FAILED: patch "[PATCH] vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf" failed to apply to 4.4-stable tree
The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From ee201011c1e1563c114a55c86eb164b236f18e84 Mon Sep 17 00:00:00 2001
From: Stephen Suryaputra ssuryaextr@gmail.com Date: Tue, 30 Nov 2021 11:26:37 -0500 Subject: [PATCH] vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
IPCB/IP6CB need to be initialized when processing outbound v4 or v6 pkts in the codepath of vrf device xmit function so that leftover garbage doesn't cause futher code that uses the CB to incorrectly process the pkt.
One occasion of the issue might occur when MPLS route uses the vrf device as the outgoing device such as when the route is added using "ip -f mpls route add <label> dev <vrf>" command.
The problems seems to exist since day one. Hence I put the day one commits on the Fixes tags.
Fixes: 193125dbd8eb ("net: Introduce VRF device driver") Fixes: 35402e313663 ("net: Add IPv6 support to VRF device") Cc: stable@vger.kernel.org Signed-off-by: Stephen Suryaputra ssuryaextr@gmail.com Reviewed-by: David Ahern dsahern@kernel.org Link: https://lore.kernel.org/r/20211130162637.3249-1-ssuryaextr@gmail.com Signed-off-by: Jakub Kicinski kuba@kernel.org
diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c index ccf677015d5b..131c745dc701 100644 --- a/drivers/net/vrf.c +++ b/drivers/net/vrf.c @@ -497,6 +497,7 @@ static netdev_tx_t vrf_process_v6_outbound(struct sk_buff *skb, /* strip the ethernet header added for pass through VRF device */ __skb_pull(skb, skb_network_offset(skb));
+ memset(IP6CB(skb), 0, sizeof(*IP6CB(skb))); ret = vrf_ip6_local_out(net, skb->sk, skb); if (unlikely(net_xmit_eval(ret))) dev->stats.tx_errors++; @@ -579,6 +580,7 @@ static netdev_tx_t vrf_process_v4_outbound(struct sk_buff *skb, RT_SCOPE_LINK); }
+ memset(IPCB(skb), 0, sizeof(*IPCB(skb))); ret = vrf_ip_local_out(dev_net(skb_dst(skb)->dev), skb->sk, skb); if (unlikely(net_xmit_eval(ret))) vrf_dev->stats.tx_errors++;
On 12/4/21 3:28 AM, gregkh@linuxfoundation.org wrote:
The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
This patch is not needed in 4.4.
On Sat, Dec 04, 2021 at 09:09:31AM -0700, David Ahern wrote:
On 12/4/21 3:28 AM, gregkh@linuxfoundation.org wrote:
The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
This patch is not needed in 4.4.
Why not? The two "Fixes:" tag show that those commits are in 4.4:
Fixes: 193125dbd8eb ("net: Introduce VRF device driver") Fixes: 35402e313663 ("net: Add IPv6 support to VRF device")
193125dbd8eb showed up in 4.3, and 35402e313663 showed up in 4.4.
so why isn't this needed in 4.4.y?
thanks,
greg k-h
On Sun, Dec 05, 2021 at 04:08:53PM -0700, David Ahern wrote:
On 12/5/21 5:39 AM, Greg KH wrote:
so why isn't this needed in 4.4.y?
The patch fixes a corner case with MPLS + VRF. The VRF feature is not really usable before 4.9; I doubt VRF + MPLS with a last label pop is usable in 4.4.
Ok, thanks for the explaination.
greg k-h
linux-stable-mirror@lists.linaro.org
-
David Ahern -
Greg KH -
gregkh@linuxfoundation.org