git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Florian Westphal <fw@strlen.de>
	Wed, 9 Oct 2024 07:19:02 +0000 (09:19 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 17 Oct 2024 13:11:57 +0000 (15:11 +0200)
commit	95ad7ee0faee2b76cb58876f71b8f9dc2bb104ba
tree	e7363ab5bfabc6fccd47e19244f50bc370bb9508	tree
parent	66464a439e61d77e4b9061147429021043290af7	commit \| diff

netfilter: fib: check correct rtable in vrf setups

[ Upstream commit 05ef7055debc804e8083737402127975e7244fc4 ]

We need to init l3mdev unconditionally, else main routing table is searched
and incorrect result is returned unless strict (iif keyword) matching is
requested.

Next patch adds a selftest for this.

Fixes: 2a8a7c0eaa87 ("netfilter: nft_fib: Fix for rpath check with VRF devices")
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1761
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

net/ipv4/netfilter/nft_fib_ipv4.c		diff \| blob \| blame \| history
net/ipv6/netfilter/nft_fib_ipv6.c		diff \| blob \| blame \| history