* [PATCH iproute2] iproute get: force rtm_dst_len to 32/128
@ 2021-01-24 15:53 Luca Boccassi
2021-01-24 17:26 ` David Ahern
2021-01-24 17:36 ` [PATCH iproute2 v2] iproute: " Luca Boccassi
0 siblings, 2 replies; 4+ messages in thread
From: Luca Boccassi @ 2021-01-24 15:53 UTC (permalink / raw)
To: netdev; +Cc: stephen, dsahern
Since NETLINK_GET_STRICT_CHK was enabled, the kernel rejects commands
that pass a prefix length, eg:
ip route get `1.0.0.0/1
Error: ipv4: Invalid values in header for route get request.
ip route get 0.0.0.0/0
Error: ipv4: rtm_src_len and rtm_dst_len must be 32 for IPv4
Since there's no point in setting a rtm_dst_len that we know is going
to be rejected, just force it to the right value if it's passed on
the command line.
Bug-Debian: https://bugs.debian.org/944730
Reported-By: Clément 'wxcafé' Hertling <wxcafe@wxcafe.net>
Signed-off-by: Luca Boccassi <bluca@debian.org>
---
As mentioned by David on:
https://www.spinics.net/lists/netdev/msg624125.html
ip/iproute.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/ip/iproute.c b/ip/iproute.c
index ebb5f160..3646d531 100644
--- a/ip/iproute.c
+++ b/ip/iproute.c
@@ -2069,7 +2069,12 @@ static int iproute_get(int argc, char **argv)
if (addr.bytelen)
addattr_l(&req.n, sizeof(req),
RTA_DST, &addr.data, addr.bytelen);
- req.r.rtm_dst_len = addr.bitlen;
+ if (req.r.rtm_family == AF_INET)
+ req.r.rtm_dst_len = 32;
+ else if (req.r.rtm_family == AF_INET6)
+ req.r.rtm_dst_len = 128;
+ else
+ req.r.rtm_dst_len = addr.bitlen;
address_found = true;
}
argc--; argv++;
--
2.29.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH iproute2] iproute get: force rtm_dst_len to 32/128
2021-01-24 15:53 [PATCH iproute2] iproute get: force rtm_dst_len to 32/128 Luca Boccassi
@ 2021-01-24 17:26 ` David Ahern
2021-01-24 17:37 ` Luca Boccassi
2021-01-24 17:36 ` [PATCH iproute2 v2] iproute: " Luca Boccassi
1 sibling, 1 reply; 4+ messages in thread
From: David Ahern @ 2021-01-24 17:26 UTC (permalink / raw)
To: Luca Boccassi, netdev; +Cc: stephen
On 1/24/21 8:53 AM, Luca Boccassi wrote:
> Since NETLINK_GET_STRICT_CHK was enabled, the kernel rejects commands
> that pass a prefix length, eg:
>
> ip route get `1.0.0.0/1
> Error: ipv4: Invalid values in header for route get request.
> ip route get 0.0.0.0/0
> Error: ipv4: rtm_src_len and rtm_dst_len must be 32 for IPv4
Those are not the best responses from the kernel for the mask setting. I
should have been clearer about src and dst masks.
>
> Since there's no point in setting a rtm_dst_len that we know is going
> to be rejected, just force it to the right value if it's passed on
> the command line.
>
> Bug-Debian: https://bugs.debian.org/944730
> Reported-By: Clément 'wxcafé' Hertling <wxcafe@wxcafe.net>
> Signed-off-by: Luca Boccassi <bluca@debian.org>
> ---
> As mentioned by David on:
>
> https://www.spinics.net/lists/netdev/msg624125.html
>
> ip/iproute.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/ip/iproute.c b/ip/iproute.c
> index ebb5f160..3646d531 100644
> --- a/ip/iproute.c
> +++ b/ip/iproute.c
> @@ -2069,7 +2069,12 @@ static int iproute_get(int argc, char **argv)
> if (addr.bytelen)
> addattr_l(&req.n, sizeof(req),
> RTA_DST, &addr.data, addr.bytelen);
> - req.r.rtm_dst_len = addr.bitlen;
> + if (req.r.rtm_family == AF_INET)
> + req.r.rtm_dst_len = 32;
> + else if (req.r.rtm_family == AF_INET6)
> + req.r.rtm_dst_len = 128;
> + else
> + req.r.rtm_dst_len = addr.bitlen;
> address_found = true;
> }
> argc--; argv++;
>
Since the kernel used to blindly ignore the mask, having iproute2 fix it
up seems acceptable.
I think it would be good to educate the user about invalid settings as
well - get them to fix scripts and mind set.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH iproute2 v2] iproute: force rtm_dst_len to 32/128
2021-01-24 15:53 [PATCH iproute2] iproute get: force rtm_dst_len to 32/128 Luca Boccassi
2021-01-24 17:26 ` David Ahern
@ 2021-01-24 17:36 ` Luca Boccassi
1 sibling, 0 replies; 4+ messages in thread
From: Luca Boccassi @ 2021-01-24 17:36 UTC (permalink / raw)
To: netdev; +Cc: stephen, dsahern
Since NETLINK_GET_STRICT_CHK was enabled, the kernel rejects commands
that pass a prefix length, eg:
ip route get `1.0.0.0/1
Error: ipv4: Invalid values in header for route get request.
ip route get 0.0.0.0/0
Error: ipv4: rtm_src_len and rtm_dst_len must be 32 for IPv4
Since there's no point in setting a rtm_dst_len that we know is going
to be rejected, just force it to the right value if it's passed on
the command line. Print a warning to stderr to notify users.
Bug-Debian: https://bugs.debian.org/944730
Reported-By: Clément 'wxcafé' Hertling <wxcafe@wxcafe.net>
Signed-off-by: Luca Boccassi <bluca@debian.org>
---
v2: added a warning
ip/iproute.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/ip/iproute.c b/ip/iproute.c
index ebb5f160..8d4d2ff8 100644
--- a/ip/iproute.c
+++ b/ip/iproute.c
@@ -2069,7 +2069,18 @@ static int iproute_get(int argc, char **argv)
if (addr.bytelen)
addattr_l(&req.n, sizeof(req),
RTA_DST, &addr.data, addr.bytelen);
- req.r.rtm_dst_len = addr.bitlen;
+ if (req.r.rtm_family == AF_INET && addr.bitlen != 32) {
+ fprintf(stderr,
+ "Warning: /%u as prefix is invalid, only /32 (or none) is supported.\n",
+ addr.bitlen);
+ req.r.rtm_dst_len = 32;
+ } else if (req.r.rtm_family == AF_INET6 && addr.bitlen != 128) {
+ fprintf(stderr,
+ "Warning: /%u as prefix is invalid, only /128 (or none) is supported.\n",
+ addr.bitlen);
+ req.r.rtm_dst_len = 128;
+ } else
+ req.r.rtm_dst_len = addr.bitlen;
address_found = true;
}
argc--; argv++;
--
2.29.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH iproute2] iproute get: force rtm_dst_len to 32/128
2021-01-24 17:26 ` David Ahern
@ 2021-01-24 17:37 ` Luca Boccassi
0 siblings, 0 replies; 4+ messages in thread
From: Luca Boccassi @ 2021-01-24 17:37 UTC (permalink / raw)
To: David Ahern; +Cc: Netdev, Stephen Hemminger
On Sun, 24 Jan 2021 at 17:26, David Ahern <dsahern@gmail.com> wrote:
>
> On 1/24/21 8:53 AM, Luca Boccassi wrote:
> > Since NETLINK_GET_STRICT_CHK was enabled, the kernel rejects commands
> > that pass a prefix length, eg:
> >
> > ip route get `1.0.0.0/1
> > Error: ipv4: Invalid values in header for route get request.
> > ip route get 0.0.0.0/0
> > Error: ipv4: rtm_src_len and rtm_dst_len must be 32 for IPv4
>
> Those are not the best responses from the kernel for the mask setting. I
> should have been clearer about src and dst masks.
>
> >
> > Since there's no point in setting a rtm_dst_len that we know is going
> > to be rejected, just force it to the right value if it's passed on
> > the command line.
> >
> > Bug-Debian: https://bugs.debian.org/944730
> > Reported-By: Clément 'wxcafé' Hertling <wxcafe@wxcafe.net>
> > Signed-off-by: Luca Boccassi <bluca@debian.org>
> > ---
> > As mentioned by David on:
> >
> > https://www.spinics.net/lists/netdev/msg624125.html
> >
> > ip/iproute.c | 7 ++++++-
> > 1 file changed, 6 insertions(+), 1 deletion(-)
> >
> > diff --git a/ip/iproute.c b/ip/iproute.c
> > index ebb5f160..3646d531 100644
> > --- a/ip/iproute.c
> > +++ b/ip/iproute.c
> > @@ -2069,7 +2069,12 @@ static int iproute_get(int argc, char **argv)
> > if (addr.bytelen)
> > addattr_l(&req.n, sizeof(req),
> > RTA_DST, &addr.data, addr.bytelen);
> > - req.r.rtm_dst_len = addr.bitlen;
> > + if (req.r.rtm_family == AF_INET)
> > + req.r.rtm_dst_len = 32;
> > + else if (req.r.rtm_family == AF_INET6)
> > + req.r.rtm_dst_len = 128;
> > + else
> > + req.r.rtm_dst_len = addr.bitlen;
> > address_found = true;
> > }
> > argc--; argv++;
> >
>
> Since the kernel used to blindly ignore the mask, having iproute2 fix it
> up seems acceptable.
>
> I think it would be good to educate the user about invalid settings as
> well - get them to fix scripts and mind set.
Sent v2 with a warning print to stderr.
Kind regards,
Luca Boccassi
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-01-24 17:38 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-24 15:53 [PATCH iproute2] iproute get: force rtm_dst_len to 32/128 Luca Boccassi
2021-01-24 17:26 ` David Ahern
2021-01-24 17:37 ` Luca Boccassi
2021-01-24 17:36 ` [PATCH iproute2 v2] iproute: " Luca Boccassi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.