| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 Jul 2018 16:40:58 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: Jamal Hadi Salim <jhs@...atatu.com>, netdev@...r.kernel.org
Cc: Cong Wang <xiyou.wangcong@...il.com>,
Jiri Pirko <jiri@...nulli.us>,
Daniel Borkmann <daniel@...earbox.net>,
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
Eyal Birger <eyal.birger@...il.com>,
"David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH net-next v5 1/4] net/sched: user-space can't set unknown
tcfa_action values
On Tue, 2018-07-31 at 09:53 -0400, Jamal Hadi Salim wrote:
> BTW, I asked this earlier and Jiri said it was addressed in patch 2.
> I just looked again and i may be missing something basic:
> Lets say tomorrow in a new kernel we add new TC_ACT_XXX that then gets
> exposed to uapi - so user space tc is updated.
> You then use the new tc specifying TC_ACT_XXX policy on kernel with your
> changes.
> If i read correctly because TC_ACT_XXX is out of bounds for current
> kernel(which has your changes) you will fix it to be UNSPEC, no?
You are right.
If we choose to reject unknown opcodes, such user-space configuration
will fail.
What would happen before this patch is that configurations using such
TC_ACT_XXXX value would be successful. This is why I proposed to keep
the fixup.
I initially thought the kernel behavior in the above scenario would
match exactly TC_ACT_UNSPEC processing, but as you noted with the
example in your previous email, TC_ACT_UNSPEC processing is actually a
bit different.
Cheers,
Paolo
Powered by blists - more mailing lists