lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190627094327.GF2424@nanopsycho>
Date:   Thu, 27 Jun 2019 11:43:27 +0200
From:   Jiri Pirko <jiri@...nulli.us>
To:     netdev@...r.kernel.org
Cc:     davem@...emloft.net, jakub.kicinski@...ronome.com,
        sthemmin@...rosoft.com, dsahern@...il.com, mlxsw@...lanox.com
Subject: [RFC] longer netdev names proposal

Hi all.

In the past, there was repeatedly discussed the IFNAMSIZ (16) limit for
netdevice name length. Now when we have PF and VF representors
with port names like "pfXvfY", it became quite common to hit this limit:
0123456789012345
enp131s0f1npf0vf6
enp131s0f1npf0vf22

Since IFLA_NAME is just a string, I though it might be possible to use
it to carry longer names as it is. However, the userspace tools, like
iproute2, are doing checks before print out. So for example in output of
"ip addr" when IFLA_NAME is longer than IFNAMSIZE, the netdevice is
completely avoided.

So here is a proposal that might work:
1) Add a new attribute IFLA_NAME_EXT that could carry names longer than
   IFNAMSIZE, say 64 bytes. The max size should be only defined in kernel,
   user should be prepared for any string size.
2) Add a file in sysfs that would indicate that NAME_EXT is supported by
   the kernel.
3) Udev is going to look for the sysfs indication file. In case when
   kernel supports long names, it will do rename to longer name, setting
   IFLA_NAME_EXT. If not, it does what it does now - fail.
4) There are two cases that can happen during rename:
   A) The name is shorter than IFNAMSIZ
      -> both IFLA_NAME and IFLA_NAME_EXT would contain the same string:
         original IFLA_NAME     = eth0
         original IFLA_NAME_EXT = eth0
         renamed  IFLA_NAME     = enp5s0f1npf0vf1
         renamed  IFLA_NAME_EXT = enp5s0f1npf0vf1
   B) The name is longer tha IFNAMSIZ
      -> IFLA_NAME would contain the original one, IFLA_NAME_EXT would 
         contain the new one:
         original IFLA_NAME     = eth0
         original IFLA_NAME_EXT = eth0
         renamed  IFLA_NAME     = eth0
         renamed  IFLA_NAME_EXT = enp131s0f1npf0vf22

This would allow the old tools to work with "eth0" and the new
tools would work with "enp131s0f1npf0vf22". In sysfs, there would
be symlink from one name to another.
      
Also, there might be a warning added to kernel if someone works
with IFLA_NAME that the userspace tool should be upgraded.

Eventually, only IFLA_NAME_EXT is going to be used by everyone.

I'm aware there are other places where similar new attribute
would have to be introduced too (ip rule for example).
I'm not saying this is a simple work.

Question is what to do with the ioctl api (get ifindex etc). I would
probably leave it as is and push tools to use rtnetlink instead.

Any ideas why this would not work? Any ideas how to solve this
differently?

Thanks!

Jiri

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ