android_kernel_oneplus_msm8998/net
David Ahern bd01e762a3 net/ipv6: Fix route leaking between VRFs
[ Upstream commit b6cdbc85234b072340b8923e69f49ec293f905dc ]

Donald reported that IPv6 route leaking between VRFs is not working.
The root cause is the strict argument in the call to rt6_lookup when
validating the nexthop spec.

ip6_route_check_nh validates the gateway and device (if given) of a
route spec. It in turn could call rt6_lookup (e.g., lookup in a given
table did not succeed so it falls back to a full lookup) and if so
sets the strict argument to 1. That means if the egress device is given,
the route lookup needs to return a result with the same device. This
strict requirement does not work with VRFs (IPv4 or IPv6) because the
oif in the flow struct is overridden with the index of the VRF device
to trigger a match on the l3mdev rule and force the lookup to its table.

The right long term solution is to add an l3mdev index to the flow
struct such that the oif is not overridden. That solution will not
backport well, so this patch aims for a simpler solution to relax the
strict argument if the route spec device is an l3mdev slave. As done
in other places, use the FLOWI_FLAG_SKIP_NH_OIF to know that the
RT6_LOOKUP_F_IFACE flag needs to be removed.

Fixes: ca254490c8 ("net: Add VRF support to IPv6 stack")
Reported-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-04-13 19:50:24 +02:00
..
6lowpan 6lowpan: put mcast compression in an own function 2015-10-21 00:49:25 +02:00
9p net/9p: Switch to wait_event_killable() 2017-11-30 08:37:25 +00:00
802 net: Kill dev_rebuild_header 2015-03-02 16:43:41 -05:00
8021q net/8021q: create device with all possible features in wanted_features 2018-03-22 09:23:21 +01:00
appletalk net: Pass kern from net_proto_family.create to sk_alloc 2015-05-11 10:50:17 -04:00
atm atm: deal with setting entry before mkip was called 2015-09-17 22:13:32 -07:00
ax25 ax25: Fix segfault after sock connection timeout 2017-02-04 09:45:09 +01:00
batman-adv batman-adv: handle race condition for claims between gateways 2018-03-22 09:23:21 +01:00
bluetooth Bluetooth: Send HCI Set Event Mask Page 2 command only when needed 2018-04-13 19:50:21 +02:00
bridge netfilter: bridge: ebt_among: add more missing match size checks 2018-04-08 11:51:59 +02:00
caif net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx 2017-07-05 14:37:14 +02:00
can can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once 2018-01-31 12:06:08 +01:00
ceph libceph: NULL deref on crush_decode() error path 2018-04-13 19:50:10 +02:00
core net: fix possible out-of-bound read in skb_network_protocol() 2018-04-13 19:50:24 +02:00
dcb net/dcb: make dcbnl.c explicitly non-modular 2015-10-09 07:52:27 -07:00
dccp dccp: check sk for closed state in dccp_sendmsg() 2018-03-31 18:12:33 +02:00
decnet dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock 2018-02-25 11:03:38 +01:00
dns_resolver KEYS: Fix race between updating and finding a negative key 2017-10-27 10:23:18 +02:00
dsa net: dsa: select NET_SWITCHDEV 2017-11-15 17:13:11 +01:00
ethernet net: introduce device min_header_len 2017-02-18 16:39:27 +01:00
hsr net/hsr: fix a warning message 2015-11-23 14:56:15 -05:00
ieee802154 net: ieee802154: fix net_device reference release too early 2018-04-13 19:50:10 +02:00
ipv4 arp: fix arp_filter on l3slave devices 2018-04-13 19:50:24 +02:00
ipv6 net/ipv6: Fix route leaking between VRFs 2018-04-13 19:50:24 +02:00
ipx ipx: call ipxitf_put() in ioctl error path 2017-05-25 14:30:13 +02:00
irda irda: do not leak initialized list.dev to userspace 2017-08-30 10:19:21 +02:00
iucv net/iucv: Free memory obtained by kzalloc 2018-03-31 18:12:33 +02:00
key af_key: Fix slab-out-of-bounds in pfkey_compile_policy. 2018-04-13 19:50:01 +02:00
l2tp l2tp: fix missing print session offset info 2018-04-13 19:50:12 +02:00
l3mdev net: Add netif_is_l3_slave 2015-10-07 04:27:43 -07:00
lapb
llc net: llc: add lock_sock in llc_ui_bind to avoid a race condition 2018-04-13 19:50:12 +02:00
mac80211 mac80211: bail out from prep_connection() if a reconfig is ongoing 2018-04-13 19:50:01 +02:00
mac802154 mac802154: llsec: use kzfree 2015-10-21 00:49:24 +02:00
mpls mpls, nospec: Sanitize array index in mpls_label_ok() 2018-03-11 16:19:47 +01:00
netfilter netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize 2018-04-13 19:50:10 +02:00
netlabel netlabel: add address family checks to netlbl_{sock,req}_delattr() 2016-08-20 18:09:22 +02:00
netlink netlink: avoid a double skb free in genlmsg_mcast() 2018-03-31 18:12:33 +02:00
netrom netfilter: Remove spurios included of netfilter.h 2015-06-18 21:14:32 +02:00
nfc NFC: fix device-allocation error return 2017-11-30 08:37:23 +00:00
openvswitch openvswitch: Delete conntrack entry clashing with an expectation. 2018-03-24 10:58:43 +01:00
packet net/packet: fix a race in packet_bind() and packet_notifier() 2017-12-16 10:33:56 +01:00
phonet phonet: properly unshare skbs in phonet_rcv() 2016-01-31 11:29:00 -08:00
rds rds; Reset rs->rs_bound_addr in rds_add_bound() failure path 2018-04-13 19:50:13 +02:00
rfkill rfkill: fix rfkill_fop_read wait_event usage 2016-03-03 15:07:26 -08:00
rose Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-24 02:58:51 -07:00
rxrpc rxrpc: check return value of skb_to_sgvec always 2018-04-13 19:50:23 +02:00
sched sched: act_csum: don't mangle TCP and UDP GSO packets 2018-03-22 09:23:22 +01:00
sctp sctp: fix recursive locking warning in sctp_do_peeloff 2018-04-13 19:50:20 +02:00
sunrpc SUNRPC: ensure correct error is reported by xs_tcp_setup_socket() 2018-04-13 19:50:15 +02:00
switchdev switchdev: pass pointer to fib_info instead of copy 2016-06-24 10:18:16 -07:00
tipc tipc: fix memory leak in tipc_accept_from_sock() 2017-12-16 10:33:56 +01:00
unix net/unix: don't show information about sockets from other namespaces 2017-11-18 11:11:06 +01:00
vmw_vsock vsock: use new wait API for vsock_stream_sendmsg() 2017-11-30 08:37:19 +00:00
wimax net:wimax: Fix doucble word "the the" in networking.xml 2015-08-09 22:43:52 -07:00
wireless nl80211: Sanitize array index in parse_txq_params 2018-02-25 11:03:53 +01:00
x25 net: x25: fix one potential use-after-free issue 2018-04-13 19:50:07 +02:00
xfrm xfrm: fix state migration copy replay sequence numbers 2018-04-13 19:50:08 +02:00
compat.c audit: log 32-bit socketcalls 2017-10-08 10:14:18 +02:00
Kconfig Make DST_CACHE a silent config option 2018-02-25 11:03:37 +01:00
Makefile net: Introduce L3 Master device abstraction 2015-09-29 20:40:32 -07:00
socket.c bpf: introduce BPF_JIT_ALWAYS_ON config 2018-02-03 17:04:24 +01:00
sysctl_net.c net: Use ns_capable_noaudit() when determining net sysctl permissions 2016-09-15 08:27:50 +02:00