| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250619155220.3577a32a@kernel.org>
Date: Thu, 19 Jun 2025 15:52:20 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Nicolas Dichtel <nicolas.dichtel@...nd.com>
Cc: "David S . Miller" <davem@...emloft.net>, Paolo Abeni
<pabeni@...hat.com>, Eric Dumazet <edumazet@...gle.com>, Simon Horman
<horms@...nel.org>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next] ip6_tunnel: enable to change proto of fb
tunnels
On Tue, 17 Jun 2025 18:01:25 +0200 Nicolas Dichtel wrote:
> + if (dev == ip6n->fb_tnl_dev) {
> + if (!data[IFLA_IPTUN_PROTO]) {
> + NL_SET_ERR_MSG(extack,
> + "Only protocol can be changed for fallback tunnel");
> + return -EINVAL;
> + }
> +
> + ip6_tnl_netlink_parms(data, &p);
> + ip6_tnl0_update(netdev_priv(ip6n->fb_tnl_dev), &p);
> + return 0;
Hm, I guess its in line with old school netlink behavior where we'd
just toss unsupported attributes on the floor. But I wonder whether
it'd be better to explicitly reject other attrs?
Shouldn't be too painful with just one allowed:
if (!data[IFLA_IPTUN_PROTO])
goto ..
ip6_tnl_netlink_parms(data, &p);
data[IFLA_IPTUN_PROTO] = NULL;
if (memchr_inv(data, 0, sizeof() * ARRAY_SIZE(ip6_tnl_policy)))
goto ...
ip6_tnl0_update(netdev_priv(ip6n->fb_tnl_dev), &p);
WDYT?
Powered by blists - more mailing lists