lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <cover.1678448186.git.petrm@nvidia.com>
Date:   Fri, 10 Mar 2023 12:44:53 +0100
From:   Petr Machata <petrm@...dia.com>
To:     "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, <netdev@...r.kernel.org>
CC:     David Ahern <dsahern@...nel.org>, Shuah Khan <shuah@...nel.org>,
        "Ido Schimmel" <idosch@...dia.com>,
        Petr Machata <petrm@...dia.com>, <mlxsw@...dia.com>
Subject: [PATCH net-next 0/5] net: Extend address label support

IPv4 addresses can be tagged with label strings. Unlike IPv6 addrlabels,
which are used for prioritization of IPv6 addresses, these "ip address
labels" are simply tags that the userspace can assign to IP addresses
arbitrarily.

IPv4 has had support for these tags since before Linux was tracked in GIT.
However it has never been possible to change the label after it is once
defined. This limits usefulness of this feature. A userspace that wants to
change a label might drop and recreate the address, but that disrupts
routing and is just impractical.

IPv6 addresses lack support for address labels (in the sense of address
tags) altogether.

In this patchset, extend IPv4 to allow changing the label defined at an
address (in patch #1). Then, in patches #2 and #3, extend IPv6 with a suite
of address label operations fully analogous with those defined for IPv4.
Then in patches #4 and #5 add selftest coverage for the feature.

An example session with the feature in action:

	# ip address add dev d 2001:db8:1::1/64 label foo
	# ip address show dev d
	4: d: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc [...]
	    link/ether 06:29:74:fd:1f:eb brd ff:ff:ff:ff:ff:ff
	    inet6 2001:db8:1::1/64 scope global foo <--
	    valid_lft forever preferred_lft forever
	    inet6 fe80::429:74ff:fefd:1feb/64 scope link d
	    valid_lft forever preferred_lft forever

	# ip address replace dev d 2001:db8:1::1/64 label bar
	# ip address show dev d
	4: d: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc [...]
	    link/ether 06:29:74:fd:1f:eb brd ff:ff:ff:ff:ff:ff
	    inet6 2001:db8:1::1/64 scope global bar <--
	    valid_lft forever preferred_lft forever
	    inet6 fe80::429:74ff:fefd:1feb/64 scope link d
	    valid_lft forever preferred_lft forever

	# ip address del dev d 2001:db8:1::1/64 label foo
	RTNETLINK answers: Cannot assign requested address
	# ip address del dev d 2001:db8:1::1/64 label bar

Petr Machata (5):
  net: ipv4: Allow changing IPv4 labels
  net: ipv6: addrconf: Support IPv6 address labels
  net: ipv6: addrconf: Expose IPv6 address labels through netlink
  selftests: rtnetlink: Make the set of tests to run configurable
  selftests: rtnetlink: Add an address label test

 include/net/addrconf.h                   |   2 +
 include/net/if_inet6.h                   |   1 +
 net/ipv4/devinet.c                       |  10 +-
 net/ipv6/addrconf.c                      |  30 +++-
 tools/testing/selftests/net/rtnetlink.sh | 172 +++++++++++++++++------
 5 files changed, 169 insertions(+), 46 deletions(-)

-- 
2.39.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ