lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 2 Jul 2019 15:52:40 +0200
From:   Andrea Claudi <aclaudi@...hat.com>
To:     Ji Jianwen <jijianwen@...il.com>
Cc:     netdev@...r.kernel.org,
        Stephen Hemminger <stephen@...workplumber.org>,
        Mahesh Bandewar <maheshb@...gle.com>
Subject: Re: [iproute2] Can't create ip6 tunnel device

On Tue, Jul 2, 2019 at 3:11 PM Ji Jianwen <jijianwen@...il.com> wrote:
>
> It works for 'add', but not for 'del'.
> ip -6 tunnel del my_ip6ip6 mode ip6ip6 remote 2001:db8:ffff:100::2
> local 2001:db8:ffff:100::1 hoplimit 1 tclass 0x0 dev eno1
> delete tunnel "eno1" failed: Operation not supported
>

Thanks Jianwen, this is kinda expected, since I left out the
SIOCDELTUNNEL case in my code.

While this can be easily fixed, the intent of the offending patch is
not entirely clear to me.

>From the ip tunnel man page, I can read that with "dev NAME" we
instruct ip to bind the tunnel to the device NAME; so dev should not
be used to indicate the tunnel, as the offending commit does.
Moreover, man page states that "ip tunnel show" has no arguments. So,
either we update the man page fixing this obsolete statement, or the
"show dev NAME" case is not supported at all.
However, even if "show" command supports filter (as it seems to do),
in my opinion "dev NAME" should be used to filter tunnels based on the
device to which they are binded.

Mahesh, can you please clarify?

Regards,
Andrea

> On Tue, Jul 2, 2019 at 7:18 PM Andrea Claudi <aclaudi@...hat.com> wrote:
> >
> > On Tue, Jul 2, 2019 at 12:55 PM Andrea Claudi <aclaudi@...hat.com> wrote:
> > >
> > > On Tue, Jul 2, 2019 at 12:27 PM Ji Jianwen <jijianwen@...il.com> wrote:
> > > >
> > > > It seems this issue was introduced by commit below, I am able to run
> > > > the command successfully mentioned at previous mail without it.
> > > >
> > > > commit ba126dcad20e6d0e472586541d78bdd1ac4f1123 (HEAD)
> > > > Author: Mahesh Bandewar <maheshb@...gle.com>
> > > > Date:   Thu Jun 6 16:44:26 2019 -0700
> > > >
> > > >     ip6tunnel: fix 'ip -6 {show|change} dev <name>' cmds
> > > >
> > >
> > > From what I can see, before this commit we have in p->name the tunnel
> > > iface name (in Jianwen example, ip6tnl1), while after this p->name
> > > contains the iface name specified after "dev".
> > > Probably the strlcpy() should be limited to the {show|change} cases?
> > >
> > > Regards,
> > > Andrea
> > >
> > > > On Tue, Jul 2, 2019 at 2:53 PM Ji Jianwen <jijianwen@...il.com> wrote:
> > > > >
> > > > > Hello  there,
> > > > >
> > > > > I got error when creating ip6 tunnel device on a rhel-8.0.0 system.
> > > > >
> > > > > Here are the steps to reproduce the issue.
> > > > > # # uname -r
> > > > > 4.18.0-80.el8.x86_64
> > > > > # dnf install -y libcap-devel bison flex git gcc
> > > > > # git clone git://git.kernel.org/pub/scm/network/iproute2/iproute2.git
> > > > > # cd iproute2  &&  git log --pretty=oneline --abbrev-commit
> > > > > d0272f54 (HEAD -> master, origin/master, origin/HEAD) devlink: fix
> > > > > libc and kernel headers collision
> > > > > ee09370a devlink: fix format string warning for 32bit targets
> > > > > 68c46872 ip address: do not set mngtmpaddr option for IPv4 addresses
> > > > > e4448b6c ip address: do not set home option for IPv4 addresses
> > > > > ....
> > > > >
> > > > > # ./configure && make && make install
> > > > > # ip -6 tunnel add ip6tnl1 mode ip6ip6 remote 2001:db8:ffff:100::2
> > > > > local 2001:db8:ffff:100::1 hoplimit 1 tclass 0x0 dev eno1   --->
> > > > > please replace eno1 with the network card name of your system
> > > > > add tunnel "ip6tnl0" failed: File exists
> > > > >
> > > > > Please help take a look. Thanks!
> > > > >
> > > > > Br,
> > > > > Jianwen
> >
> > Jianwen, can you please check if this patch solves your issue?
> >
> > --- a/ip/ip6tunnel.c
> > +++ b/ip/ip6tunnel.c
> > @@ -298,7 +298,7 @@ static int parse_args(int argc, char **argv, int
> > cmd, struct ip6_tnl_parm2 *p)
> >                 p->link = ll_name_to_index(medium);
> >                 if (!p->link)
> >                         return nodev(medium);
> > -               else
> > +               else if (cmd != SIOCADDTUNNEL)
> >                         strlcpy(p->name, medium, sizeof(p->name));
> >         }
> >         return 0;
> >
> > Thanks in advance!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ