aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--net/ipv4/icmp.c21
-rw-r--r--net/ipv4/ip_output.c2
2 files changed, 14 insertions, 9 deletions
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 63ffc7d86f98..a7321a82df6d 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -405,7 +405,7 @@ static void icmp_reply(struct icmp_bxm *icmp_param, struct sk_buff *skb)
405 .tos = RT_TOS(ip_hdr(skb)->tos) } }, 405 .tos = RT_TOS(ip_hdr(skb)->tos) } },
406 .proto = IPPROTO_ICMP }; 406 .proto = IPPROTO_ICMP };
407 security_skb_classify_flow(skb, &fl); 407 security_skb_classify_flow(skb, &fl);
408 if (ip_route_output_key(&init_net, &rt, &fl)) 408 if (ip_route_output_key(rt->u.dst.dev->nd_net, &rt, &fl))
409 goto out_unlock; 409 goto out_unlock;
410 } 410 }
411 if (icmpv4_xrlim_allow(rt, icmp_param->data.icmph.type, 411 if (icmpv4_xrlim_allow(rt, icmp_param->data.icmph.type,
@@ -437,9 +437,11 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info)
437 struct ipcm_cookie ipc; 437 struct ipcm_cookie ipc;
438 __be32 saddr; 438 __be32 saddr;
439 u8 tos; 439 u8 tos;
440 struct net *net;
440 441
441 if (!rt) 442 if (!rt)
442 goto out; 443 goto out;
444 net = rt->u.dst.dev->nd_net;
443 445
444 /* 446 /*
445 * Find the original header. It is expected to be valid, of course. 447 * Find the original header. It is expected to be valid, of course.
@@ -515,7 +517,7 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info)
515 struct net_device *dev = NULL; 517 struct net_device *dev = NULL;
516 518
517 if (rt->fl.iif && sysctl_icmp_errors_use_inbound_ifaddr) 519 if (rt->fl.iif && sysctl_icmp_errors_use_inbound_ifaddr)
518 dev = dev_get_by_index(&init_net, rt->fl.iif); 520 dev = dev_get_by_index(net, rt->fl.iif);
519 521
520 if (dev) { 522 if (dev) {
521 saddr = inet_select_addr(dev, 0, RT_SCOPE_LINK); 523 saddr = inet_select_addr(dev, 0, RT_SCOPE_LINK);
@@ -569,7 +571,7 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info)
569 struct rtable *rt2; 571 struct rtable *rt2;
570 572
571 security_skb_classify_flow(skb_in, &fl); 573 security_skb_classify_flow(skb_in, &fl);
572 if (__ip_route_output_key(&init_net, &rt, &fl)) 574 if (__ip_route_output_key(net, &rt, &fl))
573 goto out_unlock; 575 goto out_unlock;
574 576
575 /* No need to clone since we're just using its address. */ 577 /* No need to clone since we're just using its address. */
@@ -591,14 +593,14 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info)
591 if (xfrm_decode_session_reverse(skb_in, &fl, AF_INET)) 593 if (xfrm_decode_session_reverse(skb_in, &fl, AF_INET))
592 goto out_unlock; 594 goto out_unlock;
593 595
594 if (inet_addr_type(&init_net, fl.fl4_src) == RTN_LOCAL) 596 if (inet_addr_type(net, fl.fl4_src) == RTN_LOCAL)
595 err = __ip_route_output_key(&init_net, &rt2, &fl); 597 err = __ip_route_output_key(net, &rt2, &fl);
596 else { 598 else {
597 struct flowi fl2 = {}; 599 struct flowi fl2 = {};
598 struct dst_entry *odst; 600 struct dst_entry *odst;
599 601
600 fl2.fl4_dst = fl.fl4_src; 602 fl2.fl4_dst = fl.fl4_src;
601 if (ip_route_output_key(&init_net, &rt2, &fl2)) 603 if (ip_route_output_key(net, &rt2, &fl2))
602 goto out_unlock; 604 goto out_unlock;
603 605
604 /* Ugh! */ 606 /* Ugh! */
@@ -666,6 +668,9 @@ static void icmp_unreach(struct sk_buff *skb)
666 int hash, protocol; 668 int hash, protocol;
667 struct net_protocol *ipprot; 669 struct net_protocol *ipprot;
668 u32 info = 0; 670 u32 info = 0;
671 struct net *net;
672
673 net = skb->dst->dev->nd_net;
669 674
670 /* 675 /*
671 * Incomplete header ? 676 * Incomplete header ?
@@ -696,7 +701,7 @@ static void icmp_unreach(struct sk_buff *skb)
696 "and DF set.\n", 701 "and DF set.\n",
697 NIPQUAD(iph->daddr)); 702 NIPQUAD(iph->daddr));
698 } else { 703 } else {
699 info = ip_rt_frag_needed(&init_net, iph, 704 info = ip_rt_frag_needed(net, iph,
700 ntohs(icmph->un.frag.mtu)); 705 ntohs(icmph->un.frag.mtu));
701 if (!info) 706 if (!info)
702 goto out; 707 goto out;
@@ -734,7 +739,7 @@ static void icmp_unreach(struct sk_buff *skb)
734 */ 739 */
735 740
736 if (!sysctl_icmp_ignore_bogus_error_responses && 741 if (!sysctl_icmp_ignore_bogus_error_responses &&
737 inet_addr_type(&init_net, iph->daddr) == RTN_BROADCAST) { 742 inet_addr_type(net, iph->daddr) == RTN_BROADCAST) {
738 if (net_ratelimit()) 743 if (net_ratelimit())
739 printk(KERN_WARNING "%u.%u.%u.%u sent an invalid ICMP " 744 printk(KERN_WARNING "%u.%u.%u.%u sent an invalid ICMP "
740 "type %u, code %u " 745 "type %u, code %u "
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
index 1725e0613982..18070ca65771 100644
--- a/net/ipv4/ip_output.c
+++ b/net/ipv4/ip_output.c
@@ -1379,7 +1379,7 @@ void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *ar
1379 .dport = tcp_hdr(skb)->source } }, 1379 .dport = tcp_hdr(skb)->source } },
1380 .proto = sk->sk_protocol }; 1380 .proto = sk->sk_protocol };
1381 security_skb_classify_flow(skb, &fl); 1381 security_skb_classify_flow(skb, &fl);
1382 if (ip_route_output_key(&init_net, &rt, &fl)) 1382 if (ip_route_output_key(sk->sk_net, &rt, &fl))
1383 return; 1383 return;
1384 } 1384 }
1385 1385