From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Stephen Suryaputra <ssuryaextr@gmail.com>,
David Ahern <dsahern@gmail.com>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 4.14 29/41] vrf: check the original netdevice for generating redirect
Date: Sat, 9 Jun 2018 17:30:01 +0200 [thread overview]
Message-ID: <20180609152928.014609654@linuxfoundation.org> (raw)
In-Reply-To: <20180609152926.389750182@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Stephen Suryaputra <ssuryaextr@gmail.com>
[ Upstream commit 2f17becfbea5e9a0529b51da7345783e96e69516 ]
Use the right device to determine if redirect should be sent especially
when using vrf. Same as well as when sending the redirect.
Signed-off-by: Stephen Suryaputra <ssuryaextr@gmail.com>
Acked-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/ipv6/ip6_output.c | 3 ++-
net/ipv6/ndisc.c | 6 ++++++
2 files changed, 8 insertions(+), 1 deletion(-)
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -506,7 +506,8 @@ int ip6_forward(struct sk_buff *skb)
send redirects to source routed frames.
We don't send redirects to frames decapsulated from IPsec.
*/
- if (skb->dev == dst->dev && opt->srcrt == 0 && !skb_sec_path(skb)) {
+ if (IP6CB(skb)->iif == dst->dev->ifindex &&
+ opt->srcrt == 0 && !skb_sec_path(skb)) {
struct in6_addr *target = NULL;
struct inet_peer *peer;
struct rt6_info *rt;
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -1568,6 +1568,12 @@ void ndisc_send_redirect(struct sk_buff
ops_data_buf[NDISC_OPS_REDIRECT_DATA_SPACE], *ops_data = NULL;
bool ret;
+ if (netif_is_l3_master(skb->dev)) {
+ dev = __dev_get_by_index(dev_net(skb->dev), IPCB(skb)->iif);
+ if (!dev)
+ return;
+ }
+
if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
ND_PRINTK(2, warn, "Redirect: no link-local address on %s\n",
dev->name);
next prev parent reply other threads:[~2018-06-09 15:41 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-09 15:29 [PATCH 4.14 00/41] 4.14.49-stable review Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 01/41] scsi: sd_zbc: Fix potential memory leak Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 02/41] scsi: sd_zbc: Avoid that resetting a zone fails sporadically Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 03/41] mmap: introduce sane default mmap limits Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 04/41] mmap: relax file size limit for regular files Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 05/41] btrfs: define SUPER_FLAG_METADUMP_V2 Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 07/41] be2net: Fix error detection logic for BE3 Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 08/41] bnx2x: use the right constant Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 09/41] dccp: dont free ccid2_hc_tx_sock struct in dccp_disconnect() Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 10/41] enic: set DMA mask to 47 bit Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 11/41] ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 12/41] ip6_tunnel: remove magic mtu value 0xFFF8 Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 13/41] ipmr: properly check rhltable_init() return value Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 14/41] ipv4: remove warning in ip_recv_error Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 15/41] ipv6: omit traffic class when calculating flow hash Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 16/41] isdn: eicon: fix a missing-check bug Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 17/41] kcm: Fix use-after-free caused by clonned sockets Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 18/41] netdev-FAQ: clarify DaveMs position for stable backports Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 19/41] net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 20/41] net: metrics: add proper netlink validation Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 21/41] net/packet: refine check for priv area size Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 22/41] net: phy: broadcom: Fix bcm_write_exp() Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 24/41] packet: fix reserve calculation Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 25/41] qed: Fix mask for physical address in ILT entry Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 26/41] sctp: not allow transport timeout value less than HZ/5 for hb_timer Greg Kroah-Hartman
2018-06-09 15:29 ` [PATCH 4.14 27/41] team: use netdev_features_t instead of u32 Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 28/41] vhost: synchronize IOTLB message with dev cleanup Greg Kroah-Hartman
2018-06-09 15:30 ` Greg Kroah-Hartman [this message]
2018-06-09 15:30 ` [PATCH 4.14 30/41] ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 31/41] net: phy: broadcom: Fix auxiliary control register reads Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 32/41] net-sysfs: Fix memory leak in XPS configuration Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 33/41] virtio-net: correctly transmit XDP buff after linearizing Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 34/41] net/mlx4: Fix irq-unsafe spinlock usage Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 35/41] tun: Fix NULL pointer dereference in XDP redirect Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 36/41] virtio-net: correctly check num_buf during err path Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 37/41] net/mlx5e: When RXFCS is set, add FCS data into checksum calculation Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 38/41] virtio-net: fix leaking page for gso packet during mergeable XDP Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 39/41] rtnetlink: validate attributes in do_setlink() Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 40/41] cls_flower: Fix incorrect idr release when failing to modify rule Greg Kroah-Hartman
2018-06-09 15:30 ` [PATCH 4.14 41/41] PCI: hv: Do not wait forever on a device that has disappeared Greg Kroah-Hartman
2018-06-10 9:06 ` [PATCH 4.14 00/41] 4.14.49-stable review Naresh Kamboju
2018-06-10 15:13 ` Guenter Roeck
2018-06-11 19:36 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180609152928.014609654@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=dsahern@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=ssuryaextr@gmail.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.