| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <572E0178.4010601@cumulusnetworks.com>
Date: Sat, 7 May 2016 08:53:44 -0600
From: David Ahern <dsa@...ulusnetworks.com>
To: Shmulik Ladkani <shmulik.ladkani@...il.com>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH net-next 2/2] net: original ingress device index in
PKTINFO
On 5/7/16 2:41 AM, Shmulik Ladkani wrote:
> Hi David,
>
> On Fri, 6 May 2016 18:49:41 -0700 David Ahern <dsa@...ulusnetworks.com> wrote:
>> Applications such as OSPF and BFD need the original ingress device not
>> the VRF device;
>
> Would you consider this true for any IP_PKTINFO users in VRF setups?
yes. I was just giving specific examples, but certainly every app I am
aware of wants the enslaved index. If an app pops up that wants the vrf
index it can be derived from the enslaved index.
>
>> @@ -1193,7 +1193,12 @@ void ipv4_pktinfo_prepare(const struct sock *sk, struct sk_buff *skb)
>> ipv6_sk_rxinfo(sk);
>>
>> if (prepare && skb_rtable(skb)) {
>> - pktinfo->ipi_ifindex = inet_iif(skb);
>> + /* skb->cb is overloaded: prior to this point it is IP{6}CB
>> + * which has interface index (iif) as the first member of the
>> + * underlying inet{6}_skb_parm struct. This code then overlays
>> + * PKTINFO_SKB_CB and in_pktinfo also has iif as the first
>> + * element so the iif is picked up from the prior IPCB
>> + */
>
> Better if there was a guarantee in the code that inet_skb_parm layout stays
> that way. Or instead just explicitly assign the iif.
At this point inet_iif points to the vrf device so can't use it.
Powered by blists - more mailing lists