linux/net
Mark Tomlinson d6f64d725b net: VRF: Pass original iif to ip_route_input()
The function ip_rcv_finish() calls l3mdev_ip_rcv(). On any VRF except
the global VRF, this replaces skb->dev with the VRF master interface.
When calling ip_route_input_noref() from here, the checks for forwarding
look at this master device instead of the initial ingress interface.
This will allow packets to be routed which normally would be dropped.
For example, an interface that is not assigned an IP address should
drop packets, but because the checking is against the master device, the
packet will be forwarded.

The fix here is to still call l3mdev_ip_rcv(), but remember the initial
net_device. This is passed to the other functions within ip_rcv_finish,
so they still see the original interface.

Signed-off-by: Mark Tomlinson <mark.tomlinson@alliedtelesis.co.nz>
Acked-by: David Ahern <dsa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-09-16 04:24:07 -04:00
..
6lowpan
9p 9p/trans_virtio: use kvfree() for iov_iter_get_pages_alloc() 2016-08-09 13:42:36 +03:00
802
8021q net: remove type_check from dev_get_nest_level() 2016-08-13 15:15:54 -07:00
appletalk
atm
ax25
batman-adv batman-adv: fix elp packet data reservation 2016-08-26 15:22:31 +02:00
bluetooth Bluetooth: Fix hci_sock_recvmsg when MSG_TRUNC is not set 2016-08-25 20:58:47 +02:00
bridge net: bridge: don't increment tx_dropped in br_do_proxy_arp 2016-09-01 16:35:30 -07:00
caif
can
ceph libceph: using kfree_rcu() to simplify the code 2016-08-08 21:41:42 +02:00
core bonding: Fix bonding crash 2016-09-04 11:41:12 -07:00
dcb
dccp Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-07-29 17:38:46 -07:00
decnet
dns_resolver
dsa
ethernet
hsr
ieee802154
ipv4 net: VRF: Pass original iif to ip_route_input() 2016-09-16 04:24:07 -04:00
ipv6 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2016-09-13 11:17:24 -04:00
ipx
irda net/irda: handle iriap_register_lsap() allocation failure 2016-08-13 15:09:07 -07:00
iucv Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-07-29 17:38:46 -07:00
kcm kcm: fix a socket double free 2016-08-31 21:00:19 -07:00
key
l2tp l2tp: fix use-after-free during module unload 2016-09-02 11:44:44 -07:00
l3mdev
lapb
llc
mac80211 mac80211: make mpath path fixing more robust 2016-09-12 12:27:14 +02:00
mac802154
mpls
ncsi net/ncsi: avoid maybe-uninitialized warning 2016-07-25 10:32:59 -07:00
netfilter netfilter: synproxy: Check oom when adding synproxy and seqadj ct extensions 2016-09-13 10:50:56 +02:00
netlabel
netlink
netrom
nfc
openvswitch openvswitch: do not ignore netdev errors when creating tunnel vports 2016-08-10 23:13:23 -07:00
packet Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-07-24 00:53:32 -04:00
phonet
qrtr
rds
rfkill
rose
rxrpc rxrpc: Free packets discarded in data_ready 2016-08-09 17:13:56 +01:00
sched qdisc: fix a module refcount leak in qdisc_create_dflt() 2016-08-25 16:44:20 -07:00
sctp sctp: hold the transport before using it in sctp_hash_cmp 2016-09-13 11:44:58 -04:00
sunrpc SUNRPC: Silence WARN_ON when NFSv4.1 over RDMA is in use 2016-08-24 22:32:55 -04:00
switchdev
tipc tipc: fix random link resets while adding a second bearer 2016-09-01 10:12:26 -07:00
unix af_unix: split 'u->readlock' into two: 'iolock' and 'bindlock' 2016-09-04 13:29:29 -07:00
vmw_vsock vhost/vsock: drop space available check for TX vq 2016-08-15 05:05:21 +03:00
wimax
wireless nl80211: validate number of probe response CSA counters 2016-09-13 20:19:27 +02:00
x25
xfrm net/xfrm_input: fix possible NULL deref of tunnel.ip6->parms.i_key 2016-08-11 13:15:57 +02:00
compat.c
Kconfig
Makefile
socket.c
sysctl_net.c