| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20171213224012.202819-1-mahesh@bandewar.net>
Date: Wed, 13 Dec 2017 14:40:12 -0800
From: Mahesh Bandewar <mahesh@...dewar.net>
To: David Miller <davem@...emloft.net>, Netdev <netdev@...r.kernel.org>
Cc: Eric Dumazet <edumazet@...gle.com>,
Mahesh Bandewar <mahesh@...dewar.net>,
Mahesh Bandewar <maheshb@...gle.com>
Subject: [PATCH next 0/2] ipvlan: packet scrub
From: Mahesh Bandewar <maheshb@...gle.com>
While crossing namespace boundary IPvlan aggressively scrubs packets.
This is creating problems. First thing is that scrubbing changes the
packet type in skb meta-data to PACKET_HOST. This causes erroneous
packet delivery when dev_forward_skb() has already marked the packet
type as OTHER_HOST.
On the egress side scrubbing just before calling dev_queue_xmit()
creates another set of problems. Scrubbing remove skb->sk so the
prio update gets missed and more seriously, socket back-pressure
fails making TSQ not function correctly.
The first patch in the series just reverts the earlier change which
was adding a mac-check, but that is unnecessary if packet_type that
dev_forward_skb() has set is honored. The second path removes two of
the scrubs which are causing problems described above.
Mahesh Bandewar (2):
Revert "ipvlan: add L2 check for packets arriving via virtual devices"
ipvlan: remove excessive packet scrubbing
drivers/net/ipvlan/ipvlan_core.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
--
2.15.1.424.g9478a66081-goog
Powered by blists - more mailing lists