lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 20 Aug 2016 18:56:56 -0700
From:   Alexander Duyck <alexander.duyck@...il.com>
To:     Ben Hutchings <ben@...adent.org.uk>
Cc:     Alexander Duyck <alexander.h.duyck@...el.com>,
        Netdev <netdev@...r.kernel.org>,
        David Miller <davem@...emloft.net>
Subject: Re: [net-next PATCH] ethtool: Add support for SCTP verification tag
 in Rx NFC

On Sat, Aug 20, 2016 at 5:21 PM, Ben Hutchings <ben@...adent.org.uk> wrote:
> On Fri, 2016-08-19 at 14:32 -0700, Alexander Duyck wrote:
>> The i40e hardware has support for SCTP filtering via Rx NFC however the
>> default configuration expects us to include the verification tag as a part
>> of the filter.  In order to support that I need to be able to transfer that
>> data through the ethtool interface via a new structure.
>>
>> This patch adds a new structure to allow us to pass the verification tag
>> for IPv4 or IPv6 SCTP traffic.
> [...]
>
> This looks like an incompatible ABI change.  I suppose it could be OK
> if no drivers implemented flow steering for SCTP using the previously
> specified structure, but have you checked that that is the case?
>
> Ben.

Well the structure itself matches the TCP flow spec for the TCP flow
sized portion.  All I am doing with this patch is adding an extension
to that which is still confined to the 52 byte limit of the flow
union.  The net result should be that the new value will appear masked
if anything using the new specifier receives a rule using the old
definition and for anything using the new flow spec that sends to the
old code the extra value will be ignored.  I can look into double
checking the behavior to make certain I have that right on Monday.

One thing I could do if you would like would be to spin up another
patch to force the kernel to return -EINVAL if we are masking in
fields that are out of bounds for the flow specification.  That way we
can handle this  a bit more concisely in the future should we end up
having to extend any other flow specifications.

- Alex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ