Re: Kernel memory corruption in CIPSO labeled TCP packets processing.

Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-15
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Casey Schaufler <casey@schaufler-ca.com> · 2019-01-15
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-15
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-18
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-18
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-18
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-21
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-22
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-22
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-22
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-24
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-25
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-28
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-28
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-29
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-29
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-30
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-01-31
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-01-31
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-02-11
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Nazarov Sergey <hidden> · 2019-02-11
Re: Kernel memory corruption in CIPSO labeled TCP packets processing. · Paul Moore <paul@paul-moore.com> · 2019-02-11
[PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-12
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Paul Moore <paul@paul-moore.com> · 2019-02-13
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-14
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Stephen Smalley <hidden> · 2019-02-14
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · David Miller <davem@davemloft.net> · 2019-02-14
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-14
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Paul Moore <paul@paul-moore.com> · 2019-02-15
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · David Miller <davem@davemloft.net> · 2019-02-15
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Paul Moore <paul@paul-moore.com> · 2019-02-15
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-18
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · David Miller <davem@davemloft.net> · 2019-02-19
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-22
[PATCH v2 0/2] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-22
Re: [PATCH v2 0/2] NETWORKING: avoid use IPCB in cipso_v4_error · David Miller <davem@davemloft.net> · 2019-02-25
[PATCH v2 1/2] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-25
Re: [PATCH v2 1/2] NETWORKING: avoid use IPCB in cipso_v4_error · Paul Moore <paul@paul-moore.com> · 2019-02-25
Re: [PATCH v2 1/2] NETWORKING: avoid use IPCB in cipso_v4_error · David Miller <davem@davemloft.net> · 2019-02-25
Re: [PATCH v2 1/2] NETWORKING: avoid use IPCB in cipso_v4_error · Paul Moore <paul@paul-moore.com> · 2019-02-25
[PATCH v2 2/2] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-25
Re: [PATCH v2 2/2] NETWORKING: avoid use IPCB in cipso_v4_error · Paul Moore <paul@paul-moore.com> · 2019-02-25
Re: [PATCH v2 2/2] NETWORKING: avoid use IPCB in cipso_v4_error · David Miller <davem@davemloft.net> · 2019-02-25
Re: [PATCH v2 1/2] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-22
Re: [PATCH v2 2/2] NETWORKING: avoid use IPCB in cipso_v4_error · Nazarov Sergey <hidden> · 2019-02-22
Re: [PATCH] NETWORKING: avoid use IPCB in cipso_v4_error · David Miller <davem@davemloft.net> · 2019-02-25

From: Paul Moore <paul@paul-moore.com>
Date: 2019-02-11 20:37:40
Also in: netdev, selinux

On Thu, Jan 31, 2019 at 8:20 AM Nazarov Sergey [off-list ref] wrote:

31.01.2019, 05:10, "Paul Moore" [off-list ref]:

quoted

This isn't how the rest of the stack works, look at
ip_local_deliver_finish() for one example. Perhaps the behavior you
are proposing is correct, but please show me where in the various RFC
specs it is defined so that I can better understand why it should work
this way.
--
paul moore
www.paul-moore.com

Sorry, I was inattentive. ip_options_compile modifies srr option data, only if
skb is NULL. My last message could be ignored.

Hi Nazarov,

Do you plan on submitting these patches as a proper patchset for
review and merging?

-- 
paul moore
www.paul-moore.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help