| Message ID | 20210107144824.1135691-4-idosch@idosch.org (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | nexthop: Various fixes | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | success | Link |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Clearly marked for net |
| netdev/subject_prefix | success | Link |
| netdev/cc_maintainers | warning | 4 maintainers not CCed: kuznet@ms2.inr.ac.ru roopa@cumulusnetworks.com yoshfuji@linux-ipv6.org dsahern@kernel.org |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | success | Errors and warnings before: 2 this patch: 2 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | success | total: 0 errors, 0 warnings, 0 checks, 8 lines checked |
| netdev/build_allmodconfig_warn | success | Errors and warnings before: 2 this patch: 2 |
| netdev/header_inline | success | Link |
| netdev/stable | success | Stable not CCed |
On 1/7/21 7:48 AM, Ido Schimmel wrote: > From: Petr Machata <petrm@nvidia.com> > > The function nh_check_attr_group() is called to validate nexthop groups. > The intention of that code seems to have been to bounce all attributes > above NHA_GROUP_TYPE except for NHA_FDB. However instead it bounces all > these attributes except when NHA_FDB attribute is present--then it accepts > them. > > NHA_FDB validation that takes place before, in rtm_to_nh_config(), already > bounces NHA_OIF, NHA_BLACKHOLE, NHA_ENCAP and NHA_ENCAP_TYPE. Yet further > back, NHA_GROUPS and NHA_MASTER are bounced unconditionally. > > But that still leaves NHA_GATEWAY as an attribute that would be accepted in > FDB nexthop groups (with no meaning), so long as it keeps the address > family as unspecified: > > # ip nexthop add id 1 fdb via 127.0.0.1 > # ip nexthop add id 10 fdb via default group 1 > > The nexthop code is still relatively new and likely not used very broadly, > and the FDB bits are newer still. Even though there is a reproducer out > there, it relies on an improbable gateway arguments "via default", "via > all" or "via any". Given all this, I believe it is OK to reformulate the > condition to do the right thing and bounce NHA_GATEWAY. > > Fixes: 38428d68719c ("nexthop: support for fdb ecmp nexthops") > Signed-off-by: Petr Machata <petrm@nvidia.com> > Signed-off-by: Ido Schimmel <idosch@nvidia.com> > --- > net/ipv4/nexthop.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Reviewed-by: David Ahern <dsahern@kernel.org>
diff --git a/net/ipv4/nexthop.c b/net/ipv4/nexthop.c index 712cdc061cde..e53e43aef785 100644 --- a/net/ipv4/nexthop.c +++ b/net/ipv4/nexthop.c @@ -627,7 +627,7 @@ static int nh_check_attr_group(struct net *net, struct nlattr *tb[], for (i = NHA_GROUP_TYPE + 1; i < __NHA_MAX; ++i) { if (!tb[i]) continue; - if (tb[NHA_FDB]) + if (i == NHA_FDB) continue; NL_SET_ERR_MSG(extack, "No other attributes can be set in nexthop groups");