Skip to content

Commit

Permalink
net: vrf: Do not allow looback to be moved to a VRF
Browse files Browse the repository at this point in the history 
Moving the loopback into a VRF breaks networking for the default VRF.
Since the VRF device is the loopback for VRF domains, there is no
reason to move the loopback. Given the repercussions, block attempts
to set lo into a VRF.

Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Reviewed-by: Greg Rose <gvrose8192@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
David Ahern authored and David S. Miller committed Apr 27, 2017
1 parent adeb45c commit 26d31ac
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions drivers/net/vrf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -877,6 +877,12 @@ static int do_vrf_add_slave(struct net_device *dev, struct net_device *port_dev)
{
int ret;

/* do not allow loopback device to be enslaved to a VRF.
* The vrf device acts as the loopback for the vrf.
*/
if (port_dev == dev_net(dev)->loopback_dev)
return -EOPNOTSUPP;

port_dev->priv_flags |= IFF_L3MDEV_SLAVE;
ret = netdev_master_upper_dev_link(port_dev, dev, NULL, NULL);
if (ret < 0)
Expand Down

0 comments on commit 26d31ac

Please sign in to comment.