| Message ID | 20220415165330.10497-1-florent.fourcot@wifirst.fr (mailing list archive) |
|---|---|
| Headers | show |
| Series | rtnetlink: improve ALT_IFNAME config and fix dangerous GROUP usage | expand |
On Fri, 15 Apr 2022 18:53:26 +0200 Florent Fourcot wrote: > First commit forbids dangerous calls when both IFNAME and GROUP are > given, since it can introduce unexpected behaviour when IFNAME does not > match any interface. > > Second patch achieves primary goal of this patchset to fix/improve > IFLA_ALT_IFNAME attribute, since previous code was never working for > newlink/setlink. ip-link command is probably getting interface index > before, and was not using this feature. > > Last two patches are improving error code on corner cases. Reviewed-by: Jakub Kicinski <kuba@kernel.org>
Hello: This series was applied to netdev/net-next.git (master) by Paolo Abeni <pabeni@redhat.com>: On Fri, 15 Apr 2022 18:53:26 +0200 you wrote: > First commit forbids dangerous calls when both IFNAME and GROUP are > given, since it can introduce unexpected behaviour when IFNAME does not > match any interface. > > Second patch achieves primary goal of this patchset to fix/improve > IFLA_ALT_IFNAME attribute, since previous code was never working for > newlink/setlink. ip-link command is probably getting interface index > before, and was not using this feature. > > [...] Here is the summary with links: - [v5,net-next,1/4] rtnetlink: return ENODEV when ifname does not exist and group is given https://git.kernel.org/netdev/net-next/c/ef2a7c9065ce - [v5,net-next,2/4] rtnetlink: enable alt_ifname for setlink/newlink https://git.kernel.org/netdev/net-next/c/5ea08b5286f6 - [v5,net-next,3/4] rtnetlink: return ENODEV when IFLA_ALT_IFNAME is used in dellink https://git.kernel.org/netdev/net-next/c/dee04163e9f2 - [v5,net-next,4/4] rtnetlink: return EINVAL when request cannot succeed https://git.kernel.org/netdev/net-next/c/b6177d3240a4 You are awesome, thank you!
Hi Florent, On Fri, Apr 15, 2022 at 06:53:26PM +0200, Florent Fourcot wrote: > First commit forbids dangerous calls when both IFNAME and GROUP are > given, since it can introduce unexpected behaviour when IFNAME does not > match any interface. > > Second patch achieves primary goal of this patchset to fix/improve > IFLA_ALT_IFNAME attribute, since previous code was never working for > newlink/setlink. ip-link command is probably getting interface index > before, and was not using this feature. > > Last two patches are improving error code on corner cases. This was just merged to net-next and appears to have broken the wireguard test suite over on https://build.wireguard.com/ [+] Launching tests... [ 0.796066] init.sh (28) used greatest stack depth: 29152 bytes left [ 0.803809] ip (29) used greatest stack depth: 28544 bytes left [+] ip netns add wg-test-27-0 [+] ip netns add wg-test-27-1 [ 0.842841] ip (32) used greatest stack depth: 27512 bytes left [+] ip netns add wg-test-27-2 [+] NS0: ip link set up dev lo [+] NS0: ip link add dev wg0 type wireguard [ 0.896074] ip (35) used greatest stack depth: 27152 bytes left Command "add" is unknown, try "ip link help". [+] NS0: ip link del dev wg0 [+] NS0: ip link del dev wg1 [+] NS1: ip link del dev wg0 [+] NS1: ip link del dev wg1 [+] NS2: ip link del dev wg0 [+] NS2: ip link del dev wg1 [+] ip netns del wg-test-27-1 [+] ip netns del wg-test-27-2 [+] ip netns del wg-test-27-0 [-] Tests failed with exit code 255! ☹ So apparently something goes wrong with "ip link add dev wg0 type wireguard". Not quite sure what yet, though. You can try it for yourself with: make -C tools/testing/selftests/wireguard/qemu -j$(nproc) Jason
Hello Jason, Thanks for the report. Stephen was right, and I introduced a regression on ip-link. I submitted a revert patch with more context on what happened. I'm very sorry for that.
First commit forbids dangerous calls when both IFNAME and GROUP are given, since it can introduce unexpected behaviour when IFNAME does not match any interface. Second patch achieves primary goal of this patchset to fix/improve IFLA_ALT_IFNAME attribute, since previous code was never working for newlink/setlink. ip-link command is probably getting interface index before, and was not using this feature. Last two patches are improving error code on corner cases. Changes in v2: * Remove ifname argument in rtnl_dev_get/do_setlink functions (simplify code) * Use a boolean to avoid condition duplication in __rtnl_newlink Changes in v3: * Simplify rtnl_dev_get signature Changes in v4: * Rename link_lookup to link_specified Changes in v5: * Re-order patches Florent Fourcot (4): rtnetlink: return ENODEV when ifname does not exist and group is given rtnetlink: enable alt_ifname for setlink/newlink rtnetlink: return ENODEV when IFLA_ALT_IFNAME is used in dellink rtnetlink: return EINVAL when request cannot succeed net/core/rtnetlink.c | 91 ++++++++++++++++++++++---------------------- 1 file changed, 45 insertions(+), 46 deletions(-)