fe:80:00:00:00:00:00:00:24:8a:07:03:00:a4:3e:7c brd
> > > 00:ff:ff:ff:ff:12:40:1b:ff:ff:00:00:00:00:00:00:ff:ff:ff:ff,
> > > spoof
> > > checking off, link-state disable, trust off, query_rss off
> > 
> > Ok, I get why the After: should have a valid broadcast.  What I
> > don't
> > get is why the Before: shows a MAC and the After: shows a
> > link/infiniband?  What change in this patch is responsible for that
> > difference?  I honestly expect, by reading this patch, that you
> > would
> > have a MAC and Broadcast that look like Ethernet, not that the full
> > issue would be resolved.
> 
> Hi Doug,
> it's the patch for iproute2 that I'm going to send

Ahh, ok, then please mention that in the commit message or else the
commit message and the patch won't quite make sense together.  Maybe do
a before: and after: without the iproute2 patch, then a after-with-
userspace-fix: that is the final result and mention the fix to iproute2
to print out the right link layer and size of address/broadcast.

> > > v1->v2: add the IFLA_VF_BROADCAST constant
> > > v2->v3: put IFLA_VF_BROADCAST at the end
> > > to avoid KABI breakage and set NLA_REJECT
> > > dev_setlink
> > > 
> > > Signed-off-by: Denis Kirjanov <kda@...ux-powerpc.org>
> > > ---
> > >  include/uapi/linux/if_link.h | 5 +++++
> > >  net/core/rtnetlink.c         | 5 +++++
> > >  2 files changed, 10 insertions(+)
> > > 
> > > diff --git a/include/uapi/linux/if_link.h
> > > b/include/uapi/linux/if_link.h
> > > index 5b225ff63b48..6f75bda2c2d7 100644
> > > --- a/include/uapi/linux/if_link.h
> > > +++ b/include/uapi/linux/if_link.h
> > > @@ -694,6 +694,7 @@ enum {
> > >  	IFLA_VF_IB_NODE_GUID,	/* VF Infiniband node GUID */
> > >  	IFLA_VF_IB_PORT_GUID,	/* VF Infiniband port GUID */
> > >  	IFLA_VF_VLAN_LIST,	/* nested list of vlans, option for
> > > QinQ */
> > > +	IFLA_VF_BROADCAST,	/* VF broadcast */
> > >  	__IFLA_VF_MAX,
> > >  };
> > > 
> > > @@ -704,6 +705,10 @@ struct ifla_vf_mac {
> > >  	__u8 mac[32]; /* MAX_ADDR_LEN */
> > >  };
> > > 
> > > +struct ifla_vf_broadcast {
> > > +	__u8 broadcast[32];
> > > +};
> > > +
> > >  struct ifla_vf_vlan {
> > >  	__u32 vf;
> > >  	__u32 vlan; /* 0 - 4095, 0 disables VLAN filter */
> > > diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> > > index cec60583931f..8ac81630ab5c 100644
> > > --- a/net/core/rtnetlink.c
> > > +++ b/net/core/rtnetlink.c
> > > @@ -908,6 +908,7 @@ static inline int rtnl_vfinfo_size(const
> > > struct
> > > net_device *dev,
> > >  		size += num_vfs *
> > >  			(nla_total_size(0) +
> > >  			 nla_total_size(sizeof(struct ifla_vf_mac)) +
> > > +			 nla_total_size(sizeof(struct
> > > ifla_vf_broadcast)) +
> > >  			 nla_total_size(sizeof(struct ifla_vf_vlan)) +
> > >  			 nla_total_size(0) + /* nest IFLA_VF_VLAN_LIST
> > > */
> > >  			 nla_total_size(MAX_VLAN_LIST_LEN *
> > > @@ -1197,6 +1198,7 @@ static noinline_for_stack int
> > > rtnl_fill_vfinfo(struct sk_buff *skb,
> > >  	struct ifla_vf_vlan vf_vlan;
> > >  	struct ifla_vf_rate vf_rate;
> > >  	struct ifla_vf_mac vf_mac;
> > > +	struct ifla_vf_broadcast vf_broadcast;
> > >  	struct ifla_vf_info ivi;
> > > 
> > >  	memset(&ivi, 0, sizeof(ivi));
> > > @@ -1231,6 +1233,7 @@ static noinline_for_stack int
> > > rtnl_fill_vfinfo(struct sk_buff *skb,
> > >  		vf_trust.vf = ivi.vf;
> > > 
> > >  	memcpy(vf_mac.mac, ivi.mac, sizeof(ivi.mac));
> > > +	memcpy(vf_broadcast.broadcast, dev->broadcast, dev->addr_len);
> > >  	vf_vlan.vlan = ivi.vlan;
> > >  	vf_vlan.qos = ivi.qos;
> > >  	vf_vlan_info.vlan = ivi.vlan;
> > > @@ -1247,6 +1250,7 @@ static noinline_for_stack int
> > > rtnl_fill_vfinfo(struct sk_buff *skb,
> > >  	if (!vf)
> > >  		goto nla_put_vfinfo_failure;
> > >  	if (nla_put(skb, IFLA_VF_MAC, sizeof(vf_mac), &vf_mac) ||
> > > +	    nla_put(skb, IFLA_VF_BROADCAST, sizeof(vf_broadcast),
> > > &vf_broadcast) ||
> > >  	    nla_put(skb, IFLA_VF_VLAN, sizeof(vf_vlan), &vf_vlan) ||
> > >  	    nla_put(skb, IFLA_VF_RATE, sizeof(vf_rate),
> > >  		    &vf_rate) ||
> > > @@ -1753,6 +1757,7 @@ static const struct nla_policy
> > > ifla_info_policy[IFLA_INFO_MAX+1] = {
> > > 
> > >  static const struct nla_policy ifla_vf_policy[IFLA_VF_MAX+1] = {
> > >  	[IFLA_VF_MAC]		= { .len = sizeof(struct ifla_vf_mac)
> > > },
> > > +	[IFLA_VF_BROADCAST]	= { .type = NLA_REJECT },
> > >  	[IFLA_VF_VLAN]		= { .len = sizeof(struct
> > > ifla_vf_vlan) },
> > >  	[IFLA_VF_VLAN_LIST]     = { .type = NLA_NESTED },
> > >  	[IFLA_VF_TX_RATE]	= { .len = sizeof(struct ifla_vf_tx_rate)
> > > },
> > 
> > --
> > Doug Ledford <dledford@...hat.com>
> >     GPG KeyID: B826A3330E572FDD
> >     Key fingerprint = AE6B 1BDA 122B 23B4 265B  1274 B826 A333 0E57
> > 2FDD
> > 
> 
> 

-- 
Doug Ledford <dledford@...hat.com>
    GPG KeyID: B826A3330E572FDD
    Key fingerprint = AE6B 1BDA 122B 23B4 265B  1274 B826 A333 0E57
2FDD

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ