lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250115063655.21be5c74@kernel.org>
Date: Wed, 15 Jan 2025 06:36:55 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Jamal Hadi Salim <jhs@...atatu.com>
Cc: netdev@...r.kernel.org, jiri@...nulli.us, xiyou.wangcong@...il.com,
 davem@...emloft.net, edumazet@...gle.com, security@...nel.org,
 nnamrec@...il.com
Subject: Re: [PATCH net 1/1 v3] net: sched: Disallow replacing of child
 qdisc from one parent to another

On Wed, 15 Jan 2025 09:15:31 -0500 Jamal Hadi Salim wrote:
> > On Sat, 11 Jan 2025 10:14:55 -0500 Jamal Hadi Salim wrote:  
> > > The semantics of "replace" is for a del/add _on the same node_ and not
> > > a delete from one node(3:1) and add to another node (1:3) as in step10.
> > > While we could "fix" with a more complex approach there could be
> > > consequences to expectations so the patch takes the preventive approach of
> > > "disallow such config".  
> >
> > Your explanation reads like you want to prevent a qdisc changing
> > from one parent to another.
> 
> Yes.

In the selftest with mq Victor updated I'd say we're not changing
the parent. We replace one child of mq with another.
TC noobs would say mq is the parent.

> > > +                             if (leaf_q && leaf_q->parent != q->parent) {
> > > +                                     NL_SET_ERR_MSG(extack, "Invalid Parent for operation");
> > > +                                     return -EINVAL;
> > > +                             }  
> >
> > But this test looks at the full parent path, not the major.
> > So the only case you allow is replacing the node.. with itself?
> >  
> 
> Yes.
> 
> > Did you mean to wrap these in TC_H_MAJ() || the parent comparison
> > is redundant || I misunderstand?  
> 
> I may be missing something - what does TC_H_MAJ() provide?
> The 3:1 and 1:3 in that example are both descendants of the same
> parent. It could have been 1:3 vs 1:2 and the same rules would apply.

Let me flip the question. What qdisc movement / grafts are you intending
to still support?

From the report it sounds like we don't want to support _any_ movement 
of existing qdiscs within the hierarchy. Only purpose of graft would 
be to install a new / fresh qdisc as a child.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ