| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 05 Feb 2015 14:46:22 +0100
From: Nicolas Dichtel <nicolas.dichtel@...nd.com>
To: David Ahern <dsahern@...il.com>, netdev@...r.kernel.org
CC: ebiederm@...ssion.com
Subject: Re: [RFC PATCH 25/29] net: vrf: Handle VRF any context
Le 05/02/2015 02:34, David Ahern a écrit :
> VRF any context applies only to tasks to and sockets. Devices are
> associated with a single VRF, and skb's by extension are connected to
> a single VRF.
>
> Listen sockets and unconnected sockets can be opened in a "VRF any"
> context allowing a single daemon to provide service across all VRFs
> in a namespace. Connected sockets must be in a specific vrf context.
> Accepted sockets acquire the VRF context from the device the packet
> enters (via the skb).
>
> "VRF any" context is also useful for tasks wanting to view L3/L4
> data for all VRFs.
>
> Signed-off-by: David Ahern <dsahern@...il.com>
> ---
[snip]
> +static inline int neigh_parms_net_ctx_eq_any(const struct neigh_parms *parms,
> + const struct net_ctx *net_ctx)
> +{
> +#ifdef CONFIG_NET_NS
> + if (net_eq(neigh_parms_net(parms), net_ctx->net) &&
> + (vrf_eq(neigh_parms_vrf(parms), net_ctx->vrf) ||
> + vrf_is_any(net_ctx->vrf))) {
> + return 1;
> + }
> +
> + return 0;
> +#else
> + return 1;
> +#endif
If I understand well, the way the patch is done, VRF can be used only if
CONFIG_NET_NS is enabled.
But if I'm not wrong, it could be independent. Am I right?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists