| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 16 May 2015 20:34:58 +0800 From: Herbert Xu <herbert@...dor.apana.org.au> To: Alexander Duyck <alexander.duyck@...il.com> Cc: David Miller <davem@...hat.com>, alexander.h.duyck@...hat.com, netdev@...r.kernel.org, steffen.klassert@...unet.com, tgraf@...g.ch Subject: Re: [net PATCH] ip_vti/ip6_vti: Clear skb->mark when resetting skb->dev in receive path On Fri, May 15, 2015 at 12:14:43PM -0700, Alexander Duyck wrote: > > >Yeah, this mark handling via tunnel->parms.o_key looks not so good. > > So is there any recommendations for an alternative to make it so > that the ipsec endpoint is identified as needing to be encrypted or > decrypted? If needed I could probably take a day or two to try and > address it as I still have a few other minor things I want to try > and fix such as the MTU configuration for vti/vti6. I'd like to hear from Steffen as to whether there is anything in userspace that relies on the mark being used in this way by vti. If not it should be easy to get rid of it and use some field that's not exposed to user-space. If there is then this would be tricky to resolve. Cheers, -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists