Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp1218647ybl;
        Fri, 30 Aug 2019 13:58:13 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwDoqFg8HPDbNudw8tYFI4XhUxYogFFtr+Ut3elxwJ6Y9TT8mNsuNRNj6SyPYoSQmTU9g2M
X-Received: by 2002:a62:5802:: with SMTP id m2mr20252445pfb.169.1567198693167;
        Fri, 30 Aug 2019 13:58:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1567198693; cv=none;
        d=google.com; s=arc-20160816;
        b=P6Xgin16RUn+oAihWkF8/C1pV6O+EezK9T8hQ/cB8Wr/efD16p8zNAJgyVP3x91cK2
         gdiJSOYVAFtFr/BP+2Um4c6KEhj36Zpw/nuFRuogg/OrN3DdFujlYjiOR5rKgkFIn0IZ
         dgEUoryY2KkOQGsWGmM8b8bTkcA7rBenDkNg5BLBhqm/vuUkdri4FcL+4k6slL3L86Ss
         3jyfyiBjSBC6dx5EH4/Q4vOhRL2tvcR7OB6emZQUQo9QXLc4xoWbdqF1t0pZUvgAq1lm
         +gyXu08Wkz2j2sbKSnRPYNFubVTUCErUYkYYEaHETMN3ZyvUAzsTWSEAoyDsbyMKVR9d
         ywvg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=8AtqjHhd+D3gMW2DrBzFlYoAbEcRuoMlqRiRqORy1ZY=;
        b=F7F20JFJl+jsooBCYr25cFXr8RjbMFZA+5ttAzeUFdor1Dq1E5XsiIUtauWuQFfc2d
         drG927h6RQ8e+pAlZjhcWAIAuusO/sIoNBXngpB3Bvz9Seseoud12GLeDxK1X5Zg4uye
         nXZZ2cDkyfMmnGvJRiR8ZmVmA8Yu7R8UC7UzzxEX9ox5IldS57Uf9x216Ji4CCUCBo+g
         5MH1kIvNOJfZpPGq+oBl3jffWI7K3TXb/DtSw7BwtcwP6excGKyACxrORNda5FYzASXg
         h0zGDGwp6h4uwFJB7P26Dwdfmk8+Y4Jn7xaePzKmTJHsfzwDSACUvcToC8wBmoUmHMZ6
         mkuw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h8si7439316pfr.280.2019.08.30.13.57.57;
        Fri, 30 Aug 2019 13:58:13 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728240AbfH3Uzv (ORCPT <rfc822;thunderbird.krnldev@gmail.com>
        + 99 others); Fri, 30 Aug 2019 16:55:51 -0400
Received: from Chamillionaire.breakpoint.cc ([193.142.43.52]:58868 "EHLO
        Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1727992AbfH3Uzv (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 30 Aug 2019 16:55:51 -0400
Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.92)
        (envelope-from <fw@strlen.de>)
        id 1i3nvp-0006RE-4L; Fri, 30 Aug 2019 22:55:41 +0200
Date:   Fri, 30 Aug 2019 22:55:41 +0200
From:   Florian Westphal <fw@strlen.de>
To:     Leonardo Bras <leonardo@linux.ibm.com>
Cc:     netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
        bridge@lists.linux-foundation.org, netdev@vger.kernel.org,
        linux-kernel@vger.kernel.org,
        Pablo Neira Ayuso <pablo@netfilter.org>,
        Jozsef Kadlecsik <kadlec@netfilter.org>,
        Florian Westphal <fw@strlen.de>,
        Roopa Prabhu <roopa@cumulusnetworks.com>,
        Nikolay Aleksandrov <nikolay@cumulusnetworks.com>,
        "David S. Miller" <davem@davemloft.net>
Subject: Re: [PATCH v4 2/2] net: br_netfiler_hooks: Drops IPv6 packets if
 IPv6 module is not loaded
Message-ID: <20190830205541.GR20113@breakpoint.cc>
References: <20190830181354.26279-1-leonardo@linux.ibm.com>
 <20190830181354.26279-3-leonardo@linux.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190830181354.26279-3-leonardo@linux.ibm.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Leonardo Bras <leonardo@linux.ibm.com> wrote:
> A kernel panic can happen if a host has disabled IPv6 on boot and have to
> process guest packets (coming from a bridge) using it's ip6tables.
> 
> IPv6 packets need to be dropped if the IPv6 module is not loaded.
> 
> Signed-off-by: Leonardo Bras <leonardo@linux.ibm.com>
> ---
>  net/bridge/br_netfilter_hooks.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c
> index d3f9592f4ff8..5e8693730df1 100644
> --- a/net/bridge/br_netfilter_hooks.c
> +++ b/net/bridge/br_netfilter_hooks.c
> @@ -493,6 +493,8 @@ static unsigned int br_nf_pre_routing(void *priv,
>  	brnet = net_generic(state->net, brnf_net_id);
>  	if (IS_IPV6(skb) || is_vlan_ipv6(skb, state->net) ||
>  	    is_pppoe_ipv6(skb, state->net)) {
> +		if (!ipv6_mod_enabled())
> +			return NF_DROP;
>  		if (!brnet->call_ip6tables &&
>  		    !br_opt_get(br, BROPT_NF_CALL_IP6TABLES))
>  			return NF_ACCEPT;

No, thats too aggressive and turns the bridge into an ipv6 blackhole.

There are two solutions:
1. The above patch, but use NF_ACCEPT instead
2. keep the DROP, but move it below the call_ip6tables test,
   so that users can tweak call-ip6tables to accept packets.

Perhaps it would be good to also add a pr_warn_once() that
tells that ipv6 was disabled on command line and
call-ip6tables isn't supported in this configuration.

I would go with option two.