Commit 5e1a99ea authored by Hangbin Liu's avatar Hangbin Liu Committed by David S. Miller

ipv4: Add ICMPv6 support when parse route ipproto

For ip rules, we need to use 'ipproto ipv6-icmp' to match ICMPv6 headers.
But for ip -6 route, currently we only support tcp, udp and icmp.

Add ICMPv6 support so we can match ipv6-icmp rules for route lookup.

v2: As David Ahern and Sabrina Dubroca suggested, Add an argument to
rtm_getroute_parse_ip_proto() to handle ICMP/ICMPv6 with different family.
Reported-by: default avatarJianlin Shi <jishi@redhat.com>
Fixes: eacb9384 ("ipv6: support sport, dport and ip_proto in RTM_GETROUTE")
Signed-off-by: default avatarHangbin Liu <liuhangbin@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 90490ef7
...@@ -718,7 +718,7 @@ extern int sysctl_icmp_msgs_burst; ...@@ -718,7 +718,7 @@ extern int sysctl_icmp_msgs_burst;
int ip_misc_proc_init(void); int ip_misc_proc_init(void);
#endif #endif
int rtm_getroute_parse_ip_proto(struct nlattr *attr, u8 *ip_proto, int rtm_getroute_parse_ip_proto(struct nlattr *attr, u8 *ip_proto, u8 family,
struct netlink_ext_ack *extack); struct netlink_ext_ack *extack);
#endif /* _IP_H */ #endif /* _IP_H */
...@@ -3,9 +3,10 @@ ...@@ -3,9 +3,10 @@
#include <linux/types.h> #include <linux/types.h>
#include <net/net_namespace.h> #include <net/net_namespace.h>
#include <net/netlink.h> #include <net/netlink.h>
#include <linux/in6.h>
#include <net/ip.h> #include <net/ip.h>
int rtm_getroute_parse_ip_proto(struct nlattr *attr, u8 *ip_proto, int rtm_getroute_parse_ip_proto(struct nlattr *attr, u8 *ip_proto, u8 family,
struct netlink_ext_ack *extack) struct netlink_ext_ack *extack)
{ {
*ip_proto = nla_get_u8(attr); *ip_proto = nla_get_u8(attr);
...@@ -13,11 +14,19 @@ int rtm_getroute_parse_ip_proto(struct nlattr *attr, u8 *ip_proto, ...@@ -13,11 +14,19 @@ int rtm_getroute_parse_ip_proto(struct nlattr *attr, u8 *ip_proto,
switch (*ip_proto) { switch (*ip_proto) {
case IPPROTO_TCP: case IPPROTO_TCP:
case IPPROTO_UDP: case IPPROTO_UDP:
return 0;
case IPPROTO_ICMP: case IPPROTO_ICMP:
if (family != AF_INET)
break;
return 0;
#if IS_ENABLED(CONFIG_IPV6)
case IPPROTO_ICMPV6:
if (family != AF_INET6)
break;
return 0; return 0;
default: #endif
}
NL_SET_ERR_MSG(extack, "Unsupported ip proto"); NL_SET_ERR_MSG(extack, "Unsupported ip proto");
return -EOPNOTSUPP; return -EOPNOTSUPP;
}
} }
EXPORT_SYMBOL_GPL(rtm_getroute_parse_ip_proto); EXPORT_SYMBOL_GPL(rtm_getroute_parse_ip_proto);
...@@ -2803,7 +2803,7 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, ...@@ -2803,7 +2803,7 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
if (tb[RTA_IP_PROTO]) { if (tb[RTA_IP_PROTO]) {
err = rtm_getroute_parse_ip_proto(tb[RTA_IP_PROTO], err = rtm_getroute_parse_ip_proto(tb[RTA_IP_PROTO],
&ip_proto, extack); &ip_proto, AF_INET, extack);
if (err) if (err)
return err; return err;
} }
......
...@@ -4893,7 +4893,8 @@ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, ...@@ -4893,7 +4893,8 @@ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
if (tb[RTA_IP_PROTO]) { if (tb[RTA_IP_PROTO]) {
err = rtm_getroute_parse_ip_proto(tb[RTA_IP_PROTO], err = rtm_getroute_parse_ip_proto(tb[RTA_IP_PROTO],
&fl6.flowi6_proto, extack); &fl6.flowi6_proto, AF_INET6,
extack);
if (err) if (err)
goto errout; goto errout;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment