lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20221025202026.68d92100@hermes.local>
Date:   Tue, 25 Oct 2022 20:20:26 -0700
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     Benjamin Poirier <bpoirier@...dia.com>
Cc:     netdev@...r.kernel.org, David Ahern <dsahern@...nel.org>,
        Ido Schimmel <idosch@...dia.com>
Subject: Re: [PATCH iproute2] ip-monitor: Do not error out when
 RTNLGRP_STATS is not available

On Wed, 26 Oct 2022 07:29:09 +0900
Benjamin Poirier <bpoirier@...dia.com> wrote:

> Following commit 4e8a9914c4d4 ("ip-monitor: Include stats events in default
> and "all" cases"), `ip monitor` fails to start on kernels which do not
> contain linux.git commit 5fd0b838efac ("net: rtnetlink: Add UAPI toggle for
> IFLA_OFFLOAD_XSTATS_L3_STATS") because the netlink group RTNLGRP_STATS
> doesn't exist:
> 
>  $ ip monitor
>  Failed to add stats group to list
> 
> When "stats" is not explicitly requested, change the error to a warning so
> that `ip monitor` and `ip monitor all` continue to work on older kernels.
> 
> Note that the same change is not done for RTNLGRP_NEXTHOP because its value
> is 32 and group numbers <= 32 are always supported; see the comment above
> netlink_change_ngroups() in the kernel source. Therefore
> NETLINK_ADD_MEMBERSHIP 32 does not error out even on kernels which do not
> support RTNLGRP_NEXTHOP.
> 
> Reported-by: Stephen Hemminger <stephen@...workplumber.org>
> Fixes: 4e8a9914c4d4 ("ip-monitor: Include stats events in default and "all" cases")
> Signed-off-by: Benjamin Poirier <bpoirier@...dia.com>

There are two acceptable solutions:
1. Ignore the error, and never print any warning.
2. Don't ask for the stats feature with the default "ip monitor" and "ip monitor all"

Either way, it needs to be totally silent when built and run on older kernels.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ