From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.0 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE, SPF_PASS,T_DKIMWL_WL_HIGH,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C308EC28CC7 for ; Mon, 3 Jun 2019 09:11:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 9C4D527E91 for ; Mon, 3 Jun 2019 09:11:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1559553118; bh=WErwZMQyPgreMbLYiOkZR0ikTQOzKpZqE6LfbGPexJM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=vm81dK4x3VoT02XGK+1C3L8itYSaHGwSbz3BVYgvw6+8d5Z0PMq9laSaKNelmrTH5 anWYeV5aI6/LrjdHV/ltT1rSF8YVyYXWTKwP2JxsW2sBSDHMOA5RDeVujOVI09UvJC qHOcFarKyxxPgngW1j/Fm0vqaQnu9HCejdRjKdBA= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728548AbfFCJL5 (ORCPT ); Mon, 3 Jun 2019 05:11:57 -0400 Received: from mail.kernel.org ([198.145.29.99]:57308 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728546AbfFCJL5 (ORCPT ); Mon, 3 Jun 2019 05:11:57 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 17F8327E78; Mon, 3 Jun 2019 09:11:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1559553116; bh=WErwZMQyPgreMbLYiOkZR0ikTQOzKpZqE6LfbGPexJM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Hqlvgcs1hv+QqvqKEwbRVc6qqFTkTLIpeGVMIZ4JKT+AGg+eQtd8F9oUfDIbqrr7o o6OV60jLLFZL38IimT96ESznxL/jXCkJfGMM/i/OIFXYL660HBenJgqaE0pa2Xaumj TPbdeqT4Gsy/y64/kLtsEawDPVn1G811ZH05NGmU= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, David Ahern , "David S. Miller" Subject: [PATCH 5.0 07/36] ipv6: Fix redirect with VRF Date: Mon, 3 Jun 2019 11:08:55 +0200 Message-Id: <20190603090521.437510938@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190603090520.998342694@linuxfoundation.org> References: <20190603090520.998342694@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: David Ahern [ Upstream commit 31680ac265802397937d75461a2809a067b9fb93 ] IPv6 redirect is broken for VRF. __ip6_route_redirect walks the FIB entries looking for an exact match on ifindex. With VRF the flowi6_oif is updated by l3mdev_update_flow to the l3mdev index and the FLOWI_FLAG_SKIP_NH_OIF set in the flags to tell the lookup to skip the device match. For redirects the device match is requires so use that flag to know when the oif needs to be reset to the skb device index. Fixes: ca254490c8df ("net: Add VRF support to IPv6 stack") Signed-off-by: David Ahern Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/ipv6/route.c | 6 ++++++ 1 file changed, 6 insertions(+) --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -2448,6 +2448,12 @@ static struct rt6_info *__ip6_route_redi struct fib6_info *rt; struct fib6_node *fn; + /* l3mdev_update_flow overrides oif if the device is enslaved; in + * this case we must match on the real ingress device, so reset it + */ + if (fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF) + fl6->flowi6_oif = skb->dev->ifindex; + /* Get the "current" route for this destination and * check if the redirect has come from appropriate router. *