[PATCH net,v2] vrf: check accept_source_route on the original netdevice

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH net,v2] vrf: check accept_source_route on the original netdevice
@ 2019-03-27 19:58 Stephen Suryaputra
  2019-03-29 18:12 ` David Miller
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Stephen Suryaputra @ 2019-03-27 19:58 UTC (permalink / raw)
  To: netdev; +Cc: Stephen Suryaputra

Configuration check to accept source route IP options should be made on
the incoming netdevice when the skb->dev is an l3mdev master. The route
lookup for the source route next hop also needs the incoming netdev.

Signed-off-by: Stephen Suryaputra <ssuryaextr@gmail.com>
---
 net/ipv4/ip_input.c   | 3 +++
 net/ipv4/ip_options.c | 6 +++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
index ecce2dc78f17..754176222ef6 100644
--- a/net/ipv4/ip_input.c
+++ b/net/ipv4/ip_input.c
@@ -263,6 +263,9 @@ static inline bool ip_rcv_options(struct sk_buff *skb)
 	const struct iphdr *iph;
 	struct net_device *dev = skb->dev;
 
+	if (netif_is_l3_master(dev))
+		dev = __dev_get_by_index(dev_net(dev), IPCB(skb)->iif);
+
 	/* It looks as overkill, because not all
 	   IP options require packet mangling.
 	   But it is the easiest for now, especially taking
diff --git a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c
index 32a35043c9f5..99f37591d7c1 100644
--- a/net/ipv4/ip_options.c
+++ b/net/ipv4/ip_options.c
@@ -620,6 +620,7 @@ int ip_options_rcv_srr(struct sk_buff *skb)
 	struct iphdr *iph = ip_hdr(skb);
 	unsigned char *optptr = skb_network_header(skb) + opt->srr;
 	struct rtable *rt = skb_rtable(skb);
+	struct net_device *dev = skb->dev;
 	struct rtable *rt2;
 	unsigned long orefdst;
 	int err;
@@ -638,6 +639,9 @@ int ip_options_rcv_srr(struct sk_buff *skb)
 	if (rt->rt_type != RTN_LOCAL)
 		return -EINVAL;
 
+	if (netif_is_l3_master(dev))
+		dev = __dev_get_by_index(dev_net(dev), IPCB(skb)->iif);
+
 	for (srrptr = optptr[2], srrspace = optptr[1]; srrptr <= srrspace; srrptr += 4) {
 		if (srrptr + 3 > srrspace) {
 			icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl((opt->srr+2)<<24));
@@ -647,7 +651,7 @@ int ip_options_rcv_srr(struct sk_buff *skb)
 
 		orefdst = skb->_skb_refdst;
 		skb_dst_set(skb, NULL);
-		err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, skb->dev);
+		err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, dev);
 		rt2 = skb_rtable(skb);
 		if (err || (rt2->rt_type != RTN_UNICAST && rt2->rt_type != RTN_LOCAL)) {
 			skb_dst_drop(skb);
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH net,v2] vrf: check accept_source_route on the original netdevice
  2019-03-27 19:58 [PATCH net,v2] vrf: check accept_source_route on the original netdevice Stephen Suryaputra
@ 2019-03-29 18:12 ` David Miller
  2019-03-31 20:57 ` David Miller
  2019-04-01  0:04 ` David Ahern
  2 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2019-03-29 18:12 UTC (permalink / raw)
  To: ssuryaextr; +Cc: netdev, dsahern, dsahern

From: Stephen Suryaputra <ssuryaextr@gmail.com>
Date: Wed, 27 Mar 2019 15:58:48 -0400

> Configuration check to accept source route IP options should be made on
> the incoming netdevice when the skb->dev is an l3mdev master. The route
> lookup for the source route next hop also needs the incoming netdev.
> 
> Signed-off-by: Stephen Suryaputra <ssuryaextr@gmail.com>

David, please review.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH net,v2] vrf: check accept_source_route on the original netdevice
  2019-03-27 19:58 [PATCH net,v2] vrf: check accept_source_route on the original netdevice Stephen Suryaputra
  2019-03-29 18:12 ` David Miller
@ 2019-03-31 20:57 ` David Miller
  2019-04-01  0:06   ` David Ahern
  2019-04-01  0:04 ` David Ahern
  2 siblings, 1 reply; 5+ messages in thread
From: David Miller @ 2019-03-31 20:57 UTC (permalink / raw)
  To: ssuryaextr; +Cc: netdev, dsahern

From: Stephen Suryaputra <ssuryaextr@gmail.com>
Date: Wed, 27 Mar 2019 15:58:48 -0400

> Configuration check to accept source route IP options should be made on
> the incoming netdevice when the skb->dev is an l3mdev master. The route
> lookup for the source route next hop also needs the incoming netdev.
> 
> Signed-off-by: Stephen Suryaputra <ssuryaextr@gmail.com>

David, please review this.

Thanks.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH net,v2] vrf: check accept_source_route on the original netdevice
  2019-03-31 20:57 ` David Miller
@ 2019-04-01  0:06   ` David Ahern
  0 siblings, 0 replies; 5+ messages in thread
From: David Ahern @ 2019-04-01  0:06 UTC (permalink / raw)
  To: David Miller, ssuryaextr; +Cc: netdev

On 3/31/19 2:57 PM, David Miller wrote:
> From: Stephen Suryaputra <ssuryaextr@gmail.com>
> Date: Wed, 27 Mar 2019 15:58:48 -0400
> 
>> Configuration check to accept source route IP options should be made on
>> the incoming netdevice when the skb->dev is an l3mdev master. The route
>> lookup for the source route next hop also needs the incoming netdev.
>>
>> Signed-off-by: Stephen Suryaputra <ssuryaextr@gmail.com>
> 
> David, please review this.
> 
> Thanks.
> 

now that my heart rate is back to normal following the Auburn game ...

The change can be much simpler by passing the device down the stack from
where it is saved before the skb->dev switch.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH net,v2] vrf: check accept_source_route on the original netdevice
  2019-03-27 19:58 [PATCH net,v2] vrf: check accept_source_route on the original netdevice Stephen Suryaputra
  2019-03-29 18:12 ` David Miller
  2019-03-31 20:57 ` David Miller
@ 2019-04-01  0:04 ` David Ahern
  2 siblings, 0 replies; 5+ messages in thread
From: David Ahern @ 2019-04-01  0:04 UTC (permalink / raw)
  To: Stephen Suryaputra, netdev

On 3/27/19 1:58 PM, Stephen Suryaputra wrote:
> Configuration check to accept source route IP options should be made on
> the incoming netdevice when the skb->dev is an l3mdev master. The route
> lookup for the source route next hop also needs the incoming netdev.
> 
> Signed-off-by: Stephen Suryaputra <ssuryaextr@gmail.com>
> ---
>  net/ipv4/ip_input.c   | 3 +++
>  net/ipv4/ip_options.c | 6 +++++-
>  2 files changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
> index ecce2dc78f17..754176222ef6 100644
> --- a/net/ipv4/ip_input.c
> +++ b/net/ipv4/ip_input.c
> @@ -263,6 +263,9 @@ static inline bool ip_rcv_options(struct sk_buff *skb)
>  	const struct iphdr *iph;
>  	struct net_device *dev = skb->dev;
>  
> +	if (netif_is_l3_master(dev))
> +		dev = __dev_get_by_index(dev_net(dev), IPCB(skb)->iif);

ip_rcv_options is called from ip_rcv_finish_core which already has this
dev. Passing it as an arg saves the lookup. I believe you can always use
dev as the input argument vs skb->dev.

> +
>  	/* It looks as overkill, because not all
>  	   IP options require packet mangling.
>  	   But it is the easiest for now, especially taking
> diff --git a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c
> index 32a35043c9f5..99f37591d7c1 100644
> --- a/net/ipv4/ip_options.c
> +++ b/net/ipv4/ip_options.c
> @@ -620,6 +620,7 @@ int ip_options_rcv_srr(struct sk_buff *skb)
>  	struct iphdr *iph = ip_hdr(skb);
>  	unsigned char *optptr = skb_network_header(skb) + opt->srr;
>  	struct rtable *rt = skb_rtable(skb);
> +	struct net_device *dev = skb->dev;
>  	struct rtable *rt2;
>  	unsigned long orefdst;
>  	int err;
> @@ -638,6 +639,9 @@ int ip_options_rcv_srr(struct sk_buff *skb)
>  	if (rt->rt_type != RTN_LOCAL)
>  		return -EINVAL;
>  
> +	if (netif_is_l3_master(dev))
> +		dev = __dev_get_by_index(dev_net(dev), IPCB(skb)->iif);

same here - just pass net_device from ip_rcv_options
> +
>  	for (srrptr = optptr[2], srrspace = optptr[1]; srrptr <= srrspace; srrptr += 4) {
>  		if (srrptr + 3 > srrspace) {
>  			icmp_send(skb, ICMP_PARAMETERPROB, 0, htonl((opt->srr+2)<<24));
> @@ -647,7 +651,7 @@ int ip_options_rcv_srr(struct sk_buff *skb)
>  
>  		orefdst = skb->_skb_refdst;
>  		skb_dst_set(skb, NULL);
> -		err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, skb->dev);
> +		err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, dev);
>  		rt2 = skb_rtable(skb);
>  		if (err || (rt2->rt_type != RTN_UNICAST && rt2->rt_type != RTN_LOCAL)) {
>  			skb_dst_drop(skb);
> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2019-04-01 18:05 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-03-27 19:58 [PATCH net,v2] vrf: check accept_source_route on the original netdevice Stephen Suryaputra
2019-03-29 18:12 ` David Miller
2019-03-31 20:57 ` David Miller
2019-04-01  0:06   ` David Ahern
2019-04-01  0:04 ` David Ahern

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).