| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 5 May 2017 15:44:58 -0700
From: Cong Wang <xiyou.wangcong@...il.com>
To: Simon Horman <simon.horman@...ronome.com>
Cc: Jiri Pirko <jiri@...lanox.com>,
Jamal Hadi Salim <jhs@...atatu.com>,
Dinan Gunawardena <dinan.gunawardena@...ronome.com>,
Linux Kernel Network Developers <netdev@...r.kernel.org>,
oss-drivers@...ronome.com,
Benjamin LaHaise <benjamin.lahaise@...ronome.com>
Subject: Re: [PATCH/RFC net-next v2 4/4] net/sched: cls_flower: allow control
of tree traversal on packet parse errors
On Fri, May 5, 2017 at 5:47 AM, Simon Horman <simon.horman@...ronome.com> wrote:
>
> # tc qdisc del dev eth0 ingress; tc qdisc add dev eth0 ingress
> # tc filter add dev eth0 protocol ip parent ffff: flower \
> indev eth0 ip_proto udp dst_port 80 truncated drop action continue
>
[...]
> @@ -188,7 +189,7 @@ static int fl_classify(struct sk_buff *skb, const struct tcf_proto *tp,
> */
> skb_key.basic.n_proto = skb->protocol;
> if (!skb_flow_dissect(skb, &head->dissector, &skb_key, 0))
> - return -1;
> + return head->err_action;
This design looks odd, if you consider matching truncated packets as
a filter like other normal filters, then you should rely on the action
appended to return the action code, not within the filter itself.
Powered by blists - more mailing lists