lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <39C363776A4E8C4A94691D2BD9D1C9A1029EDBF3@XCH-NW-7V2.nw.nos.boeing.com>
Date:	Wed, 7 Nov 2007 10:41:49 -0800
From:	"Templin, Fred L" <Fred.L.Templin@...ing.com>
To:	YOSHIFUJI Hideaki / 吉藤英明 
	<yoshfuji@...ux-ipv6.org>
Cc:	<netdev@...r.kernel.org>
Subject: RE: [PATCH 04/05] ipv6: RFC4214 Support

Yoshifuji, 

> -----Original Message-----
> From: YOSHIFUJI Hideaki / 吉藤英明 [mailto:yoshfuji@...ux-ipv6.org] 
> Sent: Wednesday, November 07, 2007 10:37 AM
> To: Templin, Fred L
> Cc: netdev@...r.kernel.org; yoshfuji@...ux-ipv6.org
> Subject: Re: [PATCH 04/05] ipv6: RFC4214 Support
> 
> Hello.
> 
> In article 
> <39C363776A4E8C4A94691D2BD9D1C9A1029EDBE5@...-NW-7V2.nw.nos.bo
> eing.com> (at Tue, 6 Nov 2007 17:16:11 -0800), "Templin, Fred 
> L" <Fred.L.Templin@...ing.com> says:
> 
> > @@ -154,6 +155,14 @@ static struct ip_tunnel * ipip6_tunnel_l
> >  	struct net_device *dev;
> >  	char name[IFNAMSIZ];
> >  
> > +#if defined(CONFIG_IPV6_ISATAP)
> > +	/* ISATAP (RFC4214) - router address in daddr */
> > +	if (!strncmp(parms->name, "isatap", 6)) {
> > +		parms->i_key = parms->iph.daddr;
> > +		parms->iph.daddr = remote = 0;
> > +	}
> > +#endif
> > +
> >  	for (tp = __ipip6_bucket(parms); (t = *tp) != NULL; tp =
> > &t->next) {
> >  		if (local == t->parms.iph.saddr && remote ==
> > t->parms.iph.daddr)
> >  			return t;
> 
> I do not think it is a good idea to change the behavior based on
> the interface name.

The goal was to avoid requiring changes to applications such as
'iproute2', i.e., the intention was for a standalone code insertion point
within the kernel itself. What do you suggest?

> > @@ -182,6 +191,11 @@ static struct ip_tunnel * ipip6_tunnel_l
> >  	dev->init = ipip6_tunnel_init;
> >  	nt->parms = *parms;
> >  
> > +#if defined(CONFIG_IPV6_ISATAP)
> > +	if (!strncmp(dev->name, "isatap", 6))
> > +		dev->priv_flags |= IFF_ISATAP;
> > +#endif
> > +
> 
> ditto.

Same as above, but note that the name check is confined to these
two places.

> 
> > +		    if (!(ipv6_addr_is_isatap(addr6)) ||
> > +			(addr6->s6_addr32[3] != iph->saddr)) {
> > +drop:
> > +			tunnel->stat.rx_errors++;
> 
> you can unlock here.

OK; will fix.

Fred
fred.l.templin@...ing.com

> > +			dst_release(dst);
> > +			kfree_skb(skb);
> > +			read_unlock(&ipip6_lock);
> > +			return 0;
> > +		    }
> > +		    dst_release(dst);
> > +		}
> > +accept:
> > +#endif
> 
> --yoshfuji
> 
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ