Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp2460481imd; Fri, 2 Nov 2018 11:47:45 -0700 (PDT) X-Google-Smtp-Source: AJdET5co7/+d2YZeJK+HPcaAFdxJ2itjKr9OD+9KTaImSYFDJijzaj+jRGkKv9e76YAPRE8IB7Fy X-Received: by 2002:a17:902:aa0a:: with SMTP id be10-v6mr12866993plb.294.1541184465857; Fri, 02 Nov 2018 11:47:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1541184465; cv=none; d=google.com; s=arc-20160816; b=deEHcYAk3Arf6DlBbVfkrNt0qCE6ol4bz0MQmB8t7gUHGDSjJUfLtNImVO1/4Ww02q qIPns30MpM5tki/OBU40mzvuwOrdXWXG415/IDUDhVpbYmI1seh54CHleopqVsnmTcfV 1wEgPwZO1jRrCJzjyIfxcXFCwGZUHtS3DDOFQks1w3kp68szaUPydSQwsZTljgVHT/9N 38YXzm+Vi0eJKOVQ/9Wi/tl7UHF5OP97SDATBPFULbl+SxstuTnMPO7qliPmhzRWjfCf qhOm3fgrPnT0Z5WFgWK1RwCUUXRv8dVT41h3W/C7iDOMK0eDPbTpChO3oiXQ/9b2CLXV whJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=OBCSpuZRGZpe/vNvzWT/Qkdk8a1YwAzfEWVqqkoi4pg=; b=e8KjUEuGqY0X+BJdsEnCT5GatInI7YAXizJttm7puTrzKmauS8NXKKHKBxq3aw4iWF 4h2FLOmwWGuoBHgeemClcvM2ywb8SoXlQj9stX1uDKIUULCUXoZXxioqN3TLMy8SM2UR 6rhkzsgihrNOEMkCoUc9nDYds1yBkPAKHTtkwznPqrrud1t8l93c1u626/dd4qH41Lk3 mrwcU1BsLX/0Y1J0ZKVD0pctQH65Cqf9BqEGfoKzCW3CKQjp/bsfDVwXcp89oouPN8d0 9+4LMg+QF6mlCx7bDSUIxLzONZ6Pfi1yh63gooeMqxmWoCEpSaPnr3pAF4PkQK8xu6SZ qmgA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=yWm5wM4j; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m3-v6si26854791pld.435.2018.11.02.11.47.31; Fri, 02 Nov 2018 11:47:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=yWm5wM4j; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730154AbeKCDxX (ORCPT + 99 others); Fri, 2 Nov 2018 23:53:23 -0400 Received: from mail.kernel.org ([198.145.29.99]:48970 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728985AbeKCDxX (ORCPT ); Fri, 2 Nov 2018 23:53:23 -0400 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 299FA20847; Fri, 2 Nov 2018 18:45:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1541184309; bh=rxmfqLqzcDCnvXQkyupKW0jOmxy3ahhFCaLmmRCwm3Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=yWm5wM4jQj+CKOWdq7Td8vefzXPMtlhWDKLEwxqY9EBEDLBSV4d4g5gsnMa/zWe4j u9d03SjSBWMP5Pj3zowrrrmpTAB4uTruyP56vq7urnIXwWhz9f+plbTYTrYx0n4XCL 5+aHqKp43PJpbmM6biI7B+yMwhZDQe8zjHzMM2MA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, David Ahern , "David S. Miller" Subject: [PATCH 4.18 131/150] net/ipv6: Allow onlink routes to have a device mismatch if it is the default route Date: Fri, 2 Nov 2018 19:34:53 +0100 Message-Id: <20181102182911.874013335@linuxfoundation.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181102182902.250560510@linuxfoundation.org> References: <20181102182902.250560510@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.18-stable review patch. If anyone has any objections, please let me know. ------------------ From: David Ahern [ Upstream commit 4ed591c8ab44e711e56b8e021ffaf4f407c045f5 ] The intent of ip6_route_check_nh_onlink is to make sure the gateway given for an onlink route is not actually on a connected route for a different interface (e.g., 2001:db8:1::/64 is on dev eth1 and then an onlink route has a via 2001:db8:1::1 dev eth2). If the gateway lookup hits the default route then it most likely will be a different interface than the onlink route which is ok. Update ip6_route_check_nh_onlink to disregard the device mismatch if the gateway lookup hits the default route. Turns out the existing onlink tests are passing because there is no default route or it is an unreachable default, so update the onlink tests to have a default route other than unreachable. Fixes: fc1e64e1092f6 ("net/ipv6: Add support for onlink flag") Signed-off-by: David Ahern Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/ipv6/route.c | 2 ++ tools/testing/selftests/net/fib-onlink-tests.sh | 14 +++++++------- 2 files changed, 9 insertions(+), 7 deletions(-) --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -2792,6 +2792,8 @@ static int ip6_route_check_nh_onlink(str grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0); if (grt) { if (!grt->dst.error && + /* ignore match if it is the default route */ + grt->from && !ipv6_addr_any(&grt->from->fib6_dst.addr) && (grt->rt6i_flags & flags || dev != grt->dst.dev)) { NL_SET_ERR_MSG(extack, "Nexthop has invalid gateway or device mismatch"); --- a/tools/testing/selftests/net/fib-onlink-tests.sh +++ b/tools/testing/selftests/net/fib-onlink-tests.sh @@ -167,8 +167,8 @@ setup() # add vrf table ip li add ${VRF} type vrf table ${VRF_TABLE} ip li set ${VRF} up - ip ro add table ${VRF_TABLE} unreachable default - ip -6 ro add table ${VRF_TABLE} unreachable default + ip ro add table ${VRF_TABLE} unreachable default metric 8192 + ip -6 ro add table ${VRF_TABLE} unreachable default metric 8192 # create test interfaces ip li add ${NETIFS[p1]} type veth peer name ${NETIFS[p2]} @@ -185,20 +185,20 @@ setup() for n in 1 3 5 7; do ip li set ${NETIFS[p${n}]} up ip addr add ${V4ADDRS[p${n}]}/24 dev ${NETIFS[p${n}]} - ip addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} + ip addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} nodad done # move peer interfaces to namespace and add addresses for n in 2 4 6 8; do ip li set ${NETIFS[p${n}]} netns ${PEER_NS} up ip -netns ${PEER_NS} addr add ${V4ADDRS[p${n}]}/24 dev ${NETIFS[p${n}]} - ip -netns ${PEER_NS} addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} + ip -netns ${PEER_NS} addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} nodad done - set +e + ip -6 ro add default via ${V6ADDRS[p3]/::[0-9]/::64} + ip -6 ro add table ${VRF_TABLE} default via ${V6ADDRS[p7]/::[0-9]/::64} - # let DAD complete - assume default of 1 probe - sleep 1 + set +e } cleanup()