lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 04 Mar 2015 23:49:32 -0800
From:	Alexei Starovoitov <ast@...mgrid.com>
To:	Michal Kubecek <mkubecek@...e.cz>, Jiri Pirko <jpirko@...hat.com>
CC:	Guy Harris <guy@...m.mit.edu>,
	Michal Sekletar <msekleta@...hat.com>, netdev@...r.kernel.org
Subject: Re: [PATCH] filter: introduce SKF_AD_VLAN_PROTO BPF extension

On 3/4/15 11:24 PM, Michal Kubecek wrote:
> On Thu, Mar 05, 2015 at 07:50:53AM +0100, Jiri Pirko wrote:
>> Thu, Mar 05, 2015 at 12:47:06AM CET, ast@...mgrid.com wrote:
>>> On 3/4/15 1:14 PM, Guy Harris wrote:
>>>>
>>>> On Mar 4, 2015, at 1:03 PM, Alexei Starovoitov <ast@...mgrid.com> wrote:
>>>>
>>>>> the patch is correct and looks clean, but I don't understand
>>>>> the motivation for the patch.
>>>>> There is already SKF_AD_VLAN_TAG_PRESENT. If it is set then only
>>>>> two possible values of vlan_proto are ETH_P_8021Q or ETH_P_8021AD.
>>>>> If there another vlan header inside the packet, it's AD.
>>>>> So you can do the filtering already without adding new bpf extension...
>>>>
>>>> I presume he's referring to
>>>>
>>>> 	https://github.com/the-tcpdump-group/libpcap/issues/397
>>>>
>>>> or
>>>>
>>>> 	https://github.com/the-tcpdump-group/libpcap/issues/390
>>>
>>> ok. context is clear.
>>> yet, it still sounds like something to fix inside libpcap.
>>
>> Libpcap need to somehow let kernel now what vlan proto it should filter on.
>
> To be more precise, it does not need it now as there is no syntax for
> pcap filter on TPID, one can only filter by VID. But if someone wanted
> to implement such feature, it could not work with in-kernel filtering at
> the moment.

exactly my point. That's how we should evaluate the patch.
It does provide extra visibility for classic bpf programs and
it's not strongly required at the moment, but can be useful, no doubt.
At the same time it forever exposes skb->vlan_proto to user space,
so any refactoring of sk_buff would need to deal with that.
With the use case presented I don't have strong opinion one way or
the other.

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ