Commit 24b711ed authored by David Ahern's avatar David Ahern Committed by David S. Miller

net/ipv6: Fix linklocal to global address with VRF

Example setup:
    host: ip -6 addr add dev eth1 2001:db8:104::4
           where eth1 is enslaved to a VRF

    switch: ip -6 ro add 2001:db8:104::4/128 dev br1
            where br1 only has an LLA

           ping6 2001:db8:104::4
           ssh   2001:db8:104::4

(NOTE: UDP works fine if the PKTINFO has the address set to the global
address and ifindex is set to the index of eth1 with a destination an
LLA).

For ICMP, icmp6_iif needs to be updated to check if skb->dev is an
L3 master. If it is then return the ifindex from rt6i_idev similar
to what is done for loopback.

For TCP, restore the original tcp_v6_iif definition which is needed in
most places and add a new tcp_v6_iif_l3_slave that considers the
l3_slave variability. This latter check is only needed for socket
lookups.

Fixes: 9ff74384 ("net: vrf: Handle ipv6 multicast and link-local addresses")
Signed-off-by: default avatarDavid Ahern <dsahern@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent f95de8aa
...@@ -840,6 +840,11 @@ static inline void bpf_compute_data_end_sk_skb(struct sk_buff *skb) ...@@ -840,6 +840,11 @@ static inline void bpf_compute_data_end_sk_skb(struct sk_buff *skb)
* as TCP moves IP6CB into a different location in skb->cb[] * as TCP moves IP6CB into a different location in skb->cb[]
*/ */
static inline int tcp_v6_iif(const struct sk_buff *skb) static inline int tcp_v6_iif(const struct sk_buff *skb)
{
return TCP_SKB_CB(skb)->header.h6.iif;
}
static inline int tcp_v6_iif_l3_slave(const struct sk_buff *skb)
{ {
bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags); bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
......
...@@ -402,9 +402,10 @@ static int icmp6_iif(const struct sk_buff *skb) ...@@ -402,9 +402,10 @@ static int icmp6_iif(const struct sk_buff *skb)
/* for local traffic to local address, skb dev is the loopback /* for local traffic to local address, skb dev is the loopback
* device. Check if there is a dst attached to the skb and if so * device. Check if there is a dst attached to the skb and if so
* get the real device index. * get the real device index. Same is needed for replies to a link
* local address on a device enslaved to an L3 master device
*/ */
if (unlikely(iif == LOOPBACK_IFINDEX)) { if (unlikely(iif == LOOPBACK_IFINDEX || netif_is_l3_master(skb->dev))) {
const struct rt6_info *rt6 = skb_rt6_info(skb); const struct rt6_info *rt6 = skb_rt6_info(skb);
if (rt6) if (rt6)
......
...@@ -938,7 +938,8 @@ static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb) ...@@ -938,7 +938,8 @@ static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
&tcp_hashinfo, NULL, 0, &tcp_hashinfo, NULL, 0,
&ipv6h->saddr, &ipv6h->saddr,
th->source, &ipv6h->daddr, th->source, &ipv6h->daddr,
ntohs(th->source), tcp_v6_iif(skb), ntohs(th->source),
tcp_v6_iif_l3_slave(skb),
tcp_v6_sdif(skb)); tcp_v6_sdif(skb));
if (!sk1) if (!sk1)
goto out; goto out;
...@@ -1609,7 +1610,8 @@ static int tcp_v6_rcv(struct sk_buff *skb) ...@@ -1609,7 +1610,8 @@ static int tcp_v6_rcv(struct sk_buff *skb)
skb, __tcp_hdrlen(th), skb, __tcp_hdrlen(th),
&ipv6_hdr(skb)->saddr, th->source, &ipv6_hdr(skb)->saddr, th->source,
&ipv6_hdr(skb)->daddr, &ipv6_hdr(skb)->daddr,
ntohs(th->dest), tcp_v6_iif(skb), ntohs(th->dest),
tcp_v6_iif_l3_slave(skb),
sdif); sdif);
if (sk2) { if (sk2) {
struct inet_timewait_sock *tw = inet_twsk(sk); struct inet_timewait_sock *tw = inet_twsk(sk);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment