Commit fff429ef authored by Serhey Popovych's avatar Serhey Popovych Committed by Ben Hutchings

ipv6: Do not leak throw route references

commit 07f61557 upstream.

While commit 73ba57bf ("ipv6: fix backtracking for throw routes")
does good job on error propagation to the fib_rules_lookup()
in fib rules core framework that also corrects throw routes
handling, it does not solve route reference leakage problem
happened when we return -EAGAIN to the fib_rules_lookup()
and leave routing table entry referenced in arg->result.

If rule with matched throw route isn't last matched in the
list we overwrite arg->result losing reference on throw
route stored previously forever.

We also partially revert commit ab997ad4 ("ipv6: fix the
incorrect return value of throw route") since we never return
routing table entry with dst.error == -EAGAIN when
CONFIG_IPV6_MULTIPLE_TABLES is on. Also there is no point
to check for RTF_REJECT flag since it is always set throw
route.

Fixes: 73ba57bf ("ipv6: fix backtracking for throw routes")
Signed-off-by: default avatarSerhey Popovych <serhe.popovych@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
[bwh: Backported to 3.16: commit ab997ad4 was never applied here and does
 not need to be reverted]
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
parent 7b0c5298
......@@ -105,7 +105,8 @@ static int fib6_rule_action(struct fib_rule *rule, struct flowi *flp,
flp6->saddr = saddr;
}
err = rt->dst.error;
goto out;
if (err != -EAGAIN)
goto out;
}
again:
ip6_rt_put(rt);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment