{"id":808318,"url":"http://patchwork.ozlabs.org/api/1.0/covers/808318/?format=json","project":{"id":7,"url":"http://patchwork.ozlabs.org/api/1.0/projects/7/?format=json","name":"Linux network development","link_name":"netdev","list_id":"netdev.vger.kernel.org","list_email":"netdev@vger.kernel.org","web_url":null,"scm_url":null,"webscm_url":null},"msgid":"<20170831165939.5121-1-colona@arista.com>","date":"2017-08-31T16:59:37","name":"[net-next,v5,0/2] report TCP MD5 signing keys and addresses","submitter":{"id":65664,"url":"http://patchwork.ozlabs.org/api/1.0/people/65664/?format=json","name":"Ivan Delalande","email":"colona@arista.com"},"series":[{"id":881,"url":"http://patchwork.ozlabs.org/api/1.0/series/881/?format=json","date":"2017-08-31T16:59:39","name":"report TCP MD5 signing keys and addresses","version":5,"mbox":"http://patchwork.ozlabs.org/series/881/mbox/"}],"headers":{"Return-Path":"<netdev-owner@vger.kernel.org>","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","ozlabs.org; dkim=pass (1024-bit key;\n\tunprotected) header.d=arista.com header.i=@arista.com\n\theader.b=\"Xp/zLFiP\"; dkim-atps=neutral"],"Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xjpWs1r73z9sD5\n\tfor <patchwork-incoming@ozlabs.org>;\n\tFri,  1 Sep 2017 02:59:53 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1751972AbdHaQ7m (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tThu, 31 Aug 2017 12:59:42 -0400","from prod-mx.aristanetworks.com ([162.210.130.12]:59070 \"EHLO\n\tprod-mx.aristanetworks.com\" rhost-flags-OK-OK-OK-OK)\n\tby vger.kernel.org with ESMTP id S1751928AbdHaQ7k (ORCPT\n\t<rfc822;netdev@vger.kernel.org>); Thu, 31 Aug 2017 12:59:40 -0400","from prod-mx.aristanetworks.com (localhost [127.0.0.1])\n\tby prod-mx.aristanetworks.com (Postfix) with ESMTP id D06979605;\n\tThu, 31 Aug 2017 09:59:39 -0700 (PDT)","from visor.sjc.aristanetworks.com\n\t(manila-157.sjc.aristanetworks.com [172.20.135.157])\n\tby prod-mx.aristanetworks.com (Postfix) with ESMTP id CE17B9602;\n\tThu, 31 Aug 2017 09:59:39 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=arista.com;\n\ts=AristaCom; t=1504198779;\n\tbh=wynUyG78w8ZdbHqEfprvQiKcKF587EfMeW/yMVGEu/I=;\n\th=From:To:Cc:Subject:Date;\n\tb=Xp/zLFiPtmOWqIvN3HfWt+uUcgIATV0hcqVMN0mEeOMJZWfSupOugb7Q8qMO4cuoD\n\tJIOxuTZpYL9d8gz7LBnsQNg5hxextHu/94U5+hKMeHxcVuH7HqFx5anOtsEPwL+uXq\n\txVzQQXNSKMmDWFtkQk5+DY9wE2XRKDn8n59Sz+oI=","From":"Ivan Delalande <colona@arista.com>","To":"David Miller <davem@davemloft.net>","Cc":"Eric Dumazet <eric.dumazet@gmail.com>, netdev@vger.kernel.org,\n\tIvan Delalande <colona@arista.com>","Subject":"[PATCH net-next v5 0/2] report TCP MD5 signing keys and addresses","Date":"Thu, 31 Aug 2017 09:59:37 -0700","Message-Id":"<20170831165939.5121-1-colona@arista.com>","X-Mailer":"git-send-email 2.14.1","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netdev.vger.kernel.org>","X-Mailing-List":"netdev@vger.kernel.org"},"content":"Allow userspace to retrieve MD5 signature keys and addresses configured\non TCP sockets through inet_diag.\n\nThanks to Eric Dumazet and Stephen Hemminger for their useful\nexplanations and feedback.\n\nv5: - memset the whole netlink payload after it has been nla_reserve-d\n      in tcp_diag_put_md5sig (a third memset had to be added for\n      tcpm_key so we might as well have just one for entire region).\n    - move the nla_total_size call from inet_sk_attr_size to the\n      idiag_get_aux_size defined by protocols as they could add multiple\n      netlink attributes,\n    - add check for net_admin in tcp_diag_get_aux_size.\n\nv4: - add new struct tcp_diag_md5sig to report the data instead of\n      tcp_md5sig to avoid wasting 112 bytes on every tcpm_addr,\n    - memset tcpm_addr on IPv4 addresses to avoid leaks,\n    - style fix in inet_diag_dump_one_icsk.\n\nv3: - rename inet_diag_*md5sig in tcp_diag.c to tcp_diag_* for\n      consistency,\n    - don't lock the socket in tcp_diag_put_md5sig,\n    - add checks on md5sig_count in tcp_diag_put_md5sig to not create\n      the netlink attribute if the list is empty, and to avoid overflows\n      or memory leaks if the list has changed in the meantime.\n\nv2: - move changes to tcp_diag.c and extend inet_diag_handler to allow\n      protocols to provide additional data on INET_DIAG_INFO,\n    - lock socket before calling tcp_diag_put_md5sig.\n\n\nI also have a patch for iproute2/ss to test this change, making it print\nthis new attribute. I'm planning to polish and send it if this series\ngets applied.\n\n\nIvan Delalande (2):\n  inet_diag: allow protocols to provide additional data\n  tcp_diag: report TCP MD5 signing keys and addresses\n\n include/linux/inet_diag.h      |   7 +++\n include/uapi/linux/inet_diag.h |   1 +\n include/uapi/linux/tcp.h       |   9 ++++\n net/ipv4/inet_diag.c           |  22 +++++++--\n net/ipv4/tcp_diag.c            | 109 ++++++++++++++++++++++++++++++++++++++---\n 5 files changed, 138 insertions(+), 10 deletions(-)"}