| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 08 Oct 2012 14:42:30 -0400 (EDT) From: David Miller <davem@...emloft.net> To: florz@...rz.de Cc: kaber@...sh.net, eric.dumazet@...il.com, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, jpirko@...hat.com Subject: Re: [PATCH v2] vlan: don't deliver frames for unknown vlans to protocols From: Florian Zumbiehl <florz@...rz.de> Date: Mon, 8 Oct 2012 03:51:58 +0200 > This version completely avoids any new state that could need to be spilled > to RAM, and instead re-checks existence and non-zeroness of the tag. What > do you think? At a high level it looks fine and doesn't have the problems mentioned earlier. But I wonder if it breaks things, since you do the assignment so late we no longer handle the case where the VLAN device's MAC address matches the packet MAC address and the top-level device's does not. That's handled by logic in vlan_do_receive() which checks for PACKET_OTHERHOST. But you're going to unconditionally set PACKET_OTHERHOST, overriding any decision that code makes. This turns out to be a really non-trivial area and it's going to take some time to get this right and audit the change appropriately. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists