diff options
author | Joe Stringer <joestringer@nicira.com> | 2015-10-16 11:08:18 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2015-10-18 22:24:50 -0700 |
commit | 740dbc289155fdeed32438396370e70b684cd45e (patch) | |
tree | d57e072326e2c7867556f7f199a41e4b30b8b36f /net/atm/svc.c | |
parent | a5d6f7dd300e7a3237410cc9d6d00427c18281c3 (diff) | |
download | op-kernel-dev-740dbc289155fdeed32438396370e70b684cd45e.zip op-kernel-dev-740dbc289155fdeed32438396370e70b684cd45e.tar.gz |
openvswitch: Scrub skb between namespaces
If OVS receives a packet from another namespace, then the packet should
be scrubbed. However, people have already begun to rely on the behaviour
that skb->mark is preserved across namespaces, so retain this one field.
This is mainly to address information leakage between namespaces when
using OVS internal ports, but by placing it in ovs_vport_receive() it is
more generally applicable, meaning it should not be overlooked if other
port types are allowed to be moved into namespaces in future.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/atm/svc.c')
0 files changed, 0 insertions, 0 deletions