Message ID | 50121F4D.8090606@parallels.com |
---|---|
State | Accepted, archived |
Delegated to: | stephen hemminger |
Headers | show |
> In order to somehow verify that a blob contains route dump a > 4-bytes magic is put at the head of the data and is checked > on restore. Wouldn't a hash/checksum be useful as well? Especially if it uneditable data. David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 07/27/2012 02:46 PM, David Laight wrote: >> In order to somehow verify that a blob contains route dump a >> 4-bytes magic is put at the head of the data and is checked >> on restore. > > Wouldn't a hash/checksum be useful as well? I doubt it. This magic is not for data integrity check, but is rather for identification of it. Is someone really needs a cheksum of a dump, it can be added after file generation (and by the preferred tool, not limited with the iproute implementation). > Especially if it uneditable data. > > David > > > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Fri, 27 Jul 2012 08:55:41 +0400 Pavel Emelyanov <xemul@parallels.com> wrote: > In order to somehow verify that a blob contains route dump a > 4-bytes magic is put at the head of the data and is checked > on restore. > > Magic digits are taken from Portland (OR) coordinates :) Is > there any more reliable way of generating such? > > Signed-of-by: Pavel Emelyanov <xemul@parallels.com> > Any magic number is fine as long as it is non-offensive and unique. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Fri, 27 Jul 2012 08:55:41 +0400 Pavel Emelyanov <xemul@parallels.com> wrote: > In order to somehow verify that a blob contains route dump a > 4-bytes magic is put at the head of the data and is checked > on restore. > > Magic digits are taken from Portland (OR) coordinates :) Is > there any more reliable way of generating such? > > Signed-of-by: Pavel Emelyanov <xemul@parallels.com> I am planning on putting this in because there were no objections. Any followup updates? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 08/18/2012 12:49 AM, Stephen Hemminger wrote: > On Fri, 27 Jul 2012 08:55:41 +0400 > Pavel Emelyanov <xemul@parallels.com> wrote: > >> In order to somehow verify that a blob contains route dump a >> 4-bytes magic is put at the head of the data and is checked >> on restore. >> >> Magic digits are taken from Portland (OR) coordinates :) Is >> there any more reliable way of generating such? >> >> Signed-of-by: Pavel Emelyanov <xemul@parallels.com> > > I am planning on putting this in because there were no objections. > Any followup updates? Yes, I've recently found that errno propagation from rtnl_talk up to addrs/routes restore doesn't work on some libc-s. I will post a fixing patch soon. Thanks, Pavel -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/ip/iproute.c b/ip/iproute.c index 5cd313e..bbb3923 100644 --- a/ip/iproute.c +++ b/ip/iproute.c @@ -1064,6 +1064,8 @@ static int iproute_flush_cache(void) return 0; } +static __u32 route_dump_magic = 0x45311224; + int save_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) { int ret; @@ -1072,11 +1074,6 @@ int save_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) struct rtattr *tb[RTA_MAX+1]; int host_len = -1; - if (isatty(STDOUT_FILENO)) { - fprintf(stderr, "Not sending binary stream to stdout\n"); - return -1; - } - host_len = calc_host_len(r); len -= NLMSG_LENGTH(sizeof(*r)); parse_rtattr(tb, RTA_MAX, RTM_RTA(r), len); @@ -1093,6 +1090,24 @@ int save_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) return ret == n->nlmsg_len ? 0 : ret; } +static int save_route_prep(void) +{ + int ret; + + if (isatty(STDOUT_FILENO)) { + fprintf(stderr, "Not sending binary stream to stdout\n"); + return -1; + } + + ret = write(STDOUT_FILENO, &route_dump_magic, sizeof(route_dump_magic)); + if (ret != sizeof(route_dump_magic)) { + fprintf(stderr, "Can't write magic to dump file\n"); + return -1; + } + + return 0; +} + static int iproute_list_flush_or_save(int argc, char **argv, int action) { int do_ipv6 = preferred_family; @@ -1101,9 +1116,12 @@ static int iproute_list_flush_or_save(int argc, char **argv, int action) unsigned int mark = 0; rtnl_filter_t filter_fn; - if (action == IPROUTE_SAVE) + if (action == IPROUTE_SAVE) { + if (save_route_prep()) + return -1; + filter_fn = save_route; - else + } else filter_fn = print_route; iproute_reset_filter(); @@ -1521,8 +1539,30 @@ int restore_handler(const struct sockaddr_nl *nl, struct nlmsghdr *n, void *arg) return ret; } +static int route_dump_check_magic(void) +{ + int ret; + __u32 magic = 0; + + if (isatty(STDIN_FILENO)) { + fprintf(stderr, "Can't restore route dump from a terminal\n"); + return -1; + } + + ret = fread(&magic, sizeof(magic), 1, stdin); + if (magic != route_dump_magic) { + fprintf(stderr, "Magic mismatch (%d elems, %x magic)\n", ret, magic); + return -1; + } + + return 0; +} + int iproute_restore(void) { + if (route_dump_check_magic()) + exit(-1); + exit(rtnl_from_file(stdin, &restore_handler, NULL)); }