| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Oct 2015 09:53:46 -0600
From: David Ahern <dsa@...ulusnetworks.com>
To: Steffen Klassert <steffen.klassert@...unet.com>,
Hajime Tazaki <thehajime@...il.com>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH net-next] net: Fix vti use case with oif in dst lookups
for IPv6
On 10/9/15 1:17 AM, Steffen Klassert wrote:
> On Fri, Oct 09, 2015 at 03:54:22PM +0900, Hajime Tazaki wrote:
>>
>> Hello David,
>>
>> At Mon, 5 Oct 2015 08:32:51 -0600,
>> David Ahern wrote:
>>
>>>
>>> diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
>>> index 30caa289c5db..5cedfda4b241 100644
>>> --- a/net/ipv6/xfrm6_policy.c
>>> +++ b/net/ipv6/xfrm6_policy.c
>>> @@ -37,6 +37,7 @@ static struct dst_entry *xfrm6_dst_lookup(struct net *net, int tos, int oif,
>>>
>>> memset(&fl6, 0, sizeof(fl6));
>>> fl6.flowi6_oif = oif;
>>> + fl6.flowi6_flags = FLOWI_FLAG_SKIP_NH_OIF;
>>> memcpy(&fl6.daddr, daddr, sizeof(fl6.daddr));
>>> if (saddr)
>>> memcpy(&fl6.saddr, saddr, sizeof(fl6.saddr));
>>
>> I found that this fix is still not sufficient with the mip6
>> (Mobile IPv6) use case.
>
> It does not even fix the vti case. The behaviour of the vti devices is
> the same, with and without the patch.
>
I goofed this patch was on top of my IPv6 VRF patches. You need the
FLOWI_FLAG_SKIP_NH_OIF bits from:
http://www.spinics.net/lists/netdev/msg346860.html
Let me cook up a patch based on Linus' tree which is where it is needed.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists