From patchwork Thu Feb 28 19:01:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Francesco Ruggeri X-Patchwork-Id: 1049715 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=quarantine dis=none) header.from=arista.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=arista.com header.i=@arista.com header.b="EICSuyBQ"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 449MNc5HTTz9s4Z for ; Fri, 1 Mar 2019 06:01:52 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732979AbfB1TBr (ORCPT ); Thu, 28 Feb 2019 14:01:47 -0500 Received: from mx.aristanetworks.com ([162.210.129.12]:36650 "EHLO prod-mx.aristanetworks.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727165AbfB1TBr (ORCPT ); Thu, 28 Feb 2019 14:01:47 -0500 Received: from prod-mx.aristanetworks.com (localhost [127.0.0.1]) by prod-mx.aristanetworks.com (Postfix) with ESMTP id 9B8C21120; Thu, 28 Feb 2019 11:01:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arista.com; s=Arista-A; t=1551380506; bh=d48Ubzp7ujVzNBGaN4zuOjOPz8+LnNQavnenvBW3mas=; h=Date:To:Subject:From; b=EICSuyBQy7/9tpfx2EjglYycb9pN2ifKJUTjJFldepGfPIhWPen7py8Qz9xZ8/mF/ U6lxukHQXEo6cH6q7EOtPk6mgUKRY/0vKbvdHDU8Y8PPNelJHdzkkXMR9ECsJg6MNM 09Nw0fojUk65EmbHUzKwvx5iccDu00g2eqI+TGoi/pTTU3FtmCNfA2OnvQ9il6y6C+ I+6xt1ujOQlTqqypOr9bjCjT/SA7wrfFzoeOd2Q4up+MS7p6/geifrI7NbhYcJ2LDO c0dgpOTTnbd+2abK4VOPYDdUGnnTDuV4axfcPSaPE5hQUnm/0ks7ZQrm8BhbYkSCVZ GPKZDcIciBtQw== Received: from us180.sjc.aristanetworks.com (us180.sjc.aristanetworks.com [172.25.230.4]) by prod-mx.aristanetworks.com (Postfix) with ESMTP id 984A2111B; Thu, 28 Feb 2019 11:01:46 -0800 (PST) Received: by us180.sjc.aristanetworks.com (Postfix, from userid 10189) id 802CD95C016B; Thu, 28 Feb 2019 11:01:46 -0800 (PST) Date: Thu, 28 Feb 2019 11:01:46 -0800 To: yoshfuji@linux-ipv6.org, kuznet@ms2.inr.ac.ru, davem@davemloft.net, maxim@arista.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, fruggeri@arista.com Subject: [PATCH] net: ipv6: check net in ip6_call_ra_chain User-Agent: Heirloom mailx 12.5 7/5/10 MIME-Version: 1.0 Message-Id: <20190228190146.802CD95C016B@us180.sjc.aristanetworks.com> From: fruggeri@arista.com (Francesco Ruggeri) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org ip6_call_ra_chain is called when IPv6 packet with Router Alert option is forwarded. It needs to check if the net of the socket is the same as the net of the input device, otherwise the packet gets delivered to every IPv6 socket listening for Router Alerts, no matter which network namespace it is in. Suggested-by: Maxim Martynov Signed-off-by: Maxim Martynov Signed-off-by: Francesco Ruggeri --- net/ipv6/ip6_output.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 5f9fa0302b5a..3ed25e17dff3 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -299,7 +299,8 @@ static int ip6_call_ra_chain(struct sk_buff *skb, int sel) struct sock *sk = ra->sk; if (sk && ra->sel == sel && (!sk->sk_bound_dev_if || - sk->sk_bound_dev_if == skb->dev->ifindex)) { + sk->sk_bound_dev_if == skb->dev->ifindex) && + net_eq(sock_net(sk), dev_net(skb->dev))) { if (last) { struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC); if (skb2)