lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20190224.173310.320146292590666666.davem@davemloft.net> Date: Sun, 24 Feb 2019 17:33:10 -0800 (PST) From: David Miller <davem@...emloft.net> To: s-nazarov@...dex.ru Cc: paul@...l-moore.com, netdev@...r.kernel.org, linux-security-module@...r.kernel.org, kuznet@....inr.ac.ru, yoshfuji@...ux-ipv6.org Subject: Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error From: Nazarov Sergey <s-nazarov@...dex.ru> Date: Fri, 22 Feb 2019 19:35:29 +0300 > I tried to analyze the cases of using icmp_send in kernel. It > indirectly used by many protocols: ARP, IP, UDP, Netfilter, IPVS, > IPIP, GRE over IP, CLIP, XFRM, CIPSOv4. Different IP tunnels and > XFRM operating directly over IP layer and if using own skb->cb data, > having IP header data in front of it. CLIP uses icmp_send for > packets from arp queue only. So, If I right, only TCP layer moves > IP header data and only CIPSOv4 operates on both IP and TCP layers > now. Ok.
Powered by blists - more mailing lists