]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/blame - releases/4.19.35/vrf-check-accept_source_route-on-the-original-netdev.patch
projects / thirdparty / kernel / stable-queue.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Linux 4.19.35
[thirdparty/kernel/stable-queue.git] / releases / 4.19.35 / vrf-check-accept_source_route-on-the-original-netdev.patch
CommitLineData
a9fba688
SL		 1From 6429d82a4c7dbc8d33b9c8c75f801f653c2b6832 Mon Sep 17 00:00:00 2001
2From: Stephen Suryaputra <ssuryaextr@gmail.com>
3Date: Mon, 1 Apr 2019 09:17:32 -0400
4Subject: vrf: check accept_source_route on the original netdevice
5
6[ Upstream commit 8c83f2df9c6578ea4c5b940d8238ad8a41b87e9e ]
7
8Configuration check to accept source route IP options should be made on
9the incoming netdevice when the skb->dev is an l3mdev master. The route
10lookup for the source route next hop also needs the incoming netdev.
11
12v2->v3:
13- Simplify by passing the original netdevice down the stack (per David
14 Ahern).
15
16Signed-off-by: Stephen Suryaputra <ssuryaextr@gmail.com>
17Reviewed-by: David Ahern <dsahern@gmail.com>
18Signed-off-by: David S. Miller <davem@davemloft.net>
19Signed-off-by: Sasha Levin <sashal@kernel.org>
20---
21 include/net/ip.h | 2 +-
22 net/ipv4/ip_input.c | 7 +++----
23 net/ipv4/ip_options.c | 4 ++--
24 3 files changed, 6 insertions(+), 7 deletions(-)
25
26diff --git a/include/net/ip.h b/include/net/ip.h
27index 71d31e4d4391..cfc3dd5ff085 100644
28--- a/include/net/ip.h
29+++ b/include/net/ip.h
30@@ -648,7 +648,7 @@ int ip_options_get_from_user(struct net *net, struct ip_options_rcu **optp,
31 unsigned char __user *data, int optlen);
32 void ip_options_undo(struct ip_options *opt);
33 void ip_forward_options(struct sk_buff *skb);
34-int ip_options_rcv_srr(struct sk_buff *skb);
35+int ip_options_rcv_srr(struct sk_buff *skb, struct net_device *dev);
36
37 /*
38 * Functions provided by ip_sockglue.c
39diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c
40index bd8ef4f87c79..c3a0683e83df 100644
41--- a/net/ipv4/ip_input.c
42+++ b/net/ipv4/ip_input.c
43@@ -258,11 +258,10 @@ int ip_local_deliver(struct sk_buff *skb)
44 ip_local_deliver_finish);
45 }
46
47-static inline bool ip_rcv_options(struct sk_buff *skb)
48+static inline bool ip_rcv_options(struct sk_buff *skb, struct net_device *dev)
49 {
50 struct ip_options *opt;
51 const struct iphdr *iph;
52- struct net_device *dev = skb->dev;
53
54 /* It looks as overkill, because not all
55 IP options require packet mangling.
56@@ -298,7 +297,7 @@ static inline bool ip_rcv_options(struct sk_buff *skb)
57 }
58 }
59
60- if (ip_options_rcv_srr(skb))
61+ if (ip_options_rcv_srr(skb, dev))
62 goto drop;
63 }
64
65@@ -354,7 +353,7 @@ static int ip_rcv_finish_core(struct net *net, struct sock *sk,
66 }
67 #endif
68
69- if (iph->ihl > 5 && ip_rcv_options(skb))
70+ if (iph->ihl > 5 && ip_rcv_options(skb, dev))
71 goto drop;
72
73 rt = skb_rtable(skb);
74diff --git a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c
75index 32a35043c9f5..3db31bb9df50 100644
76--- a/net/ipv4/ip_options.c
77+++ b/net/ipv4/ip_options.c
78@@ -612,7 +612,7 @@ void ip_forward_options(struct sk_buff *skb)
79 }
80 }
81
82-int ip_options_rcv_srr(struct sk_buff *skb)
83+int ip_options_rcv_srr(struct sk_buff *skb, struct net_device *dev)
84 {
85 struct ip_options *opt = &(IPCB(skb)->opt);
86 int srrspace, srrptr;
87@@ -647,7 +647,7 @@ int ip_options_rcv_srr(struct sk_buff *skb)
88
89 orefdst = skb->_skb_refdst;
90 skb_dst_set(skb, NULL);
91- err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, skb->dev);
92+ err = ip_route_input(skb, nexthop, iph->saddr, iph->tos, dev);
93 rt2 = skb_rtable(skb);
94 if (err || (rt2->rt_type != RTN_UNICAST && rt2->rt_type != RTN_LOCAL)) {
95 skb_dst_drop(skb);
96--
972.19.1
98
Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git