Dan Streetman wrote:
> > But I have to say that this netfilter bridging fake dst has caused
> > several dozen bugs over the years, it is fundamentally a serious
> > problem in and of itself. It provides DST facilities by hand, in a
> > static object, without using any of the usual methods for cre
On Thu, Jan 26, 2017 at 1:04 PM, David Miller wrote:
> From: Florian Westphal
> Date: Thu, 26 Jan 2017 17:24:33 +0100
>
>> Eric Dumazet wrote:
>>> > Though possibly with different things not setting the "input" function
>>> > pointer in the "struct dst_entry".
>>> >
>>> > include/net/dst.h:
>>>
On Thu, 2017-01-26 at 10:00 -0800, Eric Dumazet wrote:
> On Thu, 2017-01-26 at 17:24 +0100, Florian Westphal wrote:
>
> > I think it makes sense to set dst->incoming
> > to a stub in br_netfilter_rtable_init() to just kfree_skb()+
> > WARN_ON_ONCE(), no need to add code to ip stack or crash kernel
From: Florian Westphal
Date: Thu, 26 Jan 2017 17:24:33 +0100
> Eric Dumazet wrote:
>> > Though possibly with different things not setting the "input" function
>> > pointer in the "struct dst_entry".
>> >
>> > include/net/dst.h:
>> > 496 static inline int dst_input(struct sk_buff *skb) {
>> >
On Thu, 2017-01-26 at 17:24 +0100, Florian Westphal wrote:
> I think it makes sense to set dst->incoming
> to a stub in br_netfilter_rtable_init() to just kfree_skb()+
> WARN_ON_ONCE(), no need to add code to ip stack or crash kernel
> due to brnf bug.
Just kfree_skb() would hide bugs.
Dropping
Eric Dumazet wrote:
> > Though possibly with different things not setting the "input" function
> > pointer in the "struct dst_entry".
> >
> > include/net/dst.h:
> > 496 static inline int dst_input(struct sk_buff *skb) {
> > 498 return skb_dst(skb)->input(skb);
> > 499 }
> >
> > Is
On Thu, 2017-01-26 at 09:32 -0600, Roy Keene wrote:
This bug appears to have existed for a long time:
https://www.spinics.net/lists/netdev/msg222459.html
http://www.kernelhub.org/?p=2&msg=823752
Though possibly with different things not setting the "input" function
pointer in t
On Thu, 2017-01-26 at 09:32 -0600, Roy Keene wrote:
> This bug appears to have existed for a long time:
>
> https://www.spinics.net/lists/netdev/msg222459.html
>
> http://www.kernelhub.org/?p=2&msg=823752
>
> Though possibly with different things not setting the "input" function
> p
This bug appears to have existed for a long time:
https://www.spinics.net/lists/netdev/msg222459.html
http://www.kernelhub.org/?p=2&msg=823752
Though possibly with different things not setting the "input" function
pointer in the "struct dst_entry".
include/net/dst.h:
496 sta
