From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mike Manning Subject: [PATCH net-next v3 7/9] ipv6: allow ping to link-local address in VRF Date: Thu, 4 Oct 2018 16:12:12 +0100 Message-ID: <20181004151214.8522-8-mmanning@vyatta.att-mail.com> References: <20181004151214.8522-1-mmanning@vyatta.att-mail.com> To: netdev@vger.kernel.org Return-path: Received: from mx0b-00191d01.pphosted.com ([67.231.157.136]:61635 "EHLO mx0a-00191d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727523AbeJDWGY (ORCPT ); Thu, 4 Oct 2018 18:06:24 -0400 Received: from pps.filterd (m0049462.ppops.net [127.0.0.1]) by m0049462.ppops.net-00191d01. (8.16.0.22/8.16.0.22) with SMTP id w94F8Sti010761 for ; Thu, 4 Oct 2018 11:12:41 -0400 Received: from alpi155.enaf.aldc.att.com (sbcsmtp7.sbc.com [144.160.229.24]) by m0049462.ppops.net-00191d01. with ESMTP id 2mwn0ph0ds-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 04 Oct 2018 11:12:40 -0400 Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id w94FCeG2015295 for ; Thu, 4 Oct 2018 11:12:40 -0400 Received: from zlp27127.vci.att.com (zlp27127.vci.att.com [135.66.87.31]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id w94FCZ19015133 for ; Thu, 4 Oct 2018 11:12:35 -0400 Received: from zlp27127.vci.att.com (zlp27127.vci.att.com [127.0.0.1]) by zlp27127.vci.att.com (Service) with ESMTP id 02D104048B59 for ; Thu, 4 Oct 2018 15:12:35 +0000 (GMT) Received: from mlpi432.sfdc.sbc.com (unknown [144.151.223.11]) by zlp27127.vci.att.com (Service) with ESMTP id DFC104048B4E for ; Thu, 4 Oct 2018 15:12:34 +0000 (GMT) Received: from sfdc.sbc.com (localhost [127.0.0.1]) by mlpi432.sfdc.sbc.com (8.14.5/8.14.5) with ESMTP id w94FCYhQ021158 for ; Thu, 4 Oct 2018 11:12:34 -0400 Received: from mail.eng.vyatta.net (mail.eng.vyatta.net [10.156.50.82]) by mlpi432.sfdc.sbc.com (8.14.5/8.14.5) with ESMTP id w94FCTBn021006 for ; Thu, 4 Oct 2018 11:12:29 -0400 Received: from MM-7520.vyatta.net (unknown [10.156.47.144]) by mail.eng.vyatta.net (Postfix) with ESMTPA id 78C7136033D for ; Thu, 4 Oct 2018 08:12:28 -0700 (PDT) In-Reply-To: <20181004151214.8522-1-mmanning@vyatta.att-mail.com> Sender: netdev-owner@vger.kernel.org List-ID: If link-local packets are marked as enslaved to a VRF, then to allow ping to the link-local from a vrf, the error handling for IPV6_PKTINFO needs to be relaxed to also allow the pkt ipi6_ifindex to be that of a slave device to the vrf. Note that the real device also needs to be retrieved in icmp6_iif() to set the ipv6 flow oif to this for icmp echo reply handling. The recent commit 24b711edfc34 ("net/ipv6: Fix linklocal to global address with VRF") takes care of this, so the sdif does not need checking here. This fix makes ping to link-local consistent with that to global addresses, in that this can now be done from within the same VRF that the address is in. Signed-off-by: Mike Manning --- net/ipv6/ipv6_sockglue.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index c0cac9cc3a28..f3e99e578843 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -486,7 +486,7 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname, retv = -EFAULT; break; } - if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if) + if (!sk_dev_equal_l3scope(sk, pkt.ipi6_ifindex)) goto e_inval; np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex; -- 2.11.0