| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20150315.221312.1089494260964314644.davem@davemloft.net> Date: Sun, 15 Mar 2015 22:13:12 -0400 (EDT) From: David Miller <davem@...emloft.net> To: siva.mannem.lnx@...il.com Cc: netdev@...r.kernel.org Subject: Re: [PATCH net-next v2] Configure bridge FDB ageing time using netlink. From: Siva Mannem <siva.mannem.lnx@...il.com> Date: Sat, 14 Mar 2015 07:10:29 +0530 > This patch allows user to configure bridge's FDB ageing using > netlink(for ex, iproute2). Allowed range is 10 seconds to 1000000 seconds > as per ieee8021QBridgeFdbAgingTime. > > Signed-off-by: Siva Mannem <siva.mannem.lnx@...il.com> The behavior of br_changelink() leaves a lot to be desired, and this change is making it worse. The range of the netlink attributes, the only thing that can cause an error, should be validated for all attributes _first_. Because right now you can have several values change state, then the last one has a range error, and an error is returned without rolling back the state. This is terrible. When this happens the user has not reliable way to figure out that some of the state changes it requested happened, and exactly which ones those were. If an error is thrown we _MUST_ not make any state changes to the bridge whatsoever. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists