Hi Paolo, Thank you for the patch! Yet something to improve:
[auto build test ERROR on net-next/master] url: https://github.com/0day-ci/linux/commits/Paolo-Abeni/ipv4-fix-validate_source-for-VRF-setup/20171031-172851 config: x86_64-randconfig-x008-201744 (attached as .config) compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901 reproduce: # save the attached .config to linux build tree make ARCH=x86_64 All errors (new ones prefixed by >>): net/ipv4/fib_frontend.c: In function 'fib_validate_source': >> net/ipv4/fib_frontend.c:413:16: error: 'struct netns_ipv4' has no member >> named 'fib_has_custom_rules'; did you mean 'fib_has_custom_local_routes'? net->ipv4.fib_has_custom_rules) ^ vim +413 net/ipv4/fib_frontend.c 395 396 /* Ignore rp_filter for packets protected by IPsec. */ 397 int fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, 398 u8 tos, int oif, struct net_device *dev, 399 struct in_device *idev, u32 *itag) 400 { 401 int r = secpath_exists(skb) ? 0 : IN_DEV_RPFILTER(idev); 402 struct net *net = dev_net(dev); 403 404 if (!r && !fib_num_tclassid_users(net) && 405 (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev))) { 406 if (IN_DEV_ACCEPT_LOCAL(idev)) 407 goto ok; 408 /* with custom local routes in place, checking local addresses 409 * only will be too optimistic, with custom rules, checking 410 * local addresses only can be too strict, e.g. due to vrf 411 */ 412 if (net->ipv4.fib_has_custom_local_routes || > 413 net->ipv4.fib_has_custom_rules) 414 goto full_check; 415 if (inet_lookup_ifaddr_rcu(net, src)) 416 return -EINVAL; 417 418 ok: 419 *itag = 0; 420 return 0; 421 } 422 423 full_check: 424 return __fib_validate_source(skb, src, dst, tos, oif, dev, r, idev, itag); 425 } 426 --- 0-DAY kernel test infrastructure Open Source Technology Center https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: application/gzip
