From patchwork Tue Apr 28 18:24:43 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "gregkh@linuxfoundation.org" X-Patchwork-Id: 226783 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8F4F9C83007 for ; Tue, 28 Apr 2020 18:53:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 61408206D6 for ; Tue, 28 Apr 2020 18:53:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588100007; bh=L24Z/pnJD8Hs0p2+ekS4GjMizN9gO9MLeOJpLDy3rLo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=apGghcHzrvcNPQvpc1lWK3B7n74CobETv7D8UkZn9bFdnKzy6iMy4/4d1t0sTcmUU 9KQDu2U3vaKWGwx9XgddRLdj7fR6er2NxO3Lnz2IRSsK69pbH8K8KQ8Y8UWbic7FT6 fjlg5RR8D68MbBvt+3YWtYdc76jDNGm2Z5dLB1qE= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729411AbgD1SfG (ORCPT ); Tue, 28 Apr 2020 14:35:06 -0400 Received: from mail.kernel.org ([198.145.29.99]:52106 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729424AbgD1SfG (ORCPT ); Tue, 28 Apr 2020 14:35:06 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 500A22085B; Tue, 28 Apr 2020 18:35:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588098905; bh=L24Z/pnJD8Hs0p2+ekS4GjMizN9gO9MLeOJpLDy3rLo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=yxYpfvg4yNn0WZ+7pqoPvdJfBkQy4AOigvPqCqIAZllGNS4qE23zNcWCE8C4BKnQR BM7y7AvWbG8E18doZskAanleOEyVOHY6L8Mka/5FLcQ5uanhs6IIeQqXxfbjp1eYw6 7lWfKfhpusFe3qF5qu22UVcRg8iEB9j36/hwFVDs= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Trev Larock , David Ahern , "David S. Miller" Subject: [PATCH 4.19 071/131] vrf: Check skb for XFRM_TRANSFORMED flag Date: Tue, 28 Apr 2020 20:24:43 +0200 Message-Id: <20200428182233.851420820@linuxfoundation.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200428182224.822179290@linuxfoundation.org> References: <20200428182224.822179290@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: David Ahern [ Upstream commit 16b9db1ce34ff00d6c18e82825125cfef0cdfb13 ] To avoid a loop with qdiscs and xfrms, check if the skb has already gone through the qdisc attached to the VRF device and then to the xfrm layer. If so, no need for a second redirect. Fixes: 193125dbd8eb ("net: Introduce VRF device driver") Reported-by: Trev Larock Signed-off-by: David Ahern Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- drivers/net/vrf.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) --- a/drivers/net/vrf.c +++ b/drivers/net/vrf.c @@ -478,7 +478,8 @@ static struct sk_buff *vrf_ip6_out(struc if (rt6_need_strict(&ipv6_hdr(skb)->daddr)) return skb; - if (qdisc_tx_is_default(vrf_dev)) + if (qdisc_tx_is_default(vrf_dev) || + IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED) return vrf_ip6_out_direct(vrf_dev, sk, skb); return vrf_ip6_out_redirect(vrf_dev, skb); @@ -692,7 +693,8 @@ static struct sk_buff *vrf_ip_out(struct ipv4_is_lbcast(ip_hdr(skb)->daddr)) return skb; - if (qdisc_tx_is_default(vrf_dev)) + if (qdisc_tx_is_default(vrf_dev) || + IPCB(skb)->flags & IPSKB_XFRM_TRANSFORMED) return vrf_ip_out_direct(vrf_dev, sk, skb); return vrf_ip_out_redirect(vrf_dev, skb);