| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160601220520.717fb5f8@jkicinski-Precision-T1700>
Date: Wed, 1 Jun 2016 22:05:20 +0100
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: netdev@...r.kernel.org, ast@...nel.org,
dinan.gunawardena@...ronome.com
Subject: Re: [RFC 03/12] net: cls_bpf: limit hardware offload by
software-only flag
On Wed, 01 Jun 2016 21:40:23 +0200, Daniel Borkmann wrote:
> > diff --git a/include/uapi/linux/pkt_cls.h b/include/uapi/linux/pkt_cls.h
> > index f4297c8a42fe..93a86edf3bd8 100644
> > --- a/include/uapi/linux/pkt_cls.h
> > +++ b/include/uapi/linux/pkt_cls.h
> > @@ -395,6 +395,7 @@ enum {
> > TCA_BPF_FD,
> > TCA_BPF_NAME,
> > TCA_BPF_FLAGS,
> > + TCA_BPF_GEN_TCA_FLAGS,
>
> Small nit for the non-RFC set: I'd simply name that TCA_BPF_FLAGS_GEN.
OK!
> > @@ -400,8 +406,11 @@ static int cls_bpf_modify_existing(struct net *net, struct tcf_proto *tp,
> >
> > have_exts = bpf_flags & TCA_BPF_FLAG_ACT_DIRECT;
> > }
> > + if (tb[TCA_BPF_GEN_TCA_FLAGS])
> > + gen_flags = nla_get_u32(tb[TCA_BPF_GEN_TCA_FLAGS]);
> >
> > prog->exts_integrated = have_exts;
> > + prog->gen_flags = gen_flags & CLS_BPF_SUPPORTED_GEN_FLAGS;
>
> Invalid flags should probably be rejected here with -EINVAL or something.
Indeed, that would be more in line with what is done for "the other"
flags attribute, but not so much with how flower and u32 handles
flags. I like the stricter approach better, though, so unless someone
speaks up I'll do as you suggest.
Powered by blists - more mailing lists