lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 16 Jan 2021 13:17:01 +0100
From:   Matteo Croce <mcroce@...ux.microsoft.com>
To:     David Ahern <dsahern@...il.com>
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        "David S. Miller" <davem@...emloft.net>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        Jakub Kicinski <kuba@...nel.org>
Subject: Re: [PATCH net 1/2] ipv6: create multicast route with RTPROT_KERNEL

On Sat, Jan 16, 2021 at 5:36 AM David Ahern <dsahern@...il.com> wrote:
>
> On 1/15/21 11:42 AM, Matteo Croce wrote:
> > From: Matteo Croce <mcroce@...rosoft.com>
> >
> > The ff00::/8 multicast route is created without specifying the fc_protocol
> > field, so the default RTPROT_BOOT value is used:
> >
> >   $ ip -6 -d route
> >   unicast ::1 dev lo proto kernel scope global metric 256 pref medium
> >   unicast fe80::/64 dev eth0 proto kernel scope global metric 256 pref medium
> >   unicast ff00::/8 dev eth0 proto boot scope global metric 256 pref medium
> >
> > As the documentation says, this value identifies routes installed during
> > boot, but the route is created when interface is set up.
> > Change the value to RTPROT_KERNEL which is a better value.
> >
> > Signed-off-by: Matteo Croce <mcroce@...rosoft.com>
> > ---
> >  net/ipv6/addrconf.c | 1 +
> >  1 file changed, 1 insertion(+)
> >
> > diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
> > index eff2cacd5209..19bf6822911c 100644
> > --- a/net/ipv6/addrconf.c
> > +++ b/net/ipv6/addrconf.c
> > @@ -2469,6 +2469,7 @@ static void addrconf_add_mroute(struct net_device *dev)
> >               .fc_flags = RTF_UP,
> >               .fc_type = RTN_UNICAST,
> >               .fc_nlinfo.nl_net = dev_net(dev),
> > +             .fc_protocol = RTPROT_KERNEL,
> >       };
> >
> >       ipv6_addr_set(&cfg.fc_dst, htonl(0xFF000000), 0, 0, 0);
> >
>
>
> What's the motivation for changing this? ie., what s/w cares that it is
> kernel vs boot?

A practical example: systemd-networkd explicitly ignores routes with
kernel flag[1]. Having a different flag leads the daemon to remove the
route sooner or later.

[1] https://github.com/systemd/systemd/blob/0b81225e5791f660506f7db0ab88078cf296b771/src/network/networkd-routing-policy-rule.c#L675-L677
-- 
per aspera ad upstream

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ