lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240124153456.117048-2-victor@mojatatu.com>
Date: Wed, 24 Jan 2024 12:34:55 -0300
From: Victor Nogueira <victor@...atatu.com>
To: stephen@...workplumber.org,
	dsahern@...nel.org,
	netdev@...r.kernel.org
Cc: liuhangbin@...il.com,
	jhs@...atatu.com,
	kernel@...atatu.com
Subject: [PATCH iproute2-next 1/2] tc: add NLM_F_ECHO support for actions

This patch adds the -echo flag to tc command line and support for it in
tc actions. If the user specifies this flag for an action command, the
kernel will return the command's result back to user space.
For example:

  tc -echo actions add action mirred egress mirror dev lo

  total acts 0
  Added action
        action order 1: mirred (Egress Mirror to device lo) pipe
        index 10 ref 1 bind 0
        not_in_hw

As illustrated above, the kernel will give us an index of 10

The same can be done for other action commands (replace, change, and
delete). For example:

  tc -echo actions delete action mirred index 10

  total acts 0
  Deleted action
        action order 1: mirred (Egress Mirror to device lo) pipe
        index 10 ref 0 bind 0
        not_in_hw

Signed-off-by: Victor Nogueira <victor@...atatu.com>
---
 man/man8/tc.8 |  6 +++++-
 tc/m_action.c | 25 ++++++++++++++++++++++---
 tc/tc.c       |  6 +++++-
 3 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/man/man8/tc.8 b/man/man8/tc.8
index 3175454b9..dce58af17 100644
--- a/man/man8/tc.8
+++ b/man/man8/tc.8
@@ -127,7 +127,7 @@ tc \- show / manipulate traffic control settings
 \fB[ \fB-nm \fR| \fB-nam\fR[\fIes\fR] \fB] \fR|
 \fB[ \fR{ \fB-cf \fR| \fB-c\fR[\fIonf\fR] \fR} \fB[ filename ] \fB] \fR
 \fB[ -t\fR[imestamp\fR] \fB\] \fR| \fB[ -t\fR[short\fR] \fR| \fB[
--o\fR[neline\fR] \fB]\fR }
+-o\fR[neline\fR] \fB] \fR| \fB[ -echo ]\fR }
 
 .ti 8
 .IR FORMAT " := {"
@@ -743,6 +743,10 @@ When\fB\ tc monitor\fR\ runs, print timestamp before the event message in format
 When\fB\ tc monitor\fR\ runs, prints short timestamp before the event message in format:
    [<YYYY>-<MM>-<DD>T<hh:mm:ss>.<ms>]
 
+.TP
+.BR "\-echo"
+Request the kernel to send the applied configuration back.
+
 .SH FORMAT
 The show command has additional formatting options:
 
diff --git a/tc/m_action.c b/tc/m_action.c
index 16474c561..fd9621e1b 100644
--- a/tc/m_action.c
+++ b/tc/m_action.c
@@ -688,7 +688,16 @@ static int tc_action_gd(int cmd, unsigned int flags,
 
 	req.n.nlmsg_seq = rth.dump = ++rth.seq;
 
-	if (rtnl_talk(&rth, &req.n, cmd == RTM_DELACTION ? NULL : &ans) < 0) {
+	if (cmd == RTM_DELACTION) {
+		if (echo_request)
+			ret = rtnl_echo_talk(&rth, &req.n, json, print_action);
+		else
+			ret = rtnl_talk(&rth, &req.n, NULL);
+	} else {
+		ret = rtnl_talk(&rth, &req.n, &ans);
+	}
+
+	if (ret < 0) {
 		fprintf(stderr, "We have an error talking to the kernel\n");
 		return 1;
 	}
@@ -738,7 +747,12 @@ static int tc_action_modify(int cmd, unsigned int flags,
 	}
 	tail->rta_len = (void *) NLMSG_TAIL(&req.n) - (void *) tail;
 
-	if (rtnl_talk(&rth, &req.n, NULL) < 0) {
+	if (echo_request)
+		ret = rtnl_echo_talk(&rth, &req.n, json, print_action);
+	else
+		ret = rtnl_talk(&rth, &req.n, NULL);
+
+	if (ret < 0) {
 		fprintf(stderr, "We have an error talking to the kernel\n");
 		ret = -1;
 	}
@@ -836,7 +850,12 @@ static int tc_act_list_or_flush(int *argc_p, char ***argv_p, int event)
 		req.n.nlmsg_type = RTM_DELACTION;
 		req.n.nlmsg_flags |= NLM_F_ROOT;
 		req.n.nlmsg_flags |= NLM_F_REQUEST;
-		if (rtnl_talk(&rth, &req.n, NULL) < 0) {
+
+		if (echo_request)
+			ret = rtnl_echo_talk(&rth, &req.n, json, print_action);
+		else
+			ret = rtnl_talk(&rth, &req.n, NULL);
+		if (ret < 0) {
 			fprintf(stderr, "We have an error flushing\n");
 			return 1;
 		}
diff --git a/tc/tc.c b/tc/tc.c
index 575157a86..7a746cf51 100644
--- a/tc/tc.c
+++ b/tc/tc.c
@@ -38,6 +38,8 @@ int json;
 int oneline;
 int brief;
 
+int echo_request;
+
 static char *conf_file;
 
 struct rtnl_handle rth;
@@ -196,7 +198,7 @@ static void usage(void)
 		"		    -o[neline] | -j[son] | -p[retty] | -c[olor]\n"
 		"		    -b[atch] [filename] | -n[etns] name | -N[umeric] |\n"
 		"		     -nm | -nam[es] | { -cf | -conf } path\n"
-		"		     -br[ief] }\n");
+		"		     -br[ief] | -echo }\n");
 }
 
 static int do_cmd(int argc, char **argv)
@@ -314,6 +316,8 @@ int main(int argc, char **argv)
 			++oneline;
 		} else if (matches(argv[1], "-brief") == 0) {
 			++brief;
+		} else if (strcmp(argv[1], "-echo") == 0) {
+			++echo_request;
 		} else {
 			fprintf(stderr,
 				"Option \"%s\" is unknown, try \"tc -help\".\n",
-- 
2.25.1


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ