From patchwork Tue Feb 27 18:36:53 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stephen Suryaputra X-Patchwork-Id: 878810 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="ZR2WrHWn"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3zrSq851Gpz9s1d for ; Wed, 28 Feb 2018 06:06:44 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751631AbeB0TGk (ORCPT ); Tue, 27 Feb 2018 14:06:40 -0500 Received: from mail-qk0-f193.google.com ([209.85.220.193]:45567 "EHLO mail-qk0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751552AbeB0TGj (ORCPT ); Tue, 27 Feb 2018 14:06:39 -0500 Received: by mail-qk0-f193.google.com with SMTP id g2so24934645qkd.12 for ; Tue, 27 Feb 2018 11:06:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=aoFkJz2uO9F9cfi454+aYRBqCTPR4OiMF5OhdWFjHCo=; b=ZR2WrHWnXD2DuQuAsRd0cwPIKsTFThVHqTvS8SdsFFf5RsfVw1eP736jDP6AFIre9x Z6wV1PTf9+jIOTBPBxpQptYKfsQ4CaMzeRaFAsB1pvYjPQozTzXi9oo+7uFvay8r+DU5 HidJxMMjx1BUC0NZ9OD3D13HO6XpduQ9doQ3W7W/wi8uo6JjSR0Fe6M2rnV/5QxME3Py cYrc3ixKIvWJqAw2kSTov1jHXwk1kKYzjkeJu33El/cJ9cDNwxw2eysfrXPqCqvfLwcI JGJSLtCZg+fX6eQfFPFv54QtnETPjMvTnjLSaSQt/CI6yEa97KOvIZ473rOBKbIbRJGD Wqaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=aoFkJz2uO9F9cfi454+aYRBqCTPR4OiMF5OhdWFjHCo=; b=uh+7pTDKvdsbdyekPLpUw88TVVlZ6lmApdwZPEcYz0AN+P7sXBL+AWTlTUrmXFJ35c NqdzgRc9Ub8GI2oH2oN7KBxX6SstJQM+YuWhJaG2y8EEJMVmZWWysmj8/RGYST5GwOOV iX7dmuLlLFCULRGmEf//eXQxxxsz4PJWZmg0R8k2MWoi0Yr/++2BLmML663ryyFGURjP Dk0d/bxATJkb9smgZL0PCcgge0nyxG0GrB6ORape3lPMWyrVKL7b3gFtAt/4/kM8zDTq 0jE39lkuRCuZOzBuslsyN67x+bQ9yM9ScvxkK+I25tVuaDQoHRUW4yreNbWAAqqRzT1a LOag== X-Gm-Message-State: APf1xPBY3g6YZzjQnEQIeD4gEcc20YxLGa88s87Gm+92CibsPzKW1PrW C0iCsaIKc/F3k5arLa89c2zATDw= X-Google-Smtp-Source: AG47ELvaEbI+m0PWQJEjGWNh9NTLTF3kYda1Wg5JzlNQJbRaOSa6X7SW+kEZSpqwC2nMR8scs2d7Iw== X-Received: by 10.55.170.209 with SMTP id t200mr24386506qke.228.1519758398409; Tue, 27 Feb 2018 11:06:38 -0800 (PST) Received: from ubuntu.extremenetworks.com ([12.38.14.10]) by smtp.gmail.com with ESMTPSA id p142sm6623715qke.4.2018.02.27.11.06.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 27 Feb 2018 11:06:37 -0800 (PST) From: Stephen Suryaputra To: netdev@vger.kernel.org Cc: Stephen Suryaputra Subject: [PATCH net] vrf: check forwarding on the original netdevice when generating ICMP dest unreachable Date: Tue, 27 Feb 2018 13:36:53 -0500 Message-Id: <1519756613-11962-1-git-send-email-ssuryaextr@gmail.com> X-Mailer: git-send-email 2.7.4 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org When ip_error() is called the device is the l3mdev master instead of the original device. So the forwarding check should be on the original one. Signed-off-by: Stephen Suryaputra --- net/ipv4/route.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index a4f44d8..2274503 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -933,6 +933,7 @@ static int ip_error(struct sk_buff *skb) struct in_device *in_dev = __in_dev_get_rcu(skb->dev); struct rtable *rt = skb_rtable(skb); struct inet_peer *peer; + int in_dev_forward; unsigned long now; struct net *net; bool send; @@ -943,7 +944,13 @@ static int ip_error(struct sk_buff *skb) goto out; net = dev_net(rt->dst.dev); - if (!IN_DEV_FORWARD(in_dev)) { + if (netif_is_l3_master(skb->dev)) { + in_dev_forward = IN_DEV_FORWARD( + __in_dev_get_rcu(__dev_get_by_index(net, IPCB(skb)->iif))); + } else { + in_dev_forward = IN_DEV_FORWARD(in_dev); + } + if (!in_dev_forward) { switch (rt->dst.error) { case EHOSTUNREACH: __IP_INC_STATS(net, IPSTATS_MIB_INADDRERRORS);