lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 14 Oct 2021 20:15:34 -0600
From:   David Ahern <dsahern@...il.com>
To:     Stephen Suryaputra <ssuryaextr@...il.com>, netdev@...r.kernel.org,
        Ido Schimmel <idosch@...lanox.com>
Cc:     dsahern@...il.com
Subject: Re: [PATCH net] ipv6: When forwarding count rx stats on the orig
 netdev

[ added Ido for the forwarding tests ]

On 10/14/21 7:08 AM, Stephen Suryaputra wrote:
> Commit bdb7cc643fc9 ("ipv6: Count interface receive statistics on the
> ingress netdev") does not work when ip6_forward() executes on the skbs
> with vrf-enslaved netdev. Use IP6CB(skb)->iif to get to the right one.
> 
> Add a selftest script to verify.
> 
> Fixes: bdb7cc643fc9 ("ipv6: Count interface receive statistics on the ingress netdev")
> Signed-off-by: Stephen Suryaputra <ssuryaextr@...il.com>
> ---
>  net/ipv6/ip6_output.c                         |   3 +-
>  .../testing/selftests/net/forwarding/Makefile |   1 +
>  .../net/forwarding/forwarding.config.sample   |   2 +
>  .../net/forwarding/ip6_forward_instats_vrf.sh | 172 ++++++++++++++++++
>  tools/testing/selftests/net/forwarding/lib.sh |   8 +
>  5 files changed, 185 insertions(+), 1 deletion(-)
>  create mode 100755 tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh
> 
> diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
> index 12f985f43bcc..2f044a49afa8 100644
> --- a/net/ipv6/ip6_output.c
> +++ b/net/ipv6/ip6_output.c
> @@ -464,13 +464,14 @@ static bool ip6_pkt_too_big(const struct sk_buff *skb, unsigned int mtu)
>  
>  int ip6_forward(struct sk_buff *skb)
>  {
> -	struct inet6_dev *idev = __in6_dev_get_safely(skb->dev);
>  	struct dst_entry *dst = skb_dst(skb);
>  	struct ipv6hdr *hdr = ipv6_hdr(skb);
>  	struct inet6_skb_parm *opt = IP6CB(skb);
>  	struct net *net = dev_net(dst->dev);
> +	struct inet6_dev *idev;
>  	u32 mtu;
>  
> +	idev = __in6_dev_get_safely(dev_get_by_index_rcu(net, IP6CB(skb)->iif));
>  	if (net->ipv6.devconf_all->forwarding == 0)
>  		goto error;
>  

This seems fine to me, but IPv4 and IPv6 should work the same.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ