lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 15 Jun 2019 03:33:50 +0200
From:   Stefano Brivio <sbrivio@...hat.com>
To:     Stephen Hemminger <stephen@...workplumber.org>,
        David Ahern <dsahern@...il.com>
Cc:     David Miller <davem@...emloft.net>, Jianlin Shi <jishi@...hat.com>,
        Wei Wang <weiwan@...gle.com>, Martin KaFai Lau <kafai@...com>,
        Eric Dumazet <edumazet@...gle.com>,
        Matti Vaittinen <matti.vaittinen@...rohmeurope.com>,
        netdev@...r.kernel.org
Subject: [PATCH iproute2] iproute: Pass RTM_F_CLONED on dump to fetch cached routes to be flushed

With a current (5.1) kernel version, IPv6 exception routes can't be listed
(ip -6 route list cache) or flushed (ip -6 route flush cache). I'm
re-introducing kernel support for this, but, to allow the kernel to filter
routes based on the RTM_F_CLONED flag, we need to make sure this flag is
always passed when we want cached routes to be dumped.

Right now, this is only the case for listing operation. When flushing,
IPv6 routes are first dumped, and then deleted one by one, but the
RTM_F_CLONED flag is not passed depending on the filter during the
dump, so we don't get the routes that we need to flush if requested with
the 'cache' parameter.

Define a filter that is passed to rtnl_routedump_req() on flush and sets
RTM_F_CLONED in rtm_flags on the dump to get routes to be flushed, if
we're dealing with cached routes.

Fixes: aba5acdfdb34 ("(Logical change 1.3)")
Signed-off-by: Stefano Brivio <sbrivio@...hat.com>
---
 ip/iproute.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/ip/iproute.c b/ip/iproute.c
index 2b3dcc5dbd53..192442b42062 100644
--- a/ip/iproute.c
+++ b/ip/iproute.c
@@ -1602,6 +1602,16 @@ static int save_route_prep(void)
 	return 0;
 }
 
+static int iproute_flush_flags(struct nlmsghdr *nlh, int reqlen)
+{
+	struct rtmsg *rtm = NLMSG_DATA(nlh);
+
+	if (filter.cloned)
+		rtm->rtm_flags |= RTM_F_CLONED;
+
+	return 0;
+}
+
 static int iproute_flush(int family, rtnl_filter_t filter_fn)
 {
 	time_t start = time(0);
@@ -1624,7 +1634,7 @@ static int iproute_flush(int family, rtnl_filter_t filter_fn)
 	filter.flushe = sizeof(flushb);
 
 	for (;;) {
-		if (rtnl_routedump_req(&rth, family, NULL) < 0) {
+		if (rtnl_routedump_req(&rth, family, iproute_flush_flags) < 0) {
 			perror("Cannot send dump request");
 			return -2;
 		}
-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ