lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 4 Feb 2022 21:10:51 -0700
From:   David Ahern <dsahern@...il.com>
To:     Jacques de Laval <Jacques.De.Laval@...termo.com>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        David Ahern <dsahern@...nel.org>
Cc:     netdev@...r.kernel.org
Subject: Re: [PATCH net-next 1/1] net: Add new protocol attribute to IP
 addresses

On 2/4/22 11:07 AM, Jacques de Laval wrote:
>>> @@ -69,4 +70,7 @@ struct ifa_cacheinfo {
>>>  #define IFA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifaddrmsg))
>>>  #endif
>>>  
>>> +/* ifa_protocol */
>>> +#define IFAPROT_UNSPEC	0
>>
>> *If* the value is just a passthrough (userspace to kernel and back), no
>> need for this uapi. However, have you considered builtin protocol labels
>> - e.g. for autoconf, LLA, etc. Kernel generated vs RAs vs userspace
>> adding it.
> 
> Agreed. For my own (very isolated) use case I only need the passthrough,
> but I can see that it would make sense to standardize some labels.
> I was trying to give this some thought but I have to admit I copped out
> because of my limited knowledge on what labels would be reasonable to
> reserve.
> 
> Based on what you mention, do you think the list bellow would make sense?
> 
> #define IFAPROT_UNSPEC		0  /* unspecified */
> #define IFAPROT_KERNEL_LO	1  /* loopback */
> #define IFAPROT_KERNEL_RA	2  /* auto assigned by kernel from router announcement */
> #define IFAPROT_KERNEL_LL	3  /* link-local set by kernel */

Those above look good to me.

> #define IFAPROT_STATIC		4  /* set by admin */
> #define IFAPROT_AUTO		5  /* DHCP, BOOTP etc. */
> #define IFAPROT_LL		6  /* link-local set by userspace */
> 
> Or do you think it needs more granularity?

anything coming from userspace can just be a passthrough, so protocol
label is only set if it is an autonomous action by the kernel or some
app passed in a value.

Powered by blists - more mailing lists