--- /dev/null
+From 36c2e31ad25bd087756b8db9584994d1d80c236b Mon Sep 17 00:00:00 2001
+From: Eyal Birger <eyal.birger@gmail.com>
+Date: Tue, 22 Mar 2022 06:39:54 +0200
+Subject: net: geneve: add missing netlink policy and size for IFLA_GENEVE_INNER_PROTO_INHERIT
+
+From: Eyal Birger <eyal.birger@gmail.com>
+
+commit 36c2e31ad25bd087756b8db9584994d1d80c236b upstream.
+
+Add missing netlink attribute policy and size calculation.
+Also enable strict validation from this new attribute onwards.
+
+Fixes: 435fe1c0c1f7 ("net: geneve: support IPv4/IPv6 as inner protocol")
+Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
+Link: https://lore.kernel.org/r/20220322043954.3042468-1-eyal.birger@gmail.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/geneve.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/drivers/net/geneve.c
++++ b/drivers/net/geneve.c
+@@ -1277,6 +1277,7 @@ static void geneve_setup(struct net_devi
+ }
+
+ static const struct nla_policy geneve_policy[IFLA_GENEVE_MAX + 1] = {
++ [IFLA_GENEVE_UNSPEC] = { .strict_start_type = IFLA_GENEVE_INNER_PROTO_INHERIT },
+ [IFLA_GENEVE_ID] = { .type = NLA_U32 },
+ [IFLA_GENEVE_REMOTE] = { .len = sizeof_field(struct iphdr, daddr) },
+ [IFLA_GENEVE_REMOTE6] = { .len = sizeof(struct in6_addr) },
+@@ -1290,6 +1291,7 @@ static const struct nla_policy geneve_po
+ [IFLA_GENEVE_UDP_ZERO_CSUM6_RX] = { .type = NLA_U8 },
+ [IFLA_GENEVE_TTL_INHERIT] = { .type = NLA_U8 },
+ [IFLA_GENEVE_DF] = { .type = NLA_U8 },
++ [IFLA_GENEVE_INNER_PROTO_INHERIT] = { .type = NLA_FLAG },
+ };
+
+ static int geneve_validate(struct nlattr *tb[], struct nlattr *data[],
+@@ -1795,6 +1797,7 @@ static size_t geneve_get_size(const stru
+ nla_total_size(sizeof(__u8)) + /* IFLA_GENEVE_UDP_ZERO_CSUM6_TX */
+ nla_total_size(sizeof(__u8)) + /* IFLA_GENEVE_UDP_ZERO_CSUM6_RX */
+ nla_total_size(sizeof(__u8)) + /* IFLA_GENEVE_TTL_INHERIT */
++ nla_total_size(0) + /* IFLA_GENEVE_INNER_PROTO_INHERIT */
+ 0;
+ }
+
--- /dev/null
+From db53cd3d88dc328dea2e968c9c8d3b4294a8a674 Mon Sep 17 00:00:00 2001
+From: David Ahern <dsahern@kernel.org>
+Date: Wed, 13 Apr 2022 11:43:20 -0600
+Subject: net: Handle l3mdev in ip_tunnel_init_flow
+
+From: David Ahern <dsahern@kernel.org>
+
+commit db53cd3d88dc328dea2e968c9c8d3b4294a8a674 upstream.
+
+Ido reported that the commit referenced in the Fixes tag broke
+a gre use case with dummy devices. Add a check to ip_tunnel_init_flow
+to see if the oif is an l3mdev port and if so set the oif to 0 to
+avoid the oif comparison in fib_lookup_good_nhc.
+
+Fixes: 40867d74c374 ("net: Add l3mdev index to flow struct and avoid oif reset for port devices")
+Reported-by: Ido Schimmel <idosch@idosch.org>
+Signed-off-by: David Ahern <dsahern@kernel.org>
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/ethernet/mellanox/mlxsw/spectrum_span.c | 2 +-
+ include/net/ip_tunnels.h | 11 +++++++++--
+ net/ipv4/ip_gre.c | 4 ++--
+ net/ipv4/ip_tunnel.c | 9 +++++----
+ 4 files changed, 17 insertions(+), 9 deletions(-)
+
+--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_span.c
++++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_span.c
+@@ -422,7 +422,7 @@ mlxsw_sp_span_gretap4_route(const struct
+
+ parms = mlxsw_sp_ipip_netdev_parms4(to_dev);
+ ip_tunnel_init_flow(&fl4, parms.iph.protocol, *daddrp, *saddrp,
+- 0, 0, parms.link, tun->fwmark, 0);
++ 0, 0, dev_net(to_dev), parms.link, tun->fwmark, 0);
+
+ rt = ip_route_output_key(tun->net, &fl4);
+ if (IS_ERR(rt))
+--- a/include/net/ip_tunnels.h
++++ b/include/net/ip_tunnels.h
+@@ -240,11 +240,18 @@ static inline __be32 tunnel_id_to_key32(
+ static inline void ip_tunnel_init_flow(struct flowi4 *fl4,
+ int proto,
+ __be32 daddr, __be32 saddr,
+- __be32 key, __u8 tos, int oif,
++ __be32 key, __u8 tos,
++ struct net *net, int oif,
+ __u32 mark, __u32 tun_inner_hash)
+ {
+ memset(fl4, 0, sizeof(*fl4));
+- fl4->flowi4_oif = oif;
++
++ if (oif) {
++ fl4->flowi4_l3mdev = l3mdev_master_upper_ifindex_by_index_rcu(net, oif);
++ /* Legacy VRF/l3mdev use case */
++ fl4->flowi4_oif = fl4->flowi4_l3mdev ? 0 : oif;
++ }
++
+ fl4->daddr = daddr;
+ fl4->saddr = saddr;
+ fl4->flowi4_tos = tos;
+--- a/net/ipv4/ip_gre.c
++++ b/net/ipv4/ip_gre.c
+@@ -608,8 +608,8 @@ static int gre_fill_metadata_dst(struct
+ key = &info->key;
+ ip_tunnel_init_flow(&fl4, IPPROTO_GRE, key->u.ipv4.dst, key->u.ipv4.src,
+ tunnel_id_to_key32(key->tun_id),
+- key->tos & ~INET_ECN_MASK, 0, skb->mark,
+- skb_get_hash(skb));
++ key->tos & ~INET_ECN_MASK, dev_net(dev), 0,
++ skb->mark, skb_get_hash(skb));
+ rt = ip_route_output_key(dev_net(dev), &fl4);
+ if (IS_ERR(rt))
+ return PTR_ERR(rt);
+--- a/net/ipv4/ip_tunnel.c
++++ b/net/ipv4/ip_tunnel.c
+@@ -294,8 +294,8 @@ static int ip_tunnel_bind_dev(struct net
+
+ ip_tunnel_init_flow(&fl4, iph->protocol, iph->daddr,
+ iph->saddr, tunnel->parms.o_key,
+- RT_TOS(iph->tos), tunnel->parms.link,
+- tunnel->fwmark, 0);
++ RT_TOS(iph->tos), dev_net(dev),
++ tunnel->parms.link, tunnel->fwmark, 0);
+ rt = ip_route_output_key(tunnel->net, &fl4);
+
+ if (!IS_ERR(rt)) {
+@@ -597,7 +597,7 @@ void ip_md_tunnel_xmit(struct sk_buff *s
+ }
+ ip_tunnel_init_flow(&fl4, proto, key->u.ipv4.dst, key->u.ipv4.src,
+ tunnel_id_to_key32(key->tun_id), RT_TOS(tos),
+- 0, skb->mark, skb_get_hash(skb));
++ dev_net(dev), 0, skb->mark, skb_get_hash(skb));
+ if (tunnel->encap.type != TUNNEL_ENCAP_NONE)
+ goto tx_error;
+
+@@ -753,7 +753,8 @@ void ip_tunnel_xmit(struct sk_buff *skb,
+ }
+
+ ip_tunnel_init_flow(&fl4, protocol, dst, tnl_params->saddr,
+- tunnel->parms.o_key, RT_TOS(tos), tunnel->parms.link,
++ tunnel->parms.o_key, RT_TOS(tos),
++ dev_net(dev), tunnel->parms.link,
+ tunnel->fwmark, skb_get_hash(skb));
+
+ if (ip_tunnel_encap(skb, tunnel, &protocol, &fl4) < 0)
--- /dev/null
+From a3bd2102e464202b58d57390a538d96f57ffc361 Mon Sep 17 00:00:00 2001
+From: Andrea Mayer <andrea.mayer@uniroma2.it>
+Date: Wed, 8 Jun 2022 11:19:17 +0200
+Subject: net: seg6: fix seg6_lookup_any_nexthop() to handle VRFs using flowi_l3mdev
+
+From: Andrea Mayer <andrea.mayer@uniroma2.it>
+
+commit a3bd2102e464202b58d57390a538d96f57ffc361 upstream.
+
+Commit 40867d74c374 ("net: Add l3mdev index to flow struct and avoid oif
+reset for port devices") adds a new entry (flowi_l3mdev) in the common
+flow struct used for indicating the l3mdev index for later rule and
+table matching.
+The l3mdev_update_flow() has been adapted to properly set the
+flowi_l3mdev based on the flowi_oif/flowi_iif. In fact, when a valid
+flowi_iif is supplied to the l3mdev_update_flow(), this function can
+update the flowi_l3mdev entry only if it has not yet been set (i.e., the
+flowi_l3mdev entry is equal to 0).
+
+The SRv6 End.DT6 behavior in VRF mode leverages a VRF device in order to
+force the routing lookup into the associated routing table. This routing
+operation is performed by seg6_lookup_any_nextop() preparing a flowi6
+data structure used by ip6_route_input_lookup() which, in turn,
+(indirectly) invokes l3mdev_update_flow().
+
+However, seg6_lookup_any_nexthop() does not initialize the new
+flowi_l3mdev entry which is filled with random garbage data. This
+prevents l3mdev_update_flow() from properly updating the flowi_l3mdev
+with the VRF index, and thus SRv6 End.DT6 (VRF mode)/DT46 behaviors are
+broken.
+
+This patch correctly initializes the flowi6 instance allocated and used
+by seg6_lookup_any_nexhtop(). Specifically, the entire flowi6 instance
+is wiped out: in case new entries are added to flowi/flowi6 (as happened
+with the flowi_l3mdev entry), we should no longer have incorrectly
+initialized values. As a result of this operation, the value of
+flowi_l3mdev is also set to 0.
+
+The proposed fix can be tested easily. Starting from the commit
+referenced in the Fixes, selftests [1],[2] indicate that the SRv6
+End.DT6 (VRF mode)/DT46 behaviors no longer work correctly. By applying
+this patch, those behaviors are back to work properly again.
+
+[1] - tools/testing/selftests/net/srv6_end_dt46_l3vpn_test.sh
+[2] - tools/testing/selftests/net/srv6_end_dt6_l3vpn_test.sh
+
+Fixes: 40867d74c374 ("net: Add l3mdev index to flow struct and avoid oif reset for port devices")
+Reported-by: Anton Makarov <am@3a-alliance.com>
+Signed-off-by: Andrea Mayer <andrea.mayer@uniroma2.it>
+Reviewed-by: David Ahern <dsahern@kernel.org>
+Link: https://lore.kernel.org/r/20220608091917.20345-1-andrea.mayer@uniroma2.it
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/ipv6/seg6_local.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/ipv6/seg6_local.c
++++ b/net/ipv6/seg6_local.c
+@@ -163,6 +163,7 @@ seg6_lookup_any_nexthop(struct sk_buff *
+ struct flowi6 fl6;
+ int dev_flags = 0;
+
++ memset(&fl6, 0, sizeof(fl6));
+ fl6.flowi6_iif = skb->dev->ifindex;
+ fl6.daddr = nhaddr ? *nhaddr : hdr->daddr;
+ fl6.saddr = hdr->saddr;
--- /dev/null
+From f2575c8f404911da83f25b688e12afcf4273e640 Mon Sep 17 00:00:00 2001
+From: Antoine Tenart <atenart@kernel.org>
+Date: Tue, 20 Dec 2022 18:18:25 +0100
+Subject: net: vrf: determine the dst using the original ifindex for multicast
+
+From: Antoine Tenart <atenart@kernel.org>
+
+commit f2575c8f404911da83f25b688e12afcf4273e640 upstream.
+
+Multicast packets received on an interface bound to a VRF are marked as
+belonging to the VRF and the skb device is updated to point to the VRF
+device itself. This was fine even when a route was associated to a
+device as when performing a fib table lookup 'oif' in fib6_table_lookup
+(coming from 'skb->dev->ifindex' in ip6_route_input) was set to 0 when
+FLOWI_FLAG_SKIP_NH_OIF was set.
+
+With commit 40867d74c374 ("net: Add l3mdev index to flow struct and
+avoid oif reset for port devices") this is not longer true and multicast
+traffic is not received on the original interface.
+
+Instead of adding back a similar check in fib6_table_lookup determine
+the dst using the original ifindex for multicast VRF traffic. To make
+things consistent across the function do the above for all strict
+packets, which was the logic before commit 6f12fa775530 ("vrf: mark skb
+for multicast or link-local as enslaved to VRF"). Note that reverting to
+this behavior should be fine as the change was about marking packets
+belonging to the VRF, not about their dst.
+
+Fixes: 40867d74c374 ("net: Add l3mdev index to flow struct and avoid oif reset for port devices")
+Reported-by: Jianlin Shi <jishi@redhat.com>
+Signed-off-by: Antoine Tenart <atenart@kernel.org>
+Reviewed-by: David Ahern <dsahern@kernel.org>
+Link: https://lore.kernel.org/r/20221220171825.1172237-1-atenart@kernel.org
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/vrf.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+--- a/drivers/net/vrf.c
++++ b/drivers/net/vrf.c
+@@ -1336,8 +1336,8 @@ static struct sk_buff *vrf_ip6_rcv(struc
+
+ /* loopback, multicast & non-ND link-local traffic; do not push through
+ * packet taps again. Reset pkt_type for upper layers to process skb.
+- * For strict packets with a source LLA, determine the dst using the
+- * original ifindex.
++ * For non-loopback strict packets, determine the dst using the original
++ * ifindex.
+ */
+ if (skb->pkt_type == PACKET_LOOPBACK || (need_strict && !is_ndisc)) {
+ skb->dev = vrf_dev;
+@@ -1346,7 +1346,7 @@ static struct sk_buff *vrf_ip6_rcv(struc
+
+ if (skb->pkt_type == PACKET_LOOPBACK)
+ skb->pkt_type = PACKET_HOST;
+- else if (ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)
++ else
+ vrf_ip6_input_dst(skb, vrf_dev, orig_iif);
+
+ goto out;
--- /dev/null
+From efb056e5f1f0036179b2f92c1c15f5ea7a891d70 Mon Sep 17 00:00:00 2001
+From: Phil Sutter <phil@nwl.cc>
+Date: Thu, 16 Feb 2023 17:05:36 +0100
+Subject: netfilter: ip6t_rpfilter: Fix regression with VRF interfaces
+
+From: Phil Sutter <phil@nwl.cc>
+
+commit efb056e5f1f0036179b2f92c1c15f5ea7a891d70 upstream.
+
+When calling ip6_route_lookup() for the packet arriving on the VRF
+interface, the result is always the real (slave) interface. Expect this
+when validating the result.
+
+Fixes: acc641ab95b66 ("netfilter: rpfilter/fib: Populate flowic_l3mdev field")
+Signed-off-by: Phil Sutter <phil@nwl.cc>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/ipv6/netfilter/ip6t_rpfilter.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/net/ipv6/netfilter/ip6t_rpfilter.c
++++ b/net/ipv6/netfilter/ip6t_rpfilter.c
+@@ -72,7 +72,9 @@ static bool rpfilter_lookup_reverse6(str
+ goto out;
+ }
+
+- if (rt->rt6i_idev->dev == dev || (flags & XT_RPFILTER_LOOSE))
++ if (rt->rt6i_idev->dev == dev ||
++ l3mdev_master_ifindex_rcu(rt->rt6i_idev->dev) == dev->ifindex ||
++ (flags & XT_RPFILTER_LOOSE))
+ ret = true;
+ out:
+ ip6_rt_put(rt);
net-fix-an-unsafe-loop-on-the-list.patch
net-dsa-lan9303-ensure-chip-reset-and-wait-for-ready-status.patch
nouveau-dmem-fix-vulnerability-in-migrate_to_ram-upon-copy-error.patch
+net-geneve-add-missing-netlink-policy-and-size-for-ifla_geneve_inner_proto_inherit.patch
+xfrm-pass-flowi_oif-or-l3mdev-as-oif-to-xfrm_dst_lookup.patch
+net-handle-l3mdev-in-ip_tunnel_init_flow.patch
+net-seg6-fix-seg6_lookup_any_nexthop-to-handle-vrfs-using-flowi_l3mdev.patch
+net-vrf-determine-the-dst-using-the-original-ifindex-for-multicast.patch
+netfilter-ip6t_rpfilter-fix-regression-with-vrf-interfaces.patch
--- /dev/null
+From 748b82c23e25310fec54e1eff2cb63936f391b24 Mon Sep 17 00:00:00 2001
+From: David Ahern <dsahern@kernel.org>
+Date: Fri, 1 Apr 2022 12:58:37 -0600
+Subject: xfrm: Pass flowi_oif or l3mdev as oif to xfrm_dst_lookup
+
+From: David Ahern <dsahern@kernel.org>
+
+commit 748b82c23e25310fec54e1eff2cb63936f391b24 upstream.
+
+The commit referenced in the Fixes tag no longer changes the
+flow oif to the l3mdev ifindex. A xfrm use case was expecting
+the flowi_oif to be the VRF if relevant and the change broke
+that test. Update xfrm_bundle_create to pass oif if set and any
+potential flowi_l3mdev if oif is not set.
+
+Fixes: 40867d74c374 ("net: Add l3mdev index to flow struct and avoid oif reset for port devices")
+Reported-by: kernel test robot <oliver.sang@intel.com>
+Signed-off-by: David Ahern <dsahern@kernel.org>
+Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/xfrm/xfrm_policy.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/net/xfrm/xfrm_policy.c
++++ b/net/xfrm/xfrm_policy.c
+@@ -2595,12 +2595,14 @@ static struct dst_entry *xfrm_bundle_cre
+
+ if (xfrm[i]->props.mode != XFRM_MODE_TRANSPORT) {
+ __u32 mark = 0;
++ int oif;
+
+ if (xfrm[i]->props.smark.v || xfrm[i]->props.smark.m)
+ mark = xfrm_smark_get(fl->flowi_mark, xfrm[i]);
+
+ family = xfrm[i]->props.family;
+- dst = xfrm_dst_lookup(xfrm[i], tos, fl->flowi_oif,
++ oif = fl->flowi_oif ? : fl->flowi_l3mdev;
++ dst = xfrm_dst_lookup(xfrm[i], tos, oif,
+ &saddr, &daddr, family, mark);
+ err = PTR_ERR(dst);
+ if (IS_ERR(dst))
projects / thirdparty / kernel / stable-queue.git / commitdiff
