From patchwork Tue Jun 2 21:13:51 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Eric W. Biederman" X-Patchwork-Id: 479720 X-Patchwork-Delegate: shemminger@vyatta.com Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id C9B681401AB for ; Wed, 3 Jun 2015 07:19:03 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752574AbbFBVS6 (ORCPT ); Tue, 2 Jun 2015 17:18:58 -0400 Received: from out03.mta.xmission.com ([166.70.13.233]:35322 "EHLO out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752082AbbFBVS4 (ORCPT ); Tue, 2 Jun 2015 17:18:56 -0400 Received: from in01.mta.xmission.com ([166.70.13.51]) by out03.mta.xmission.com with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.82) (envelope-from ) id 1YztaI-0007DY-5w; Tue, 02 Jun 2015 15:18:54 -0600 Received: from 67-3-205-90.omah.qwest.net ([67.3.205.90] helo=x220.int.ebiederm.org.xmission.com) by in01.mta.xmission.com with esmtpsa (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.82) (envelope-from ) id 1YztaH-0005os-77; Tue, 02 Jun 2015 15:18:53 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Roopa Prabhu Cc: stephen@networkplumber.org, davem@davemloft.net, rshearma@brocade.com, netdev@vger.kernel.org, vivek@cumulusnetworks.com References: <1433226567-23302-3-git-send-email-roopa@cumulusnetworks.com> Date: Tue, 02 Jun 2015 16:13:51 -0500 In-Reply-To: <1433226567-23302-3-git-send-email-roopa@cumulusnetworks.com> (Roopa Prabhu's message of "Mon, 1 Jun 2015 23:29:27 -0700") Message-ID: <87a8wholtc.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 X-XM-AID: U2FsdGVkX1/SsPEzOL222Zqz3h4NgYfLIyK6JmGAoGo= X-SA-Exim-Connect-IP: 67.3.205.90 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on sa06.xmission.com X-Spam-Level: * X-Spam-Status: No, score=1.0 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,TVD_RCVD_IP,T_TM2_M_HEADER_IN_MSG,XMSubLong, XM_Body_Dirty_Words autolearn=disabled version=3.4.0 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.0 TVD_RCVD_IP Message was received from an IP address * 0.7 XMSubLong Long Subject * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa06 1397; Body=1 Fuz1=1 Fuz2=1] * 0.5 XM_Body_Dirty_Words Contains a dirty word X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: *;Roopa Prabhu X-Spam-Relay-Country: X-Spam-Timing: total 369 ms - load_scoreonly_sql: 0.03 (0.0%), signal_user_changed: 11 (2.9%), b_tie_ro: 9 (2.4%), parse: 2.3 (0.6%), extract_message_metadata: 23 (6.2%), get_uri_detail_list: 3.1 (0.8%), tests_pri_-1000: 9 (2.5%), tests_pri_-950: 1.81 (0.5%), tests_pri_-900: 1.29 (0.3%), tests_pri_-400: 30 (8.0%), check_bayes: 28 (7.6%), b_tokenize: 10 (2.6%), b_tok_get_all: 9 (2.4%), b_comp_prob: 3.1 (0.8%), b_tok_touch_all: 3.3 (0.9%), b_finish: 1.07 (0.3%), tests_pri_0: 279 (75.6%), tests_pri_500: 6 (1.7%), rewrite_mail: 0.00 (0.0%) Subject: Re: [PATCH net v3 2/2] mpls: fix mpls route deletes to not check for route scope X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Wed, 24 Sep 2014 11:00:52 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Roopa Prabhu writes: > From: Roopa Prabhu > > Ignore scope for route del messages So I just stopped and looked at what is happening. When you originally reported this you said (or at least I understood) that rtm_scope was not being set in iproute. I assumed that meant it was not being touched and it was taking a default value of zero (or else it was possibly floating). Having looked neither is true. iproute sets rtm_scope to RT_SCOPE_NOWHERE during delete deliberately to act as a wild card. In the kernel in other protocols currently ipv4 treats RT_SCOPE_NOWHERE as a wild card during delete, decnet treats RT_SCOPE_NOWHERE as a wild card during delete, the remaining protocols (ipv6, phonet, and can) that implement RTM_DELROUTE do not look at rtm_scope at all. Further ipv6 and phonet set rtm_scope to RT_SCOPE_UNIVERSE when dumped. Which says to me that we have semantics in the kernel that no one has let userspace know about, and that scares me when there is a misunderstanding between the kernel and userspace about what fields mean. That inevitabily leads to bugs. The kind of bugs that I have to create security fixes for recently. So I really think we should fix this in userspace so that that someone reading iproute will have a chance at knowing that this scopes do not exist in ipv6 and mpls and that scope logic is just noise in those cases. Something like: From 837dddea49af874fe750ab0712b3ef8066a2f55a Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Tue, 2 Jun 2015 15:51:31 -0500 Subject: [PATCH] iproute: When deleting routes don't always set the scope to RT_SCOPE_NOWHERE IPv6 and MPLS do not implement scopes on addresses and using RT_SCOPE_NOWHERE is just confusing noise. Use RT_SCOPE_UNIVERSE instead so that it is clear what is actually happening in the code. Signed-off-by: "Eric W. Biederman" --- ip/iproute.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/ip/iproute.c b/ip/iproute.c index fba475f65314..e9b991fdf62f 100644 --- a/ip/iproute.c +++ b/ip/iproute.c @@ -1136,6 +1136,9 @@ static int iproute_modify(int cmd, unsigned flags, int argc, char **argv) if (nhs_ok) parse_nexthops(&req.n, &req.r, argc, argv); + if (req.r.rtm_family == AF_UNSPEC) + req.r.rtm_family = AF_INET; + if (!table_ok) { if (req.r.rtm_type == RTN_LOCAL || req.r.rtm_type == RTN_BROADCAST || @@ -1144,7 +1147,10 @@ static int iproute_modify(int cmd, unsigned flags, int argc, char **argv) req.r.rtm_table = RT_TABLE_LOCAL; } if (!scope_ok) { - if (req.r.rtm_type == RTN_LOCAL || + if (req.r.rtm_family == AF_INET6 || + req.r.rtm_family == AF_MPLS) + req.r.rtm_scope = RT_SCOPE_UNIVERSE; + else if (req.r.rtm_type == RTN_LOCAL || req.r.rtm_type == RTN_NAT) req.r.rtm_scope = RT_SCOPE_HOST; else if (req.r.rtm_type == RTN_BROADCAST || @@ -1160,9 +1166,6 @@ static int iproute_modify(int cmd, unsigned flags, int argc, char **argv) } } - if (req.r.rtm_family == AF_UNSPEC) - req.r.rtm_family = AF_INET; - if (rtnl_talk(&rth, &req.n, NULL, 0) < 0) return -2;