On Tue, Jun 30, 2015 at 11:54:39AM +0300, Vladimir Davydov wrote:
> If ndo_start_xmit returns NETDEV_TX_OK, it must take care of the packet
> by itself. That means, if veth_xmit drops a packet, it must free it, but
> currently it does not. This results in skb leak. Fix it.
>
> Fixes: 69a0d2fdb4efd ("ve/veth: filter packages accoding with mac addresses")
Acked-by: Andrew Vagin <ava...@odin.com>
> Signed-off-by: Vladimir Davydov <vdavy...@parallels.com>
> ---
> drivers/net/veth.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/net/veth.c b/drivers/net/veth.c
> index 1d851749500d..99afacc12785 100644
> --- a/drivers/net/veth.c
> +++ b/drivers/net/veth.c
> @@ -151,8 +151,10 @@ static netdev_tx_t veth_xmit(struct sk_buff *skb, struct
> net_device *dev)
> skb->ip_summed = CHECKSUM_UNNECESSARY;
>
>
> - if (dev->features & NETIF_F_VENET && !vzethdev_filter(skb, dev, rcv))
> + if (dev->features & NETIF_F_VENET && !vzethdev_filter(skb, dev, rcv)) {
> + kfree_skb(skb);
> goto drop;
> + }
>
> if (likely(dev_forward_skb(rcv, skb) == NET_RX_SUCCESS)) {
> struct pcpu_vstats *stats = this_cpu_ptr(dev->vstats);
> --
> 2.1.4
>
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
