Skip to content
Snippets Groups Projects
Commit 93bc0663 authored by Nicolas Dichtel's avatar Nicolas Dichtel Committed by Yongqiang Liu
Browse files

ipv6: fix panic when forwarding a pkt with no in6 dev

stable inclusion
from stable-4.19.239
commit 74b68f5249f16c5f7f675d0f604fa6ae20e3a151
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I5A6BA


CVE: NA

--------------------------------

commit e3fa461d8b0e185b7da8a101fe94dfe6dd500ac0 upstream.

kongweibin reported a kernel panic in ip6_forward() when input interface
has no in6 dev associated.

The following tc commands were used to reproduce this panic:
tc qdisc del dev vxlan100 root
tc qdisc add dev vxlan100 root netem corrupt 5%

CC: stable@vger.kernel.org
Fixes: ccd27f05ae7b ("ipv6: fix 'disable_policy' for fwd packets")
Reported-by: default avatarkongweibin <kongweibin2@huawei.com>
Signed-off-by: default avatarNicolas Dichtel <nicolas.dichtel@6wind.com>
Reviewed-by: default avatarDavid Ahern <dsahern@kernel.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarYongqiang Liu <liuyongqiang13@huawei.com>
parent d0e09dfe
No related branches found
No related tags found
No related merge requests found
......@@ -460,7 +460,7 @@ int ip6_forward(struct sk_buff *skb)
goto drop;
if (!net->ipv6.devconf_all->disable_policy &&
!idev->cnf.disable_policy &&
(!idev || !idev->cnf.disable_policy) &&
!xfrm6_policy_check(NULL, XFRM_POLICY_FWD, skb)) {
__IP6_INC_STATS(net, idev, IPSTATS_MIB_INDISCARDS);
goto drop;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment