From patchwork Mon Feb 17 05:03:31 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Duan Jiong <duanj.fnst@cn.fujitsu.com>
X-Patchwork-Id: 320848
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id DBD1D2C00D0
	for <patchwork-incoming@ozlabs.org>;
	Mon, 17 Feb 2014 16:04:57 +1100 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752164AbaBQFEx (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Mon, 17 Feb 2014 00:04:53 -0500
Received: from cn.fujitsu.com ([222.73.24.84]:38317 "EHLO
	song.cn.fujitsu.com"
	rhost-flags-OK-FAIL-OK-OK) by vger.kernel.org with ESMTP
	id S1750925AbaBQFEw (ORCPT <rfc822;netdev@vger.kernel.org>);
	Mon, 17 Feb 2014 00:04:52 -0500
X-IronPort-AV: E=Sophos;i="4.95,858,1384272000"; d="scan'208";a="9541376"
Received: from unknown (HELO tang.cn.fujitsu.com) ([10.167.250.3])
	by song.cn.fujitsu.com with ESMTP; 17 Feb 2014 13:00:49 +0800
Received: from fnstmail02.fnst.cn.fujitsu.com (tang.cn.fujitsu.com
	[127.0.0.1])
	by tang.cn.fujitsu.com (8.14.3/8.13.1) with ESMTP id s1H54YOI021607;
	Mon, 17 Feb 2014 13:04:36 +0800
Received: from [10.167.225.86] ([10.167.225.86])
	by fnstmail02.fnst.cn.fujitsu.com (Lotus Domino Release 8.5.3)
	with ESMTP id 2014021713022495-47434 ;
	Mon, 17 Feb 2014 13:02:24 +0800
Message-ID: <53019823.20700@cn.fujitsu.com>
Date: Mon, 17 Feb 2014 13:03:31 +0800
From: Duan Jiong <duanj.fnst@cn.fujitsu.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: David Miller <davem@davemloft.net>
CC: netdev <netdev@vger.kernel.org>
Subject: [PATCH] ipv4: validate source address if the packet is for us
X-MIMETrack: Itemize by SMTP Server on mailserver/fnst(Release
	8.5.3|September 15, 2011) at 2014/02/17 13:02:24,
	Serialize by Router on mailserver/fnst(Release 8.5.3|September 15,
	2011) at 2014/02/17 13:02:33,
	Serialize complete at 2014/02/17 13:02:33
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

otherwise the host may deal with the invaild packet.

Signed-off-by: Duan Jiong <duanj.fnst@cn.fujitsu.com>
---
 net/ipv4/fib_frontend.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index c7539e2..4423a1a 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -321,6 +321,7 @@ int fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst,
 	int r = secpath_exists(skb) ? 0 : IN_DEV_RPFILTER(idev);
 
 	if (!r && !fib_num_tclassid_users(dev_net(dev)) &&
+	    oif != LOOPBACK_IFINDEX &&
 	    (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev))) {
 		*itag = 0;
 		return 0;