lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140424232441.GA6282@verge.net.au>
Date:	Fri, 25 Apr 2014 08:24:43 +0900
From:	Simon Horman <horms@...ge.net.au>
To:	YAMAMOTO Takashi <yamamoto@...inux.co.jp>
Cc:	dev@...nvswitch.org, netdev@...r.kernel.org, jesse@...ira.com,
	pshelar@...ira.com, rkerur@...il.com
Subject: Re: [ovs-dev] [PATCH v2.56] datapath: Add basic MPLS support to
 kernel

On Thu, Apr 24, 2014 at 05:57:29PM +0900, YAMAMOTO Takashi wrote:
> hi,
> 
> > + * Due to the sample action there may be multiple possible eth types.
> > + * In order to correctly validate actions all possible types are tracked
> > + * and verified. This is done using struct eth_types.
> 
> is there any real-world use cases of these actions inside a sample?
> otherwise, how about just rejecting such combinations?
> it doesn't seem to worth the code complexity to me.
> (sorry if it has been already discussed.  it's the first time for me
> to seriously read this long-lived patch.)

Good point, the code is rather complex.

My understanding is that it comes into effect in the case
of sflow or ipfix being configured on the bridge. I tend
to think these are real-world use-cases, though that thinking
is by no means fixed.

My reading of the code is that in the case of sflow and ipfix a single
sample rule appears at the beginning of the flow. And that it may be
possible to replace the code that you are referring to with something
simpler to handle these cases.

My understanding is that the code you are referring to also comes into
effect when a sample action (a Nicira extension) is used directly in a
rule.  I am less sure that this is a real-world case but the complex logic
you are referring to should to handle this use-case.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ