git.ipfire.org Git - thirdparty/kernel/stable.git/commit

ipv6: Do not leak throw route references

[ Upstream commit 07f615574f8ac499875b21c1142f26308234a92c ]

While commit 73ba57bfae4a ("ipv6: fix backtracking for throw routes")
does good job on error propagation to the fib_rules_lookup()
in fib rules core framework that also corrects throw routes
handling, it does not solve route reference leakage problem
happened when we return -EAGAIN to the fib_rules_lookup()
and leave routing table entry referenced in arg->result.

If rule with matched throw route isn't last matched in the
list we overwrite arg->result losing reference on throw
route stored previously forever.

We also partially revert commit ab997ad40839 ("ipv6: fix the
incorrect return value of throw route") since we never return
routing table entry with dst.error == -EAGAIN when
CONFIG_IPV6_MULTIPLE_TABLES is on. Also there is no point
to check for RTF_REJECT flag since it is always set throw
route.

Fixes: 73ba57bfae4a ("ipv6: fix backtracking for throw routes")
Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

author	Serhey Popovych <serhe.popovych@gmail.com>
	Tue, 20 Jun 2017 10:29:25 +0000 (13:29 +0300)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 5 Jul 2017 12:41:37 +0000 (14:41 +0200)
commit	4ade61f463634383f18c614a2b9812ce0f7ac448
tree	edfd3ff6f2c90f66e9a04386dd41be8fea7eb115	tree \| snapshot
parent	16c4d1be8fe4a7039f992506d4a49e58b1ed05ee	commit \| diff

net/ipv6/fib6_rules.c		diff \| blob \| blame \| history
net/ipv6/ip6_fib.c		diff \| blob \| blame \| history