iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Thomas Graf b8fb4e0648 net: Reset secmark when scrubbing packet 
skb_scrub_packet() is called when a packet switches between a context
such as between underlay and overlay, between namespaces, or between
L3 subnets.

While we already scrub the packet mark, connection tracking entry,
and cached destination, the security mark/context is left intact.

It seems wrong to inherit the security context of a packet when going
from overlay to underlay or across forwarding paths.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-12-24 00:21:43 -05:00
..
6lowpan
net/6lowpan: Remove FSF address from GPL statement.
2014-12-05 12:43:04 +01:00
9p
9p/trans_virtio: enable VQs early
2014-10-15 10:25:04 +10:30
802
net: set name_assign_type in alloc_netdev()
2014-07-15 16:12:48 -07:00
8021q
vlan: Add ability to always enable TSO/UFO
2014-12-12 10:58:53 -05:00
appletalk
new helper: memcpy_from_msg()
2014-11-24 04:28:48 -05:00
atm
put iov_iter into msghdr
2014-12-09 16:29:03 -05:00
ax25
new helper: memcpy_from_msg()
2014-11-24 04:28:48 -05:00
batman-adv
batman-adv: avoid NULL dereferences and fix if check
2014-12-23 23:13:37 -05:00
bluetooth
Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket
2014-12-19 13:48:27 +01:00
bridge
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next
2014-12-05 20:56:46 -08:00
caif
put iov_iter into msghdr
2014-12-09 16:29:03 -05:00
can
can: fix spelling errors
2014-12-07 21:22:05 +01:00
ceph
libceph: specify position of extent operation
2014-12-17 20:09:52 +03:00
core
net: Reset secmark when scrubbing packet
2014-12-24 00:21:43 -05:00
dcb
dcbnl : Disable software interrupts before taking dcb_lock
2014-11-16 14:50:52 -05:00
dccp
net: introduce helper macro for_each_cmsghdr
2014-12-10 22:41:55 -05:00
decnet
new helper: memcpy_to_msg()
2014-11-24 04:28:51 -05:00
dns_resolver
Merge commit 'v3.16' into next
2014-10-01 00:44:04 +10:00
dsa
Driver core patches for 3.19-rc1
2014-12-14 16:10:09 -08:00
ethernet
net: Add function for parsing the header length out of linear ethernet frames
2014-09-05 17:47:02 -07:00
hsr
net/hsr: Remove left-over never-true conditional code.
2014-07-11 15:04:40 -07:00
ieee802154
Merge tag 'master-2014-12-08' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next
2014-12-09 18:12:03 -05:00
ipv4
openvswitch: Fix vport_send double free
2014-12-23 23:57:31 -05:00
ipv6
tcp6: don't move IP6CB before xfrm6_policy_check()
2014-12-22 16:48:01 -05:00
ipx
switch ipxrtr_route_packet() from iovec to msghdr
2014-11-24 04:28:49 -05:00
irda
irda: Convert function pointer arrays and uses to const
2014-12-10 15:33:16 -05:00
iucv
net: introduce helper macro for_each_cmsghdr
2014-12-10 22:41:55 -05:00
key
new helper: memcpy_from_msg()
2014-11-24 04:28:48 -05:00
l2tp
ip_generic_getfrag, udplite_getfrag: switch to passing msghdr
2014-12-09 16:28:22 -05:00
lapb
lapb: move EXPORT_SYMBOL after functions.
2014-10-24 15:51:42 -04:00
llc
llc: Make llc_sap_action_t function pointer arrays const
2014-12-10 15:21:24 -05:00
mac80211
mac80211: free management frame keys when removing station
2014-12-17 14:00:17 +01:00
mac802154
mac802154: use goto label on failure
2014-12-05 14:18:42 +01:00
mpls
mpls: Fix allowed protocols for mpls gso
2014-12-23 23:57:31 -05:00
netfilter
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2014-12-11 14:27:06 -08:00
netlabel
netlabel: kernel-doc warning fix
2014-10-09 01:40:05 -04:00
netlink
netlink: Don't reorder loads/stores before marking mmap netlink frame as available
2014-12-18 12:35:55 -05:00
netrom
new helper: memcpy_from_msg()
2014-11-24 04:28:48 -05:00
nfc
Merge tag 'master-2014-12-08' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next
2014-12-09 18:12:03 -05:00
openvswitch
openvswitch: Fix vport_send double free
2014-12-23 23:57:31 -05:00
packet
packet: Fixed TPACKET V3 to signal poll when block is closed rather than every packet
2014-12-22 15:41:15 -05:00
phonet
new helper: memcpy_from_msg()
2014-11-24 04:28:48 -05:00
rds
rds: Fix min() warning in rds_message_inc_copy_to_user()
2014-12-15 11:49:09 -05:00
rfkill
Driver core patches for 3.19-rc1
2014-12-14 16:10:09 -08:00
rose
new helper: memcpy_from_msg()
2014-11-24 04:28:48 -05:00
rxrpc
net: introduce helper macro for_each_cmsghdr
2014-12-10 22:41:55 -05:00
sched
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2014-12-10 15:48:20 -05:00
sctp
net: introduce helper macro for_each_cmsghdr
2014-12-10 22:41:55 -05:00
sunrpc
NFS client updates for Linux 3.19
2014-12-10 15:13:13 -08:00
switchdev
bridge: call netdev_sw_port_stp_update when bridge port STP status changes
2014-12-02 20:01:22 -08:00
tipc
tipc: fix broadcast wakeup contention after congestion
2014-12-10 14:45:33 -05:00
unix
put iov_iter into msghdr
2014-12-09 16:29:03 -05:00
vmw_vsock
put iov_iter into msghdr
2014-12-09 16:29:03 -05:00
wimax
wimax: convert printk to pr_foo()
2014-10-07 20:28:44 -04:00
wireless
cfg80211: correctly check ad-hoc channels
2014-12-12 13:40:38 +01:00
x25
new helper: memcpy_from_msg()
2014-11-24 04:28:48 -05:00
xfrm
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
2014-12-08 21:30:21 -05:00
compat.c
put iov_iter into msghdr
2014-12-09 16:29:03 -05:00
Kconfig
net: introduce generic switch devices support
2014-12-02 20:01:20 -08:00
Makefile
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-12-16 15:53:03 -08:00
socket.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-12-16 15:53:03 -08:00
sysctl_net.c