mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-27 03:10:12 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Dumitru Ceara 8aa7b526dc openvswitch: handle DNAT tuple collision 
With multiple DNAT rules it's possible that after destination
translation the resulting tuples collide.

For example, two openvswitch flows:
nw_dst=10.0.0.10,tp_dst=10, actions=ct(commit,table=2,nat(dst=20.0.0.1:20))
nw_dst=10.0.0.20,tp_dst=10, actions=ct(commit,table=2,nat(dst=20.0.0.1:20))

Assuming two TCP clients initiating the following connections:
10.0.0.10:5000->10.0.0.10:10
10.0.0.10:5000->10.0.0.20:10

Both tuples would translate to 10.0.0.10:5000->20.0.0.1:20 causing
nf_conntrack_confirm() to fail because of tuple collision.

Netfilter handles this case by allocating a null binding for SNAT at
egress by default.  Perform the same operation in openvswitch for DNAT
if no explicit SNAT is requested by the user and allocate a null binding
for SNAT for packets in the "original" direction.

Reported-at: https://bugzilla.redhat.com/1877128
Suggested-by: Florian Westphal <fw@strlen.de>
Fixes: 05752523e5 ("openvswitch: Interface with NAT.")
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2020-10-08 12:20:35 -07:00
..
6lowpan treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
9p treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
802
8021q treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
appletalk appletalk: Fix atalk_proc_init() return path 2020-08-03 15:48:32 -07:00
atm treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
ax25 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-07-25 17:49:04 -07:00
batman-adv batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh 2020-09-15 10:05:24 +02:00
bluetooth mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
bpf treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
bpfilter Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2020-08-04 14:27:25 -07:00
bridge bridge: Netlink interface fix. 2020-10-08 12:05:07 -07:00
caif net: caif: fix error code handling 2020-08-25 07:50:25 -07:00
can treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
ceph libceph: use sendpage_ok() in ceph_tcp_sendpage() 2020-10-02 15:27:08 -07:00
core Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf 2020-10-08 12:05:37 -07:00
dcb net: DCB: Validate DCB_ATTR_DCB_BUFFER argument 2020-09-10 15:09:08 -07:00
dccp treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
decnet treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
dns_resolver docs: networking: convert dns_resolver.txt to ReST 2020-04-28 14:39:46 -07:00
dsa net: mscc: ocelot: add locking for the port TX timestamp ID 2020-09-18 13:52:33 -07:00
ethernet net: move devres helpers into a separate source file 2020-05-23 16:56:17 -07:00
ethtool ethtool: mark netlink family as __ro_after_init 2020-09-28 18:52:50 -07:00
hsr hsr: avoid newline at end of message in NL_SET_ERR_MSG_MOD 2020-09-09 11:15:26 -07:00
ieee802154 treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
ife
ipv4 tcp: fix receive window update in tcp_add_backlog() 2020-10-06 06:11:58 -07:00
ipv6 ipv6: route: convert comma to semicolon 2020-09-21 14:52:18 -07:00
iucv treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
kcm net: pass a sockptr_t into ->setsockopt 2020-07-24 15:41:54 -07:00
key Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-08-02 01:02:12 -07:00
l2tp l2tp: improve API documentation in l2tp_core.h 2020-07-30 16:45:31 -07:00
l3mdev net: Fix some comments 2020-08-27 07:55:59 -07:00
lapb treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
llc net: pass a sockptr_t into ->setsockopt 2020-07-24 15:41:54 -07:00
mac80211 mac80211: fix 80 MHz association to 160/80+80 AP on 6 GHz 2020-09-18 14:01:24 +02:00
mac802154 Merge tag 'ieee802154-for-davem-2020-09-08' of git://git.kernel.org/pub/scm/linux/kernel/git/sschmidt/wpan 2020-09-08 20:12:58 -07:00
mpls treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
mptcp mptcp: more DATA FIN fixes 2020-10-06 06:06:59 -07:00
ncsi treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
netfilter netfilter: nft_meta: use socket user_ns to retrieve skuid and skgid 2020-09-08 13:04:56 +02:00
netlabel netlabel: fix problems with mapping removal 2020-08-24 16:08:00 -07:00
netlink netlink: fix policy dump leak 2020-10-02 13:00:38 -07:00
netrom treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
nfc net/nfc/rawsock.c: add CAP_NET_RAW check. 2020-08-11 10:34:30 -07:00
nsh treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
openvswitch openvswitch: handle DNAT tuple collision 2020-10-08 12:20:35 -07:00
packet net/packet: fix overflow in tpacket_rcv 2020-09-04 11:56:02 -07:00
phonet treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
psample net: psample: fix build error when CONFIG_INET is not enabled 2020-05-23 16:36:05 -07:00
qrtr net: qrtr: ns: Fix the incorrect usage of rcu_read_lock() 2020-10-06 06:01:35 -07:00
rds treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
rfkill
rose treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
rxrpc rxrpc: Fix server keyring leak 2020-10-05 17:09:22 +01:00
sched net_sched: check error pointer in tcf_dump_walker() 2020-10-04 14:53:06 -07:00
sctp sctp: fix sctp_auth_init_hmacs() error path 2020-10-08 12:19:51 -07:00
smc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-09-03 18:50:48 -07:00
strparser
sunrpc SUNRPC: Fix svc_flush_dcache() 2020-09-21 10:13:25 -04:00
switchdev net: switchdev: Fixed kerneldoc warning 2020-09-23 17:46:31 -07:00
tipc net: tipc: kerneldoc fixes 2020-09-15 13:33:04 -07:00
tls net/tls: race causes kernel panic 2020-09-24 20:06:29 -07:00
unix treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
vmw_vsock vsock: fix potential null pointer dereference in vsock_poll() 2020-08-12 12:56:06 -07:00
wimax
wireless net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() 2020-10-08 12:37:25 +02:00
x25 treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
xdp xsk: Do not discard packet when NETDEV_TX_BUSY 2020-09-16 23:36:58 +02:00
xfrm Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 2020-09-28 12:25:42 -07:00
compat.c net/scm: Fix typo in SCM_RIGHTS compat refactoring 2020-08-07 12:43:25 -07:00
devres.c net: devres: rename the release callback of devm_register_netdev() 2020-06-30 15:57:34 -07:00
Kconfig net: ethtool: Remove PHYLIB direct dependency 2020-07-07 15:41:05 -07:00
Makefile net: move devres helpers into a separate source file 2020-05-23 16:56:17 -07:00
socket.c net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send 2020-10-02 15:27:08 -07:00
sysctl_net.c