lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20171101135718.GG1977@nanopsycho.orion>
Date:   Wed, 1 Nov 2017 14:57:18 +0100
From:   Jiri Pirko <jiri@...nulli.us>
To:     John Fastabend <john.fastabend@...il.com>
Cc:     alexei.starovoitov@...il.com, daniel@...earbox.net,
        davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: [net PATCH] bpf: remove SK_REDIRECT from UAPI

Wed, Nov 01, 2017 at 02:50:29PM CET, john.fastabend@...il.com wrote:
>On 11/01/2017 01:26 AM, Jiri Pirko wrote:
>> Wed, Nov 01, 2017 at 03:17:31AM CET, john.fastabend@...il.com wrote:
>>> Now that SK_REDIRECT is no longer a valid return code. Remove it
>>>from the UAPI completely. Then do a namespace remapping internal
>>> to sockmap so SK_REDIRECT is no longer externally visible.
>>>
>>> Patchs primary change is to do a namechange from SK_REDIRECT to
>>> __SK_REDIRECT
>>>
>>> Reported-by: Alexei Starovoitov <ast@...nel.org>
>>> Signed-off-by: John Fastabend <john.fastabend@...il.com>
>>> ---
>>> include/uapi/linux/bpf.h       |    1 -
>>> kernel/bpf/sockmap.c           |   16 ++++++++++++----
>>> tools/include/uapi/linux/bpf.h |    3 +--
>>> 3 files changed, 13 insertions(+), 7 deletions(-)
>>>
>>> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
>>> index 0d7948c..7bf4c75 100644
>>> --- a/include/uapi/linux/bpf.h
>>> +++ b/include/uapi/linux/bpf.h
>>> @@ -788,7 +788,6 @@ struct xdp_md {
>>> enum sk_action {
>>> 	SK_DROP = 0,
>>> 	SK_PASS,
>>> -	SK_REDIRECT,
>> 
>> Is it really ok to do uapi changes like this?
>> 
>
>sockmap feature was only added in net so there is no released kernel
>with SK_REDIRECT. And there is no user facing code that can interpret
>the SK_REDIRECT return code it is only helpful for interface internals.
>So best to remove it rather than have it enshrined in UAPI
>unnecessarily.

Okay. You should provide a "Fixes:" line that would make this clearer.

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ