From patchwork Wed Feb 28 14:46:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stephen Suryaputra X-Patchwork-Id: 879165 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="l0jlYBh6"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3zrz1F0rkXz9s26 for ; Thu, 1 Mar 2018 01:47:13 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752671AbeB1OrJ (ORCPT ); Wed, 28 Feb 2018 09:47:09 -0500 Received: from mail-qt0-f193.google.com ([209.85.216.193]:35054 "EHLO mail-qt0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752615AbeB1OrI (ORCPT ); Wed, 28 Feb 2018 09:47:08 -0500 Received: by mail-qt0-f193.google.com with SMTP id z14so3246978qti.2 for ; Wed, 28 Feb 2018 06:47:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=5ve2A8Y8zWyNRb1tnRd/X0ABBMXtB8SGMY6fgQ8c1Gg=; b=l0jlYBh60g5lVXEwXDzbXpR/G0eFlJY9VEkAGCEmnPG+ZzjvZx8zsAc9UTIL7NkKAJ qNDg3pYOG3KTO9HYhWWyC11/Y4fq/be2iAIXNUcklwtf9WcsJnRVtp6Sf/49M03TAB96 FpMhmUB8XQ5RM36KsfaHVHhJte/q8WvbQnF5/1ANVUTfa9cXKdg5RHG+ipTbL5eQQfDc +xqg6l2ru6z3znkufANiWcpNVKHqgznXjlHRSZI7vdcsOV2FhcAiLNxw6YaxeraiyPFi NFARSVdR/zHf5brhEIzMBKT3PML2dTEuo++pSrwsE5Qh1pA8IUQZjvwuwKJLS61gRNQ8 rpWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=5ve2A8Y8zWyNRb1tnRd/X0ABBMXtB8SGMY6fgQ8c1Gg=; b=aEXtW3sa2f6kLQagnf6HkM/QTqEti2KZSp2j0z8xlyrQdCyPybGOl+bCqMTqW5uPSR OU1Q0A9Iyim+nBG3fXQ1gdnEoh2384FCvVkZotMXm5eVwC3m2vG4F3RpwDzREe/or1iy Uq/Krxl982rpcyaJbOstHVsLQh9xRpIQoDp/02KgRFYCfOVIBCwm1QcDzYoOHtGNtkPT eHqKfdjfZQg4CL9k/r4Kdej3w5iy1qPv6HeWLoZj/Jeckr4nIKgwDJRq75wLnjIOPbeQ UzpO7D7nJBlhG2fm7cQD6v0RxEnv0ULggmye0+woyaQ5J5oLxeu67jT3wpiVwW2Oaf1N 6/Ow== X-Gm-Message-State: APf1xPCqxZfOBneDOjDBGKqc2GxZ9dunGujuxh92e7T7Rw5Kr4dTQbLP jrobuXYMEpce3JStZc3giaKyuvs= X-Google-Smtp-Source: AG47ELsoQAT0bBNADoz0nVbP22Eb6U2XP1vnkn4v1VIL/g5YXxGhEtmftYdjUBK4F4wFOnPpCsEK7w== X-Received: by 10.200.112.91 with SMTP id y27mr23513170qtm.295.1519829227224; Wed, 28 Feb 2018 06:47:07 -0800 (PST) Received: from ubuntu.extremenetworks.com ([12.38.14.9]) by smtp.gmail.com with ESMTPSA id j10sm1310014qtk.8.2018.02.28.06.47.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 28 Feb 2018 06:47:06 -0800 (PST) From: Stephen Suryaputra To: netdev@vger.kernel.org Cc: Stephen Suryaputra Subject: [PATCH net, v2] vrf: check forwarding on the original netdevice when generating ICMP dest unreachable Date: Wed, 28 Feb 2018 09:46:59 -0500 Message-Id: <1519829219-29623-1-git-send-email-ssuryaextr@gmail.com> X-Mailer: git-send-email 2.7.4 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org When ip_error() is called the device is the l3mdev master instead of the original device. So the forwarding check should be on the original one. Changes from v1: - Only need to reset the device on which __in_dev_get_rcu() is done (per David Ahern). Signed-off-by: Stephen Suryaputra --- net/ipv4/route.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index a4f44d8..89c020f 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -930,19 +930,26 @@ void ip_rt_send_redirect(struct sk_buff *skb) static int ip_error(struct sk_buff *skb) { - struct in_device *in_dev = __in_dev_get_rcu(skb->dev); struct rtable *rt = skb_rtable(skb); + struct net_device *dev = skb->dev; + struct in_device *in_dev; struct inet_peer *peer; unsigned long now; struct net *net; bool send; int code; + net = dev_net(rt->dst.dev); + + if (netif_is_l3_master(skb->dev)) + dev = __dev_get_by_index(net, IPCB(skb)->iif); + + in_dev = __in_dev_get_rcu(dev); + /* IP on this device is disabled. */ if (!in_dev) goto out; - net = dev_net(rt->dst.dev); if (!IN_DEV_FORWARD(in_dev)) { switch (rt->dst.error) { case EHOSTUNREACH: