net: fib_rules: Don't check net in rule_exists() and rule_find().

fib_nl_newrule() / fib_nl_delrule() looks up struct fib_rules_ops
in sock_net(skb->sk) and calls rule_exists() / rule_find() respectively.

fib_nl_newrule() creates a new rule and links it to the found ops, so
struct fib_rule never belongs to a different netns's ops->rules_list.

Let's remove redundant netns check in rule_exists() and rule_find().

Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Tested-by: Ido Schimmel <idosch@nvidia.com>
Link: https://patch.msgid.link/20250207072502.87775-2-kuniyu@amazon.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index e684ba3ebb38563abefc034c16ba381635285953..02dfb841ab29726ebca3b416ed8adfe57a2d9888 100644 (file)
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -459,9 +459,6 @@ static struct fib_rule *rule_find(struct fib_rules_ops *ops,
                if (rule->tun_id && r->tun_id != rule->tun_id)
                        continue;
 
-               if (r->fr_net != rule->fr_net)
-                       continue;
-
                if (rule->l3mdev && r->l3mdev != rule->l3mdev)
                        continue;
 
@@ -719,9 +716,6 @@ static int rule_exists(struct fib_rules_ops *ops, struct fib_rule_hdr *frh,
                if (r->tun_id != rule->tun_id)
                        continue;
 
-               if (r->fr_net != rule->fr_net)
-                       continue;
-
                if (r->l3mdev != rule->l3mdev)
                        continue;