From patchwork Fri Nov 26 13:43:10 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Mikhalitsyn X-Patchwork-Id: 12640863 X-Patchwork-Delegate: dsahern@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4AD8BC433F5 for ; Fri, 26 Nov 2021 13:45:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377622AbhKZNsf (ORCPT ); Fri, 26 Nov 2021 08:48:35 -0500 Received: from relay.sw.ru ([185.231.240.75]:38015 "EHLO relay.sw.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233926AbhKZNqe (ORCPT ); Fri, 26 Nov 2021 08:46:34 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=virtuozzo.com; s=relay; h=MIME-Version:Message-Id:Date:Subject:From: Content-Type; bh=2DwonsK8IZtosNpFjzTVkp+d1Pj/yDYix4NRHpxq5uE=; b=DC4hDLFaX7Sv 3yAKfpKGtPFnBvEDXsOUdcp/W/06MU+/WDGPEkF8539UbkmB+WF90VX6J0qADXa8C63wVOgko2li8 i7XmVTVMyhHTjlsqSue3mE262GaFHhGUO6KvlPU6JtYmqC6Da+Kd1NWUjAc2iYR5RRoF8W9OnRFuH 8tXd0=; Received: from [10.94.6.52] (helo=dhcp-172-16-24-175.sw.ru) by relay.sw.ru with esmtp (Exim 4.94.2) (envelope-from ) id 1mqbVV-001WWy-Dm; Fri, 26 Nov 2021 16:43:17 +0300 From: Alexander Mikhalitsyn To: netdev@vger.kernel.org Cc: Alexander Mikhalitsyn , David Miller , David Ahern , Stephen Hemminger , Ido Schimmel , Jakub Kicinski , Roopa Prabhu , Andrei Vagin , Pavel Tikhomirov , Alexander Mikhalitsyn Subject: [PATCH iproute2] ip route: save: exclude rtnh_flags which can't be set Date: Fri, 26 Nov 2021 16:43:10 +0300 Message-Id: <20211126134311.920808-1-alexander.mikhalitsyn@virtuozzo.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20211111160240.739294-1-alexander.mikhalitsyn@virtuozzo.com> References: <20211111160240.739294-1-alexander.mikhalitsyn@virtuozzo.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: dsahern@gmail.com During "ip route save" we preserve all rtnh_flags, even those that can't be set directly by the userspace. This looks like a bug because a user can't restore route dump which was generated by "ip route save" back. This also prevents CRIU from correct restore of the containers with some route configurations inside. Reproducer: $ ip link add type veth $ ip addr add 10.0.0.1/24 dev veth0 $ ip link set veth0 up $ ip route add default via 10.0.0.1 $ ip route save > route_dump $ ip route restore < route_dump Error: Invalid rtm_flags - can not contain DEAD or LINKDOWN. Let's just omit non-settable rtnh_flags from the dump image. According to the check in the fib_create_info() kernel function it looks like we can't restore back only RTNH_F_DEAD and RTNH_F_LINKDOWN flags, so RTNH_REJECT_MASK contains this flags for now. See also linux kernel patch: [PATCH net-next] rtnetlink: add RTNH_REJECT_MASK Cc: David Miller Cc: David Ahern Cc: Stephen Hemminger Cc: Ido Schimmel Cc: Jakub Kicinski Cc: Roopa Prabhu Cc: Andrei Vagin Cc: Pavel Tikhomirov Cc: Alexander Mikhalitsyn Signed-off-by: Alexander Mikhalitsyn --- include/uapi/linux/rtnetlink.h | 3 +++ ip/iproute.c | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/include/uapi/linux/rtnetlink.h b/include/uapi/linux/rtnetlink.h index e01efa28..6de83c62 100644 --- a/include/uapi/linux/rtnetlink.h +++ b/include/uapi/linux/rtnetlink.h @@ -417,6 +417,9 @@ struct rtnexthop { #define RTNH_COMPARE_MASK (RTNH_F_DEAD | RTNH_F_LINKDOWN | \ RTNH_F_OFFLOAD | RTNH_F_TRAP) +/* these flags can't be set by the userspace */ +#define RTNH_REJECT_MASK (RTNH_F_DEAD | RTNH_F_LINKDOWN) + /* Macros to handle hexthops */ #define RTNH_ALIGNTO 4 diff --git a/ip/iproute.c b/ip/iproute.c index 1447a5f7..a72b652b 100644 --- a/ip/iproute.c +++ b/ip/iproute.c @@ -1632,6 +1632,12 @@ static int save_route(struct nlmsghdr *n, void *arg) if (!filter_nlmsg(n, tb, host_len)) return 0; + /* + * Exclude flags which can't be set directly + * by the userspace from the rtmsg dump. + */ + r->rtm_flags &= ~RTNH_REJECT_MASK; + ret = write(STDOUT_FILENO, n, n->nlmsg_len); if ((ret > 0) && (ret != n->nlmsg_len)) { fprintf(stderr, "Short write while saving nlmsg\n");