| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Jun 2018 22:51:10 +0200
From: Jiri Pirko <jiri@...nulli.us>
To: Jakub Kicinski <jakub.kicinski@...ronome.com>
Cc: davem@...emloft.net, oss-drivers@...ronome.com,
netdev@...r.kernel.org, John Hurley <john.hurley@...ronome.com>
Subject: Re: [PATCH net 2/2] nfp: reject binding to shared blocks
Mon, Jun 25, 2018 at 10:50:14PM CEST, jakub.kicinski@...ronome.com wrote:
>On Mon, 25 Jun 2018 22:40:21 +0200, Jiri Pirko wrote:
>> Mon, Jun 25, 2018 at 10:22:46PM CEST, jakub.kicinski@...ronome.com wrote:
>> >From: John Hurley <john.hurley@...ronome.com>
>> >
>> >TC shared blocks allow multiple qdiscs to be grouped together and filters
>> >shared between them. Currently the chains of filters attached to a block
>> >are only flushed when the block is removed. If a qdisc is removed from a
>> >block but the block still exists, flow del messages are not passed to the
>> >callback registered for that qdisc. For the NFP, this presents the
>> >possibility of rules still existing in hw when they should be removed.
>> >
>> >Prevent binding to shared blocks until the kernel can send per qdisc del
>> >messages when block unbinds occur.
>>
>> This is not nfp-specific problem. Should be handled differently. The
>> driver has information about offloaded filters. On unbind, it have
>> enough info to do the flush, doesn't it?
>
>Certainly. But this fix is simpler and sufficient. We need to
>backport it back to 4.16. If we have to go through driver tables
>and flush filters we may as well merge the reoffload series to net.
Oh, I missed this is for net. Sorry.
Acked-by: Jiri Pirko <jiri@...lanox.com>
Powered by blists - more mailing lists