lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 29 Aug 2019 18:54:48 -0700
From:   Jakub Kicinski <jakub.kicinski@...ronome.com>
To:     Pablo Neira Ayuso <pablo@...filter.org>
Cc:     netfilter-devel@...r.kernel.org, davem@...emloft.net,
        netdev@...r.kernel.org, vishal@...lsio.com, saeedm@...lanox.com,
        jiri@...nulli.us
Subject: Re: [PATCH 0/4 net-next] flow_offload: update mangle action
 representation

On Fri, 30 Aug 2019 02:53:32 +0200, Pablo Neira Ayuso wrote:
> * Offsets do not need to be on the 32-bits boundaries anymore. This
>   patchset adds front-end code to adjust the offset and length coming
>   from the tc pedit representation, so drivers get an exact header field
>   offset and length.

But drivers use offsetof(start of field) to match headers, and I don't
see you changing that. So how does this work then?

Say - I want to change the second byte of an IPv4 address.

> * The front-end coalesces consecutive pedit actions into one single
>   word, so drivers can mangle IPv6 and ethernet address fields in one
>   single go.

You still only coalesce up to 16 bytes, no?

As I said previously drivers will continue to implement mangle action
merge code if that's the case. It'd be nice if core did the coalescing,
and mark down first and last action, in case there is a setup cost for
rewrite group.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ