| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LFD.2.11.1507172320520.2410@ja.home.ssi.bg>
Date: Fri, 17 Jul 2015 23:25:21 +0300 (EEST)
From: Julian Anastasov <ja@....bg>
To: Thomas Graf <tgraf@...g.ch>
cc: roopa@...ulusnetworks.com, rshearma@...cade.com,
ebiederm@...ssion.com, hannes@...essinduktion.org,
pshelar@...ira.com, jesse@...ira.com, davem@...emloft.net,
daniel@...earbox.net, tom@...bertland.com, edumazet@...gle.com,
jiri@...nulli.us, marcelo.leitner@...il.com,
stephen@...workplumber.org, jpettit@...ira.com, kaber@...sh.net,
simon.horman@...ronome.com, joestringer@...ira.com,
ast@...mgrid.com, weichunc@...mgrid.com, netdev@...r.kernel.org,
dev@...nvswitch.org
Subject: Re: [PATCH net-next 15/22] route: Extend flow representation with
tunnel key
Hello,
On Fri, 17 Jul 2015, Thomas Graf wrote:
> Add a new flowi_tunnel structure which is a subset of ip_tunnel_key to
> allow routes to match on tunnel metadata. For now, the tunnel id is
> added to flowi_tunnel which allows for routes to be bound to specific
> virtual tunnels.
>
> Signed-off-by: Thomas Graf <tgraf@...g.ch>
> ---
> +struct flowi_tunnel {
> + __be64 tun_id;
> +};
> +
> struct flowi_common {
> int flowic_oif;
> int flowic_iif;
> @@ -30,6 +34,7 @@ struct flowi_common {
> #define FLOWI_FLAG_ANYSRC 0x01
> #define FLOWI_FLAG_KNOWN_NH 0x02
> __u32 flowic_secid;
> + struct flowi_tunnel flowic_tun_key;
New input key for fib rules? It should be initialized
at some places, we should not provide random values:
- flowi4_init_output
- fib_compute_spec_dst
- __fib_validate_source
- ip_route_input_slow: with 0 if no tun_info, like below
> };
>
> union flowi_uli {
> @@ -66,6 +71,7 @@ struct flowi4 {
> #define flowi4_proto __fl_common.flowic_proto
> #define flowi4_flags __fl_common.flowic_flags
> #define flowi4_secid __fl_common.flowic_secid
> +#define flowi4_tun_key __fl_common.flowic_tun_key
> @@ -1690,6 +1693,9 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
> by fib_lookup.
> */
>
> + tun_info = skb_tunnel_info(skb);
> + if (tun_info && tun_info->mode == IP_TUNNEL_INFO_RX)
> + fl4.flowi4_tun_key.tun_id = tun_info->key.tun_id;
else
fl4.flowi4_tun_key.tun_id = 0;
> skb_dst_drop(skb);
>
> if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr))
> --
> 2.4.3
Regards
--
Julian Anastasov <ja@....bg>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists