lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <49cf7772-2fd2-3ebb-bae4-a8b7ba4a3d60@mojatatu.com>
Date:   Tue, 27 Sep 2016 10:06:50 -0400
From:   Jamal Hadi Salim <jhs@...atatu.com>
To:     Shmulik Ladkani <shmulik.ladkani@...ellosystems.com>,
        David Miller <davem@...emloft.net>
Cc:     xiyou.wangcong@...il.com, edumazet@...gle.com,
        netdev@...r.kernel.org, shmulik.ladkani@...il.com
Subject: Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress
 actions

On 16-09-27 04:07 AM, Shmulik Ladkani wrote:
> Hi David,
>
> On Tue, 27 Sep 2016 01:56:06 -0400 (EDT), davem@...emloft.net wrote:
>> The discussion on this patch has ventured off into what to do about
>> recursion.
>>
>> But it unclear to me where this specific patch, and this series,
>> stands right now.  Someone please clear this up for me.
>
> Status:
>  - Series adds "ingress redirect/mirror" support
>  - Positive feedback for the feature
>  - So far no comments regarding code itself
>  - Questions raised regarding "recursion handling"
 >
>    Expressed that existing mirred code (i.e egress redirect) is *already*
>    loop-unsafe (and also, some non-tc netdev constructs, as exampled by
>    others).
>    Discussion then wandered to "recursion handling".

not totaly bike-shed discussion; legit issues are being raised
(and the egress issue you point out is fixable now that we are paying
attention to it).
We need to take care of loops. I pointed to how the original thought
process was. I _dont_ see this as resolvable via recursion handling
since this is per-skb and not per entry point.
You can add my Acked-by if you promise to take care of this issue next.

cheers,
jamal

PS:- the code looks straight forward

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ