| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220207030134.GA5614@dhcp-10-157-36-190>
Date: Mon, 7 Feb 2022 11:01:34 +0800
From: Geliang Tang <geliang.tang@...e.com>
To: Stephen Hemminger <stephen@...workplumber.org>
Cc: David Ahern <dsahern@...nel.org>, netdev@...r.kernel.org,
mptcp@...ts.linux.dev, Paolo Abeni <pabeni@...hat.com>,
Mat Martineau <mathew.j.martineau@...ux.intel.com>
Subject: Re: [PATCH iproute2-next] mptcp: add the fullmesh flag setting
support
On Fri, Feb 04, 2022 at 10:17:34AM -0800, Stephen Hemminger wrote:
> On Fri, 4 Feb 2022 11:29:03 +0800
> Geliang Tang <geliang.tang@...e.com> wrote:
>
> > This patch added the fullmesh flag setting support, use it like this:
> >
> > ip mptcp endpoint change id 1 fullmesh
> > ip mptcp endpoint change id 1 nofullmesh
> > ip mptcp endpoint change id 1 backup fullmesh
> > ip mptcp endpoint change id 1 nobackup nofullmesh
> >
> > Add the fullmesh flag check for the adding address, the fullmesh flag
> > can't be used with the signal flag in that case.
> >
> > Update the port keyword check for the setting flags, allow to use the
> > port keyword with the non-signal flags. Don't allow to use the port
> > keyword with the id number.
> >
> > Update the usage of 'ip mptcp endpoint change', it can be used in two
> > forms, using the address directly or the id number of the address:
> >
> > ip mptcp endpoint change id 1 fullmesh
> > ip mptcp endpoint change 10.0.2.1 fullmesh
> > ip mptcp endpoint change 10.0.2.1 port 10100 fullmesh
> >
> > Acked-by: Paolo Abeni <pabeni@...hat.com>
> > Acked-by: Mat Martineau <mathew.j.martineau@...ux.intel.com>
> > Signed-off-by: Geliang Tang <geliang.tang@...e.com>
>
> I don't see any parts in here to show the flag settings?
>
Hi Stephen,
Thanks for your review.
We use the 'ip mptcp endpoint change flags' command to set the flags of the
given address. It's a little strange because we use 'set flags' in the
kernel space (like MPTCP_PM_CMD_SET_FLAGS, mptcp_nl_cmd_set_flags), but
'change flags' in the user space.
Before applying this patch, we can only set the backup flag:
> sudo ip mptcp endpoint add 10.0.2.1 subflow
> sudo ip mptcp endpoint show
10.0.2.1 id 1 subflow
> sudo ip mptcp endpoint change id 1 backup
> sudo ip mptcp endpoint show
10.0.2.1 id 1 subflow backup
> sudo ip mptcp endpoint change id 1 nobackup
> sudo ip mptcp endpoint show
10.0.2.1 id 1 subflow
The commit 73c762c1f07d ("mptcp: set fullmesh flag in pm_netlink") is
merged to net-next recently. It added the fullmesh flag setting in the
kernel space.
We need to let the fullmesh flag not be blocked in the user space. So this
patch added this code:
+ /* allow changing the 'backup' and 'fullmesh' flags only */
if (cmd == MPTCP_PM_CMD_SET_FLAGS &&
- (flags & ~MPTCP_PM_ADDR_FLAG_BACKUP))
+ (flags & ~(MPTCP_PM_ADDR_FLAG_BACKUP |
+ MPTCP_PM_ADDR_FLAG_FULLMESH)))
invarg("invalid flags\n", *argv);
Now we can set the fullmesh flag like this:
> sudo ip mptcp endpoint flush
> sudo ip mptcp endpoint add 10.0.2.1 subflow
> sudo ip mptcp endpoint show
10.0.2.1 id 1 subflow
> sudo ip mptcp endpoint change id 1 fullmesh
> sudo ip mptcp endpoint show
10.0.2.1 id 1 subflow fullmesh
> sudo ip mptcp endpoint change id 1 nofullmesh
> sudo ip mptcp endpoint show
10.0.2.1 id 1 subflow
This patch also added the related flags checks and updated the usage.
Thanks,
Geliang
SUSE
Powered by blists - more mailing lists