提交 e0584649 编写于 作者: D David S. Miller

Revert "ipv4: Allow configuring subnets as local addresses"

This reverts commit 4465b469.

Conflicts:

	net/ipv4/fib_frontend.c

As reported by Ben Greear, this causes regressions:

> Change 4465b469 caused rules
> to stop matching the input device properly because the
> FLOWI_FLAG_MATCH_ANY_IIF is always defined in ip_dev_find().
>
> This breaks rules such as:
>
> ip rule add pref 512 lookup local
> ip rule del pref 0 lookup local
> ip link set eth2 up
> ip -4 addr add 172.16.0.102/24 broadcast 172.16.0.255 dev eth2
> ip rule add to 172.16.0.102 iif eth2 lookup local pref 10
> ip rule add iif eth2 lookup 10001 pref 20
> ip route add 172.16.0.0/24 dev eth2 table 10001
> ip route add unreachable 0/0 table 10001
>
> If you had a second interface 'eth0' that was on a different
> subnet, pinging a system on that interface would fail:
>
>   [root@ct503-60 ~]# ping 192.168.100.1
>   connect: Invalid argument
Reported-by: NBen Greear <greearb@candelatech.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 0e214ad8
...@@ -49,7 +49,6 @@ struct flowi { ...@@ -49,7 +49,6 @@ struct flowi {
__u8 proto; __u8 proto;
__u8 flags; __u8 flags;
#define FLOWI_FLAG_ANYSRC 0x01 #define FLOWI_FLAG_ANYSRC 0x01
#define FLOWI_FLAG_MATCH_ANY_IIF 0x02
union { union {
struct { struct {
__be16 sport; __be16 sport;
......
...@@ -181,8 +181,7 @@ static int fib_rule_match(struct fib_rule *rule, struct fib_rules_ops *ops, ...@@ -181,8 +181,7 @@ static int fib_rule_match(struct fib_rule *rule, struct fib_rules_ops *ops,
{ {
int ret = 0; int ret = 0;
if (rule->iifindex && (rule->iifindex != fl->iif) && if (rule->iifindex && (rule->iifindex != fl->iif))
!(fl->flags & FLOWI_FLAG_MATCH_ANY_IIF))
goto out; goto out;
if (rule->oifindex && (rule->oifindex != fl->oif)) if (rule->oifindex && (rule->oifindex != fl->oif))
......
...@@ -163,13 +163,19 @@ struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref) ...@@ -163,13 +163,19 @@ struct net_device *__ip_dev_find(struct net *net, __be32 addr, bool devref)
.daddr = addr .daddr = addr
} }
}, },
.flags = FLOWI_FLAG_MATCH_ANY_IIF
}; };
struct fib_result res = { 0 }; struct fib_result res = { 0 };
struct net_device *dev = NULL; struct net_device *dev = NULL;
struct fib_table *local_table;
#ifdef CONFIG_IP_MULTIPLE_TABLES
res.r = NULL;
#endif
rcu_read_lock(); rcu_read_lock();
if (fib_lookup(net, &fl, &res)) { local_table = fib_get_table(net, RT_TABLE_LOCAL);
if (!local_table ||
fib_table_lookup(local_table, &fl, &res, FIB_LOOKUP_NOREF)) {
rcu_read_unlock(); rcu_read_unlock();
return NULL; return NULL;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册