| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1428383028.25985.209.camel@edumazet-glaptop2.roam.corp.google.com> Date: Mon, 06 Apr 2015 22:03:48 -0700 From: Eric Dumazet <eric.dumazet@...il.com> To: Tom Herbert <tom@...bertland.com> Cc: David Miller <davem@...emloft.net>, netdev@...r.kernel.org, netfilter-devel@...r.kernel.org, pablo@...filter.org, hannes@...essinduktion.org, Jiří Pírko <jiri@...nulli.us> Subject: Re: [PATCH 0/4] Prevent UDP tunnels from operating on garbage socket On Mon, 2015-04-06 at 21:45 -0700, Tom Herbert wrote: > On Mon, Apr 6, 2015 at 8:51 PM, David Miller <davem@...emloft.net> wrote: > > I don't see what is convoluted about using the correct socket for > > sending L3 protocol frames. That's in fact how it's _supposed_ to > > work. And consistently having a proper matching socket available > > makes it so that, long-term, we'll never have to deal with this issue > > ever again. > > I guess this is where I'm confused. We can send just about anything > over GRE also, but have never needed a transmit socket for that. Is > UDP encapsulation so different, or is GRE equally broken also? Also, > will we need to add the socket to FOU and GUE then? GRE encap is very low level (not L3), and no socket simply sends GRE packets as is. For example, when GSO support was extended, it was first extended to GRE, and only later to other tunnels with more thinking about allowing more sophisticated encap levels. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists