| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <76551ed7-47ef-7442-69de-6fb42fff4708@huawei.com>
Date: Sat, 4 May 2019 16:03:33 +0800
From: linmiaohe <linmiaohe@...wei.com>
To: <davem@...emloft.net>, <christian@...uner.io>,
<roopa@...ulusnetworks.com>, <dsahern@...il.com>,
<Jason@...c4.com>, <netdev@...r.kernel.org>,
<linux-kernel@...r.kernel.org>
CC: mousuanming <mousuanming@...wei.com>,
Mingfangsen <mingfangsen@...wei.com>
Subject: [PATCH] net: route: Fix vrf dst_entry ref count false increasing
From: Suanming.Mou <mousuanming@...wei.com>
When config ip in default vrf same as the ip in specified
vrf, fib_lookup will return the route from table local
even if the in device is an enslaved l3mdev. Then the
dst_entry will hold the vrf device rather than loopback
device in local_input of function ip_route_input_slow.
So vrf dst_entry is false increased by route from table
local.
Here is reproduce step:
1.enslave enp4s0 to vrf2, and config ip address:
ip link add vrf2 type vrf table 1
ip link set vrf2 up
ip link set enp4s0 master vrf2
ip addr ad 125.1.1.1/16 dev enp4s0
2.config same ip in default vrf:
ip addr ad 125.1.1.1/16 dev enp6s0
3.config peer and ping:
ip vrf exec vrf2 ping 125.1.1.2 -c 3
4.del vrf2 link:
ip link del vrf2
And "unregister_netdevice: waiting for vrf2 to become free.
Usage count = 1" will occur.
Signed-off-by: Suanming.Mou <mousuanming@...wei.com>
Signed-off-by: Miaohe Lin <linmiaohe@...wei.com>
---
net/core/fib_rules.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index ffbb827723a2..1a2c11ed1585 100644
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -263,6 +263,11 @@ static int fib_rule_match(struct fib_rule *rule, struct fib_rules_ops *ops,
if (rule->tun_id && (rule->tun_id != fl->flowi_tun_key.tun_id))
goto out;
+ if (!rule->l3mdev &&
+ (netif_index_is_l3_master(rule->fr_net, fl->flowi_iif) ||
+ netif_index_is_l3_master(rule->fr_net, fl->flowi_oif)))
+ goto out;
+
if (rule->l3mdev && !l3mdev_fib_rule_match(rule->fr_net, fl, arg))
goto out;
--
2.21.GIT
Powered by blists - more mailing lists