lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20130725.164107.764173217829254913.davem@davemloft.net>
Date:	Thu, 25 Jul 2013 16:41:07 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	pshelar@...ira.com
Cc:	netdev@...r.kernel.org, stephen@...workplumber.org
Subject: Re: [PATCH net-next v3 0/6] openvswitch: VXLAN tunneling.

From: Pravin B Shelar <pshelar@...ira.com>
Date: Wed, 24 Jul 2013 11:00:26 -0700

> First two patches extends vxlan so that openvswitch can
> share vxlan udp port with vxlan module. Rest of patches
> refactors vxlan data plane so that ovs can share that
> code with vxlan module.
> Last patch adds vxlan-vport to openvswitch.

I'm mostly fine with this patch series and I assume Stephen will
eventually take it in via his vxlan tree.

However I do have one issue with patch #1 that I'd like to ask you to
consider.

You're doing two seperate things there.  First, you're abstracting out
the handler bits at one level of indirection via "struct
vxlan_handler" Second, you're adjusting how the headers are handled
in the handler paths.

I understand why you're doing the second part, to accomodate multiple
handlers properly.

But I think it would be much better to do this in two stages.

The first stage does the "struct vxlan_handler" abstraction and then
the second stage reworks how packet headers get adjusted.

I'm suggesting this for the purposes of bisectability.  I believe that
the header handling adjustments are the part that are going to be the
most dangerous for regressions.  So it would be best if we could
exactly pinpoint that exact change as causing problems in the future.

When you split this up, in the first patch, enforce only one handler
at a time.  You can remove this restriction as part of the second
patch.

I frankly think that this will make these changes easier to review and
audit as well.

How does that sound?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ