[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20171226.172911.103209790290549015.davem@davemloft.net>
Date: Tue, 26 Dec 2017 17:29:11 -0500 (EST)
From: David Miller <davem@...emloft.net>
To: tom@...ntonium.net
Cc: netdev@...r.kernel.org, roopa@...ulusnetworks.com,
rohit@...ntonium.net
Subject: Re: [PATCH v5 net-next 0/7] net: ILA notification mechanism and
fixes
From: Tom Herbert <tom@...ntonium.net>
Date: Thu, 21 Dec 2017 11:33:25 -0800
> This patch set adds support to get netlink notifications for ILA
> routes when a route is used.
>
> This patch set contains:
>
> - General infrastructure for route notifications
> - The ILA route notification mechanism
> - Add net to ila build_state
> - Add flush command to ila_xlat
> - Fix use of rhashtable for latest fixes
>
> Route notifications will be used in conjunction with populating
> ILA forwarding caches.
Tom, this is just a wolf in sheep's clothing.
It's still a cache controllable by external entities.
It still therefore has the DoS'ability aspects.
You can keep reframing this thing you want out there, either by
explicitly filling the cache in the kernel or doing it via userspace
responding the netlink events, but it's still the same exact thing
with the same set of problems.
I'm sorry, but I can't apply this series. Nor any series that adds a
DoS'able facility of forwarding/switching/route objects to the
kernel.
Thanks.
Powered by blists - more mailing lists