From: Paul Moore <paul.moore@hp.com>
To: hadi@cyberus.ca
Cc: Jarek Poplawski <jarkao2@gmail.com>, netdev@vger.kernel.org
Subject: Re: [RFC PATCH] NET: Clone the sk_buff->iif field properly
Date: Thu, 3 Jan 2008 09:01:37 -0500 [thread overview]
Message-ID: <200801030901.38962.paul.moore@hp.com> (raw)
In-Reply-To: <1199359402.4710.17.camel@localhost>
On Thursday 03 January 2008 6:23:22 am jamal wrote:
> On Thu, 2008-03-01 at 10:58 +0100, Jarek Poplawski wrote:
> > On 02-01-2008 17:01, Paul Moore wrote:
> > > This patch is needed by some of the labeled networking changes proposed
> > > for 2.6.25, does anyone have any objections?
> >
> > Probably Jamal could be the most interested (added to CC):
>
> Gracias Jarek.
Yes, thank you. One of these days I need to learn some git commands other
than clone, update, and push ;)
> Paul, (out of curiosity more than anything) what are the circumstances
> of the cloned skb - are you going to reinject it back at some point?
Well, I'm not planning on reinjecting the cloned skb at present (doesn't mean
I won't think up some contrived use in the future) but the stack appears to
do this already in a few cases and it is causing problems when we try to
perform access control on the cloned skb. The git-lblnet "horkage" in
the -mm tree just before the holiday is the most notable example.
> I cant think of any good reason why iif shouldnt be copied - thats how
> its been from the begining (dammit;->). The reason it hasnt mattered so
> far is everything that needs to write the iif never copied (refer to
> Documentation/networking/tc-actions-env-rules.txt). For correctness i
> think it should be copied. So no objections;
Great.
> The better patch would be to just put it in skb_clone and remove it from
> tc_act_clone.
I assume you mean skb_act_clone()? That sounds like the best idea, I'll fixup
the patch and resend it today for more review.
Thanks guys.
--
paul moore
linux security @ hp
next prev parent reply other threads:[~2008-01-03 14:01 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-02 16:01 [RFC PATCH] NET: Clone the sk_buff->iif field properly Paul Moore
2008-01-03 9:58 ` Jarek Poplawski
2008-01-03 11:23 ` jamal
2008-01-03 14:01 ` Paul Moore [this message]
2008-01-03 16:15 ` Paul Moore
2008-01-03 21:13 ` Jarek Poplawski
2008-01-03 21:20 ` Paul Moore
2008-01-03 22:06 ` Jarek Poplawski
2008-01-03 22:49 ` Jarek Poplawski
2008-01-03 23:05 ` David Miller
2008-01-03 23:13 ` Paul Moore
2008-01-03 23:25 ` David Miller
2008-01-03 23:40 ` Joe Perches
2008-01-04 3:19 ` Paul Moore
2008-01-04 3:36 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200801030901.38962.paul.moore@hp.com \
--to=paul.moore@hp.com \
--cc=hadi@cyberus.ca \
--cc=jarkao2@gmail.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.