Hi Florian,
Fri, Jun 03, 2016 at 12:39:45PM IDT, ido...@mellanox.com wrote:
>Commit 8626c56c8279 ("bridge: fix potential use-after-free when hook
>returns QUEUE or STOLEN verdict") fixed incorrect usage of NF_HOOK's
>return value by consuming packets in okfn via br_pass_frame_up().
>
>However, thi
Sat, Jun 04, 2016 at 09:41:41AM IDT, shmulik.ladk...@gmail.com wrote:
>Hi,
>
>On Fri, 3 Jun 2016 12:39:45 +0300 Ido Schimmel wrote:
>> diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
>> index 1607977..c73ed44 100644
>> --- a/net/bridge/br_input.c
>> +++ b/net/bridge/br_input.c
>> @@ -22
Hi,
On Fri, 3 Jun 2016 12:39:45 +0300 Ido Schimmel wrote:
> diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
> index 1607977..c73ed44 100644
> --- a/net/bridge/br_input.c
> +++ b/net/bridge/br_input.c
> @@ -223,9 +223,7 @@ static int br_handle_local_finish(struct net *net, struct
> soc
Commit 8626c56c8279 ("bridge: fix potential use-after-free when hook
returns QUEUE or STOLEN verdict") fixed incorrect usage of NF_HOOK's
return value by consuming packets in okfn via br_pass_frame_up().
However, this function re-injects packets to the Rx path with skb->dev
set to the bridge devic
