lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 22 Apr 2015 16:29:48 -0700
From:	Cong Wang <cwang@...pensource.com>
To:	Alexei Starovoitov <ast@...mgrid.com>
Cc:	"David S. Miller" <davem@...emloft.net>,
	Eric Dumazet <edumazet@...gle.com>,
	Jamal Hadi Salim <jhs@...atatu.com>,
	John Fastabend <john.r.fastabend@...el.com>,
	netdev <netdev@...r.kernel.org>
Subject: Re: [RFC 1/3] tc: fix return values of ingress qdisc

On Wed, Apr 22, 2015 at 3:04 PM, Alexei Starovoitov <ast@...mgrid.com> wrote:
> On 4/21/15 9:59 PM, Cong Wang wrote:
>>
>> On Tue, Apr 21, 2015 at 12:27 PM, Alexei Starovoitov <ast@...mgrid.com>
>> wrote:
>>>
>>> ingress qdisc should return NET_XMIT_* values just like all other qdiscs.
>>>
>>
>> XMIT already means egress...
>
>
> may be then it should be renamed as well.
> from include/linux/netdevice.h:
> /* qdisc ->enqueue() return codes. */
> #define NET_XMIT_SUCCESS        0x00
> ...
>
> the point is that qdisc->enqeue() must return NET_XMIT_* values.
> ingress qdisc is violating this and therefore should be fixed.

XMIT is non-sense for ingress, you really need to pick another
name for it if TC_ACT_OK isn't okay for you (it is okay for me).


>
>>> Since it's invoked via qdisc_enqueue_root() (which suppose to return
>>> only NET_XMIT_* values as well), it was working by accident,
>>> since TC_ACT_* values fit within NET_XMIT_MASK.
>>>
>>
>> Why not just add a BUILD_BUG_ON() to capture this?
>
>
> ingress qdisc returning TC_ACT_* values is an obvious layering
> violation. I'm puzzled why it's been this way for so long.

Why? Everyone knows ingress is the only qdisc on ingress
and it has no queue and can only accept filters (actions are on filters).

> Adding BUILD_BUG_ON is not an option.
>

It at least tells people we know their value are same, IOW, not a bug.

I don't see the need for the change except a BUILD_BUG_ON().
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ