Commit 38a3889f authored by David S. Miller's avatar David S. Miller

Merge branch 'ipv4-fix-bugs-when-enable-route_localnet'

Shijie Luo says:

====================
ipv4: fix bugs when enable route_localnet

When enable route_localnet, route of the 127/8 address is enabled.
But in some situations like arp_announce=2, ARP requests or reply
work abnormally.

This patchset fix some bugs when enable route_localnet.

Change History:
V2:
- Change a single patch to a patchset.
- Add bug fix for arp_ignore = 3.
- Add a couple of test for enabling route_localnet in selftests.
====================
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 8bc81c57 58ade67b
...@@ -1287,6 +1287,7 @@ __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope) ...@@ -1287,6 +1287,7 @@ __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
{ {
const struct in_ifaddr *ifa; const struct in_ifaddr *ifa;
__be32 addr = 0; __be32 addr = 0;
unsigned char localnet_scope = RT_SCOPE_HOST;
struct in_device *in_dev; struct in_device *in_dev;
struct net *net = dev_net(dev); struct net *net = dev_net(dev);
int master_idx; int master_idx;
...@@ -1296,10 +1297,13 @@ __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope) ...@@ -1296,10 +1297,13 @@ __be32 inet_select_addr(const struct net_device *dev, __be32 dst, int scope)
if (!in_dev) if (!in_dev)
goto no_in_dev; goto no_in_dev;
if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
localnet_scope = RT_SCOPE_LINK;
in_dev_for_each_ifa_rcu(ifa, in_dev) { in_dev_for_each_ifa_rcu(ifa, in_dev) {
if (ifa->ifa_flags & IFA_F_SECONDARY) if (ifa->ifa_flags & IFA_F_SECONDARY)
continue; continue;
if (ifa->ifa_scope > scope) if (min(ifa->ifa_scope, localnet_scope) > scope)
continue; continue;
if (!dst || inet_ifa_match(dst, ifa)) { if (!dst || inet_ifa_match(dst, ifa)) {
addr = ifa->ifa_local; addr = ifa->ifa_local;
...@@ -1352,14 +1356,20 @@ EXPORT_SYMBOL(inet_select_addr); ...@@ -1352,14 +1356,20 @@ EXPORT_SYMBOL(inet_select_addr);
static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst, static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
__be32 local, int scope) __be32 local, int scope)
{ {
unsigned char localnet_scope = RT_SCOPE_HOST;
const struct in_ifaddr *ifa; const struct in_ifaddr *ifa;
__be32 addr = 0; __be32 addr = 0;
int same = 0; int same = 0;
if (unlikely(IN_DEV_ROUTE_LOCALNET(in_dev)))
localnet_scope = RT_SCOPE_LINK;
in_dev_for_each_ifa_rcu(ifa, in_dev) { in_dev_for_each_ifa_rcu(ifa, in_dev) {
unsigned char min_scope = min(ifa->ifa_scope, localnet_scope);
if (!addr && if (!addr &&
(local == ifa->ifa_local || !local) && (local == ifa->ifa_local || !local) &&
ifa->ifa_scope <= scope) { min_scope <= scope) {
addr = ifa->ifa_local; addr = ifa->ifa_local;
if (same) if (same)
break; break;
...@@ -1374,7 +1384,7 @@ static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst, ...@@ -1374,7 +1384,7 @@ static __be32 confirm_addr_indev(struct in_device *in_dev, __be32 dst,
if (inet_ifa_match(addr, ifa)) if (inet_ifa_match(addr, ifa))
break; break;
/* No, then can we use new local src? */ /* No, then can we use new local src? */
if (ifa->ifa_scope <= scope) { if (min_scope <= scope) {
addr = ifa->ifa_local; addr = ifa->ifa_local;
break; break;
} }
......
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
#
# Run a couple of tests when route_localnet = 1.
readonly PEER_NS="ns-peer-$(mktemp -u XXXXXX)"
setup() {
ip netns add "${PEER_NS}"
ip -netns "${PEER_NS}" link set dev lo up
ip link add name veth0 type veth peer name veth1
ip link set dev veth0 up
ip link set dev veth1 netns "${PEER_NS}"
# Enable route_localnet and delete useless route 127.0.0.0/8.
sysctl -w net.ipv4.conf.veth0.route_localnet=1
ip netns exec "${PEER_NS}" sysctl -w net.ipv4.conf.veth1.route_localnet=1
ip route del 127.0.0.0/8 dev lo table local
ip netns exec "${PEER_NS}" ip route del 127.0.0.0/8 dev lo table local
ifconfig veth0 127.25.3.4/24 up
ip netns exec "${PEER_NS}" ifconfig veth1 127.25.3.14/24 up
ip route flush cache
ip netns exec "${PEER_NS}" ip route flush cache
}
cleanup() {
ip link del veth0
ip route add local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
local -r ns="$(ip netns list|grep $PEER_NS)"
[ -n "$ns" ] && ip netns del $ns 2>/dev/null
}
# Run test when arp_announce = 2.
run_arp_announce_test() {
echo "run arp_announce test"
setup
sysctl -w net.ipv4.conf.veth0.arp_announce=2
ip netns exec "${PEER_NS}" sysctl -w net.ipv4.conf.veth1.arp_announce=2
ping -c5 -I veth0 127.25.3.14
if [ $? -ne 0 ];then
echo "failed"
else
echo "ok"
fi
cleanup
}
# Run test when arp_ignore = 3.
run_arp_ignore_test() {
echo "run arp_ignore test"
setup
sysctl -w net.ipv4.conf.veth0.arp_ignore=3
ip netns exec "${PEER_NS}" sysctl -w net.ipv4.conf.veth1.arp_ignore=3
ping -c5 -I veth0 127.25.3.14
if [ $? -ne 0 ];then
echo "failed"
else
echo "ok"
fi
cleanup
}
run_all_tests() {
run_arp_announce_test
run_arp_ignore_test
}
run_all_tests
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment