lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <54D41786.6060507@gmail.com> Date: Thu, 05 Feb 2015 18:23:18 -0700 From: David Ahern <dsahern@...il.com> To: nicolas.dichtel@...nd.com, netdev@...r.kernel.org CC: ebiederm@...ssion.com Subject: Re: [RFC PATCH 25/29] net: vrf: Handle VRF any context On 2/5/15 6:46 AM, Nicolas Dichtel wrote: > Le 05/02/2015 02:34, David Ahern a écrit : >> VRF any context applies only to tasks to and sockets. Devices are >> associated with a single VRF, and skb's by extension are connected to >> a single VRF. >> >> Listen sockets and unconnected sockets can be opened in a "VRF any" >> context allowing a single daemon to provide service across all VRFs >> in a namespace. Connected sockets must be in a specific vrf context. >> Accepted sockets acquire the VRF context from the device the packet >> enters (via the skb). >> >> "VRF any" context is also useful for tasks wanting to view L3/L4 >> data for all VRFs. >> >> Signed-off-by: David Ahern <dsahern@...il.com> >> --- > [snip] >> +static inline int neigh_parms_net_ctx_eq_any(const struct neigh_parms >> *parms, >> + const struct net_ctx *net_ctx) >> +{ >> +#ifdef CONFIG_NET_NS >> + if (net_eq(neigh_parms_net(parms), net_ctx->net) && >> + (vrf_eq(neigh_parms_vrf(parms), net_ctx->vrf) || >> + vrf_is_any(net_ctx->vrf))) { >> + return 1; >> + } >> + >> + return 0; >> +#else >> + return 1; >> +#endif > If I understand well, the way the patch is done, VRF can be used only if > CONFIG_NET_NS is enabled. > But if I'm not wrong, it could be independent. Am I right? > Yes. VRF can exist without namespace. It became tedious to keep tracking the CONFIG_NET_NS for the RFC set. Would certainly do that for later versions. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists