git.baikalelectronics.ru Git - kernel.git/commit

author	Hannes Frederic Sowa <hannes@stressinduktion.org>
	Thu, 7 Jan 2016 13:28:39 +0000 (14:28 +0100)
committer	David S. Miller <davem@davemloft.net>
	Sun, 10 Jan 2016 22:28:24 +0000 (17:28 -0500)
commit	652ea573091e46a03455987290ec500cccbb96fa
tree	30370eacf684b73d796ebfa081f4be5a99f87b96	tree \| snapshot
parent	90a1b2a72c3b42a41d9c34b67d3e8abbf0c0d26f	commit \| diff

udp: restrict offloads to one namespace

udp tunnel offloads tend to aggregate datagrams based on inner
headers. gro engine gets notified by tunnel implementations about
possible offloads. The match is solely based on the port number.

Imagine a tunnel bound to port 53, the offloading will look into all
DNS packets and tries to aggregate them based on the inner data found
within. This could lead to data corruption and malformed DNS packets.

While this patch minimizes the problem and helps an administrator to find
the issue by querying ip tunnel/fou, a better way would be to match on
the specific destination ip address so if a user space socket is bound
to the same address it will conflict.

Cc: Tom Herbert <tom@herbertland.com>
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

drivers/net/geneve.c		diff \| blob \| history
drivers/net/vxlan.c		diff \| blob \| history
include/net/protocol.h		diff \| blob \| history
net/ipv4/fou.c		diff \| blob \| history
net/ipv4/udp_offload.c		diff \| blob \| history