[RFC PATCH iproute2] ip route: save: exclude rtnh_flags which can't be set

From: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com>
To: netdev@vger.kernel.org
Cc: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com>,
	David Miller <davem@davemloft.net>,
	David Ahern <dsahern@gmail.com>,
	Stephen Hemminger <stephen@networkplumber.org>,
	Ido Schimmel <idosch@nvidia.com>,
	Jakub Kicinski <kuba@kernel.org>, Andrei Vagin <avagin@gmail.com>,
	Pavel Tikhomirov <ptikhomirov@virtuozzo.com>,
	Alexander Mikhalitsyn <alexander@mihalicyn.com>
Subject: [RFC PATCH iproute2] ip route: save: exclude rtnh_flags which can't be set
Date: Thu, 11 Nov 2021 19:02:39 +0300	[thread overview]
Message-ID: <20211111160240.739294-1-alexander.mikhalitsyn@virtuozzo.com> (raw)

During "ip route save" we preserve all rtnh_flags,
even those that can't be set directly by the userspace.
This looks like a bug because a user can't restore
route dump which was generated by "ip route save" back.
This also prevents CRIU from correct restore of the
containers with some route configurations inside.

Reproducer:
$ ip link add type veth
$ ip addr add 10.0.0.1/24 dev veth0
$ ip link set veth0 up
$ ip route add default via 10.0.0.1
$ ip route save > route_dump
$ ip route restore < route_dump
Error: Invalid rtm_flags - can not contain DEAD or LINKDOWN.

Let's just omit non-settable rtnh_flags from the dump image.

According to the check in the fib_create_info() kernel
function it looks like we can't restore back only
RTNH_F_DEAD and RTNH_F_LINKDOWN flags. But according to the
ip route command manual user may set only RTNH_F_PERVASIVE
and RTNH_F_ONLINK flags. Does this mean that all rest flags
such as RTNH_F_OFFLOAD, RTNH_F_TRAP, and so on should be also
filtered out on the kernel side as RTNH_F_DEAD and RTNH_F_LINKDOWN?

I've checked that at the moment kernel doesn't prevent the setting
of RTNH_F_OFFLOAD and RTNH_F_TRAP from the userspace side.
Is this correct? If not then I am ready to prepare corresponding
patches for the kernel.

See also
[RFC PATCH net-next] rtnetlink: add RTNH_F_REJECT_MASK

Cc: David Miller <davem@davemloft.net>
Cc: David Ahern <dsahern@gmail.com>
Cc: Stephen Hemminger <stephen@networkplumber.org>
Cc: Ido Schimmel <idosch@nvidia.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Andrei Vagin <avagin@gmail.com>
Cc: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Cc: Alexander Mikhalitsyn <alexander@mihalicyn.com>
Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com>
---
 include/uapi/linux/rtnetlink.h | 3 +++
 ip/iproute.c                   | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/include/uapi/linux/rtnetlink.h b/include/uapi/linux/rtnetlink.h
index e01efa28..3ce9ba3c 100644
--- a/include/uapi/linux/rtnetlink.h
+++ b/include/uapi/linux/rtnetlink.h
@@ -417,6 +417,9 @@ struct rtnexthop {
 #define RTNH_COMPARE_MASK	(RTNH_F_DEAD | RTNH_F_LINKDOWN | \
 				 RTNH_F_OFFLOAD | RTNH_F_TRAP)
 
+/* these flags can't be set by the userspace */
+#define RTNH_F_REJECT_MASK	(RTNH_F_DEAD | RTNH_F_LINKDOWN)
+
 /* Macros to handle hexthops */
 
 #define RTNH_ALIGNTO	4
diff --git a/ip/iproute.c b/ip/iproute.c
index 1447a5f7..88faadeb 100644
--- a/ip/iproute.c
+++ b/ip/iproute.c
@@ -1632,6 +1632,12 @@ static int save_route(struct nlmsghdr *n, void *arg)
 	if (!filter_nlmsg(n, tb, host_len))
 		return 0;
 
+	/*
+	 * Exclude flags which can't be set directly
+	 * by the userspace from the rtmsg dump.
+	 */
+	r->rtm_flags &= ~RTNH_F_REJECT_MASK;
+
 	ret = write(STDOUT_FILENO, n, n->nlmsg_len);
 	if ((ret > 0) && (ret != n->nlmsg_len)) {
 		fprintf(stderr, "Short write while saving nlmsg\n");
-- 
2.31.1

