lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 3 Feb 2016 22:42:51 +0200 (EET)
From:	Julian Anastasov <>
To:	"Jason A. Donenfeld" <>
cc:	Netdev <>,
	David Miller <>,
	"Eric W. Biederman" <>,
Subject: Re: [PATCH] flowi: add concept of "not_oif"


On Wed, 3 Feb 2016, Jason A. Donenfeld wrote:

> This patch simply adds support for specifying a "not_oif" device in
> flowi4 and flowi6 lookups, that will find a matching route that _isn't_
> via the specified device.

	If you check every flowi4_oif user you will notice
that some places can not fulfil this requirement:

- fib_select_path -> fib_select_multipath

	Other places like fib_select_default are called
for flowi4_oif=0 and there are no other checks for flowi4_oif
but they will be needed for the new field.

	I don't know about the particular problems with
tunnels but the scripts can use the route metric to order
the routes in a table. Your patch looks simple but misses
a dozen of problems. The first breakage should be from the
missing initialization of this new field because the flowi
structure is not initialized at some places. Random
stack can lead to skipped routes. If this feature has
fans, you have to check all places that use flowi4_oif and


Julian Anastasov <>

Powered by blists - more mailing lists