Commit 0a90478b authored by Xin Long's avatar Xin Long Committed by David S. Miller

ipv4: not do cache for local delivery if bc_forwarding is enabled

With the topo:

    h1 ---| rp1            |
          |     route  rp3 |--- h3 (192.168.200.1)
    h2 ---| rp2            |

If rp1 bc_forwarding is set while rp2 bc_forwarding is not, after
doing "ping 192.168.200.255" on h1, then ping 192.168.200.255 on
h2, and the packets can still be forwared.

This issue was caused by the input route cache. It should only do
the cache for either bc forwarding or local delivery. Otherwise,
local delivery can use the route cache for bc forwarding of other
interfaces.

This patch is to fix it by not doing cache for local delivery if
all.bc_forwarding is enabled.

Note that we don't fix it by checking route cache local flag after
rt_cache_valid() in "local_input:" and "ip_mkroute_input", as the
common route code shouldn't be touched for bc_forwarding.

Fixes: 5cbf777c ("route: add support for directed broadcast forwarding")
Reported-by: default avatarJianlin Shi <jishi@redhat.com>
Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent e7a9fe7b
...@@ -1985,7 +1985,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, ...@@ -1985,7 +1985,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
u32 itag = 0; u32 itag = 0;
struct rtable *rth; struct rtable *rth;
struct flowi4 fl4; struct flowi4 fl4;
bool do_cache; bool do_cache = true;
/* IP on this device is disabled. */ /* IP on this device is disabled. */
...@@ -2062,6 +2062,9 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, ...@@ -2062,6 +2062,9 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
if (res->type == RTN_BROADCAST) { if (res->type == RTN_BROADCAST) {
if (IN_DEV_BFORWARD(in_dev)) if (IN_DEV_BFORWARD(in_dev))
goto make_route; goto make_route;
/* not do cache if bc_forwarding is enabled */
if (IPV4_DEVCONF_ALL(net, BC_FORWARDING))
do_cache = false;
goto brd_input; goto brd_input;
} }
...@@ -2099,9 +2102,8 @@ out: return err; ...@@ -2099,9 +2102,8 @@ out: return err;
RT_CACHE_STAT_INC(in_brd); RT_CACHE_STAT_INC(in_brd);
local_input: local_input:
do_cache = false; do_cache &= res->fi && !itag;
if (res->fi) { if (do_cache) {
if (!itag) {
struct fib_nh_common *nhc = FIB_RES_NHC(*res); struct fib_nh_common *nhc = FIB_RES_NHC(*res);
rth = rcu_dereference(nhc->nhc_rth_input); rth = rcu_dereference(nhc->nhc_rth_input);
...@@ -2110,8 +2112,6 @@ out: return err; ...@@ -2110,8 +2112,6 @@ out: return err;
err = 0; err = 0;
goto out; goto out;
} }
do_cache = true;
}
} }
rth = rt_dst_alloc(l3mdev_master_dev_rcu(dev) ? : net->loopback_dev, rth = rt_dst_alloc(l3mdev_master_dev_rcu(dev) ? : net->loopback_dev,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment