| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20181214115421.545038a2@cakuba.netronome.com>
Date: Fri, 14 Dec 2018 11:54:21 -0800
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: David Ahern <dsa@...ulusnetworks.com>
Cc: Roopa Prabhu <roopa@...ulusnetworks.com>,
David Miller <davem@...emloft.net>,
netdev <netdev@...r.kernel.org>,
Nikolay Aleksandrov <nikolay@...ulusnetworks.com>,
Stephen Hemminger <stephen@...workplumber.org>
Subject: Re: [PATCH net-next 1/4] net: rtnetlink: support for fdb get
On Fri, 14 Dec 2018 12:42:21 -0700, David Ahern wrote:
> On 12/14/18 12:37 PM, Jakub Kicinski wrote:
> > Oh, so we'd use the STRICT checking in doit for the first time? I
> > better send that rename patch then..
>
> IMHO, no. The flag is for older userspace that could be sending junk in
> the request. All new code should do strict checking without the flag set
> to ensure only proper requests are handled.
I'm going back and forth on that in my head. IDK if new user space
shouldn't be able to do a get request on an old kernel which doesn't
understand some of the attributes. Grey area.. perhaps it needs to be
decided on case by case basis? For my stats work I think returning too
many stats if what is affectively a filter is not understood may be a
good option. Perhaps for fdb get it makes more sense to error out.
hmm..
Powered by blists - more mailing lists