> If I understand correctly (and as Cong already said), information are > leaking > between netns during the input phase. On the tx side, skb_scrub_packet() is > called, but not on the rx side. I think it's wrong. There should be an > explicit > boundary. > I think we used to do dev_forward_skb() in the RX path which used to do skb_scrub_packet(). When we added the optimization to avoid queuing second time just to deliver packet to the slave (by doing RX_HANDLER_ANOTHER), we lost the skb_scrub_packet() which we used to get automatically. I believe we can add that! Thanks for pointing it out.
> Another small comment: maybe finding another name than l3_dev could help to > avoid confusion with the existing l3mdev. I have absolutely no preference for the name. I used it to indicate this is the *L3 device*. Please suggest.
