Commit 9e30ecf23b1b ("net: ipv4: fix incorrect MTU in broadcast routes") introduced a regression where local-broadcast packets would have their gateway set in __mkroute_output, which was caused by fi = NULL being removed.
Fix this by resetting the fib_info for local-broadcast packets. This preserves the intended changes for directed-broadcast packets.
Cc: stable@vger.kernel.org Fixes: 9e30ecf23b1b ("net: ipv4: fix incorrect MTU in broadcast routes") Reported-by: Brett A C Sheffield bacs@librecast.net Closes: https://lore.kernel.org/regressions/20250822165231.4353-4-bacs@librecast.net Signed-off-by: Oscar Maes oscmaes92@gmail.com --- Link to discussion: https://lore.kernel.org/netdev/20250822165231.4353-4-bacs@librecast.net/
Thanks to Brett Sheffield for finding the regression and writing the initial fix!
net/ipv4/route.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/net/ipv4/route.c b/net/ipv4/route.c index f639a2ae881a..baa43e5966b1 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2575,12 +2575,16 @@ static struct rtable *__mkroute_output(const struct fib_result *res, !netif_is_l3_master(dev_out)) return ERR_PTR(-EINVAL);
- if (ipv4_is_lbcast(fl4->daddr)) + if (ipv4_is_lbcast(fl4->daddr)) { type = RTN_BROADCAST; - else if (ipv4_is_multicast(fl4->daddr)) + + /* reset fi to prevent gateway resolution */ + fi = NULL; + } else if (ipv4_is_multicast(fl4->daddr)) { type = RTN_MULTICAST; - else if (ipv4_is_zeronet(fl4->daddr)) + } else if (ipv4_is_zeronet(fl4->daddr)) { return ERR_PTR(-EINVAL); + }
if (dev_out->flags & IFF_LOOPBACK) flags |= RTCF_LOCAL;
Add test to check the broadcast ethernet destination field is set correctly.
This test sends a broadcast ping, captures it using tcpdump and ensures that all bits of the 6 octet ethernet destination address are correctly set by examining the output capture file.
Signed-off-by: Oscar Maes oscmaes92@gmail.com --- Link to discussion: https://lore.kernel.org/netdev/20250822165231.4353-4-bacs@librecast.net/
Thanks to Brett Sheffield for writing the initial version of this selftest!
tools/testing/selftests/net/Makefile | 1 + .../selftests/net/broadcast_ether_dst.sh | 82 +++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100755 tools/testing/selftests/net/broadcast_ether_dst.sh
diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index b31a71f2b372..56ad10ea6628 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -115,6 +115,7 @@ TEST_PROGS += skf_net_off.sh TEST_GEN_FILES += skf_net_off TEST_GEN_FILES += tfo TEST_PROGS += tfo_passive.sh +TEST_PROGS += broadcast_ether_dst.sh TEST_PROGS += broadcast_pmtu.sh TEST_PROGS += ipv6_force_forwarding.sh
diff --git a/tools/testing/selftests/net/broadcast_ether_dst.sh b/tools/testing/selftests/net/broadcast_ether_dst.sh new file mode 100755 index 000000000000..865b5c7c8c8a --- /dev/null +++ b/tools/testing/selftests/net/broadcast_ether_dst.sh @@ -0,0 +1,82 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 +# +# Author: Brett A C Sheffield bacs@librecast.net +# Author: Oscar Maes oscmaes92@gmail.com +# +# Ensure destination ethernet field is correctly set for +# broadcast packets + +source lib.sh + +CLIENT_IP4="192.168.0.1" +GW_IP4="192.168.0.2" + +setup() { + setup_ns CLIENT_NS SERVER_NS + + ip -net "${SERVER_NS}" link add link1 type veth \ + peer name link0 netns "${CLIENT_NS}" + + ip -net "${CLIENT_NS}" link set link0 up + ip -net "${CLIENT_NS}" addr add "${CLIENT_IP4}"/24 dev link0 + + ip -net "${SERVER_NS}" link set link1 up + + ip -net "${CLIENT_NS}" route add default via "${GW_IP4}" + ip netns exec "${CLIENT_NS}" arp -s "${GW_IP4}" 00:11:22:33:44:55 +} + +cleanup() { + rm -f "${CAPFILE}" + ip -net "${SERVER_NS}" link del link1 + cleanup_ns "${CLIENT_NS}" "${SERVER_NS}" +} + +test_broadcast_ether_dst() { + local rc=0 + CAPFILE=$(mktemp -u cap.XXXXXXXXXX) + + echo "Testing ethernet broadcast destination" + + # start tcpdump listening for icmp + # tcpdump will exit after receiving a single packet + # timeout will kill tcpdump if it is still running after 2s + timeout 2s ip netns exec "${CLIENT_NS}" \ + tcpdump -i link0 -c 1 -w "${CAPFILE}" icmp &> /dev/null & + pid=$! + sleep 0.1 # let tcpdump wake up + + # send broadcast ping + ip netns exec "${CLIENT_NS}" \ + ping -W0.01 -c1 -b 255.255.255.255 &> /dev/null + + # wait for tcpdump for exit after receiving packet + wait "${pid}" + + # compare ethernet destination field to ff:ff:ff:ff:ff:ff + ether_dst=$(tcpdump -r "${CAPFILE}" -tnne 2>/dev/null | \ + awk '{sub(/,/,"",$3); print $3}') + if [[ "${ether_dst}" == "ff:ff:ff:ff:ff:ff" ]]; then + echo "[ OK ]" + rc="${ksft_pass}" + else + echo "[FAIL] expected dst ether addr to be ff:ff:ff:ff:ff:ff," \ + "got ${ether_dst}" + rc="${ksft_fail}" + fi + + return "${rc}" +} + +if [ ! -x "$(command -v tcpdump)" ]; then + echo "SKIP: Could not run test without tcpdump tool" + exit "${ksft_skip}" +fi + +trap cleanup EXIT + +setup +test_broadcast_ether_dst + +exit $?
Hi,
Thanks for your patch.
FYI: kernel test robot notices the stable kernel rule is not satisfied.
The check is based on https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html#opti...
Rule: add the tag "Cc: stable@vger.kernel.org" in the sign-off area to have the patch automatically included in the stable tree. Subject: [PATCH net v3 2/2] selftests: net: add test for destination in broadcast packets Link: https://lore.kernel.org/stable/20250827062322.4807-2-oscmaes92%40gmail.com
On 2025-08-27 08:23, Oscar Maes wrote:
Add test to check the broadcast ethernet destination field is set correctly.
This test sends a broadcast ping, captures it using tcpdump and ensures that all bits of the 6 octet ethernet destination address are correctly set by examining the output capture file.
Signed-off-by: Oscar Maes oscmaes92@gmail.com
Link to discussion: https://lore.kernel.org/netdev/20250822165231.4353-4-bacs@librecast.net/
Thanks to Brett Sheffield for writing the initial version of this selftest!
Thanks for leaving my author name in the file. Perhaps you might consider adding:
Co-Authored-By: Brett A C Sheffield bacs@librecast.net
to your commit message. I spend quite a bit of my Saturday bisecting and diagnosing, and writing the patch and test.
tools/testing/selftests/net/Makefile | 1 + .../selftests/net/broadcast_ether_dst.sh | 82 +++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100755 tools/testing/selftests/net/broadcast_ether_dst.sh
diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index b31a71f2b372..56ad10ea6628 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -115,6 +115,7 @@ TEST_PROGS += skf_net_off.sh TEST_GEN_FILES += skf_net_off TEST_GEN_FILES += tfo TEST_PROGS += tfo_passive.sh +TEST_PROGS += broadcast_ether_dst.sh TEST_PROGS += broadcast_pmtu.sh TEST_PROGS += ipv6_force_forwarding.sh diff --git a/tools/testing/selftests/net/broadcast_ether_dst.sh b/tools/testing/selftests/net/broadcast_ether_dst.sh new file mode 100755 index 000000000000..865b5c7c8c8a --- /dev/null +++ b/tools/testing/selftests/net/broadcast_ether_dst.sh @@ -0,0 +1,82 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 +# +# Author: Brett A C Sheffield bacs@librecast.net +# Author: Oscar Maes oscmaes92@gmail.com +# +# Ensure destination ethernet field is correctly set for +# broadcast packets
+source lib.sh
+CLIENT_IP4="192.168.0.1" +GW_IP4="192.168.0.2"
+setup() {
- setup_ns CLIENT_NS SERVER_NS
- ip -net "${SERVER_NS}" link add link1 type veth \
peer name link0 netns "${CLIENT_NS}"- ip -net "${CLIENT_NS}" link set link0 up
- ip -net "${CLIENT_NS}" addr add "${CLIENT_IP4}"/24 dev link0
- ip -net "${SERVER_NS}" link set link1 up
- ip -net "${CLIENT_NS}" route add default via "${GW_IP4}"
- ip netns exec "${CLIENT_NS}" arp -s "${GW_IP4}" 00:11:22:33:44:55
+}
+cleanup() {
- rm -f "${CAPFILE}"
- ip -net "${SERVER_NS}" link del link1
- cleanup_ns "${CLIENT_NS}" "${SERVER_NS}"
+}
+test_broadcast_ether_dst() {
- local rc=0
- CAPFILE=$(mktemp -u cap.XXXXXXXXXX)
- echo "Testing ethernet broadcast destination"
- # start tcpdump listening for icmp
- # tcpdump will exit after receiving a single packet
- # timeout will kill tcpdump if it is still running after 2s
- timeout 2s ip netns exec "${CLIENT_NS}" \
tcpdump -i link0 -c 1 -w "${CAPFILE}" icmp &> /dev/null &- pid=$!
- sleep 0.1 # let tcpdump wake up
- # send broadcast ping
- ip netns exec "${CLIENT_NS}" \
ping -W0.01 -c1 -b 255.255.255.255 &> /dev/null- # wait for tcpdump for exit after receiving packet
- wait "${pid}"
- # compare ethernet destination field to ff:ff:ff:ff:ff:ff
- ether_dst=$(tcpdump -r "${CAPFILE}" -tnne 2>/dev/null | \
awk '{sub(/,/,"",$3); print $3}')- if [[ "${ether_dst}" == "ff:ff:ff:ff:ff:ff" ]]; then
echo "[ OK ]"rc="${ksft_pass}"- else
echo "[FAIL] expected dst ether addr to be ff:ff:ff:ff:ff:ff," \"got ${ether_dst}"rc="${ksft_fail}"- fi
- return "${rc}"
+}
+if [ ! -x "$(command -v tcpdump)" ]; then
- echo "SKIP: Could not run test without tcpdump tool"
- exit "${ksft_skip}"
+fi
+trap cleanup EXIT
+setup +test_broadcast_ether_dst
+exit $?
2.39.5
On 8/27/25 4:26 PM, Brett A C Sheffield wrote:
On 2025-08-27 08:23, Oscar Maes wrote:
Add test to check the broadcast ethernet destination field is set correctly.
This test sends a broadcast ping, captures it using tcpdump and ensures that all bits of the 6 octet ethernet destination address are correctly set by examining the output capture file.
Signed-off-by: Oscar Maes oscmaes92@gmail.com
Link to discussion: https://lore.kernel.org/netdev/20250822165231.4353-4-bacs@librecast.net/
Thanks to Brett Sheffield for writing the initial version of this selftest!
Thanks for leaving my author name in the file. Perhaps you might consider adding:
Co-Authored-By: Brett A C Sheffield bacs@librecast.net
to your commit message. I spend quite a bit of my Saturday bisecting and diagnosing, and writing the patch and test.
I don't want to delay the fix, since I received other reports for the same problem, but I think proper recognition should be agreed by all the involved parties.
I'm going to apply patch 1/2 standalone, to allow repost for this one.
tools/testing/selftests/net/Makefile | 1 + .../selftests/net/broadcast_ether_dst.sh | 82 +++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100755 tools/testing/selftests/net/broadcast_ether_dst.sh
diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile index b31a71f2b372..56ad10ea6628 100644 --- a/tools/testing/selftests/net/Makefile +++ b/tools/testing/selftests/net/Makefile @@ -115,6 +115,7 @@ TEST_PROGS += skf_net_off.sh TEST_GEN_FILES += skf_net_off TEST_GEN_FILES += tfo TEST_PROGS += tfo_passive.sh +TEST_PROGS += broadcast_ether_dst.sh TEST_PROGS += broadcast_pmtu.sh TEST_PROGS += ipv6_force_forwarding.sh diff --git a/tools/testing/selftests/net/broadcast_ether_dst.sh b/tools/testing/selftests/net/broadcast_ether_dst.sh new file mode 100755 index 000000000000..865b5c7c8c8a --- /dev/null +++ b/tools/testing/selftests/net/broadcast_ether_dst.sh @@ -0,0 +1,82 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 +# +# Author: Brett A C Sheffield bacs@librecast.net +# Author: Oscar Maes oscmaes92@gmail.com +# +# Ensure destination ethernet field is correctly set for +# broadcast packets
+source lib.sh
+CLIENT_IP4="192.168.0.1" +GW_IP4="192.168.0.2"
+setup() {
- setup_ns CLIENT_NS SERVER_NS
- ip -net "${SERVER_NS}" link add link1 type veth \
peer name link0 netns "${CLIENT_NS}"- ip -net "${CLIENT_NS}" link set link0 up
- ip -net "${CLIENT_NS}" addr add "${CLIENT_IP4}"/24 dev link0
- ip -net "${SERVER_NS}" link set link1 up
- ip -net "${CLIENT_NS}" route add default via "${GW_IP4}"
- ip netns exec "${CLIENT_NS}" arp -s "${GW_IP4}" 00:11:22:33:44:55
+}
+cleanup() {
- rm -f "${CAPFILE}"
- ip -net "${SERVER_NS}" link del link1
- cleanup_ns "${CLIENT_NS}" "${SERVER_NS}"
+}
+test_broadcast_ether_dst() {
- local rc=0
- CAPFILE=$(mktemp -u cap.XXXXXXXXXX)
- echo "Testing ethernet broadcast destination"
- # start tcpdump listening for icmp
- # tcpdump will exit after receiving a single packet
- # timeout will kill tcpdump if it is still running after 2s
- timeout 2s ip netns exec "${CLIENT_NS}" \
tcpdump -i link0 -c 1 -w "${CAPFILE}" icmp &> /dev/null &- pid=$!
- sleep 0.1 # let tcpdump wake up
Here you could use slowwait checking for packet socket creation, to be more robust WRT very slow env.
/P
On 8/27/25 12:23 AM, Oscar Maes wrote:
Commit 9e30ecf23b1b ("net: ipv4: fix incorrect MTU in broadcast routes") introduced a regression where local-broadcast packets would have their gateway set in __mkroute_output, which was caused by fi = NULL being removed.
Fix this by resetting the fib_info for local-broadcast packets. This preserves the intended changes for directed-broadcast packets.
Cc: stable@vger.kernel.org Fixes: 9e30ecf23b1b ("net: ipv4: fix incorrect MTU in broadcast routes") Reported-by: Brett A C Sheffield bacs@librecast.net Closes: https://lore.kernel.org/regressions/20250822165231.4353-4-bacs@librecast.net Signed-off-by: Oscar Maes oscmaes92@gmail.com
Link to discussion: https://lore.kernel.org/netdev/20250822165231.4353-4-bacs@librecast.net/
Thanks to Brett Sheffield for finding the regression and writing the initial fix!
net/ipv4/route.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-)
Reviewed-by: David Ahern dsahern@kernel.org
Hello:
This series was applied to netdev/net.git (main) by Paolo Abeni pabeni@redhat.com:
On Wed, 27 Aug 2025 08:23:21 +0200 you wrote:
Commit 9e30ecf23b1b ("net: ipv4: fix incorrect MTU in broadcast routes") introduced a regression where local-broadcast packets would have their gateway set in __mkroute_output, which was caused by fi = NULL being removed.
Fix this by resetting the fib_info for local-broadcast packets. This preserves the intended changes for directed-broadcast packets.
[...]
Here is the summary with links: - [net,v3,1/2] net: ipv4: fix regression in local-broadcast routes https://git.kernel.org/netdev/net/c/5189446ba995 - [net,v3,2/2] selftests: net: add test for destination in broadcast packets (no matching commit)
You are awesome, thank you!
linux-stable-mirror@lists.linaro.org
-
Brett A C Sheffield -
David Ahern -
kernel test robot -
Oscar Maes -
Paolo Abeni -
patchwork-bot+netdevbpf@kernel.org