From: David Miller <davem@davemloft.net>
To: tom@quantonium.net
Cc: netdev@vger.kernel.org, roopa@cumulusnetworks.com, rohit@quantonium.net
Subject: Re: [PATCH v5 net-next 0/7] net: ILA notification mechanism and fixes
Date: Tue, 26 Dec 2017 17:29:11 -0500 (EST) [thread overview]
Message-ID: <20171226.172911.103209790290549015.davem@davemloft.net> (raw)
In-Reply-To: <20171221193332.15303-1-tom@quantonium.net>
From: Tom Herbert <tom@quantonium.net>
Date: Thu, 21 Dec 2017 11:33:25 -0800
> This patch set adds support to get netlink notifications for ILA
> routes when a route is used.
>
> This patch set contains:
>
> - General infrastructure for route notifications
> - The ILA route notification mechanism
> - Add net to ila build_state
> - Add flush command to ila_xlat
> - Fix use of rhashtable for latest fixes
>
> Route notifications will be used in conjunction with populating
> ILA forwarding caches.
Tom, this is just a wolf in sheep's clothing.
It's still a cache controllable by external entities.
It still therefore has the DoS'ability aspects.
You can keep reframing this thing you want out there, either by
explicitly filling the cache in the kernel or doing it via userspace
responding the netlink events, but it's still the same exact thing
with the same set of problems.
I'm sorry, but I can't apply this series. Nor any series that adds a
DoS'able facility of forwarding/switching/route objects to the
kernel.
Thanks.
next prev parent reply other threads:[~2017-12-26 22:29 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-21 19:33 [PATCH v5 net-next 0/7] net: ILA notification mechanism and fixes Tom Herbert
2017-12-21 19:33 ` [PATCH v5 net-next 1/7] lwt: Add net to build_state argument Tom Herbert
2017-12-21 19:33 ` [PATCH v5 net-next 2/7] rtnetlink: Add notify route message types Tom Herbert
2017-12-21 19:33 ` [PATCH v5 net-next 3/7] ila: Fix use of rhashtable walk in ila_xlat.c Tom Herbert
2017-12-21 19:33 ` [PATCH v5 net-next 4/7] ila: Call library function alloc_bucket_locks Tom Herbert
2017-12-21 19:33 ` [PATCH v5 net-next 5/7] ila: Create main ila source file Tom Herbert
2017-12-21 19:33 ` [PATCH v5 net-next 6/7] ila: Flush netlink command to clear xlat table Tom Herbert
2017-12-21 19:33 ` [PATCH v5 net-next 7/7] ila: Route notify Tom Herbert
2017-12-26 22:29 ` David Miller [this message]
2017-12-26 23:50 ` [PATCH v5 net-next 0/7] net: ILA notification mechanism and fixes Tom Herbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171226.172911.103209790290549015.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=rohit@quantonium.net \
--cc=roopa@cumulusnetworks.com \
--cc=tom@quantonium.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox