diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv4/fib_frontend.c | 10 | ||||
| -rw-r--r-- | net/ipv4/route.c | 16 |
2 files changed, 12 insertions, 14 deletions
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index 451088330bbb..f162f84b8d6d 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c | |||
| @@ -188,9 +188,9 @@ EXPORT_SYMBOL(inet_dev_addr_type); | |||
| 188 | * - check, that packet arrived from expected physical interface. | 188 | * - check, that packet arrived from expected physical interface. |
| 189 | * called with rcu_read_lock() | 189 | * called with rcu_read_lock() |
| 190 | */ | 190 | */ |
| 191 | int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif, | 191 | int fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, u8 tos, |
| 192 | struct net_device *dev, __be32 *spec_dst, | 192 | int oif, struct net_device *dev, __be32 *spec_dst, |
| 193 | u32 *itag, u32 mark) | 193 | u32 *itag) |
| 194 | { | 194 | { |
| 195 | struct in_device *in_dev; | 195 | struct in_device *in_dev; |
| 196 | struct flowi4 fl4; | 196 | struct flowi4 fl4; |
| @@ -202,7 +202,6 @@ int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif, | |||
| 202 | 202 | ||
| 203 | fl4.flowi4_oif = 0; | 203 | fl4.flowi4_oif = 0; |
| 204 | fl4.flowi4_iif = oif; | 204 | fl4.flowi4_iif = oif; |
| 205 | fl4.flowi4_mark = mark; | ||
| 206 | fl4.daddr = src; | 205 | fl4.daddr = src; |
| 207 | fl4.saddr = dst; | 206 | fl4.saddr = dst; |
| 208 | fl4.flowi4_tos = tos; | 207 | fl4.flowi4_tos = tos; |
| @@ -214,8 +213,7 @@ int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif, | |||
| 214 | no_addr = in_dev->ifa_list == NULL; | 213 | no_addr = in_dev->ifa_list == NULL; |
| 215 | rpf = IN_DEV_RPFILTER(in_dev); | 214 | rpf = IN_DEV_RPFILTER(in_dev); |
| 216 | accept_local = IN_DEV_ACCEPT_LOCAL(in_dev); | 215 | accept_local = IN_DEV_ACCEPT_LOCAL(in_dev); |
| 217 | if (mark && !IN_DEV_SRC_VMARK(in_dev)) | 216 | fl4.flowi4_mark = IN_DEV_SRC_VMARK(in_dev) ? skb->mark : 0; |
| 218 | fl4.flowi4_mark = 0; | ||
| 219 | } | 217 | } |
| 220 | 218 | ||
| 221 | if (in_dev == NULL) | 219 | if (in_dev == NULL) |
diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 1628be530314..052c9123e576 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c | |||
| @@ -1871,8 +1871,8 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr, | |||
| 1871 | goto e_inval; | 1871 | goto e_inval; |
| 1872 | spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); | 1872 | spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); |
| 1873 | } else { | 1873 | } else { |
| 1874 | err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst, | 1874 | err = fib_validate_source(skb, saddr, 0, tos, 0, dev, &spec_dst, |
| 1875 | &itag, 0); | 1875 | &itag); |
| 1876 | if (err < 0) | 1876 | if (err < 0) |
| 1877 | goto e_err; | 1877 | goto e_err; |
| 1878 | } | 1878 | } |
| @@ -1981,8 +1981,8 @@ static int __mkroute_input(struct sk_buff *skb, | |||
| 1981 | } | 1981 | } |
| 1982 | 1982 | ||
| 1983 | 1983 | ||
| 1984 | err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res), | 1984 | err = fib_validate_source(skb, saddr, daddr, tos, FIB_RES_OIF(*res), |
| 1985 | in_dev->dev, &spec_dst, &itag, skb->mark); | 1985 | in_dev->dev, &spec_dst, &itag); |
| 1986 | if (err < 0) { | 1986 | if (err < 0) { |
| 1987 | ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr, | 1987 | ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr, |
| 1988 | saddr); | 1988 | saddr); |
| @@ -2150,9 +2150,9 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, | |||
| 2150 | goto brd_input; | 2150 | goto brd_input; |
| 2151 | 2151 | ||
| 2152 | if (res.type == RTN_LOCAL) { | 2152 | if (res.type == RTN_LOCAL) { |
| 2153 | err = fib_validate_source(saddr, daddr, tos, | 2153 | err = fib_validate_source(skb, saddr, daddr, tos, |
| 2154 | net->loopback_dev->ifindex, | 2154 | net->loopback_dev->ifindex, |
| 2155 | dev, &spec_dst, &itag, skb->mark); | 2155 | dev, &spec_dst, &itag); |
| 2156 | if (err < 0) | 2156 | if (err < 0) |
| 2157 | goto martian_source_keep_err; | 2157 | goto martian_source_keep_err; |
| 2158 | if (err) | 2158 | if (err) |
| @@ -2176,8 +2176,8 @@ brd_input: | |||
| 2176 | if (ipv4_is_zeronet(saddr)) | 2176 | if (ipv4_is_zeronet(saddr)) |
| 2177 | spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); | 2177 | spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); |
| 2178 | else { | 2178 | else { |
| 2179 | err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst, | 2179 | err = fib_validate_source(skb, saddr, 0, tos, 0, dev, &spec_dst, |
| 2180 | &itag, skb->mark); | 2180 | &itag); |
| 2181 | if (err < 0) | 2181 | if (err < 0) |
| 2182 | goto martian_source_keep_err; | 2182 | goto martian_source_keep_err; |
| 2183 | if (err) | 2183 | if (err) |