lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 25 Jan 2018 16:55:06 -0800
From:   David Ahern <dsahern@...il.com>
To:     netdev@...r.kernel.org
Cc:     yoshfuji@...ux-ipv6.org, idosch@...lanox.com,
        roopa@...ulusnetworks.com, David Ahern <dsahern@...il.com>
Subject: [PATCH v2 net-next 0/3] net/ipv6: Add support for ONLINK flag

Add support for RTNH_F_ONLINK with ipv6 routes.

First patch moves existing gateway validation into helper. The onlink
flag requires a different set of checks and the existing validation
makes ip6_route_info_create long enough.

Second patch makes the table id and lookup flag an option to 
ip6_nh_lookup_table. onlink check needs to verify the gateway without
the RT6_LOOKUP_F_IFACE flag and PBR with VRF means the table id can
vary between the table the route is inserted and the VRF the egress
device is enslaved to.

Third patch adds support for RTNH_F_ONLINK.

I have a set of test cases in a format based on the framework Ido and
Jiri are working on. Once that goes in I will adapt the script and
submit.

v2
- removed table id check. Too constraining for PBR with VRF use cases

David Ahern (3):
  net/ipv6: Move gateway validation into helper
  net/ipv6: Add flags and table id to ip6_nh_lookup_table
  net/ipv6: Add support for onlink flag

 net/ipv6/route.c | 140 ++++++++++++++++++++++++++++++++++++++++---------------
 1 file changed, 103 insertions(+), 37 deletions(-)

-- 
2.11.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ