leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e2d118a1cb
linux/net/ipv6
History
Lorenzo Colitti e2d118a1cb net: inet: Support UID-based routing in IP protocols. 
- Use the UID in routing lookups made by protocol connect() and
  sendmsg() functions.
- Make sure that routing lookups triggered by incoming packets
  (e.g., Path MTU discovery) take the UID of the socket into
  account.
- For packets not associated with a userspace socket, (e.g., ping
  replies) use UID 0 inside the user namespace corresponding to
  the network namespace the socket belongs to. This allows
  all namespaces to apply routing and iptables rules to
  kernel-originated traffic in that namespaces by matching UID 0.
  This is better than using the UID of the kernel socket that is
  sending the traffic, because the UID of kernel sockets created
  at namespace creation time (e.g., the per-processor ICMP and
  TCP sockets) is the UID of the user that created the socket,
  which might not be mapped in the namespace.

Tested: compiles allnoconfig, allyesconfig, allmodconfig
Tested: https://android-review.googlesource.com/253302
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-11-04 14:45:23 -04:00
..
ila ila: Fix crash caused by rhashtable changes 2016-11-02 15:26:02 -04:00
netfilter netfilter: move socket lookup infrastructure to nf_socket_ipv{4,6}.c 2016-11-01 20:50:31 +01:00
addrconf_core.c
addrconf.c ipv6: properly prevent temp_prefered_lft sysctl race 2016-10-20 14:29:11 -04:00
addrlabel.c ipv6/addrlabel: fix ip6addrlbl_get() 2015-12-22 15:57:54 -05:00
af_inet6.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
ah6.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
anycast.c
calipso.c calipso: fix resource leak on calipso_genopt failure 2016-08-13 14:56:17 -07:00
datagram.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
esp6.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
exthdrs_core.c ipv6: constify the skb pointer of ipv6_find_tlv(). 2016-06-27 15:06:15 -04:00
exthdrs_offload.c ipv6: fix exthdrs offload registration in out_rt path 2015-09-02 15:31:00 -07:00
exthdrs.c Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/selinux into next 2016-07-07 10:15:34 +10:00
fib6_rules.c net: flow: Add l3mdev flow update 2016-09-10 23:12:51 -07:00
fou6.c fou: add Kconfig options for IPv6 support 2016-05-29 22:24:21 -07:00
icmp.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
inet6_connection_sock.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
inet6_hashtables.c inet: Fix missing return value in inet6_hash 2016-10-29 12:01:49 -04:00
ip6_checksum.c ipv6: fix checksum annotation in udp6_csum_init 2016-06-14 15:26:42 -04:00
ip6_fib.c ipv6: report NLM_F_CREATE and NLM_F_EXCL flags in RTM_NEWROUTE events 2016-09-09 16:50:23 -07:00
ip6_flowlabel.c ipv6: add new struct ipcm6_cookie 2016-05-03 16:08:14 -04:00
ip6_gre.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
ip6_icmp.c ipv6: icmp: add a force_saddr param to icmp6_send() 2016-06-18 22:11:38 -07:00
ip6_input.c net: vrf: ipv6 support for local traffic to local addresses 2016-06-08 00:25:38 -07:00
ip6_offload.c net: add recursion limit to GRO 2016-10-20 14:32:22 -04:00
ip6_offload.h udp: Add GRO functions to UDP socket 2016-04-07 16:53:29 -04:00
ip6_output.c net: ipv6: Remove l3mdev_get_saddr6 2016-09-10 23:12:53 -07:00
ip6_tunnel.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
ip6_udp_tunnel.c ip_tunnel: add support for setting flow label via collect metadata 2016-03-11 15:14:26 -05:00
ip6_vti.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
ip6mr.c net: pim: add all RFC7761 message types 2016-10-31 16:18:30 -04:00
ipcomp6.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
ipv6_sockglue.c ipv6: add IPV6_RECVFRAGSIZE cmsg 2016-11-03 15:41:11 -04:00
Kconfig fou: fix IPv6 Kconfig options 2016-05-31 14:07:49 -07:00
Makefile Merge branch 'stable-4.8' of git://git.infradead.org/users/pcmoore/selinux into next 2016-07-07 10:15:34 +10:00
mcast_snoop.c net: fix wrong skb_get() usage / crash in IGMP/MLD parsing code 2015-08-13 17:08:39 -07:00
mcast.c ipv6: fix a potential deadlock in do_ipv6_setsockopt() 2016-10-21 11:29:02 -04:00
mip6.c ipv6: use ktime_t for internal timestamps 2015-10-05 03:16:47 -07:00
ndisc.c net: l3mdev: remove redundant calls 2016-09-10 23:12:52 -07:00
netfilter.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
output_core.c net: l3mdev: Add hook to output path 2016-09-10 23:12:52 -07:00
ping.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
proc.c proc: Reduce cache miss in snmp6_seq_show 2016-09-30 01:50:44 -04:00
protocol.c
raw.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
reassembly.c ipv6: on reassembly, record frag_max_size 2016-11-03 15:41:11 -04:00
route.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
sit.c ipv4/6: use core net MTU range checking 2016-10-20 14:51:10 -04:00
syncookies.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
sysctl_net_ipv6.c calipso: Add a label cache. 2016-06-27 15:06:17 -04:00
tcp_ipv6.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
tcpv6_offload.c
tunnel6.c ipv6: fix tunnel error handling 2015-11-03 10:52:13 -05:00
udp_impl.h ipv6: udp: remove udp_v6_clear_sk() 2016-08-23 23:23:50 -07:00
udp_offload.c gso: Remove arbitrary checks for unsupported GSO 2016-05-20 18:03:15 -04:00
udp.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
udplite.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-08-30 00:54:02 -04:00
xfrm6_input.c vti6: fix input path 2016-09-21 10:09:14 +02:00
xfrm6_mode_beet.c
xfrm6_mode_ro.c
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c ipv6: update skb->csum when CE mark is propagated 2016-01-15 15:07:23 -05:00
xfrm6_output.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-10-24 06:54:12 -07:00
xfrm6_policy.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-09-12 15:52:44 -07:00
xfrm6_protocol.c
xfrm6_state.c
xfrm6_tunnel.c vti6: fix input path 2016-09-21 10:09:14 +02:00