linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-16 07:35:14 +00:00

No description

Find a file

Daniel Borkmann 924f7bbfc5 vxlan: Fix regression when dropping packets due to invalid src addresses [ Upstream commit `1cd4bc987a` ] Commit `f58f45c1e5` ("vxlan: drop packets from invalid src-address") has recently been added to vxlan mainly in the context of source address snooping/learning so that when it is enabled, an entry in the FDB is not being created for an invalid address for the corresponding tunnel endpoint. Before commit `f58f45c1e5` vxlan was similarly behaving as geneve in that it passed through whichever macs were set in the L2 header. It turns out that this change in behavior breaks setups, for example, Cilium with netkit in L3 mode for Pods as well as tunnel mode has been passing before the change in `f58f45c1e5` for both vxlan and geneve. After mentioned change it is only passing for geneve as in case of vxlan packets are dropped due to vxlan_set_mac() returning false as source and destination macs are zero which for E/W traffic via tunnel is totally fine. Fix it by only opting into the is_valid_ether_addr() check in vxlan_set_mac() when in fact source address snooping/learning is actually enabled in vxlan. This is done by moving the check into vxlan_snoop(). With this change, the Cilium connectivity test suite passes again for both tunnel flavors. Fixes: `f58f45c1e5` ("vxlan: drop packets from invalid src-address") Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Cc: David Bauer <mail@david-bauer.net> Cc: Ido Schimmel <idosch@nvidia.com> Cc: Nikolay Aleksandrov <razor@blackwall.org> Cc: Martin KaFai Lau <martin.lau@kernel.org> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org> Reviewed-by: David Bauer <mail@david-bauer.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sashal@kernel.org>		2024-06-21 14:38:17 +02:00
arch	KVM: SEV-ES: Delegate LBR virtualization to the processor	2024-06-21 14:38:15 +02:00
block	blk-cgroup: Properly propagate the iostat update up the hierarchy	2024-06-12 11:12:46 +02:00
certs	certs: Reference revocation list for all keyrings	2023-08-17 20:12:41 +00:00
crypto	crypto: ecrdsa - Fix module auto-load on add_key	2024-06-16 13:47:39 +02:00
Documentation	mm: fix race between __split_huge_pmd_locked() and GUP-fast	2024-06-16 13:47:40 +02:00
drivers	vxlan: Fix regression when dropping packets due to invalid src addresses	2024-06-21 14:38:17 +02:00
fs	smb: client: fix deadlock in smb2_find_smb_tcon()	2024-06-16 13:47:48 +02:00
include	bpf: Optimize the free of inner map	2024-06-21 14:38:15 +02:00
init	smp: Provide 'setup_max_cpus' definition on UP too	2024-06-16 13:47:49 +02:00
io_uring	io-wq: write next_work before dropping acct_lock	2024-06-12 11:11:33 +02:00
ipc	Add x86 shadow stack support	2023-08-31 12:20:12 -07:00
kernel	bpf: Fix a potential use-after-free in bpf_link_free()	2024-06-21 14:38:15 +02:00
lib	lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure	2024-06-12 11:12:08 +02:00
LICENSES	LICENSES: Add the copyleft-next-0.3.1 license	2022-11-08 15:44:01 +01:00
mm	mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL	2024-06-16 13:47:42 +02:00
net	net: sched: sch_multiq: fix possible OOB write in multiq_tune()	2024-06-21 14:38:16 +02:00
rust	rust: kernel: require `Send` for `Module` implementations	2024-05-17 12:01:56 +02:00
samples	work around gcc bugs with 'asm goto' with outputs	2024-02-23 09:24:47 +01:00
scripts	kconfig: fix comparison to constant symbols, 'm', 'n'	2024-06-12 11:12:58 +02:00
security	KEYS: trusted: Do not use WARN when encode fails	2024-05-25 16:22:55 +02:00
sound	ALSA: seq: Fix incorrect UMP type for system messages	2024-06-16 13:47:48 +02:00
tools	selftests: net: more strict check in net_helper	2024-06-16 13:47:48 +02:00
usr	initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP	2023-06-06 17:54:49 +09:00
virt	KVM: Always flush async #PF workqueue when vCPU is being destroyed	2024-04-03 15:28:18 +02:00
.clang-format	iommu: Add for_each_group_device()	2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore	get_maintainer: add Alan to .get_maintainer.ignore	2022-08-20 15:17:44 -07:00
.gitattributes	.gitattributes: set diff driver for Rust source code files	2023-05-31 17:48:25 +02:00
.gitignore	kbuild: rpm-pkg: rename binkernel.spec to kernel.spec	2023-07-25 00:59:33 +09:00
.mailmap	20 hotfixes. 12 are cc:stable and the remainder address post-6.5 issues	2023-10-24 09:52:16 -10:00
.rustfmt.toml	rust: add `.rustfmt.toml`	2022-09-28 09:02:20 +02:00
COPYING
CREDITS	USB: Remove Wireless USB and UWB documentation	2023-08-09 14:17:32 +02:00
Kbuild	Kbuild updates for v6.1	2022-10-10 12:00:45 -07:00
Kconfig	kbuild: ensure full rebuild when the compiler is updated	2020-05-12 13:28:33 +09:00
MAINTAINERS	pwm: Rename pwm_apply_state() to pwm_apply_might_sleep()	2024-06-12 11:12:24 +02:00
Makefile	Linux 6.6.34	2024-06-16 13:47:49 +02:00
README

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.