| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Sep 2013 20:29:36 -0400 (EDT) From: David Miller <davem@...emloft.net> To: duanj.fnst@...fujitsu.com Cc: netdev@...r.kernel.org, hannes@...essinduktion.org Subject: Re: [PATCH v2 6/6] ipv6: Do route updating for redirect in ndisc layer From: Duan Jiong <duanj.fnst@...fujitsu.com> Date: Fri, 13 Sep 2013 11:03:07 +0800 > From: Duan Jiong <duanj.fnst@...fujitsu.com> > > Do the whole verification and route updating in ndisc > lay and then just call into icmpv6_notify() to notify > the upper protocols. > > Signed-off-by: Duan Jiong <duanj.fnst@...fujitsu.com> This is completely broken, and I believe your patch set fundamentally is too. We absolutely _must_ handle the redirect at the socket level when we are able to, otherwise we cannot specify the mark properly and the mark is an essential part of the key used to find the correct route to work with. I am not applying this patch series until you deal with this deficiency. I am not willing to consider changes which stop using the more precise keying information available from a socket. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists