diff options
Diffstat (limited to 'net/core/skbuff.c')
| -rw-r--r-- | net/core/skbuff.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 2c3d0f53d198..d81cff119f73 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c | |||
| @@ -3500,17 +3500,22 @@ bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from, | |||
| 3500 | EXPORT_SYMBOL(skb_try_coalesce); | 3500 | EXPORT_SYMBOL(skb_try_coalesce); |
| 3501 | 3501 | ||
| 3502 | /** | 3502 | /** |
| 3503 | * skb_scrub_packet - scrub an skb before sending it to another netns | 3503 | * skb_scrub_packet - scrub an skb |
| 3504 | * | 3504 | * |
| 3505 | * @skb: buffer to clean | 3505 | * @skb: buffer to clean |
| 3506 | * | 3506 | * @xnet: packet is crossing netns |
| 3507 | * skb_scrub_packet can be used to clean an skb before injecting it in | 3507 | * |
| 3508 | * another namespace. We have to clear all information in the skb that | 3508 | * skb_scrub_packet can be used after encapsulating or decapsulting a packet |
| 3509 | * could impact namespace isolation. | 3509 | * into/from a tunnel. Some information have to be cleared during these |
| 3510 | * operations. | ||
| 3511 | * skb_scrub_packet can also be used to clean a skb before injecting it in | ||
| 3512 | * another namespace (@xnet == true). We have to clear all information in the | ||
| 3513 | * skb that could impact namespace isolation. | ||
| 3510 | */ | 3514 | */ |
| 3511 | void skb_scrub_packet(struct sk_buff *skb) | 3515 | void skb_scrub_packet(struct sk_buff *skb, bool xnet) |
| 3512 | { | 3516 | { |
| 3513 | skb_orphan(skb); | 3517 | if (xnet) |
| 3518 | skb_orphan(skb); | ||
| 3514 | skb->tstamp.tv64 = 0; | 3519 | skb->tstamp.tv64 = 0; |
| 3515 | skb->pkt_type = PACKET_HOST; | 3520 | skb->pkt_type = PACKET_HOST; |
| 3516 | skb->skb_iif = 0; | 3521 | skb->skb_iif = 0; |