lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZR6mklT6iaX3HPJA@kernel.org> Date: Thu, 5 Oct 2023 14:05:38 +0200 From: Simon Horman <horms@...nel.org> To: Florian Westphal <fw@...len.de> Cc: netdev@...r.kernel.org, steffen.klassert@...unet.com, herbert@...dor.apana.org.au, kernel test robot <oliver.sang@...el.com> Subject: Re: [PATCH ipsec-next v3 1/3] xfrm: pass struct net to xfrm_decode_session wrappers On Wed, Oct 04, 2023 at 06:09:51PM +0200, Florian Westphal wrote: > Preparation patch, extra arg is not used. > No functional changes intended. > > This is needed to replace the xfrm session decode functions with > the flow dissector. > > skb_flow_dissect() cannot be used as-is, because it attempts to deduce the > 'struct net' to use for bpf program fetch from skb->sk or skb->dev, but > xfrm code path can see skbs that have neither sk or dev filled in. > > So either flow dissector needs to try harder, e.g. by also trying > skb->dst->dev, or we have to pass the struct net explicitly. > > Passing the struct net doesn't look too bad to me, most places > already have it available or can derive it from the output device. > > Reported-by: kernel test robot <oliver.sang@...el.com> > Link: https://lore.kernel.org/netdev/202309271628.27fd2187-oliver.sang@intel.com/ > Signed-off-by: Florian Westphal <fw@...len.de> Reviewed-by: Simon Horman <horms@...nel.org>
Powered by blists - more mailing lists