lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CADxym3ZUx7v38YU6DpAxLU_PSOqHTpvz3qyvE4B3UhSHR2K67w@mail.gmail.com>
Date: Thu, 12 Sep 2024 10:30:01 +0800
From: Menglong Dong <menglong8.dong@...il.com>
To: Ido Schimmel <idosch@...dia.com>
Cc: kuba@...nel.org, aleksander.lobakin@...el.com, horms@...nel.org, 
	davem@...emloft.net, edumazet@...gle.com, pabeni@...hat.com, 
	dsahern@...nel.org, dongml2@...natelecom.cn, amcohen@...dia.com, 
	gnault@...hat.com, bpoirier@...dia.com, b.galvani@...il.com, 
	razor@...ckwall.org, petrm@...dia.com, linux-kernel@...r.kernel.org, 
	netdev@...r.kernel.org
Subject: Re: [PATCH net-next v3 06/12] net: vxlan: make vxlan_snoop() return
 drop reasons

On Wed, Sep 11, 2024 at 4:08 PM Ido Schimmel <idosch@...dia.com> wrote:
>
> On Mon, Sep 09, 2024 at 03:16:46PM +0800, Menglong Dong wrote:
> > @@ -1447,7 +1448,7 @@ static bool vxlan_snoop(struct net_device *dev,
> >
> >       /* Ignore packets from invalid src-address */
> >       if (!is_valid_ether_addr(src_mac))
> > -             return true;
> > +             return SKB_DROP_REASON_VXLAN_INVALID_SMAC;
>
> [...]
>
> > diff --git a/include/net/dropreason-core.h b/include/net/dropreason-core.h
> > index 98259d2b3e92..1b9ec4a49c38 100644
> > --- a/include/net/dropreason-core.h
> > +++ b/include/net/dropreason-core.h
> > @@ -94,6 +94,8 @@
> >       FN(TC_RECLASSIFY_LOOP)          \
> >       FN(VXLAN_INVALID_HDR)           \
> >       FN(VXLAN_VNI_NOT_FOUND)         \
> > +     FN(VXLAN_INVALID_SMAC)          \
>
> Since this is now part of the core reasons, why not name it
> "INVALID_SMAC" so that it could be reused outside of the VXLAN driver?
> For example, the bridge driver has the exact same check in its receive
> path (see br_handle_frame()).
>

Yeah, I checked the br_handle_frame() and it indeed does
the same check.

I'll rename it to INVALID_SMAC for general usage.

Thanks!
Menglong Dong
> > +     FN(VXLAN_ENTRY_EXISTS)          \
> >       FN(IP_TUNNEL_ECN)               \
> >       FNe(MAX)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ