lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 04 Dec 2013 13:46:40 +0100 From: Christophe Gouault <christophe.gouault@...nd.com> To: Hangbin Liu <liuhangbin@...il.com>, network dev <netdev@...r.kernel.org> CC: Cong Wang <xiyou.wangcong@...il.com>, Saurabh Mohan <saurabh.mohan@...tta.com>, Steffen Klassert <steffen.klassert@...unet.com> Subject: Re: [PATCH] vti: remove GRE_KEY flag for vti tunnel Hello Hangbin, vti interfaces precisely need an o_key to be configured (it must be set to the mark of ipsec policies attached to this interface). Consequently, this flag must not be removed. Best Regards, Christophe On 12/04/2013 09:48 AM, Hangbin Liu wrote: > vti tunnel use IPPROTO_IPIP instead of IPPROTO_GRE, and keys are not allowed > with ipip tunnel. So there is no reason to set GRE_KEY flag for vti. > > Signed-off-by: Hangbin Liu <liuhangbin@...il.com> > --- > net/ipv4/ip_vti.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > > diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c > index 52b802a..58c4e6a 100644 > --- a/net/ipv4/ip_vti.c > +++ b/net/ipv4/ip_vti.c > @@ -185,10 +185,8 @@ vti_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) > if (err) > return err; > > - if (cmd != SIOCDELTUNNEL) { > - p.i_flags |= GRE_KEY | VTI_ISVTI; > - p.o_flags |= GRE_KEY; > - } > + if (cmd != SIOCDELTUNNEL) > + p.i_flags |= VTI_ISVTI; > > if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p))) > return -EFAULT; > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists