Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp2451404imd; Fri, 2 Nov 2018 11:37:28 -0700 (PDT) X-Google-Smtp-Source: AJdET5eKaTdtkAHY5qFHxP2ZkIsn+zPP5mbiwMdDghqP7o6sJEH46QxrGu9S4rG+PPNqQv1d3I55 X-Received: by 2002:a63:f65:: with SMTP id 37mr5897726pgp.238.1541183848064; Fri, 02 Nov 2018 11:37:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1541183848; cv=none; d=google.com; s=arc-20160816; b=UAx4jwpRDodXluxAqcwK3JKZ9MlUrCaxjGGLtZNqtMULXG2rcKaBZR4IsD+G8aNF8Z XSE/UCNzdLGjHdLkcK5BISck8F0MyouYuoOlT8fP29cujjrce1wTQT8ErR4VWx7cP+8k bkQyJCp+K+1mgUn15PucF3cHA/YEvwFZ7va0WrEjECpBrgKmVvFGkHw80pcHpseSs226 CqcNb8FM5Nx9TC/57k3GYvTvGrihzMAfTGOOcCMNa93FFWqmt/6NOLP/D/YpRLEiTJpf CRhv0OWEZdJBRVcWUfANipErD1U7cbofKr7JXs5TldB8fNEXS11PqTnlJ9A65+4XpzFx wT3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=mFjizGYEuFPZLJj6VyrnNU/DdQdZdmWFq4j2q4nqtJ8=; b=YPkDiuCwyYJprOcJCtuSOT0fyZXCEOLGrWR90SB2odQZo+IR43Xc0EtK+qYSrZAms7 fUgbTfdsYxzQMTtAInwOLIksvci/lq2pGYXc0wBx4+kyTUWmzL9qFoD394T6JZTCo0uc 70JaRJ9b5yq5A42gOXz5Pf3zAgc/STDidLeJKVY8PnACLnRLHft4j8WLl6uw7dEl0nyU ww2pl4lJF2GO5Sn2oP9tc9uBea1lIeAh09OFoWfeeR24g6DGgT+nhO3ra2KKX5Cp6fu2 Cu2TpEpAp2I+WFP10HbLQCfhYWZA4A40k4sIM3jN2MTi089JWHc7U5BJHVvfpo8snAGg 4eYA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="zOIIqK/W"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i12-v6si27615716pgl.83.2018.11.02.11.37.13; Fri, 02 Nov 2018 11:37:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="zOIIqK/W"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728347AbeKCDor (ORCPT + 99 others); Fri, 2 Nov 2018 23:44:47 -0400 Received: from mail.kernel.org ([198.145.29.99]:38618 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728336AbeKCDoq (ORCPT ); Fri, 2 Nov 2018 23:44:46 -0400 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id F244A20833; Fri, 2 Nov 2018 18:36:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1541183796; bh=inLnG844OBRxKvcOyhnqXdQSzhb3kaI2QDHAeDXe7dI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=zOIIqK/WWVDVNLTN3l2dyQHpEAefKhKShMgapbPrJkFD9fXyLIxKPTw6mEQzbaWOk jMfDqbujs58pzHMwaiDsiHLXauUARLjuIZJIjNkMJJuy4dyHEn/OSQ0qDtyZJgGPM+ 9mI8SL7teO8UUkX0rB7zi39YDmwgLkCrU+QskjXk= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, David Ahern , "David S. Miller" Subject: [PATCH 4.19 12/24] net/ipv6: Allow onlink routes to have a device mismatch if it is the default route Date: Fri, 2 Nov 2018 19:34:45 +0100 Message-Id: <20181102182841.658276687@linuxfoundation.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181102182839.725385066@linuxfoundation.org> References: <20181102182839.725385066@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: David Ahern [ Upstream commit 4ed591c8ab44e711e56b8e021ffaf4f407c045f5 ] The intent of ip6_route_check_nh_onlink is to make sure the gateway given for an onlink route is not actually on a connected route for a different interface (e.g., 2001:db8:1::/64 is on dev eth1 and then an onlink route has a via 2001:db8:1::1 dev eth2). If the gateway lookup hits the default route then it most likely will be a different interface than the onlink route which is ok. Update ip6_route_check_nh_onlink to disregard the device mismatch if the gateway lookup hits the default route. Turns out the existing onlink tests are passing because there is no default route or it is an unreachable default, so update the onlink tests to have a default route other than unreachable. Fixes: fc1e64e1092f6 ("net/ipv6: Add support for onlink flag") Signed-off-by: David Ahern Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/ipv6/route.c | 2 ++ tools/testing/selftests/net/fib-onlink-tests.sh | 14 +++++++------- 2 files changed, 9 insertions(+), 7 deletions(-) --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -2799,6 +2799,8 @@ static int ip6_route_check_nh_onlink(str grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0); if (grt) { if (!grt->dst.error && + /* ignore match if it is the default route */ + grt->from && !ipv6_addr_any(&grt->from->fib6_dst.addr) && (grt->rt6i_flags & flags || dev != grt->dst.dev)) { NL_SET_ERR_MSG(extack, "Nexthop has invalid gateway or device mismatch"); --- a/tools/testing/selftests/net/fib-onlink-tests.sh +++ b/tools/testing/selftests/net/fib-onlink-tests.sh @@ -167,8 +167,8 @@ setup() # add vrf table ip li add ${VRF} type vrf table ${VRF_TABLE} ip li set ${VRF} up - ip ro add table ${VRF_TABLE} unreachable default - ip -6 ro add table ${VRF_TABLE} unreachable default + ip ro add table ${VRF_TABLE} unreachable default metric 8192 + ip -6 ro add table ${VRF_TABLE} unreachable default metric 8192 # create test interfaces ip li add ${NETIFS[p1]} type veth peer name ${NETIFS[p2]} @@ -185,20 +185,20 @@ setup() for n in 1 3 5 7; do ip li set ${NETIFS[p${n}]} up ip addr add ${V4ADDRS[p${n}]}/24 dev ${NETIFS[p${n}]} - ip addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} + ip addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} nodad done # move peer interfaces to namespace and add addresses for n in 2 4 6 8; do ip li set ${NETIFS[p${n}]} netns ${PEER_NS} up ip -netns ${PEER_NS} addr add ${V4ADDRS[p${n}]}/24 dev ${NETIFS[p${n}]} - ip -netns ${PEER_NS} addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} + ip -netns ${PEER_NS} addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} nodad done - set +e + ip -6 ro add default via ${V6ADDRS[p3]/::[0-9]/::64} + ip -6 ro add table ${VRF_TABLE} default via ${V6ADDRS[p7]/::[0-9]/::64} - # let DAD complete - assume default of 1 probe - sleep 1 + set +e } cleanup()