From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Tim Stallard <code@timstallard.me.uk>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 5.6 18/71] net: icmp6: do not select saddr from iif when route has prefsrc set
Date: Mon, 20 Apr 2020 14:38:32 +0200 [thread overview]
Message-ID: <20200420121512.086635523@linuxfoundation.org> (raw)
In-Reply-To: <20200420121508.491252919@linuxfoundation.org>
From: Tim Stallard <code@timstallard.me.uk>
[ Upstream commit b93cfb9cd3af3adc9ba4854f178d5300f7544d3e ]
Since commit fac6fce9bdb5 ("net: icmp6: provide input address for
traceroute6") ICMPv6 errors have source addresses from the ingress
interface. However, this overrides when source address selection is
influenced by setting preferred source addresses on routes.
This can result in ICMP errors being lost to upstream BCP38 filters
when the wrong source addresses are used, breaking path MTU discovery
and traceroute.
This patch sets the modified source address selection to only take place
when the route used has no prefsrc set.
It can be tested with:
ip link add v1 type veth peer name v2
ip netns add test
ip netns exec test ip link set lo up
ip link set v2 netns test
ip link set v1 up
ip netns exec test ip link set v2 up
ip addr add 2001:db8::1/64 dev v1 nodad
ip addr add 2001:db8::3 dev v1 nodad
ip netns exec test ip addr add 2001:db8::2/64 dev v2 nodad
ip netns exec test ip route add unreachable 2001:db8:1::1
ip netns exec test ip addr add 2001:db8:100::1 dev lo
ip netns exec test ip route add 2001:db8::1 dev v2 src 2001:db8:100::1
ip route add 2001:db8:1000::1 via 2001:db8::2
traceroute6 -s 2001:db8::1 2001:db8:1000::1
traceroute6 -s 2001:db8::3 2001:db8:1000::1
ip netns delete test
Output before:
$ traceroute6 -s 2001:db8::1 2001:db8:1000::1
traceroute to 2001:db8:1000::1 (2001:db8:1000::1), 30 hops max, 80 byte packets
1 2001:db8::2 (2001:db8::2) 0.843 ms !N 0.396 ms !N 0.257 ms !N
$ traceroute6 -s 2001:db8::3 2001:db8:1000::1
traceroute to 2001:db8:1000::1 (2001:db8:1000::1), 30 hops max, 80 byte packets
1 2001:db8::2 (2001:db8::2) 0.772 ms !N 0.257 ms !N 0.357 ms !N
After:
$ traceroute6 -s 2001:db8::1 2001:db8:1000::1
traceroute to 2001:db8:1000::1 (2001:db8:1000::1), 30 hops max, 80 byte packets
1 2001:db8:100::1 (2001:db8:100::1) 8.885 ms !N 0.310 ms !N 0.174 ms !N
$ traceroute6 -s 2001:db8::3 2001:db8:1000::1
traceroute to 2001:db8:1000::1 (2001:db8:1000::1), 30 hops max, 80 byte packets
1 2001:db8::2 (2001:db8::2) 1.403 ms !N 0.205 ms !N 0.313 ms !N
Fixes: fac6fce9bdb5 ("net: icmp6: provide input address for traceroute6")
Signed-off-by: Tim Stallard <code@timstallard.me.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/ipv6/icmp.c | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
--- a/net/ipv6/icmp.c
+++ b/net/ipv6/icmp.c
@@ -229,6 +229,25 @@ static bool icmpv6_xrlim_allow(struct so
return res;
}
+static bool icmpv6_rt_has_prefsrc(struct sock *sk, u8 type,
+ struct flowi6 *fl6)
+{
+ struct net *net = sock_net(sk);
+ struct dst_entry *dst;
+ bool res = false;
+
+ dst = ip6_route_output(net, sk, fl6);
+ if (!dst->error) {
+ struct rt6_info *rt = (struct rt6_info *)dst;
+ struct in6_addr prefsrc;
+
+ rt6_get_prefsrc(rt, &prefsrc);
+ res = !ipv6_addr_any(&prefsrc);
+ }
+ dst_release(dst);
+ return res;
+}
+
/*
* an inline helper for the "simple" if statement below
* checks if parameter problem report is caused by an
@@ -527,7 +546,7 @@ static void icmp6_send(struct sk_buff *s
saddr = force_saddr;
if (saddr) {
fl6.saddr = *saddr;
- } else {
+ } else if (!icmpv6_rt_has_prefsrc(sk, type, &fl6)) {
/* select a more meaningful saddr from input if */
struct net_device *in_netdev;
next prev parent reply other threads:[~2020-04-20 12:45 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-20 12:38 [PATCH 5.6 00/71] 5.6.6-rc1 review Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 01/71] amd-xgbe: Use __napi_schedule() in BH context Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 02/71] hsr: check protocol version in hsr_newlink() Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 03/71] l2tp: Allow management of tunnels and session in user namespace Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 04/71] net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 05/71] net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 06/71] net: ipv6: do not consider routes via gateways for anycast address check Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 07/71] net: macsec: fix using wrong structure in macsec_changelink() Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 08/71] net: phy: micrel: use genphy_read_status for KSZ9131 Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 09/71] net: qrtr: send msgs from local of same id as broadcast Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 10/71] net: revert default NAPI poll timeout to 2 jiffies Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 11/71] net: tun: record RX queue in skb before do_xdp_generic() Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 12/71] net: dsa: mt7530: move mt7623 settings out off the mt7530 Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 13/71] net: ethernet: mediatek: " Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 14/71] net/mlx5: Fix frequent ioread PCI access during recovery Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 15/71] net/mlx5e: Add missing release firmware call Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 16/71] net/mlx5e: Fix nest_level for vlan pop action Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 17/71] net/mlx5e: Fix pfnum in devlink port attribute Greg Kroah-Hartman
2020-04-20 12:38 ` Greg Kroah-Hartman [this message]
2020-04-20 12:38 ` [PATCH 5.6 19/71] net: mscc: ocelot: fix untagged packet drops when enslaving to vlan aware bridge Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 20/71] net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 21/71] net: phy: marvell: Fix pause frame negotiation Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 22/71] Revert "ACPI: EC: Do not clear boot_ec_is_ecdt in acpi_ec_add()" Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 23/71] ovl: fix value of i_ino for lower hardlink corner case Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 24/71] scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 25/71] platform/chrome: cros_ec_rpmsg: Fix race with host event Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 26/71] jbd2: improve comments about freeing data buffers whose page mapping is NULL Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 27/71] acpi/nfit: improve bounds checking for func Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 28/71] perf report: Fix no branch type statistics report issue Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 29/71] pwm: pca9685: Fix PWM/GPIO inter-operation Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 30/71] net: stmmac: xgmac: Fix VLAN register handling Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 31/71] net/bpfilter: remove superfluous testing message Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 32/71] ext4: fix incorrect group count in ext4_fill_super error message Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 33/71] ext4: fix incorrect inodes per group in " Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 34/71] HID: lg-g15: Do not fail the probe when we fail to disable F# emulation Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 35/71] clk: at91: sam9x60: fix usb clock parents Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 36/71] clk: at91: usb: use proper usbs_mask Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 37/71] ARM: dts: imx7-colibri: fix muxing of usbc_det pin Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 38/71] arm64: dts: librem5-devkit: add a vbus supply to usb0 Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 39/71] usb: dwc3: gadget: Dont clear flags before transfer ended Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 40/71] ASoC: Intel: mrfld: fix incorrect check on p->sink Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 41/71] ASoC: Intel: mrfld: return error codes when an error occurs Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 42/71] ALSA: hda: Allow setting preallocation again for x86 Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 43/71] ALSA: hda/realtek - Enable the headset mic on Asus FX505DT Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 44/71] ALSA: usb-audio: Filter error from connector kctl ops, too Greg Kroah-Hartman
2020-04-20 12:38 ` [PATCH 5.6 45/71] ALSA: usb-audio: Dont override ignore_ctl_error value from the map Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 46/71] ALSA: usb-audio: Dont create jack controls for PCM terminals Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 47/71] ALSA: usb-audio: Check mapping at creating connector controls, too Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 48/71] arm64: vdso: dont free unallocated pages Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 49/71] keys: Fix proc_keys_next to increase position index Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 50/71] tracing: Fix the race between registering snapshot event trigger and triggering snapshot operation Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 51/71] btrfs: check commit root generation in should_ignore_root Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 52/71] nl80211: fix NL80211_ATTR_FTM_RESPONDER policy Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 53/71] mac80211: fix race in ieee80211_register_hw() Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 54/71] mac80211_hwsim: Use kstrndup() in place of kasprintf() Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 55/71] net/mlx5e: Encapsulate updating netdev queues into a function Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 56/71] net/mlx5e: Rename hw_modify to preactivate Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 57/71] net/mlx5e: Use preactivate hook to set the indirection table Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 58/71] drm/amd/powerplay: force the trim of the mclk dpm_levels if OD is enabled Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 59/71] drm/amdgpu/gfx9: add gfxoff quirk Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 60/71] drm/amdgpu: fix the hw hang during perform system reboot and reset Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 61/71] i2c: designware: platdrv: Remove DPM_FLAG_SMART_SUSPEND flag on BYT and CHT Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 62/71] drm/nouveau/sec2/gv100-: add missing MODULE_FIRMWARE() Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 63/71] drm/i915/perf: Do not clear pollin for small user read buffers Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 64/71] rcu: Dont acquire lock in NMI handler in rcu_nmi_enter_common() Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 65/71] ext4: do not zeroout extents beyond i_disksize Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 66/71] irqchip/ti-sci-inta: Fix processing of masked irqs Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 67/71] proc, time/namespace: Show clock symbolic names in /proc/pid/timens_offsets Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 68/71] x86/resctrl: Preserve CDP enable over CPU hotplug Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 69/71] x86/resctrl: Fix invalid attempt at removing the default resource group Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 70/71] x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE Greg Kroah-Hartman
2020-04-20 12:39 ` [PATCH 5.6 71/71] scsi: target: iscsi: calling iscsit_stop_session() inside iscsit_close_session() has no effect Greg Kroah-Hartman
2020-04-20 17:31 ` [PATCH 5.6 00/71] 5.6.6-rc1 review Naresh Kamboju
2020-04-20 19:53 ` Guenter Roeck
2020-04-21 9:55 ` Greg Kroah-Hartman
2020-04-21 9:55 ` Jon Hunter
2020-04-21 13:22 ` Greg Kroah-Hartman
2020-04-21 16:49 ` shuah
2020-04-21 18:42 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200420121512.086635523@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=code@timstallard.me.uk \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).