lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 7 Nov 2018 12:06:34 -0700
From:   David Ahern <dsahern@...il.com>
To:     Mike Manning <mmanning@...tta.att-mail.com>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next v5 2/9] net: ensure unbound stream socket to be
 chosen when not in a VRF

On 11/7/18 8:36 AM, Mike Manning wrote:
> The commit a04a480d4392 ("net: Require exact match for TCP socket
> lookups if dif is l3mdev") only ensures that the correct socket is
> selected for packets in a VRF. However, there is no guarantee that
> the unbound socket will be selected for packets when not in a VRF.
> By checking for a device match in compute_score() also for the case
> when there is no bound device and attaching a score to this, the
> unbound socket is selected. And if a failure is returned when there
> is no device match, this ensures that bound sockets are never selected,
> even if there is no unbound socket.
> 
> Signed-off-by: Mike Manning <mmanning@...tta.att-mail.com>
> ---
>  include/net/inet_hashtables.h | 11 +++++++++++
>  include/net/inet_sock.h       |  8 ++++++++
>  net/ipv4/inet_hashtables.c    | 14 ++++++--------
>  net/ipv6/inet6_hashtables.c   | 14 ++++++--------
>  4 files changed, 31 insertions(+), 16 deletions(-)
> 

Reviewed-by: David Ahern <dsahern@...il.com>
Tested-by: David Ahern <dsahern@...il.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ