* Off-by-one error in net/8021q/vlan.c
@ 2011-02-16 10:58 Phil Karn
2011-02-16 12:51 ` richard -rw- weinberger
0 siblings, 1 reply; 11+ messages in thread
From: Phil Karn @ 2011-02-16 10:58 UTC (permalink / raw
To: kaber; +Cc: netdev
The range check on vlan_id in register_vlan_device is off by one, and it
prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
this, I checked.)
Here's the trivial patch:
--- linux-2.6.37/net/8021q/vlan.c~ 2011-01-04 16:50:19.000000000 -0800
+++ linux-2.6.37/net/8021q/vlan.c 2011-02-16 02:43:13.988812958 -0800
@@ -239,7 +239,7 @@
char name[IFNAMSIZ];
int err;
- if (vlan_id >= VLAN_VID_MASK)
+ if (vlan_id > VLAN_VID_MASK)
return -ERANGE;
err = vlan_check_real_dev(real_dev, vlan_id);
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 10:58 Off-by-one error in net/8021q/vlan.c Phil Karn
@ 2011-02-16 12:51 ` richard -rw- weinberger
2011-02-16 13:22 ` Patrick McHardy
2011-02-16 15:58 ` Phil Karn
0 siblings, 2 replies; 11+ messages in thread
From: richard -rw- weinberger @ 2011-02-16 12:51 UTC (permalink / raw
To: Phil Karn; +Cc: kaber, netdev
On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
> The range check on vlan_id in register_vlan_device is off by one, and it
> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
> this, I checked.)
Then OSX should fix their code. 4095 is reserved.
//richard
> Here's the trivial patch:
>
> --- linux-2.6.37/net/8021q/vlan.c~ 2011-01-04 16:50:19.000000000 -0800
> +++ linux-2.6.37/net/8021q/vlan.c 2011-02-16 02:43:13.988812958 -0800
> @@ -239,7 +239,7 @@
> char name[IFNAMSIZ];
> int err;
>
> - if (vlan_id >= VLAN_VID_MASK)
> + if (vlan_id > VLAN_VID_MASK)
> return -ERANGE;
>
> err = vlan_check_real_dev(real_dev, vlan_id);
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
Thanks,
//richard
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 12:51 ` richard -rw- weinberger
@ 2011-02-16 13:22 ` Patrick McHardy
2011-02-16 15:58 ` Phil Karn
1 sibling, 0 replies; 11+ messages in thread
From: Patrick McHardy @ 2011-02-16 13:22 UTC (permalink / raw
To: richard -rw- weinberger; +Cc: Phil Karn, netdev
On 16.02.2011 13:51, richard -rw- weinberger wrote:
> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
>> The range check on vlan_id in register_vlan_device is off by one, and it
>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
>> this, I checked.)
>
> Then OSX should fix their code. 4095 is reserved.
I agree.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 12:51 ` richard -rw- weinberger
2011-02-16 13:22 ` Patrick McHardy
@ 2011-02-16 15:58 ` Phil Karn
2011-02-16 16:10 ` richard -rw- weinberger
1 sibling, 1 reply; 11+ messages in thread
From: Phil Karn @ 2011-02-16 15:58 UTC (permalink / raw
To: richard -rw- weinberger; +Cc: kaber, netdev
On 2/16/11 4:51 AM, richard -rw- weinberger wrote:
> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
>> The range check on vlan_id in register_vlan_device is off by one, and it
>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
>> this, I checked.)
>
> Then OSX should fix their code. 4095 is reserved.
>
If it's reserved, then it's up to the user to reserve it.
I actually had reason to use this to fix a misconfigured host that was
using vlan 4095. This got in my way.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 15:58 ` Phil Karn
@ 2011-02-16 16:10 ` richard -rw- weinberger
2011-02-16 16:28 ` Phil Karn
0 siblings, 1 reply; 11+ messages in thread
From: richard -rw- weinberger @ 2011-02-16 16:10 UTC (permalink / raw
To: Phil Karn; +Cc: kaber, netdev
On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote:
> On 2/16/11 4:51 AM, richard -rw- weinberger wrote:
>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
>>> The range check on vlan_id in register_vlan_device is off by one, and it
>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
>>> this, I checked.)
>>
>> Then OSX should fix their code. 4095 is reserved.
>>
>
> If it's reserved, then it's up to the user to reserve it.
No.
See:
http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf
--
Thanks,
//richard
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 16:10 ` richard -rw- weinberger
@ 2011-02-16 16:28 ` Phil Karn
2011-02-16 16:35 ` richard -rw- weinberger
2011-02-16 16:39 ` Eric Dumazet
0 siblings, 2 replies; 11+ messages in thread
From: Phil Karn @ 2011-02-16 16:28 UTC (permalink / raw
To: richard -rw- weinberger; +Cc: kaber, netdev
On 2/16/11 8:10 AM, richard -rw- weinberger wrote:
> On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote:
>> On 2/16/11 4:51 AM, richard -rw- weinberger wrote:
>>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
>>>> The range check on vlan_id in register_vlan_device is off by one, and it
>>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
>>>> this, I checked.)
>>>
>>> Then OSX should fix their code. 4095 is reserved.
>>>
>>
>> If it's reserved, then it's up to the user to reserve it.
>
> No.
>
> See:
> http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf
>
Well, then I guess we all know better than the user. That's the Windows
Way...no, wait, I thought this is Linux.
The fact is that I did encounter a misconfigured switch using vlan 4095,
and because of this off-by-one error I was unable to talk to it and fix it.
I was hoping I wouldn't have to patch every new kernel I install.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 16:28 ` Phil Karn
@ 2011-02-16 16:35 ` richard -rw- weinberger
2011-02-16 16:39 ` Eric Dumazet
1 sibling, 0 replies; 11+ messages in thread
From: richard -rw- weinberger @ 2011-02-16 16:35 UTC (permalink / raw
To: Phil Karn; +Cc: kaber, netdev
On Wed, Feb 16, 2011 at 5:28 PM, Phil Karn <karn@ka9q.net> wrote:
> On 2/16/11 8:10 AM, richard -rw- weinberger wrote:
>> On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote:
>>> On 2/16/11 4:51 AM, richard -rw- weinberger wrote:
>>>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
>>>>> The range check on vlan_id in register_vlan_device is off by one, and it
>>>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
>>>>> this, I checked.)
>>>>
>>>> Then OSX should fix their code. 4095 is reserved.
>>>>
>>>
>>> If it's reserved, then it's up to the user to reserve it.
>>
>> No.
>>
>> See:
>> http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf
>>
>
> Well, then I guess we all know better than the user. That's the Windows
> Way...no, wait, I thought this is Linux.
>
> The fact is that I did encounter a misconfigured switch using vlan 4095,
> and because of this off-by-one error I was unable to talk to it and fix it.
>
> I was hoping I wouldn't have to patch every new kernel I install.
>
The switch violates the standard. Why should Linux also do so?
This would only produce more broken VLANs...
--
Thanks,
//richard
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 16:28 ` Phil Karn
2011-02-16 16:35 ` richard -rw- weinberger
@ 2011-02-16 16:39 ` Eric Dumazet
2011-02-16 18:41 ` Michał Mirosław
1 sibling, 1 reply; 11+ messages in thread
From: Eric Dumazet @ 2011-02-16 16:39 UTC (permalink / raw
To: Phil Karn; +Cc: richard -rw- weinberger, kaber, netdev
Le mercredi 16 février 2011 à 08:28 -0800, Phil Karn a écrit :
> On 2/16/11 8:10 AM, richard -rw- weinberger wrote:
> > On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote:
> >> On 2/16/11 4:51 AM, richard -rw- weinberger wrote:
> >>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
> >>>> The range check on vlan_id in register_vlan_device is off by one, and it
> >>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
> >>>> this, I checked.)
> >>>
> >>> Then OSX should fix their code. 4095 is reserved.
> >>>
> >>
> >> If it's reserved, then it's up to the user to reserve it.
> >
> > No.
> >
> > See:
> > http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf
> >
>
> Well, then I guess we all know better than the user. That's the Windows
> Way...no, wait, I thought this is Linux.
>
> The fact is that I did encounter a misconfigured switch using vlan 4095,
> and because of this off-by-one error I was unable to talk to it and fix it.
>
> I was hoping I wouldn't have to patch every new kernel I install.
>
You can use an OSX gateway ;)
If we allow ID 4095, then some users will complain we violate rules.
Really you cannot push this patch in official kernel only to ease your
life ;)
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 16:39 ` Eric Dumazet
@ 2011-02-16 18:41 ` Michał Mirosław
2011-02-21 19:26 ` Brent Cook
0 siblings, 1 reply; 11+ messages in thread
From: Michał Mirosław @ 2011-02-16 18:41 UTC (permalink / raw
To: Eric Dumazet; +Cc: Phil Karn, richard -rw- weinberger, kaber, netdev
2011/2/16 Eric Dumazet <eric.dumazet@gmail.com>:
> Le mercredi 16 février 2011 à 08:28 -0800, Phil Karn a écrit :
>> On 2/16/11 8:10 AM, richard -rw- weinberger wrote:
>> > On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote:
>> >> On 2/16/11 4:51 AM, richard -rw- weinberger wrote:
>> >>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
>> >>>> The range check on vlan_id in register_vlan_device is off by one, and it
>> >>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
>> >>>> this, I checked.)
>> >>>
>> >>> Then OSX should fix their code. 4095 is reserved.
>> >> If it's reserved, then it's up to the user to reserve it.
>> > No.
>> > See:
>> > http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf
>> Well, then I guess we all know better than the user. That's the Windows
>> Way...no, wait, I thought this is Linux.
>>
>> The fact is that I did encounter a misconfigured switch using vlan 4095,
>> and because of this off-by-one error I was unable to talk to it and fix it.
>>
>> I was hoping I wouldn't have to patch every new kernel I install.
> You can use an OSX gateway ;)
>
> If we allow ID 4095, then some users will complain we violate rules.
>
> Really you cannot push this patch in official kernel only to ease your
> life ;)
The idea is that you don't have to use ID 4095 and if you don't -
nothing's broken by just allowing it. The same goes with ID 0 - it's
defined to be 802.1p packet, but people do use it as normal VLAN
(especially with hardware that can cope with only small number of
VLANs at once).
Allowing it but with a big fat warning in logs is even better: "You
want your network broken? Sure, can do, but you have been warned."
Best Regards,
Michał Mirosław
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-16 18:41 ` Michał Mirosław
@ 2011-02-21 19:26 ` Brent Cook
2011-02-21 21:47 ` Phil Karn
0 siblings, 1 reply; 11+ messages in thread
From: Brent Cook @ 2011-02-21 19:26 UTC (permalink / raw
To: Michał Mirosław
Cc: Eric Dumazet, Phil Karn, richard -rw- weinberger, kaber, netdev
On Wednesday 16 February 2011 12:41:34 Michał Mirosław wrote:
> 2011/2/16 Eric Dumazet <eric.dumazet@gmail.com>:
> > Le mercredi 16 février 2011 à 08:28 -0800, Phil Karn a écrit :
> >> On 2/16/11 8:10 AM, richard -rw- weinberger wrote:
> >> > On Wed, Feb 16, 2011 at 4:58 PM, Phil Karn <karn@ka9q.net> wrote:
> >> >> On 2/16/11 4:51 AM, richard -rw- weinberger wrote:
> >> >>> On Wed, Feb 16, 2011 at 11:58 AM, Phil Karn <karn@ka9q.net> wrote:
> >> >>>> The range check on vlan_id in register_vlan_device is off by one, and it
> >> >>>> prevents the creation of a vlan interface for vlan ID 4095. (OSX allows
> >> >>>> this, I checked.)
> >> >>>
> >> >>> Then OSX should fix their code. 4095 is reserved.
> >> >> If it's reserved, then it's up to the user to reserve it.
> >> > No.
> >> > See:
> >> > http://standards.ieee.org/getieee802/download/802.1Q-2005.pdf
> >> Well, then I guess we all know better than the user. That's the Windows
> >> Way...no, wait, I thought this is Linux.
> >>
> >> The fact is that I did encounter a misconfigured switch using vlan 4095,
> >> and because of this off-by-one error I was unable to talk to it and fix it.
> >>
> >> I was hoping I wouldn't have to patch every new kernel I install.
> > You can use an OSX gateway ;)
> >
> > If we allow ID 4095, then some users will complain we violate rules.
> >
> > Really you cannot push this patch in official kernel only to ease your
> > life ;)
>
> The idea is that you don't have to use ID 4095 and if you don't -
> nothing's broken by just allowing it. The same goes with ID 0 - it's
> defined to be 802.1p packet, but people do use it as normal VLAN
> (especially with hardware that can cope with only small number of
> VLANs at once).
>
> Allowing it but with a big fat warning in logs is even better: "You
> want your network broken? Sure, can do, but you have been warned."
>
On the other end of the spectrum, vconfig warns for vlan 1:
bcook@bcook-box:~$ sudo vconfig add eth0 1
Added VLAN with VID == 1 to IF -:eth0:-
WARNING: VLAN 1 does not work with many switches,
consider another number if you have problems.
bcook@bcook-box:~$ sudo vconfig add eth0 4095
ERROR: trying to add VLAN #4095 to IF -:eth0:- error: Numerical result out of range
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: Off-by-one error in net/8021q/vlan.c
2011-02-21 19:26 ` Brent Cook
@ 2011-02-21 21:47 ` Phil Karn
0 siblings, 0 replies; 11+ messages in thread
From: Phil Karn @ 2011-02-21 21:47 UTC (permalink / raw
To: Brent Cook
Cc: Michał Mirosław, Eric Dumazet, richard -rw- weinberger,
kaber, netdev
On 2/21/11 11:26 AM, Brent Cook wrote:
>> Allowing it but with a big fat warning in logs is even better: "You
>> want your network broken? Sure, can do, but you have been warned."
*By all means* have vconfig issue a warning for 4095 just as it already
does for vlan 1.
As I explained the only reason I wanted to do this was to talk to a
piece of equipment that had been misconfigured to use vlan 4095 so I
could fix it. At the time I was using a newly built Linux system running
off a live CD, and only it had a physical network connection to the
device I was trying to fix.
I'm reminded of the classic example of an airliner that is so "smart"
and "idiot proof" that it always disallows a throttle setting that might
shorten the life of the engines.
The designers hadn't considered the possibility that such a setting
might be necessary to avoid a crash that, too, shortens engine life.
The obvious answer is to allow it but make sure he knows what he's
doing. So it takes noticeably more force to push the handles past the
safe limits, but it can be done if you really want to.
So if an airliner allows a command that might cause costly engine
damage, I think Linux can allow a command that violates a usage
convention written in a spec. With a warning, of course.
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2011-02-21 21:47 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-02-16 10:58 Off-by-one error in net/8021q/vlan.c Phil Karn
2011-02-16 12:51 ` richard -rw- weinberger
2011-02-16 13:22 ` Patrick McHardy
2011-02-16 15:58 ` Phil Karn
2011-02-16 16:10 ` richard -rw- weinberger
2011-02-16 16:28 ` Phil Karn
2011-02-16 16:35 ` richard -rw- weinberger
2011-02-16 16:39 ` Eric Dumazet
2011-02-16 18:41 ` Michał Mirosław
2011-02-21 19:26 ` Brent Cook
2011-02-21 21:47 ` Phil Karn
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.