* network interfaces called "all", "default" or "config" @ 2014-07-23 11:33 Stephane Chazelas 2014-07-23 14:56 ` Randy Dunlap 0 siblings, 1 reply; 7+ messages in thread From: Stephane Chazelas @ 2014-07-23 11:33 UTC (permalink / raw) To: linux-kernel Hiya, you may want to forbid the creation of interfaces whose name is one of the special files in /proc/net and /proc/sys. I can see some characters (like space, tab, newline, slash, dot...) are alread forbidden in interface names (EINVAL), but one can do for instance: sudo ip link add link eth0 all type vlan id 2 sudo ip link add link eth0 default type vlan id 3 sudo ip link add link eth0 config type vlan id 4 Interestingly, after you add a "all" or "default", the corresponding /proc/sys/net/ipv[46]/conf/(all|default) become empty, and remain so even after you've removed the interface. Adding an interface called "config" masks /proc/net/vlan/config (tested with 3.14-1-amd64 on debian) -- Stephane ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: network interfaces called "all", "default" or "config" 2014-07-23 11:33 network interfaces called "all", "default" or "config" Stephane Chazelas @ 2014-07-23 14:56 ` Randy Dunlap 2014-08-14 9:41 ` Stephane Chazelas 0 siblings, 1 reply; 7+ messages in thread From: Randy Dunlap @ 2014-07-23 14:56 UTC (permalink / raw) To: Stephane Chazelas, linux-kernel, netdev [adding netdev] On 07/23/2014 04:33 AM, Stephane Chazelas wrote: > Hiya, > > you may want to forbid the creation of interfaces whose name is > one of the special files in /proc/net and /proc/sys. > > I can see some characters (like space, tab, newline, slash, > dot...) are alread forbidden in interface names (EINVAL), but > one can do for instance: > > sudo ip link add link eth0 all type vlan id 2 > sudo ip link add link eth0 default type vlan id 3 > sudo ip link add link eth0 config type vlan id 4 > > Interestingly, after you add a "all" or "default", the > corresponding /proc/sys/net/ipv[46]/conf/(all|default) become > empty, and remain so even after you've removed the interface. > > Adding an interface called "config" masks /proc/net/vlan/config > > (tested with 3.14-1-amd64 on debian) > -- ~Randy ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: network interfaces called "all", "default" or "config" 2014-07-23 14:56 ` Randy Dunlap @ 2014-08-14 9:41 ` Stephane Chazelas 2014-08-14 18:28 ` Stephen Hemminger 2014-08-14 18:37 ` Cong Wang 0 siblings, 2 replies; 7+ messages in thread From: Stephane Chazelas @ 2014-08-14 9:41 UTC (permalink / raw) To: Randy Dunlap; +Cc: linux-kernel, netdev By the way, this is related: $ ip link add link eth0 eth0:123 type vlan id 123 $ ip link del link eth0 eth0:123 RTNETLINK answers: Operation not supported vconfig rem eth0:123 using a different API, is OK. ip link del: bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 getsockname(3, {sa_family=AF_NETLINK, pid=22135, groups=00000000}, [12]) = 0 sendto(3, " \0\0\0\20\0\5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 32, 0, NULL, 0) = 32 recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"4\0\0\0\2\0\0\0\0\0\0\0wV\0\0\355\377\377\377 \0\0\0\20\0\5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 8192}], msg_controllen=0, msg_flags=0}, 0) = 52 access("/proc/net", R_OK) = 0 access("/proc/net/unix", R_OK) = 0 socket(PF_LOCAL, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4 ioctl(4, SIOCGIFINDEX, {ifr_name="eth0:123", ifr_index=2}) = 0 close(4) = 0 sendmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{" \0\0\0\21\0\5\0\305\202\354S\0\0\0\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0", 32}], msg_controllen=0, msg_flags=0}, 0) = 32 recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"4\0\0\0\2\0\0\0\305\202\354SwV\0\0\241\377\377\377 \0\0\0\21\0\5\0\305\202\354S\0\0\0\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0", 16384}], msg_controllen=0, msg_flags=0}, 0) = 52 write(2, "RTNETLINK answers: Operation not supported\n", 43) = 43 exit_group(2) = ? vconfig rem: socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3 ioctl(3, SIOCSIFVLAN, 0x7fff67a00110) = 0 Cheers, Stephane On 23 July 2014 15:56, Randy Dunlap <rdunlap@infradead.org> wrote: > > [adding netdev] > > On 07/23/2014 04:33 AM, Stephane Chazelas wrote: > > Hiya, > > > > you may want to forbid the creation of interfaces whose name is > > one of the special files in /proc/net and /proc/sys. > > > > I can see some characters (like space, tab, newline, slash, > > dot...) are alread forbidden in interface names (EINVAL), but > > one can do for instance: > > > > sudo ip link add link eth0 all type vlan id 2 > > sudo ip link add link eth0 default type vlan id 3 > > sudo ip link add link eth0 config type vlan id 4 > > > > Interestingly, after you add a "all" or "default", the > > corresponding /proc/sys/net/ipv[46]/conf/(all|default) become > > empty, and remain so even after you've removed the interface. > > > > Adding an interface called "config" masks /proc/net/vlan/config > > > > (tested with 3.14-1-amd64 on debian) > > > > > -- > ~Randy ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: network interfaces called "all", "default" or "config" 2014-08-14 9:41 ` Stephane Chazelas @ 2014-08-14 18:28 ` Stephen Hemminger 2014-08-14 18:37 ` Cong Wang 1 sibling, 0 replies; 7+ messages in thread From: Stephen Hemminger @ 2014-08-14 18:28 UTC (permalink / raw) To: Stephane Chazelas; +Cc: Randy Dunlap, linux-kernel, netdev On Thu, 14 Aug 2014 10:41:39 +0100 Stephane Chazelas <stephane.chazelas@gmail.com> wrote: > $ ip link add link eth0 eth0:123 type vlan id 123 > $ ip link del link eth0 eth0:123 > RTNETLINK answers: Operation not supported eth0:123 is one of the old style interface names. Kernel and iproute treat these specially. Don't use them. They exist only for compatibility with the dark ages. You should use period (ie eth0.123) for VLAN's ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: network interfaces called "all", "default" or "config" 2014-08-14 9:41 ` Stephane Chazelas 2014-08-14 18:28 ` Stephen Hemminger @ 2014-08-14 18:37 ` Cong Wang 2014-08-15 8:33 ` Stephane Chazelas 1 sibling, 1 reply; 7+ messages in thread From: Cong Wang @ 2014-08-14 18:37 UTC (permalink / raw) To: Stephane Chazelas; +Cc: Randy Dunlap, linux-kernel, netdev On Thu, Aug 14, 2014 at 2:41 AM, Stephane Chazelas <stephane.chazelas@gmail.com> wrote: > By the way, this is related: > > $ ip link add link eth0 eth0:123 type vlan id 123 > $ ip link del link eth0 eth0:123 > RTNETLINK answers: Operation not supported Kernel reads "eth0:123" as an alias of "eth0", so it will just truncate the dev name into "eth0": ifr.ifr_name[IFNAMSIZ-1] = 0; colon = strchr(ifr.ifr_name, ':'); if (colon) *colon = 0; ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: network interfaces called "all", "default" or "config" 2014-08-14 18:37 ` Cong Wang @ 2014-08-15 8:33 ` Stephane Chazelas 2014-08-15 17:32 ` Cong Wang 0 siblings, 1 reply; 7+ messages in thread From: Stephane Chazelas @ 2014-08-15 8:33 UTC (permalink / raw) To: Cong Wang; +Cc: Randy Dunlap, linux-kernel, netdev Yes, I know those are also used for the eth0:1 "aliases", but the bug is, since it is allowed to do ip link add link eth0 eth0:123 type vlan id 123 Then the ip link del link eth0 eth0:123 should be allowed as well. Or probably better to avoid confusion ip link add link eth0 foo:bar type vlan id 123 should not be allowed. Worse: ip link add link eth0 foo:bar type vlan id 1 ip link add link eth0 foo type vlan id 2 ip link del foo:bar deletes foo instead of foo:bar. On 14 August 2014 19:37, Cong Wang <cwang@twopensource.com> wrote: > On Thu, Aug 14, 2014 at 2:41 AM, Stephane Chazelas > <stephane.chazelas@gmail.com> wrote: >> By the way, this is related: >> >> $ ip link add link eth0 eth0:123 type vlan id 123 >> $ ip link del link eth0 eth0:123 >> RTNETLINK answers: Operation not supported > > Kernel reads "eth0:123" as an alias of "eth0", so it will just > truncate the dev name into "eth0": > > > ifr.ifr_name[IFNAMSIZ-1] = 0; > > colon = strchr(ifr.ifr_name, ':'); > if (colon) > *colon = 0; ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: network interfaces called "all", "default" or "config" 2014-08-15 8:33 ` Stephane Chazelas @ 2014-08-15 17:32 ` Cong Wang 0 siblings, 0 replies; 7+ messages in thread From: Cong Wang @ 2014-08-15 17:32 UTC (permalink / raw) To: Stephane Chazelas; +Cc: Randy Dunlap, linux-kernel, netdev On Fri, Aug 15, 2014 at 1:33 AM, Stephane Chazelas <stephane.chazelas@gmail.com> wrote: > Yes, I know those are also used for the eth0:1 "aliases", but the bug > is, since it is allowed to do > > ip link add link eth0 eth0:123 type vlan id 123 > > Then the > > ip link del link eth0 eth0:123 > > should be allowed as well. Or probably better to avoid confusion > > ip link add link eth0 foo:bar type vlan id 123 > > should not be allowed. > Good point! I think the reason is that in the past we used ioctl() to add or remove network interface so kernel just checks that code path for name alias, so we probably need to check netlink path as well since it makes really little sense that we allow create names with a colon but disallow to delete them. Stephen should know better than me. ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-08-15 17:32 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2014-07-23 11:33 network interfaces called "all", "default" or "config" Stephane Chazelas 2014-07-23 14:56 ` Randy Dunlap 2014-08-14 9:41 ` Stephane Chazelas 2014-08-14 18:28 ` Stephen Hemminger 2014-08-14 18:37 ` Cong Wang 2014-08-15 8:33 ` Stephane Chazelas 2014-08-15 17:32 ` Cong Wang
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).