lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c76037b1-cc56-5f1f-5893-2b00d4c895f7@gmail.com>
Date:   Wed, 1 Nov 2017 06:50:29 -0700
From:   John Fastabend <john.fastabend@...il.com>
To:     Jiri Pirko <jiri@...nulli.us>
Cc:     alexei.starovoitov@...il.com, daniel@...earbox.net,
        davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: [net PATCH] bpf: remove SK_REDIRECT from UAPI

On 11/01/2017 01:26 AM, Jiri Pirko wrote:
> Wed, Nov 01, 2017 at 03:17:31AM CET, john.fastabend@...il.com wrote:
>> Now that SK_REDIRECT is no longer a valid return code. Remove it
>>from the UAPI completely. Then do a namespace remapping internal
>> to sockmap so SK_REDIRECT is no longer externally visible.
>>
>> Patchs primary change is to do a namechange from SK_REDIRECT to
>> __SK_REDIRECT
>>
>> Reported-by: Alexei Starovoitov <ast@...nel.org>
>> Signed-off-by: John Fastabend <john.fastabend@...il.com>
>> ---
>> include/uapi/linux/bpf.h       |    1 -
>> kernel/bpf/sockmap.c           |   16 ++++++++++++----
>> tools/include/uapi/linux/bpf.h |    3 +--
>> 3 files changed, 13 insertions(+), 7 deletions(-)
>>
>> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
>> index 0d7948c..7bf4c75 100644
>> --- a/include/uapi/linux/bpf.h
>> +++ b/include/uapi/linux/bpf.h
>> @@ -788,7 +788,6 @@ struct xdp_md {
>> enum sk_action {
>> 	SK_DROP = 0,
>> 	SK_PASS,
>> -	SK_REDIRECT,
> 
> Is it really ok to do uapi changes like this?
> 

sockmap feature was only added in net so there is no released kernel
with SK_REDIRECT. And there is no user facing code that can interpret
the SK_REDIRECT return code it is only helpful for interface internals.
So best to remove it rather than have it enshrined in UAPI
unnecessarily.

.John

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ