This is a note to let you know that I've just added the patch titled
ipv6: always prefer rt6i_gateway if present
to the 3.10-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
ipv6-always-prefer-rt6i_gateway-if-present.patch
and it can be found in the queue-3.10 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From 00e98866626ff457d664087b16c5acd2599be85a Mon Sep 17 00:00:00 2001
From: Julian Anastasov <[email protected]>
Date: Sun, 20 Oct 2013 15:43:03 +0300
Subject: ipv6: always prefer rt6i_gateway if present
From: Julian Anastasov <[email protected]>
[ Upstream commit 96dc809514fb2328605198a0602b67554d8cce7b ]
In v3.9 6fd6ce2056de2709 ("ipv6: Do not depend on rt->n in
ip6_finish_output2()." changed the behaviour of ip6_finish_output2()
such that the recently introduced rt6_nexthop() is used
instead of an assigned neighbor.
As rt6_nexthop() prefers rt6i_gateway only for gatewayed
routes this causes a problem for users like IPVS, xt_TEE and
RAW(hdrincl) if they want to use different address for routing
compared to the destination address.
Another case is when redirect can create RTF_DYNAMIC
route without RTF_GATEWAY flag, we ignore the rt6i_gateway
in rt6_nexthop().
Fix the above problems by considering the rt6i_gateway if
present, so that traffic routed to address on local subnet is
not wrongly diverted to the destination address.
Thanks to Simon Horman and Phil Oester for spotting the
problematic commit.
Thanks to Hannes Frederic Sowa for his review and help in testing.
Reported-by: Phil Oester <[email protected]>
Reported-by: Mark Brooks <[email protected]>
Signed-off-by: Julian Anastasov <[email protected]>
Acked-by: Hannes Frederic Sowa <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
include/net/ip6_route.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/include/net/ip6_route.h
+++ b/include/net/ip6_route.h
@@ -196,7 +196,7 @@ static inline int ip6_skb_dst_mtu(struct
static inline struct in6_addr *rt6_nexthop(struct rt6_info *rt, struct
in6_addr *dest)
{
- if (rt->rt6i_flags & RTF_GATEWAY)
+ if (rt->rt6i_flags & RTF_GATEWAY || !ipv6_addr_any(&rt->rt6i_gateway))
return &rt->rt6i_gateway;
return dest;
}
Patches currently in stable-queue which might be from [email protected] are
queue-3.10/ipv6-always-prefer-rt6i_gateway-if-present.patch
queue-3.10/netfilter-nf_conntrack-fix-rt6i_gateway-checks-for-h.323-helper.patch
queue-3.10/ipv6-probe-routes-asynchronous-in-rt6_probe.patch
queue-3.10/ipv6-fill-rt6i_gateway-with-nexthop-address.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
