From: Greg Kroah-Hartman Date: Mon, 16 May 2022 13:24:58 +0000 (+0200) Subject: 5.4-stable patches X-Git-Tag: v4.9.315~12 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=70dcd1688c70d9aff37ce38536b3318d3969510a;p=thirdparty%2Fkernel%2Fstable-queue.git 5.4-stable patches added patches: ping-fix-address-binding-wrt-vrf.patch --- diff --git a/queue-5.4/ping-fix-address-binding-wrt-vrf.patch b/queue-5.4/ping-fix-address-binding-wrt-vrf.patch new file mode 100644 index 00000000000..723abdfb751 --- /dev/null +++ b/queue-5.4/ping-fix-address-binding-wrt-vrf.patch @@ -0,0 +1,72 @@ +From e1a7ac6f3ba6e157adcd0ca94d92a401f1943f56 Mon Sep 17 00:00:00 2001 +From: Nicolas Dichtel +Date: Wed, 4 May 2022 11:07:38 +0200 +Subject: ping: fix address binding wrt vrf + +From: Nicolas Dichtel + +commit e1a7ac6f3ba6e157adcd0ca94d92a401f1943f56 upstream. + +When ping_group_range is updated, 'ping' uses the DGRAM ICMP socket, +instead of an IP raw socket. In this case, 'ping' is unable to bind its +socket to a local address owned by a vrflite. + +Before the patch: +$ sysctl -w net.ipv4.ping_group_range='0 2147483647' +$ ip link add blue type vrf table 10 +$ ip link add foo type dummy +$ ip link set foo master blue +$ ip link set foo up +$ ip addr add 192.168.1.1/24 dev foo +$ ip addr add 2001::1/64 dev foo +$ ip vrf exec blue ping -c1 -I 192.168.1.1 192.168.1.2 +ping: bind: Cannot assign requested address +$ ip vrf exec blue ping6 -c1 -I 2001::1 2001::2 +ping6: bind icmp socket: Cannot assign requested address + +CC: stable@vger.kernel.org +Fixes: 1b69c6d0ae90 ("net: Introduce L3 Master device abstraction") +Signed-off-by: Nicolas Dichtel +Reviewed-by: David Ahern +Signed-off-by: Jakub Kicinski +Signed-off-by: Nicolas Dichtel +Signed-off-by: Greg Kroah-Hartman +--- + net/ipv4/ping.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +--- a/net/ipv4/ping.c ++++ b/net/ipv4/ping.c +@@ -304,6 +304,7 @@ static int ping_check_bind_addr(struct s + struct net *net = sock_net(sk); + if (sk->sk_family == AF_INET) { + struct sockaddr_in *addr = (struct sockaddr_in *) uaddr; ++ u32 tb_id = RT_TABLE_LOCAL; + int chk_addr_ret; + + if (addr_len < sizeof(*addr)) +@@ -317,7 +318,8 @@ static int ping_check_bind_addr(struct s + pr_debug("ping_check_bind_addr(sk=%p,addr=%pI4,port=%d)\n", + sk, &addr->sin_addr.s_addr, ntohs(addr->sin_port)); + +- chk_addr_ret = inet_addr_type(net, addr->sin_addr.s_addr); ++ tb_id = l3mdev_fib_table_by_index(net, sk->sk_bound_dev_if) ? : tb_id; ++ chk_addr_ret = inet_addr_type_table(net, addr->sin_addr.s_addr, tb_id); + + if (addr->sin_addr.s_addr == htonl(INADDR_ANY)) + chk_addr_ret = RTN_LOCAL; +@@ -356,6 +358,14 @@ static int ping_check_bind_addr(struct s + if (!dev) { + rcu_read_unlock(); + return -ENODEV; ++ } ++ } ++ ++ if (!dev && sk->sk_bound_dev_if) { ++ dev = dev_get_by_index_rcu(net, sk->sk_bound_dev_if); ++ if (!dev) { ++ rcu_read_unlock(); ++ return -ENODEV; + } + } + has_addr = pingv6_ops.ipv6_chk_addr(net, &addr->sin6_addr, dev, diff --git a/queue-5.4/series b/queue-5.4/series index f1a67e01d6e..f5146536f29 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -39,3 +39,4 @@ drm-vmwgfx-initialize-drm_mode_fb_cmd2.patch mips-fix-build-with-gcc-12.patch net-phy-fix-race-condition-on-link-status-change.patch arm-memremap-don-t-abuse-pfn_valid-to-ensure-presence-of-linear-map.patch +ping-fix-address-binding-wrt-vrf.patch