| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150518103045.GG8928@secunet.com> Date: Mon, 18 May 2015 12:30:47 +0200 From: Steffen Klassert <steffen.klassert@...unet.com> To: Herbert Xu <herbert@...dor.apana.org.au> CC: David Miller <davem@...emloft.net>, <alexander.duyck@...il.com>, <alexander.h.duyck@...hat.com>, <netdev@...r.kernel.org>, <tgraf@...g.ch> Subject: Re: [net PATCH] ip_vti/ip6_vti: Clear skb->mark when resetting skb->dev in receive path On Mon, May 18, 2015 at 04:59:08PM +0800, Herbert Xu wrote: > On Mon, May 18, 2015 at 10:38:44AM +0200, Steffen Klassert wrote: > > > > Yes, that's possible. We just did not restore it because it > > was cleared with skb_scrub_packet() right after the lookup. > > OK I think we can still salvage this if we do the following: > > 1) Restore the mark after the lookup so the effect is minimised. Yes, we need this to fix it for now. > 2) Create new flow lookup field for this. > 3) Create tunnel flag that indicates new field should be used. Or, maybe we can create new vti tunnel keys and some key field in the xfrm_policy and xfrm_state. If the vti keys are present at the tunnel, use the new flow lookup field and match with the key field of the policy and state. Otherwise, fallback to use gre keys and mark. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists