Re: [net-next-2.6 PATCH 3/3 RFC] macvtap: Add support for TUNSETTXFILTER

public inbox for netdev@vger.kernel.org 
 help / color / mirror / Atom feed

From: Arnd Bergmann <arnd@arndb•de>
To: Roopa Prabhu <roprabhu@cisco•com>
Cc: netdev@vger•kernel.org, dragos.tatulea@gmail•com, mst@redhat•com,
	dwang2@cisco•com, benve@cisco•com, kaber@trash•net,
	sri@us•ibm.com
Subject: Re: [net-next-2.6 PATCH 3/3 RFC] macvtap: Add support for TUNSETTXFILTER
Date: Thu, 8 Sep 2011 18:25:30 +0200	[thread overview]
Message-ID: <201109081825.31065.arnd@arndb.de> (raw)
In-Reply-To: <20110906223555.6552.50485.stgit@savbu-pc100.cisco.com>

On Wednesday 07 September 2011, Roopa Prabhu wrote:
> From: Roopa Prabhu <roprabhu@cisco•com>
> 
> This patch adds support for TUNSETTXFILTER. Calls macvlan set filter function
> with address list and flags received via TUNSETTXFILTER.
> 
> Signed-off-by: Roopa Prabhu <roprabhu@cisco•com>
> Signed-off-by: Christian Benvenuti <benve@cisco•com>
> Signed-off-by: David Wang <dwang2@cisco•com>

Looks ok to me in principle, but

> +               /* XXX: If broadcast address present, set IFF_BROADCAST */
> +               /* XXX: If multicast address present, set IFF_MULTICAST */
> +               flags |= (tf.flags & TUN_FLT_ALLMULTI ? IFF_ALLMULTI : 0) |
> +                        (!tf.count ? IFF_PROMISC : 0);
> +               ret = 0;
> +               if (tf.count > 0) {
> +                       alen = ETH_ALEN * tf.count;
> +                       addrs = kmalloc(alen, GFP_KERNEL);
> +                       if (!addrs) {
> +                               dev_put(vlan->dev);
> +                               return -ENOMEM;
> +                       }

I think you need to check tf.count for a maximum value. In theory, a user
could pass a rather large number (65536) which is not good.

Also the TUNSETTXFILTER code looks sufficiently large that it would be
better to put it into a separate function. Use "goto" statements in
order to do the error handling in there, instead of repeating
lots of kfree and dev_put calls in each error case.

	Arnd

next prev parent reply	other threads:[~2011-09-08 22:54 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-09-06 22:35 [net-next-2.6 PATCH 0/3 RFC] macvlan: MAC Address filtering support for passthru mode Roopa Prabhu
2011-09-06 22:35 ` [net-next-2.6 PATCH 1/3 RFC] macvlan: Add support for unicast filtering in macvlan Roopa Prabhu
2011-09-06 22:35 ` [net-next-2.6 PATCH 2/3 RFC] macvlan: Add function to set addr filters for device in passthru mode Roopa Prabhu
2011-09-06 22:35 ` [net-next-2.6 PATCH 3/3 RFC] macvtap: Add support for TUNSETTXFILTER Roopa Prabhu
2011-09-08 16:25   ` Arnd Bergmann [this message]
2011-09-08 19:06     ` Roopa Prabhu
2011-09-07 12:34 ` [net-next-2.6 PATCH 0/3 RFC] macvlan: MAC Address filtering support for passthru mode Michael S. Tsirkin
2011-09-08  5:20   ` Roopa Prabhu
2011-09-08 11:08     ` Michael S. Tsirkin
2011-09-08 16:19       ` Roopa Prabhu
2011-09-08 17:42         ` Sridhar Samudrala
2011-09-08 19:23           ` Roopa Prabhu
2011-09-08 19:33             ` Michael S. Tsirkin
2011-09-09  3:00               ` Roopa Prabhu
2011-09-09  4:25                 ` Sridhar Samudrala
2011-09-09 16:21                   ` Roopa Prabhu
2011-09-11  9:44                 ` Michael S. Tsirkin
2011-09-11 13:18                   ` Roopa Prabhu
2011-09-11 19:03                     ` Michael S. Tsirkin
2011-09-12 17:02                       ` Roopa Prabhu
2011-09-15 13:46                         ` Roopa Prabhu
2011-09-26 23:06                           ` Christian Benvenuti (benve)
2011-09-12  4:30                     ` Sridhar Samudrala
2011-09-12 17:23                       ` Roopa Prabhu
2011-09-08 19:11         ` Michael S. Tsirkin
2011-09-09  2:53           ` Roopa Prabhu
2011-09-09  5:55             ` Michael S. Tsirkin
2011-09-09 16:33               ` Roopa Prabhu
2011-09-11  9:38                 ` Michael S. Tsirkin
2011-09-11 13:18                   ` Roopa Prabhu
2011-09-11 18:52                     ` Michael S. Tsirkin
2011-09-12 13:38                       ` Roopa Prabhu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=201109081825.31065.arnd@arndb.de \
    --to=arnd@arndb$(echo .)de \
    --cc=benve@cisco$(echo .)com \
    --cc=dragos.tatulea@gmail$(echo .)com \
    --cc=dwang2@cisco$(echo .)com \
    --cc=kaber@trash$(echo .)net \
    --cc=mst@redhat$(echo .)com \
    --cc=netdev@vger$(echo .)kernel.org \
    --cc=roprabhu@cisco$(echo .)com \
    --cc=sri@us$(echo .)ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox