| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170609.122646.100677990071641882.davem@davemloft.net> Date: Fri, 09 Jun 2017 12:26:46 -0400 (EDT) From: David Miller <davem@...emloft.net> To: kjlx@...pleofstupid.com Cc: maheshb@...gle.com, netdev@...r.kernel.org Subject: Re: [PATCH v2 net-next] Ipvlan should return an error when an address is already in use. From: Krister Johansen <kjlx@...pleofstupid.com> Date: Thu, 8 Jun 2017 13:12:14 -0700 > The ipvlan code already knows how to detect when a duplicate address is > about to be assigned to an ipvlan device. However, that failure is not > propogated outward and leads to a silent failure. > > Introduce a validation step at ip address creation time and allow device > drivers to register to validate the incoming ip addresses. The ipvlan > code is the first consumer. If it detects an address in use, we can > return an error to the user before beginning to commit the new ifa in > the networking code. > > This can be especially useful if it is necessary to provision many > ipvlans in containers. The provisioning software (or operator) can use > this to detect situations where an ip address is unexpectedly in use. > > Signed-off-by: Krister Johansen <kjlx@...pleofstupid.com> Ok, applied, thank you.
Powered by blists - more mailing lists