From patchwork Wed Nov 1 09:52:54 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Egerer X-Patchwork-Id: 832898 X-Patchwork-Delegate: shemminger@vyatta.com Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3yRk8J51Rkz9t2f for ; Wed, 1 Nov 2017 20:54:24 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932674AbdKAJyW (ORCPT ); Wed, 1 Nov 2017 05:54:22 -0400 Received: from a.mx.secunet.com ([62.96.220.36]:59818 "EHLO a.mx.secunet.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754467AbdKAJyV (ORCPT ); Wed, 1 Nov 2017 05:54:21 -0400 Received: from localhost (localhost [127.0.0.1]) by a.mx.secunet.com (Postfix) with ESMTP id 971CC201CA; Wed, 1 Nov 2017 10:54:19 +0100 (CET) X-Virus-Scanned: by secunet Received: from a.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pB1UaYUItYCP; Wed, 1 Nov 2017 10:54:19 +0100 (CET) Received: from mail-essen-01.secunet.de (mail-essen-01.secunet.de [10.53.40.204]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a.mx.secunet.com (Postfix) with ESMTPS id 2476720068; Wed, 1 Nov 2017 10:54:19 +0100 (CET) Received: from [10.182.7.178] (10.182.7.178) by mail-essen-01.secunet.de (10.53.40.204) with Microsoft SMTP Server (TLS) id 14.3.361.1; Wed, 1 Nov 2017 10:54:18 +0100 Subject: [PATCH iproute2 3/3] xfrm_{state,policy}: Allow to deleteall polices/states with marks To: Stephen Hemminger References: <97621e2c-30e3-aba3-ed5a-71241d94ec26@secunet.com> <20171031181359.5b868f1a@shemminger-XPS-13-9360> CC: From: Thomas Egerer X-Enigmail-Draft-Status: N1110 Message-ID: Date: Wed, 1 Nov 2017 10:52:54 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.4.0 MIME-Version: 1.0 In-Reply-To: <20171031181359.5b868f1a@shemminger-XPS-13-9360> X-G-Data-MailSecurity-for-Exchange-State: 0 X-G-Data-MailSecurity-for-Exchange-Error: 0 X-G-Data-MailSecurity-for-Exchange-Sender: 23 X-G-Data-MailSecurity-for-Exchange-Server: d65e63f7-5c15-413f-8f63-c0d707471c93 X-EXCLAIMER-MD-CONFIG: 2c86f778-e09b-4440-8b15-867914633a10 X-G-Data-MailSecurity-for-Exchange-Guid: 100E18B7-A06F-436E-A3AA-33EA45CC112D Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Using 'ip deleteall' with policies that have marks, fails unless you eplicitely specify the mark values. This is very uncomfortable when bulk-deleting policies and states. With this patch all relevant states and policies are wiped by 'ip deleteall' regardless of their mark values. Signed-off-by: Thomas Egerer --- ip/xfrm_policy.c | 10 ++++++++++ ip/xfrm_state.c | 13 +++++++++++++ 2 files changed, 23 insertions(+) diff --git a/ip/xfrm_policy.c b/ip/xfrm_policy.c index e2fa771..feea7d6 100644 --- a/ip/xfrm_policy.c +++ b/ip/xfrm_policy.c @@ -753,6 +753,16 @@ static int xfrm_policy_keep(const struct sockaddr_nl *who, xpid->dir = xpinfo->dir; xpid->index = xpinfo->index; + if (tb[XFRMA_MARK]) { + int r = addattr_l(new_n, xb->size, XFRMA_MARK, + RTA_DATA(tb[XFRMA_MARK]), + RTA_PAYLOAD(tb[XFRMA_MARK])); + if (r < 0) { + fprintf(stderr, "%s: XFRMA_MARK failed\n", __func__); + exit(1); + } + } + xb->offset += new_n->nlmsg_len; xb->nlmsg_count++; diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c index 3e20d6e..e193623 100644 --- a/ip/xfrm_state.c +++ b/ip/xfrm_state.c @@ -1081,6 +1081,7 @@ static int xfrm_state_keep(const struct sockaddr_nl *who, int len = n->nlmsg_len; struct nlmsghdr *new_n; struct xfrm_usersa_id *xsid; + struct rtattr *tb[XFRMA_MAX+1]; if (n->nlmsg_type != XFRM_MSG_NEWSA) { fprintf(stderr, "Not a state: %08x %08x %08x\n", @@ -1117,6 +1118,18 @@ static int xfrm_state_keep(const struct sockaddr_nl *who, addattr_l(new_n, xb->size, XFRMA_SRCADDR, &xsinfo->saddr, sizeof(xsid->daddr)); + parse_rtattr(tb, XFRMA_MAX, XFRMS_RTA(xsinfo), len); + + if (tb[XFRMA_MARK]) { + int r = addattr_l(new_n, xb->size, XFRMA_MARK, + RTA_DATA(tb[XFRMA_MARK]), + RTA_PAYLOAD(tb[XFRMA_MARK])); + if (r < 0) { + fprintf(stderr, "%s: XFRMA_MARK failed\n", __func__); + exit(1); + } + } + xb->offset += new_n->nlmsg_len; xb->nlmsg_count++;