1 From foo@baz Thu Mar 14 23:20:15 PDT 2019
2 From: Paolo Abeni <pabeni@redhat.com>
3 Date: Thu, 21 Feb 2019 11:19:42 +0100
4 Subject: ipv6: route: enforce RCU protection in ip6_route_check_nh_onlink()
6 From: Paolo Abeni <pabeni@redhat.com>
8 [ Upstream commit bf1dc8bad1d42287164d216d8efb51c5cd381b18 ]
10 We need a RCU critical section around rt6_info->from deference, and
13 Fixes: 4ed591c8ab44 ("net/ipv6: Allow onlink routes to have a device mismatch if it is the default route")
14 Signed-off-by: Paolo Abeni <pabeni@redhat.com>
15 Reviewed-by: David Ahern <dsahern@gmail.com>
16 Signed-off-by: David S. Miller <davem@davemloft.net>
17 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
19 net/ipv6/route.c | 6 +++++-
20 1 file changed, 5 insertions(+), 1 deletion(-)
22 --- a/net/ipv6/route.c
23 +++ b/net/ipv6/route.c
24 @@ -2752,20 +2752,24 @@ static int ip6_route_check_nh_onlink(str
25 u32 tbid = l3mdev_fib_table(dev) ? : RT_TABLE_MAIN;
26 const struct in6_addr *gw_addr = &cfg->fc_gateway;
27 u32 flags = RTF_LOCAL | RTF_ANYCAST | RTF_REJECT;
28 + struct fib6_info *from;
33 grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0);
36 + from = rcu_dereference(grt->from);
37 if (!grt->dst.error &&
38 /* ignore match if it is the default route */
39 - grt->from && !ipv6_addr_any(&grt->from->fib6_dst.addr) &&
40 + from && !ipv6_addr_any(&from->fib6_dst.addr) &&
41 (grt->rt6i_flags & flags || dev != grt->dst.dev)) {
42 NL_SET_ERR_MSG(extack,
43 "Nexthop has invalid gateway or device mismatch");