From: Kuniyuki Iwashima <kuniyu@amazon.com>
Date: Fri, 7 Feb 2025 07:24:55 +0000 (+0900)
Subject: net: fib_rules: Don't check net in rule_exists() and rule_find().
X-Git-Tag: v6.15-rc1~160^2~361^2~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7b7df666a23329c5bbcf31166abc7f7468b13950;p=thirdparty%2Flinux.git

net: fib_rules: Don't check net in rule_exists() and rule_find().

fib_nl_newrule() / fib_nl_delrule() looks up struct fib_rules_ops
in sock_net(skb->sk) and calls rule_exists() / rule_find() respectively.

fib_nl_newrule() creates a new rule and links it to the found ops, so
struct fib_rule never belongs to a different netns's ops->rules_list.

Let's remove redundant netns check in rule_exists() and rule_find().

Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Tested-by: Ido Schimmel <idosch@nvidia.com>
Link: https://patch.msgid.link/20250207072502.87775-2-kuniyu@amazon.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
---

diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index e684ba3ebb385..02dfb841ab297 100644
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -459,9 +459,6 @@ static struct fib_rule *rule_find(struct fib_rules_ops *ops,
 		if (rule->tun_id && r->tun_id != rule->tun_id)
 			continue;
 
-		if (r->fr_net != rule->fr_net)
-			continue;
-
 		if (rule->l3mdev && r->l3mdev != rule->l3mdev)
 			continue;
 
@@ -719,9 +716,6 @@ static int rule_exists(struct fib_rules_ops *ops, struct fib_rule_hdr *frh,
 		if (r->tun_id != rule->tun_id)
 			continue;
 
-		if (r->fr_net != rule->fr_net)
-			continue;
-
 		if (r->l3mdev != rule->l3mdev)
 			continue;