From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sat, 18 Apr 2020 09:40:58 +0000 (+0200)
Subject: 4.4-stable patches
X-Git-Tag: v4.19.117~32
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6d35e60acf498146e29649352f19f16b9df214e6;p=thirdparty%2Fkernel%2Fstable-queue.git

4.4-stable patches

added patches:
	net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch
	net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch
---

diff --git a/queue-4.4/net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch b/queue-4.4/net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch
new file mode 100644
index 00000000000..e4f8b2f1cb0
--- /dev/null
+++ b/queue-4.4/net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch
@@ -0,0 +1,100 @@
+From foo@baz Sat 18 Apr 2020 11:37:31 AM CEST
+From: Taras Chornyi <taras.chornyi@plvision.eu>
+Date: Thu, 9 Apr 2020 20:25:24 +0300
+Subject: net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
+
+From: Taras Chornyi <taras.chornyi@plvision.eu>
+
+[ Upstream commit 690cc86321eb9bcee371710252742fb16fe96824 ]
+
+When CONFIG_IP_MULTICAST is not set and multicast ip is added to the device
+with autojoin flag or when multicast ip is deleted kernel will crash.
+
+steps to reproduce:
+
+ip addr add 224.0.0.0/32 dev eth0
+ip addr del 224.0.0.0/32 dev eth0
+
+or
+
+ip addr add 224.0.0.0/32 dev eth0 autojoin
+
+Unable to handle kernel NULL pointer dereference at virtual address 0000000000000088
+ pc : _raw_write_lock_irqsave+0x1e0/0x2ac
+ lr : lock_sock_nested+0x1c/0x60
+ Call trace:
+  _raw_write_lock_irqsave+0x1e0/0x2ac
+  lock_sock_nested+0x1c/0x60
+  ip_mc_config.isra.28+0x50/0xe0
+  inet_rtm_deladdr+0x1a8/0x1f0
+  rtnetlink_rcv_msg+0x120/0x350
+  netlink_rcv_skb+0x58/0x120
+  rtnetlink_rcv+0x14/0x20
+  netlink_unicast+0x1b8/0x270
+  netlink_sendmsg+0x1a0/0x3b0
+  ____sys_sendmsg+0x248/0x290
+  ___sys_sendmsg+0x80/0xc0
+  __sys_sendmsg+0x68/0xc0
+  __arm64_sys_sendmsg+0x20/0x30
+  el0_svc_common.constprop.2+0x88/0x150
+  do_el0_svc+0x20/0x80
+ el0_sync_handler+0x118/0x190
+  el0_sync+0x140/0x180
+
+Fixes: 93a714d6b53d ("multicast: Extend ip address command to enable multicast group join/leave on")
+Signed-off-by: Taras Chornyi <taras.chornyi@plvision.eu>
+Signed-off-by: Vadym Kochan <vadym.kochan@plvision.eu>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/ipv4/devinet.c |   13 +++++++++----
+ 1 file changed, 9 insertions(+), 4 deletions(-)
+
+--- a/net/ipv4/devinet.c
++++ b/net/ipv4/devinet.c
+@@ -560,12 +560,15 @@ struct in_ifaddr *inet_ifa_byprefix(stru
+ 	return NULL;
+ }
+ 
+-static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa)
++static int ip_mc_autojoin_config(struct net *net, bool join,
++				 const struct in_ifaddr *ifa)
+ {
++#if defined(CONFIG_IP_MULTICAST)
+ 	struct ip_mreqn mreq = {
+ 		.imr_multiaddr.s_addr = ifa->ifa_address,
+ 		.imr_ifindex = ifa->ifa_dev->dev->ifindex,
+ 	};
++	struct sock *sk = net->ipv4.mc_autojoin_sk;
+ 	int ret;
+ 
+ 	ASSERT_RTNL();
+@@ -578,6 +581,9 @@ static int ip_mc_config(struct sock *sk,
+ 	release_sock(sk);
+ 
+ 	return ret;
++#else
++	return -EOPNOTSUPP;
++#endif
+ }
+ 
+ static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh)
+@@ -617,7 +623,7 @@ static int inet_rtm_deladdr(struct sk_bu
+ 			continue;
+ 
+ 		if (ipv4_is_multicast(ifa->ifa_address))
+-			ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa);
++			ip_mc_autojoin_config(net, false, ifa);
+ 		__inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid);
+ 		return 0;
+ 	}
+@@ -873,8 +879,7 @@ static int inet_rtm_newaddr(struct sk_bu
+ 		 */
+ 		set_ifa_lifetime(ifa, valid_lft, prefered_lft);
+ 		if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) {
+-			int ret = ip_mc_config(net->ipv4.mc_autojoin_sk,
+-					       true, ifa);
++			int ret = ip_mc_autojoin_config(net, true, ifa);
+ 
+ 			if (ret < 0) {
+ 				inet_free_ifa(ifa);
diff --git a/queue-4.4/net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch b/queue-4.4/net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch
new file mode 100644
index 00000000000..44b73728a43
--- /dev/null
+++ b/queue-4.4/net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch
@@ -0,0 +1,66 @@
+From foo@baz Sat 18 Apr 2020 11:34:19 AM CEST
+From: Tim Stallard <code@timstallard.me.uk>
+Date: Fri, 3 Apr 2020 21:26:21 +0100
+Subject: net: ipv6: do not consider routes via gateways for anycast address check
+
+From: Tim Stallard <code@timstallard.me.uk>
+
+[ Upstream commit 03e2a984b6165621f287fadf5f4b5cd8b58dcaba ]
+
+The behaviour for what is considered an anycast address changed in
+commit 45e4fd26683c ("ipv6: Only create RTF_CACHE routes after
+encountering pmtu exception"). This now considers the first
+address in a subnet where there is a route via a gateway
+to be an anycast address.
+
+This breaks path MTU discovery and traceroutes when a host in a
+remote network uses the address at the start of a prefix
+(eg 2600:: advertised as 2600::/48 in the DFZ) as ICMP errors
+will not be sent to anycast addresses.
+
+This patch excludes any routes with a gateway, or via point to
+point links, like the behaviour previously from
+rt6_is_gw_or_nonexthop in net/ipv6/route.c.
+
+This can be tested with:
+ip link add v1 type veth peer name v2
+ip netns add test
+ip netns exec test ip link set lo up
+ip link set v2 netns test
+ip link set v1 up
+ip netns exec test ip link set v2 up
+ip addr add 2001:db8::1/64 dev v1 nodad
+ip addr add 2001:db8:100:: dev lo nodad
+ip netns exec test ip addr add 2001:db8::2/64 dev v2 nodad
+ip netns exec test ip route add unreachable 2001:db8:1::1
+ip netns exec test ip route add 2001:db8:100::/64 via 2001:db8::1
+ip netns exec test sysctl net.ipv6.conf.all.forwarding=1
+ip route add 2001:db8:1::1 via 2001:db8::2
+ping -I 2001:db8::1 2001:db8:1::1 -c1
+ping -I 2001:db8:100:: 2001:db8:1::1 -c1
+ip addr delete 2001:db8:100:: dev lo
+ip netns delete test
+
+Currently the first ping will get back a destination unreachable ICMP
+error, but the second will never get a response, with "icmp6_send:
+acast source" logged. After this patch, both get destination
+unreachable ICMP replies.
+
+Fixes: 45e4fd26683c ("ipv6: Only create RTF_CACHE routes after encountering pmtu exception")
+Signed-off-by: Tim Stallard <code@timstallard.me.uk>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/net/ip6_route.h |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/include/net/ip6_route.h
++++ b/include/net/ip6_route.h
+@@ -171,6 +171,7 @@ static inline bool ipv6_anycast_destinat
+ 
+ 	return rt->rt6i_flags & RTF_ANYCAST ||
+ 		(rt->rt6i_dst.plen != 128 &&
++		 !(rt->rt6i_flags & (RTF_GATEWAY | RTF_NONEXTHOP)) &&
+ 		 ipv6_addr_equal(&rt->rt6i_dst.addr, daddr));
+ }
+ 
diff --git a/queue-4.4/series b/queue-4.4/series
index 9adcfb5e66e..6f552251262 100644
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -53,3 +53,5 @@ ipmi-fix-hung-processes-in-__get_guid.patch
 powerpc-fsl_booke-avoid-creating-duplicate-tlb1-entr.patch
 misc-echo-remove-unnecessary-parentheses-and-simplif.patch
 mfd-dln2-fix-sanity-checking-for-endpoints.patch
+net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch
+net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch