mbox series

[net,0/2] ipv4: Ensure ECN bits don't influence source address validation

Message ID cover.1610790904.git.gnault@redhat.com (mailing list archive)
Headers show
Series ipv4: Ensure ECN bits don't influence source address validation | expand

Message

Guillaume Nault Jan. 16, 2021, 10:44 a.m. UTC
Functions that end up calling fib_table_lookup() should clear the ECN
bits from the TOS, otherwise ECT(0) and ECT(1) packets can be treated
differently.

Most functions already clear the ECN bits, but there are a few cases
where this is not done. This series only fixes the ones related to
source address validation.

Guillaume Nault (2):
  udp: mask TOS bits in udp_v4_early_demux()
  netfilter: rpfilter: mask ecn bits before fib lookup

 net/ipv4/netfilter/ipt_rpfilter.c | 2 +-
 net/ipv4/udp.c                    | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

Comments

patchwork-bot+netdevbpf@kernel.org Jan. 19, 2021, 10:30 p.m. UTC | #1
Hello:

This series was applied to netdev/net.git (refs/heads/master):

On Sat, 16 Jan 2021 11:44:18 +0100 you wrote:
> Functions that end up calling fib_table_lookup() should clear the ECN
> bits from the TOS, otherwise ECT(0) and ECT(1) packets can be treated
> differently.
> 
> Most functions already clear the ECN bits, but there are a few cases
> where this is not done. This series only fixes the ones related to
> source address validation.
> 
> [...]

Here is the summary with links:
  - [net,1/2] udp: mask TOS bits in udp_v4_early_demux()
    https://git.kernel.org/netdev/net/c/8d2b51b008c2
  - [net,2/2] netfilter: rpfilter: mask ecn bits before fib lookup
    https://git.kernel.org/netdev/net/c/2e5a6266fbb1

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html