On 11/7/18 8:36 AM, Mike Manning wrote:
> The commit a04a480d4392 ("net: Require exact match for TCP socket
> lookups if dif is l3mdev") only ensures that the correct socket is
> selected for packets in a VRF. However, there is no guarantee that
> the unbound socket will be selected for packets when not in a VRF.
> By checking for a device match in compute_score() also for the case
> when there is no bound device and attaching a score to this, the
> unbound socket is selected. And if a failure is returned when there
> is no device match, this ensures that bound sockets are never selected,
> even if there is no unbound socket.
>
> Signed-off-by: Mike Manning <[email protected]>
> ---
> include/net/inet_hashtables.h | 11 +++++++++++
> include/net/inet_sock.h | 8 ++++++++
> net/ipv4/inet_hashtables.c | 14 ++++++--------
> net/ipv6/inet6_hashtables.c | 14 ++++++--------
> 4 files changed, 31 insertions(+), 16 deletions(-)
>
Reviewed-by: David Ahern <[email protected]>
Tested-by: David Ahern <[email protected]>
