asedeno.scripts.mit.edu Git - linux.git/commit

author	Robert Shearman <rshearma@vyatta.att-mail.com>
	Wed, 7 Nov 2018 15:36:02 +0000 (15:36 +0000)
committer	David S. Miller <davem@davemloft.net>
	Thu, 8 Nov 2018 00:12:38 +0000 (16:12 -0800)
commit	3c82a21f4320c8d54cf6456b27c8d49e5ffb722e
tree	a281d34b7cdb8bf01fe13c387ab95bce8bd87e81	tree \| snapshot
parent	f601a85bd7883708f48911d8c88e69fe5bde2b4d	commit \| diff

net: allow binding socket in a VRF when there's an unbound socket

Change the inet socket lookup to avoid packets arriving on a device
enslaved to an l3mdev from matching unbound sockets by removing the
wildcard for non sk_bound_dev_if and instead relying on check against
the secondary device index, which will be 0 when the input device is
not enslaved to an l3mdev and so match against an unbound socket and
not match when the input device is enslaved.

Change the socket binding to take the l3mdev into account to allow an
unbound socket to not conflict sockets bound to an l3mdev given the
datapath isolation now guaranteed.

Signed-off-by: Robert Shearman <rshearma@vyatta.att-mail.com>
Signed-off-by: Mike Manning <mmanning@vyatta.att-mail.com>
Reviewed-by: David Ahern <dsahern@gmail.com>
Tested-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Documentation/networking/vrf.txt		diff \| blob \| history
include/net/inet6_hashtables.h		diff \| blob \| history
include/net/inet_hashtables.h		diff \| blob \| history
include/net/inet_sock.h		diff \| blob \| history
net/ipv4/inet_connection_sock.c		diff \| blob \| history
net/ipv4/inet_hashtables.c		diff \| blob \| history