ipv4, route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source()

This change “ipv4, route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source()” (commit 0d5edc6) in Linux kernel is authored by Cong Wang <cwang [at] twopensource.com> on Tue Apr 15 16:25:35 2014 -0700.

Description of "ipv4, route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source()"

The change “ipv4, route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source()” introduces changes as follows.

ipv4, route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source()

In my special case, when a packet is redirected from veth0 to lo,
its skb->dev->ifindex would be LOOPBACK_IFINDEX. Meanwhile we
pass the hard-coded LOOPBACK_IFINDEX to fib_validate_source()
in ip_route_input_slow(). This would cause the following check
in fib_validate_source() fail:

            (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev))

when rp_filter is disabeld on loopback. As suggested by Julian,
the caller should pass 0 here so that we will not end up by
calling __fib_validate_source().

Cc: Eric Biederman <ebiederm@xmission.com>
Cc: Julian Anastasov <ja@ssi.bg>
Cc: David S. Miller <davem@davemloft.net>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Cong Wang <cwang@twopensource.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Linux kernel releases containing commit 0d5edc6

The Linux kernel releases containing this commit are as follows.

Linux kernel code changes from "ipv4, route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source()"

There are 3 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.

 net/ipv4/route.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
 
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 1485aafcad59..db1e0da871f4 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1700,8 +1700,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
 
 	if (res.type == RTN_LOCAL) {
 		err = fib_validate_source(skb, saddr, daddr, tos,
-					  LOOPBACK_IFINDEX,
-					  dev, in_dev, &itag);
+					  0, dev, in_dev, &itag);
 		if (err < 0)
 			goto martian_source_keep_err;
 		goto local_input;

The commit for this change in Linux stable tree is 0d5edc6 (patch).

Last modified: 2020/02/10