From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Xin Long <lucien.xin@gmail.com>,
Cong Wang <cong.wang@bytedance.com>,
Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>,
Jakub Kicinski <kuba@kernel.org>, Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.4 059/100] net: sched: act_mirred: drop dst for the direction from egress to ingress
Date: Wed, 24 Nov 2021 12:58:15 +0100 [thread overview]
Message-ID: <20211124115656.781929790@linuxfoundation.org> (raw)
In-Reply-To: <20211124115654.849735859@linuxfoundation.org>
From: Xin Long <lucien.xin@gmail.com>
[ Upstream commit f799ada6bf2397c351220088b9b0980125c77280 ]
Without dropping dst, the packets sent from local mirred/redirected
to ingress will may still use the old dst. ip_rcv() will drop it as
the old dst is for output and its .input is dst_discard.
This patch is to fix by also dropping dst for those packets that are
mirred or redirected from egress to ingress in act_mirred.
Note that we don't drop it for the direction change from ingress to
egress, as on which there might be a user case attaching a metadata
dst by act_tunnel_key that would be used later.
Fixes: b57dc7c13ea9 ("net/sched: Introduce action ct")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Cong Wang <cong.wang@bytedance.com>
Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/sched/act_mirred.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/net/sched/act_mirred.c b/net/sched/act_mirred.c
index e3ff884a48c56..b87d2a1ee0b16 100644
--- a/net/sched/act_mirred.c
+++ b/net/sched/act_mirred.c
@@ -19,6 +19,7 @@
#include <linux/if_arp.h>
#include <net/net_namespace.h>
#include <net/netlink.h>
+#include <net/dst.h>
#include <net/pkt_sched.h>
#include <net/pkt_cls.h>
#include <linux/tc_act/tc_mirred.h>
@@ -218,6 +219,7 @@ static int tcf_mirred_act(struct sk_buff *skb, const struct tc_action *a,
bool want_ingress;
bool is_redirect;
bool expects_nh;
+ bool at_ingress;
int m_eaction;
int mac_len;
bool at_nh;
@@ -253,7 +255,8 @@ static int tcf_mirred_act(struct sk_buff *skb, const struct tc_action *a,
* ingress - that covers the TC S/W datapath.
*/
is_redirect = tcf_mirred_is_act_redirect(m_eaction);
- use_reinsert = skb_at_tc_ingress(skb) && is_redirect &&
+ at_ingress = skb_at_tc_ingress(skb);
+ use_reinsert = at_ingress && is_redirect &&
tcf_mirred_can_reinsert(retval);
if (!use_reinsert) {
skb2 = skb_clone(skb, GFP_ATOMIC);
@@ -261,10 +264,12 @@ static int tcf_mirred_act(struct sk_buff *skb, const struct tc_action *a,
goto out;
}
+ want_ingress = tcf_mirred_act_wants_ingress(m_eaction);
+
/* All mirred/redirected skbs should clear previous ct info */
nf_reset_ct(skb2);
-
- want_ingress = tcf_mirred_act_wants_ingress(m_eaction);
+ if (want_ingress && !at_ingress) /* drop dst for egress -> ingress */
+ skb_dst_drop(skb2);
expects_nh = want_ingress || !m_mac_header_xmit;
at_nh = skb->data == skb_network_header(skb);
--
2.33.0
next prev parent reply other threads:[~2021-11-24 13:23 UTC|newest]
Thread overview: 108+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-24 11:57 [PATCH 5.4 000/100] 5.4.162-rc1 review Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 001/100] arm64: zynqmp: Do not duplicate flash partition label property Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 002/100] arm64: zynqmp: Fix serial compatible string Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 003/100] ARM: dts: NSP: Fix mpcore, mmc node names Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 004/100] scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 005/100] arm64: dts: hisilicon: fix arm,sp805 compatible string Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 006/100] RDMA/bnxt_re: Check if the vlan is valid before reporting Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 007/100] usb: musb: tusb6010: check return value after calling platform_get_resource() Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 008/100] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 009/100] arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 010/100] arm64: dts: qcom: msm8916: Add unit name for /soc node Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 011/100] arm64: dts: freescale: fix arm,sp805 compatible string Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 012/100] ASoC: SOF: Intel: hda-dai: fix potential locking issue Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 013/100] clk: imx: imx6ul: Move csi_sel mux to correct base register Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 014/100] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 015/100] scsi: advansys: Fix kernel pointer leak Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 016/100] firmware_loader: fix pre-allocated buf built-in firmware use Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 017/100] ARM: dts: omap: fix gpmc,mux-add-data type Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 018/100] usb: host: ohci-tmio: check return value after calling platform_get_resource() Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 019/100] ARM: dts: ls1021a: move thermal-zones node out of soc/ Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 020/100] ARM: dts: ls1021a-tsn: use generic "jedec,spi-nor" compatible for flash Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 021/100] ALSA: ISA: not for M68K Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 022/100] tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 023/100] MIPS: sni: Fix the build Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 024/100] scsi: target: Fix ordered tag handling Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 025/100] scsi: target: Fix alua_tg_pt_gps_count tracking Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 026/100] iio: imu: st_lsm6dsx: Avoid potential array overflow in st_lsm6dsx_set_odr() Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 027/100] powerpc/5200: dts: fix memory node unit name Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 028/100] ALSA: gus: fix null pointer dereference on pointer block Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 029/100] powerpc/dcr: Use cmplwi instead of 3-argument cmpli Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 030/100] sh: check return code of request_irq Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 031/100] maple: fix wrong return value of maple_bus_init() Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 032/100] f2fs: fix up f2fs_lookup tracepoints Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 033/100] sh: fix kconfig unmet dependency warning for FRAME_POINTER Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 034/100] sh: math-emu: drop unused functions Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 035/100] sh: define __BIG_ENDIAN for math-emu Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 036/100] clk: ingenic: Fix bugs with divided dividers Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 037/100] clk/ast2600: Fix soc revision for AHB Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 038/100] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 039/100] mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 040/100] sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain() Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 041/100] tracing: Save normal string variables Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 042/100] tracing/histogram: Do not copy the fixed-size char array field over the field size Greg Kroah-Hartman
2021-11-24 11:57 ` [PATCH 5.4 043/100] RDMA/netlink: Add __maybe_unused to static inline in C file Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 044/100] perf bpf: Avoid memory leak from perf_env__insert_btf() Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 045/100] perf bench futex: Fix memory leak of perf_cpu_map__new() Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 046/100] perf tests: Remove bash construct from record+zstd_comp_decomp.sh Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 047/100] net: bnx2x: fix variable dereferenced before check Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 048/100] iavf: check for null in iavf_fix_features Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 049/100] iavf: free q_vectors before queues in iavf_disable_vf Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 050/100] iavf: Fix failure to exit out from last all-multicast mode Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 051/100] iavf: prevent accidental free of filter structure Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 052/100] iavf: validate pointers Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 053/100] iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 054/100] MIPS: generic/yamon-dt: fix uninitialized variable error Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 055/100] mips: bcm63xx: add support for clk_get_parent() Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 056/100] mips: lantiq: " Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 057/100] platform/x86: hp_accel: Fix an error handling path in lis3lv02d_probe() Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 058/100] scsi: core: sysfs: Fix hang when device state is set via sysfs Greg Kroah-Hartman
2021-11-24 11:58 ` Greg Kroah-Hartman [this message]
2021-11-24 11:58 ` [PATCH 5.4 060/100] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 061/100] net: virtio_net_hdr_to_skb: count transport header in UFO Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 062/100] i40e: Fix correct max_pkt_size on VF RX queue Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 063/100] i40e: Fix NULL ptr dereference on VSI filter sync Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 064/100] i40e: Fix changing previously set num_queue_pairs for PFs Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 065/100] i40e: Fix ping is lost after configuring ADq on VF Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 066/100] i40e: Fix creation of first queue by omitting it if is not power of two Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 067/100] i40e: Fix display error code in dmesg Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 068/100] NFC: reorganize the functions in nci_request Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 069/100] drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 070/100] NFC: reorder the logic in nfc_{un,}register_device Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 071/100] perf bench: Fix two memory leaks detected with ASan Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 072/100] KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr() Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 073/100] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 074/100] perf/x86/intel/uncore: Fix IIO event constraints for " Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 075/100] s390/kexec: fix return code handling Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 076/100] arm64: vdso32: suppress error message for make mrproper Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 077/100] tun: fix bonding active backup with arp monitoring Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 078/100] hexagon: export raw I/O routines for modules Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 079/100] ipc: WARN if trying to remove ipc object which is absent Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 080/100] mm: kmemleak: slob: respect SLAB_NOLEAKTRACE flag Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 081/100] x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 082/100] s390/kexec: fix memory leak of ipl report buffer Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 083/100] udf: Fix crash after seekdir Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 084/100] btrfs: fix memory ordering between normal and ordered work functions Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 085/100] parisc/sticon: fix reverse colors Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 086/100] cfg80211: call cfg80211_stop_ap when switch from P2P_GO type Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 087/100] drm/udl: fix control-message timeout Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 088/100] drm/nouveau: use drm_dev_unplug() during device removal Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 089/100] drm/i915/dp: Ensure sink rate values are always valid Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 090/100] drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 091/100] Revert "net: mvpp2: disable force link UP during port init procedure" Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 092/100] perf/core: Avoid put_page() when GUP fails Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 093/100] batman-adv: Consider fragmentation for needed_headroom Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 094/100] batman-adv: Reserve needed_*room for fragments Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 095/100] batman-adv: Dont always reallocate the fragmentation skb head Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 096/100] ASoC: DAPM: Cover regression by kctl change notification fix Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 097/100] usb: max-3421: Use driver data instead of maintaining a list of bound devices Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 098/100] ice: Delete always true check of PF pointer Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 099/100] tlb: mmu_gather: add tlb_flush_*_range APIs Greg Kroah-Hartman
2021-11-24 11:58 ` [PATCH 5.4 100/100] hugetlbfs: flush TLBs correctly after huge_pmd_unshare Greg Kroah-Hartman
2021-11-24 15:40 ` [PATCH 5.4 000/100] 5.4.162-rc1 review Guenter Roeck
2021-11-24 16:16 ` Greg Kroah-Hartman
2021-11-24 15:40 ` Naresh Kamboju
2021-11-24 16:16 ` Greg Kroah-Hartman
2021-11-24 21:09 ` Sudip Mukherjee
2021-11-25 8:50 ` Greg Kroah-Hartman
2021-11-25 1:42 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211124115656.781929790@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=cong.wang@bytedance.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lucien.xin@gmail.com \
--cc=marcelo.leitner@gmail.com \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox