lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 Mar 2022 17:36:33 -0700 From: David Ahern <dsahern@...il.com> To: Ben Greear <greearb@...delatech.com>, netdev <netdev@...r.kernel.org> Subject: Re: vrf and multicast problem On 3/10/22 6:41 PM, Ben Greear wrote: >>> can you reproduce this using namespaces and veth pairs? if so, send me >>> the script and I will take a look. >> >> I think debugging it will be easier than writing something for you to >> reproduce it... A test case needs to be added to tools/testing/selftests/net/fcnal-test.sh; nettest.c provides the networking APIs so it should be fairly trivial to add. > > After some more investigation of this code, I am questioning the need > for this logic: > > /* update flow if oif or iif point to device enslaved to l3mdev */ > l3mdev_update_flow(net, flowi4_to_flowi(flp)); that is fundamentally how VRF works. I would love to add the original vrf port index to flowi4 for consideration with bind to device within a VRF. I suspect your proposed patch is doing something close.
Powered by blists - more mailing lists