lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Feb 2022 11:01:34 +0800 From: Geliang Tang <geliang.tang@...e.com> To: Stephen Hemminger <stephen@...workplumber.org> Cc: David Ahern <dsahern@...nel.org>, netdev@...r.kernel.org, mptcp@...ts.linux.dev, Paolo Abeni <pabeni@...hat.com>, Mat Martineau <mathew.j.martineau@...ux.intel.com> Subject: Re: [PATCH iproute2-next] mptcp: add the fullmesh flag setting support On Fri, Feb 04, 2022 at 10:17:34AM -0800, Stephen Hemminger wrote: > On Fri, 4 Feb 2022 11:29:03 +0800 > Geliang Tang <geliang.tang@...e.com> wrote: > > > This patch added the fullmesh flag setting support, use it like this: > > > > ip mptcp endpoint change id 1 fullmesh > > ip mptcp endpoint change id 1 nofullmesh > > ip mptcp endpoint change id 1 backup fullmesh > > ip mptcp endpoint change id 1 nobackup nofullmesh > > > > Add the fullmesh flag check for the adding address, the fullmesh flag > > can't be used with the signal flag in that case. > > > > Update the port keyword check for the setting flags, allow to use the > > port keyword with the non-signal flags. Don't allow to use the port > > keyword with the id number. > > > > Update the usage of 'ip mptcp endpoint change', it can be used in two > > forms, using the address directly or the id number of the address: > > > > ip mptcp endpoint change id 1 fullmesh > > ip mptcp endpoint change 10.0.2.1 fullmesh > > ip mptcp endpoint change 10.0.2.1 port 10100 fullmesh > > > > Acked-by: Paolo Abeni <pabeni@...hat.com> > > Acked-by: Mat Martineau <mathew.j.martineau@...ux.intel.com> > > Signed-off-by: Geliang Tang <geliang.tang@...e.com> > > I don't see any parts in here to show the flag settings? > Hi Stephen, Thanks for your review. We use the 'ip mptcp endpoint change flags' command to set the flags of the given address. It's a little strange because we use 'set flags' in the kernel space (like MPTCP_PM_CMD_SET_FLAGS, mptcp_nl_cmd_set_flags), but 'change flags' in the user space. Before applying this patch, we can only set the backup flag: > sudo ip mptcp endpoint add 10.0.2.1 subflow > sudo ip mptcp endpoint show 10.0.2.1 id 1 subflow > sudo ip mptcp endpoint change id 1 backup > sudo ip mptcp endpoint show 10.0.2.1 id 1 subflow backup > sudo ip mptcp endpoint change id 1 nobackup > sudo ip mptcp endpoint show 10.0.2.1 id 1 subflow The commit 73c762c1f07d ("mptcp: set fullmesh flag in pm_netlink") is merged to net-next recently. It added the fullmesh flag setting in the kernel space. We need to let the fullmesh flag not be blocked in the user space. So this patch added this code: + /* allow changing the 'backup' and 'fullmesh' flags only */ if (cmd == MPTCP_PM_CMD_SET_FLAGS && - (flags & ~MPTCP_PM_ADDR_FLAG_BACKUP)) + (flags & ~(MPTCP_PM_ADDR_FLAG_BACKUP | + MPTCP_PM_ADDR_FLAG_FULLMESH))) invarg("invalid flags\n", *argv); Now we can set the fullmesh flag like this: > sudo ip mptcp endpoint flush > sudo ip mptcp endpoint add 10.0.2.1 subflow > sudo ip mptcp endpoint show 10.0.2.1 id 1 subflow > sudo ip mptcp endpoint change id 1 fullmesh > sudo ip mptcp endpoint show 10.0.2.1 id 1 subflow fullmesh > sudo ip mptcp endpoint change id 1 nofullmesh > sudo ip mptcp endpoint show 10.0.2.1 id 1 subflow This patch also added the related flags checks and updated the usage. Thanks, Geliang SUSE
Powered by blists - more mailing lists