mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-22 18:41:06 +00:00
ipv4: fix source address selection with route leak
commit6807352353
upstream. By default, an address assigned to the output interface is selected when the source address is not specified. This is problematic when a route, configured in a vrf, uses an interface from another vrf (aka route leak). The original vrf does not own the selected source address. Let's add a check against the output interface and call the appropriate function to select the source address. CC: stable@vger.kernel.org Fixes:8cbb512c92
("net: Add source address lookup op for VRF") Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Reviewed-by: David Ahern <dsahern@kernel.org> Link: https://patch.msgid.link/20240710081521.3809742-2-nicolas.dichtel@6wind.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
5c07084001
commit
0aa47c27f8
1 changed files with 11 additions and 2 deletions
|
@ -2270,6 +2270,15 @@ void fib_select_path(struct net *net, struct fib_result *res,
|
|||
fib_select_default(fl4, res);
|
||||
|
||||
check_saddr:
|
||||
if (!fl4->saddr)
|
||||
fl4->saddr = fib_result_prefsrc(net, res);
|
||||
if (!fl4->saddr) {
|
||||
struct net_device *l3mdev;
|
||||
|
||||
l3mdev = dev_get_by_index_rcu(net, fl4->flowi4_l3mdev);
|
||||
|
||||
if (!l3mdev ||
|
||||
l3mdev_master_dev_rcu(FIB_RES_DEV(*res)) == l3mdev)
|
||||
fl4->saddr = fib_result_prefsrc(net, res);
|
||||
else
|
||||
fl4->saddr = inet_select_addr(l3mdev, 0, RT_SCOPE_LINK);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue