| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 08 Feb 2018 10:03:45 -0500 (EST) From: David Miller <davem@...emloft.net> To: jakub.kicinski@...ronome.com Cc: netdev@...r.kernel.org, oss-drivers@...ronome.com Subject: Re: [PATCH net 0/5] nfp: fix disabling TC offloads in flower, max TSO segs and module version From: Jakub Kicinski <jakub.kicinski@...ronome.com> Date: Wed, 7 Feb 2018 20:55:21 -0800 > This set corrects the way nfp deals with the NETIF_F_HW_TC flag. > It has slipped the review that flower offload does not currently > refuse disabling this flag when filter offload is active. > > nfp's flower offload does not actually keep track of how many filters > for each port are offloaded. The accounting of the number of filters > is added to the nfp core structures, and BPF moved to use these > structures as well. > > If users are allowed to disable TC offloads while filters are active, > not only is it incorrect behaviour, but actually the NFP will never > be told to remove the flows, leading to use-after-free when stats > arrive. > > Fourth patch makes sure we declare the max number of TSO segments. > FW should drop longer packets cleanly (otherwise this would be a > security problem for untrusted VFs) but dropping longer TSO frames > is not nice and driver should prevent them from being generated. > > Last small addition populates MODULE_VERSION with kernel version. Series applied, thanks Jakub.
Powered by blists - more mailing lists