From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Ahern Subject: [PATCH net] net/ipv6: Handle reject routes with onlink flag Date: Tue, 6 Feb 2018 12:14:12 -0800 Message-ID: <20180206201412.11580-1-dsahern@gmail.com> Cc: davem@davemloft.net, David Ahern To: netdev@vger.kernel.org Return-path: Received: from mail-pf0-f195.google.com ([209.85.192.195]:42712 "EHLO mail-pf0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752736AbeBFUOV (ORCPT ); Tue, 6 Feb 2018 15:14:21 -0500 Received: by mail-pf0-f195.google.com with SMTP id b25so1114265pfd.9 for ; Tue, 06 Feb 2018 12:14:21 -0800 (PST) Sender: netdev-owner@vger.kernel.org List-ID: Verification of nexthops with onlink flag need to handle unreachable routes. The lookup is only intended to validate the gateway address is not a local address and if the gateway resolves the egress device must match the given device. Hence, hitting any default reject route is ok. Fixes: fc1e64e1092f ("net/ipv6: Add support for onlink flag") Signed-off-by: David Ahern --- net/ipv6/route.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv6/route.c b/net/ipv6/route.c index fb2d251c0500..69c43d289c69 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -2488,7 +2488,8 @@ static int ip6_route_check_nh_onlink(struct net *net, err = 0; grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0); if (grt) { - if (grt->rt6i_flags & flags || dev != grt->dst.dev) { + if (!grt->dst.error && + (grt->rt6i_flags & flags || dev != grt->dst.dev)) { NL_SET_ERR_MSG(extack, "Nexthop has invalid gateway"); err = -EINVAL; } -- 2.11.0