linux/net/core
Florian Zumbiehl 48cc32d38a vlan: don't deliver frames for unknown vlans to protocols
6a32e4f9dd made the vlan code skip marking
vlan-tagged frames for not locally configured vlans as PACKET_OTHERHOST if
there was an rx_handler, as the rx_handler could cause the frame to be received
on a different (virtual) vlan-capable interface where that vlan might be
configured.

As rx_handlers do not necessarily return RX_HANDLER_ANOTHER, this could cause
frames for unknown vlans to be delivered to the protocol stack as if they had
been received untagged.

For example, if an ipv6 router advertisement that's tagged for a locally not
configured vlan is received on an interface with macvlan interfaces attached,
macvlan's rx_handler returns RX_HANDLER_PASS after delivering the frame to the
macvlan interfaces, which caused it to be passed to the protocol stack, leading
to ipv6 addresses for the announced prefix being configured even though those
are completely unusable on the underlying interface.

The fix moves marking as PACKET_OTHERHOST after the rx_handler so the
rx_handler, if there is one, sees the frame unchanged, but afterwards,
before the frame is delivered to the protocol stack, it gets marked whether
there is an rx_handler or not.

Signed-off-by: Florian Zumbiehl <florz@florz.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-10-08 15:21:55 -04:00
..
datagram.c net: skb_free_datagram_locked() doesnt drop all packets 2012-06-27 15:40:57 -07:00
dev_addr_lists.c netdev: make address const in device address management 2012-09-19 16:35:22 -04:00
dev.c vlan: don't deliver frames for unknown vlans to protocols 2012-10-08 15:21:55 -04:00
drop_monitor.c drop_monitor: dont sleep in atomic context 2012-06-04 11:42:01 -04:00
dst.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
ethtool.c net: provide a default dev->ethtool_ops 2012-09-19 15:40:15 -04:00
fib_rules.c netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
filter.c filter: add XOR instruction for use with X/K 2012-09-24 16:49:21 -04:00
flow_dissector.c ipv6: add ipv6_addr_hash() helper 2012-07-18 11:28:46 -07:00
flow.c
gen_estimator.c
gen_stats.c
iovec.c
link_watch.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
Makefile
neighbour.c net: Fix skb_under_panic oops in neigh_resolve_output 2012-10-07 14:42:39 -04:00
net_namespace.c net: Statically initialize init_net.dev_base_head 2012-07-18 13:32:27 -07:00
net-sysfs.c net: add unknown state to sysfs NIC duplex export 2012-09-05 17:40:07 -04:00
net-sysfs.h
net-traces.c
netevent.c
netpoll.c netpoll: call ->ndo_select_queue() in tx path 2012-09-19 17:19:09 -04:00
netprio_cgroup.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-10-02 20:25:04 -07:00
pktgen.c pktgen: fix crash with vlan and packet size less than 46 2012-09-13 17:10:00 -04:00
request_sock.c tcp: TCP Fast Open Server - support TFO listeners 2012-08-31 20:02:19 -04:00
rtnetlink.c netlink: add attributes to fdb interface 2012-10-01 18:39:44 -04:00
scm.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-10-02 20:25:04 -07:00
secure_seq.c netfilter: ipv6: add IPv6 NAT support 2012-08-30 03:00:17 +02:00
skbuff.c net: remove skb recycling 2012-10-07 00:40:54 -04:00
sock_diag.c netlink: hide struct module parameter in netlink_kernel_create 2012-09-08 18:46:30 -04:00
sock.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
stream.c
sysctl_net_core.c net: Delete all remaining instances of ctl_path 2012-04-20 21:22:30 -04:00
timestamping.c
user_dma.c
utils.c net: core: add function for incremental IPv6 pseudo header checksum updates 2012-08-30 03:00:16 +02:00