| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210609165949.5806f75d@hermes.local>
Date: Wed, 9 Jun 2021 16:59:49 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: Guillaume Nault <gnault@...hat.com>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH iproute2] utils: bump max args number to 256 for batch
files
On Tue, 1 Jun 2021 19:09:31 +0200
Guillaume Nault <gnault@...hat.com> wrote:
> Large tc filters can have many arguments. For example the following
> filter matches the first 7 MPLS LSEs, pops all of them, then updates
> the Ethernet header and redirects the resulting packet to eth1.
>
> filter add dev eth0 ingress handle 44 priority 100 \
> protocol mpls_uc flower mpls \
> lse depth 1 label 1040076 tc 4 bos 0 ttl 175 \
> lse depth 2 label 89648 tc 2 bos 0 ttl 9 \
> lse depth 3 label 63417 tc 5 bos 0 ttl 185 \
> lse depth 4 label 593135 tc 5 bos 0 ttl 67 \
> lse depth 5 label 857021 tc 0 bos 0 ttl 181 \
> lse depth 6 label 239239 tc 1 bos 0 ttl 254 \
> lse depth 7 label 30 tc 7 bos 1 ttl 237 \
> action mpls pop protocol mpls_uc pipe \
> action mpls pop protocol mpls_uc pipe \
> action mpls pop protocol mpls_uc pipe \
> action mpls pop protocol mpls_uc pipe \
> action mpls pop protocol mpls_uc pipe \
> action mpls pop protocol mpls_uc pipe \
> action mpls pop protocol ipv6 pipe \
> action vlan pop_eth pipe \
> action vlan push_eth \
> dst_mac 00:00:5e:00:53:7e \
> src_mac 00:00:5e:00:53:03 pipe \
> action mirred egress redirect dev eth1
>
> This filter has 149 arguments, so it can't be used with tc -batch
> which is limited to a 100.
>
> Let's bump the limit to the next power of 2. That should leave a lot of
> room for big batch commands.
>
> Signed-off-by: Guillaume Nault <gnault@...hat.com>
Good idea, but we should probably go further up to 512.
Also, rather than keeping magic constant. Why not add value to
utils.h.
I considered using sysconf(_SC_ARG_MAX) gut that is huge on modern
machines (2M). And we don't need to allocate for all possible args.
diff --git a/include/utils.h b/include/utils.h
index 187444d52b41..6c4c403fe6c2 100644
--- a/include/utils.h
+++ b/include/utils.h
@@ -50,6 +50,9 @@ void incomplete_command(void) __attribute__((noreturn));
#define NEXT_ARG_FWD() do { argv++; argc--; } while(0)
#define PREV_ARG() do { argv--; argc++; } while(0)
+/* upper limit for batch mode */
+#define MAX_ARGS 512
+
#define TIME_UNITS_PER_SEC 1000000
#define NSEC_PER_USEC 1000
#define NSEC_PER_MSEC 1000000
diff --git a/lib/utils.c b/lib/utils.c
index 93ae0c55063a..0559923beced 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -1714,10 +1714,10 @@ int do_batch(const char *name, bool force,
cmdlineno = 0;
while (getcmdline(&line, &len, stdin) != -1) {
- char *largv[100];
+ char *largv[MAX_ARGS];
int largc;
- largc = makeargs(line, largv, 100);
+ largc = makeargs(line, largv, MAX_ARGS);
if (!largc)
continue; /* blank line */
Powered by blists - more mailing lists