lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <76551ed7-47ef-7442-69de-6fb42fff4708@huawei.com> Date: Sat, 4 May 2019 16:03:33 +0800 From: linmiaohe <linmiaohe@...wei.com> To: <davem@...emloft.net>, <christian@...uner.io>, <roopa@...ulusnetworks.com>, <dsahern@...il.com>, <Jason@...c4.com>, <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org> CC: mousuanming <mousuanming@...wei.com>, Mingfangsen <mingfangsen@...wei.com> Subject: [PATCH] net: route: Fix vrf dst_entry ref count false increasing From: Suanming.Mou <mousuanming@...wei.com> When config ip in default vrf same as the ip in specified vrf, fib_lookup will return the route from table local even if the in device is an enslaved l3mdev. Then the dst_entry will hold the vrf device rather than loopback device in local_input of function ip_route_input_slow. So vrf dst_entry is false increased by route from table local. Here is reproduce step: 1.enslave enp4s0 to vrf2, and config ip address: ip link add vrf2 type vrf table 1 ip link set vrf2 up ip link set enp4s0 master vrf2 ip addr ad 125.1.1.1/16 dev enp4s0 2.config same ip in default vrf: ip addr ad 125.1.1.1/16 dev enp6s0 3.config peer and ping: ip vrf exec vrf2 ping 125.1.1.2 -c 3 4.del vrf2 link: ip link del vrf2 And "unregister_netdevice: waiting for vrf2 to become free. Usage count = 1" will occur. Signed-off-by: Suanming.Mou <mousuanming@...wei.com> Signed-off-by: Miaohe Lin <linmiaohe@...wei.com> --- net/core/fib_rules.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c index ffbb827723a2..1a2c11ed1585 100644 --- a/net/core/fib_rules.c +++ b/net/core/fib_rules.c @@ -263,6 +263,11 @@ static int fib_rule_match(struct fib_rule *rule, struct fib_rules_ops *ops, if (rule->tun_id && (rule->tun_id != fl->flowi_tun_key.tun_id)) goto out; + if (!rule->l3mdev && + (netif_index_is_l3_master(rule->fr_net, fl->flowi_iif) || + netif_index_is_l3_master(rule->fr_net, fl->flowi_oif))) + goto out; + if (rule->l3mdev && !l3mdev_fib_rule_match(rule->fr_net, fl, arg)) goto out; -- 2.21.GIT
Powered by blists - more mailing lists