From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.2 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 646F2C4743C for ; Wed, 23 Jun 2021 15:36:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3F083611AC for ; Wed, 23 Jun 2021 15:36:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231429AbhFWPiv (ORCPT ); Wed, 23 Jun 2021 11:38:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46770 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231236AbhFWPiu (ORCPT ); Wed, 23 Jun 2021 11:38:50 -0400 Received: from mail-oo1-xc35.google.com (mail-oo1-xc35.google.com [IPv6:2607:f8b0:4864:20::c35]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 084B8C061574 for ; Wed, 23 Jun 2021 08:36:32 -0700 (PDT) Received: by mail-oo1-xc35.google.com with SMTP id s20-20020a4ae9940000b02902072d5df239so826567ood.2 for ; Wed, 23 Jun 2021 08:36:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=cC9ee+LHAaxDZwEIcmUILGo2rSh8KNSMTECWbH6VPwg=; b=Zpv6t8Z4E6dggymFITDZCO8JZwOqA34kQ3y3tYoQ084iWTvVxUcod8x8Yu0CZJeyfO yuBg9MnBwioB9VQkQPeKvpuhRcPEHC3nfXuf7g+UDh5S+w1H6QN6e9zViH/h2Iq31Y+O r5ZiIxW0pAbdyH90nhjdpWCea4E+8YdVpHGZg6Sb8ArAYL9eTSP9THY2x8h70IEDWNHG ZefRSqdwlGOleh8H/9ra6uWcMd3+ZXiLuZLYxCvPLfjBkwYAV1apcU4kNZDbgK4/vJmi fmol2GQQoCdQn206EQzLZdhuW+O/qXUUkit3T82iCMB327j6Ml+N3ql3qj4BR7bKmR7y VK0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=cC9ee+LHAaxDZwEIcmUILGo2rSh8KNSMTECWbH6VPwg=; b=TggsYffQBCKqMGAjEMFnoRfxrEqr0vI9mj9cjtGU2C8+F+zSMoj+apRtAjIlUvNafT TYRvIy4pZcI6wWKvKWTfJ8Ko0jdnc1vcjAgvP90k3r5n201raUA4xMXUqcD/hdueIols RAZPt3tJlcHfsFIfasrYwttHX2bZhk4e3NIozmCycv0qZsVV8a78odGP4TVKFQ0OMz/U Tz/v4Kx/NFaD7WS96ILJZ/H++R0K5lCrpL0IWaNMl8FY5PyAMHioyaH+97agu0/c9DUr 4ZBRMyU/e+QSSp6d3X6bZfPXjs+prcd7tQHNEgRDmXQcOqhB+aIpcpCUwOrIVhjeMwOc 1J8w== X-Gm-Message-State: AOAM532imbQpD0pyqu11w3B9k7RV7oHcAnjzAWbs+GNMODw1/oEFFq4q mYjHY87iI9E7sJzRCzDhOqk= X-Google-Smtp-Source: ABdhPJyFMrhOZIkmMgHZwpTNu8+4DczuOG1uS7Clr4l36UmMBnWAHPK4FKgDnOGeu1cc7Uisyw/JlQ== X-Received: by 2002:a4a:5482:: with SMTP id t124mr342216ooa.42.1624462591468; Wed, 23 Jun 2021 08:36:31 -0700 (PDT) Received: from Davids-MacBook-Pro.local ([8.48.134.38]) by smtp.googlemail.com with ESMTPSA id q18sm26282oic.3.2021.06.23.08.36.30 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 23 Jun 2021 08:36:31 -0700 (PDT) Subject: Re: [PATCH iproute2] ip route: ignore ENOENT during save if RT_TABLE_MAIN is being dumped To: Alexander Mikhalitsyn , netdev@vger.kernel.org Cc: David Ahern , Stephen Hemminger , Andrei Vagin , Alexander Mikhalitsyn References: <20210622150330.28014-1-alexander.mikhalitsyn@virtuozzo.com> From: David Ahern Message-ID: <042c0ec6-f347-8b82-2bb2-c4ea87cf4a6d@gmail.com> Date: Wed, 23 Jun 2021 09:36:29 -0600 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <20210622150330.28014-1-alexander.mikhalitsyn@virtuozzo.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On 6/22/21 9:03 AM, Alexander Mikhalitsyn wrote: > We started to use in-kernel filtering feature which allows to get only needed > tables (see iproute_dump_filter()). From the kernel side it's implemented in > net/ipv4/fib_frontend.c (inet_dump_fib), net/ipv6/ip6_fib.c (inet6_dump_fib). > The problem here is that behaviour of "ip route save" was changed after > c7e6371bc ("ip route: Add protocol, table id and device to dump request"). > If filters are used, then kernel returns ENOENT error if requested table is absent, > but in newly created net namespace even RT_TABLE_MAIN table doesn't exist. > It is really allocated, for instance, after issuing "ip l set lo up". > > Reproducer is fairly simple: > $ unshare -n ip route save > dump > Error: ipv4: FIB table does not exist. > Dump terminated The above command on 5.4 kernel with corresponding iproute2 does not show that error. Is your kernel compiled with CONFIG_IP_MULTIPLE_TABLES enabled? > > Expected result here is to get empty dump file (as it was before this change). > > This affects on CRIU [1] because we use ip route save in dump process, to workaround > problem in tests we just put loopback interface up in each net namespace. > Other users also met this problem [2]. > > Links: > [1] https://github.com/checkpoint-restore/criu/issues/747 > [2] https://www.spinics.net/lists/netdev/msg559739.html > > Fixes: c7e6371bc ("ip route: Add protocol, table id and device to dump request") > > Cc: David Ahern > Cc: Stephen Hemminger > Cc: Andrei Vagin > Cc: Alexander Mikhalitsyn > Signed-off-by: Alexander Mikhalitsyn > --- > ip/iproute.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/ip/iproute.c b/ip/iproute.c > index 5853f026..b70acc00 100644 > --- a/ip/iproute.c > +++ b/ip/iproute.c > @@ -1734,6 +1734,7 @@ static int iproute_list_flush_or_save(int argc, char **argv, int action) > char *od = NULL; > unsigned int mark = 0; > rtnl_filter_t filter_fn; > + int ret; > > if (action == IPROUTE_SAVE) { > if (save_route_prep()) > @@ -1939,7 +1940,11 @@ static int iproute_list_flush_or_save(int argc, char **argv, int action) > > new_json_obj(json); > > - if (rtnl_dump_filter(&rth, filter_fn, stdout) < 0) { > + ret = rtnl_dump_filter(&rth, filter_fn, stdout); > + > + /* Let's ignore ENOENT error if we want to dump RT_TABLE_MAIN table */ > + if (ret < 0 && ret temp variable is not needed; just add the extra checks. > + !(errno == ENOENT && filter.tb == RT_TABLE_MAIN)) { > fprintf(stderr, "Dump terminated\n"); > return -2; > } > This looks fine to me, but I want clarification on the kernel config. As I recall with multiple tables and fib rules tables are created when net namespace is created.