lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 29 Mar 2019 10:40:26 -0700 (PDT)
From:   David Miller <>
Subject: Re: net: fix routing encapsulated packets when binding a socket to
 a tunnel interface

From: lifonghsu <>
Date: Thu, 28 Mar 2019 16:30:37 +0800

> Indeed, skb_iif is used as receive site indication to present "device
> the packet arrived on".
> This commit keeps the previous arrived device (similar to the concept
> of "device the packet arrived on") in skb_iif field to prevent kernel
> from referring sk_bound_dev_if again. Otherwise, we might need to add
> a new field to sk_buff structure for our purpose.

Therefore, you are deciding to arbitrarily repurpose an RX side piece
of state for TX purposes.

Do not do this.

It confuses anyone trying to understand how skb_iif works.

You must use something with a different name, and clear semantics, to
achieve this goal.

For example, you could use an anonymous union:

	union {
		int	skb_iif;
		bool	bound_dev_already_applied;

You never actually _USE_ the value of skb_iif, it is just merely a
boolean indicating whether sk_bound_dev_if was applied already.

Powered by blists - more mailing lists