lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 4 Apr 2015 03:01:42 +0200 From: Francois Romieu <romieu@...zoreil.com> To: Jesse Gross <jesse@...ira.com> Cc: "John W. Linville" <linville@...driver.com>, netdev <netdev@...r.kernel.org>, "David S. Miller" <davem@...emloft.net>, Andy Zhou <azhou@...ira.com>, Stephen Hemminger <stephen@...workplumber.org>, Alexander Duyck <alexander.h.duyck@...hat.com> Subject: Re: [RFC PATCH 5/5] geneve: add initial netdev driver for GENEVE tunnels Jesse Gross <jesse@...ira.com> : [...] > > diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c > > new file mode 100644 > > index 000000000000..fe8895487fc2 > > --- /dev/null > > +++ b/drivers/net/geneve.c > > +/* geneve receive/decap routine */ > > +static void geneve_rx(struct geneve_sock *gs, struct sk_buff *skb) > > +{ > > + struct genevehdr *gnvh = geneve_hdr(skb); > > + struct geneve_dev *geneve; > > + struct pcpu_sw_netstats *stats; > > + > > + geneve = gs->rcv_data; > > + > > + /* Does the VNI match the device? */ > > + if (memcmp(gnvh->vni, geneve->vni, sizeof(geneve->vni))) > > + goto drop; > > Since Geneve packets can carry options and this doesn't currently > support any, I think we need to at least check the 'C' bit in the > header and drop packets if it is set to ensure that we don't > accidentally ignore critical options. Speaking of it, it's imho a bit too easy to confuse GENEVE_CRIT_OPT_TYPE with the relevant 'C' bit mask. -- Ueimor -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists