lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Feb 2016 22:42:51 +0200 (EET) From: Julian Anastasov <ja@....bg> To: "Jason A. Donenfeld" <Jason@...c4.com> cc: Netdev <netdev@...r.kernel.org>, David Miller <davem@...emloft.net>, "Eric W. Biederman" <ebiederm@...ssion.com>, dsa@...ulusnetworks.com Subject: Re: [PATCH] flowi: add concept of "not_oif" Hello, On Wed, 3 Feb 2016, Jason A. Donenfeld wrote: > This patch simply adds support for specifying a "not_oif" device in > flowi4 and flowi6 lookups, that will find a matching route that _isn't_ > via the specified device. If you check every flowi4_oif user you will notice that some places can not fulfil this requirement: - fib_select_path -> fib_select_multipath Other places like fib_select_default are called for flowi4_oif=0 and there are no other checks for flowi4_oif but they will be needed for the new field. I don't know about the particular problems with tunnels but the scripts can use the route metric to order the routes in a table. Your patch looks simple but misses a dozen of problems. The first breakage should be from the missing initialization of this new field because the flowi structure is not initialized at some places. Random stack can lead to skipped routes. If this feature has fans, you have to check all places that use flowi4_oif and flowi6_oif. Regards -- Julian Anastasov <ja@....bg>
Powered by blists - more mailing lists