Merge branch 'SO_MARK-routing'
Jakub Kicinski says: ==================== udp6: allow SO_MARK ctrl msg to affect routing Looks like SO_MARK from cmsg does not affect routing policy. This seems accidental. I opted for net because of the discrepancy between IPv4 and IPv6, but it never worked and doesn't cause crashes.. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Коммит
7be49d242b
|
@ -1435,7 +1435,6 @@ do_udp_sendmsg:
|
|||
if (!fl6.flowi6_oif)
|
||||
fl6.flowi6_oif = np->sticky_pktinfo.ipi6_ifindex;
|
||||
|
||||
fl6.flowi6_mark = ipc6.sockc.mark;
|
||||
fl6.flowi6_uid = sk->sk_uid;
|
||||
|
||||
if (msg->msg_controllen) {
|
||||
|
@ -1471,6 +1470,7 @@ do_udp_sendmsg:
|
|||
ipc6.opt = opt;
|
||||
|
||||
fl6.flowi6_proto = sk->sk_protocol;
|
||||
fl6.flowi6_mark = ipc6.sockc.mark;
|
||||
fl6.daddr = *daddr;
|
||||
if (ipv6_addr_any(&fl6.saddr) && !ipv6_addr_any(&np->saddr))
|
||||
fl6.saddr = np->saddr;
|
||||
|
|
|
@ -35,3 +35,4 @@ test_unix_oob
|
|||
gro
|
||||
ioam6_parser
|
||||
toeplitz
|
||||
cmsg_so_mark
|
||||
|
|
|
@ -28,6 +28,7 @@ TEST_PROGS += veth.sh
|
|||
TEST_PROGS += ioam6.sh
|
||||
TEST_PROGS += gro.sh
|
||||
TEST_PROGS += gre_gso.sh
|
||||
TEST_PROGS += cmsg_so_mark.sh
|
||||
TEST_PROGS_EXTENDED := in_netns.sh
|
||||
TEST_GEN_FILES = socket nettest
|
||||
TEST_GEN_FILES += psock_fanout psock_tpacket msg_zerocopy reuseport_addr_any
|
||||
|
@ -44,6 +45,7 @@ TEST_GEN_FILES += gro
|
|||
TEST_GEN_PROGS = reuseport_bpf reuseport_bpf_cpu reuseport_bpf_numa
|
||||
TEST_GEN_PROGS += reuseport_dualstack reuseaddr_conflict tls
|
||||
TEST_GEN_FILES += toeplitz
|
||||
TEST_GEN_FILES += cmsg_so_mark
|
||||
|
||||
TEST_FILES := settings
|
||||
|
||||
|
|
|
@ -0,0 +1,67 @@
|
|||
// SPDX-License-Identifier: GPL-2.0-or-later
|
||||
#include <errno.h>
|
||||
#include <netdb.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <linux/types.h>
|
||||
#include <sys/socket.h>
|
||||
|
||||
int main(int argc, const char **argv)
|
||||
{
|
||||
char cbuf[CMSG_SPACE(sizeof(__u32))];
|
||||
struct addrinfo hints, *ai;
|
||||
struct cmsghdr *cmsg;
|
||||
struct iovec iov[1];
|
||||
struct msghdr msg;
|
||||
int mark;
|
||||
int err;
|
||||
int fd;
|
||||
|
||||
if (argc != 4) {
|
||||
fprintf(stderr, "Usage: %s <dst_ip> <port> <mark>\n", argv[0]);
|
||||
return 1;
|
||||
}
|
||||
mark = atoi(argv[3]);
|
||||
|
||||
memset(&hints, 0, sizeof(hints));
|
||||
hints.ai_family = AF_UNSPEC;
|
||||
hints.ai_socktype = SOCK_DGRAM;
|
||||
|
||||
ai = NULL;
|
||||
err = getaddrinfo(argv[1], argv[2], &hints, &ai);
|
||||
if (err) {
|
||||
fprintf(stderr, "Can't resolve address: %s\n", strerror(errno));
|
||||
return 1;
|
||||
}
|
||||
|
||||
fd = socket(ai->ai_family, SOCK_DGRAM, IPPROTO_UDP);
|
||||
if (fd < 0) {
|
||||
fprintf(stderr, "Can't open socket: %s\n", strerror(errno));
|
||||
freeaddrinfo(ai);
|
||||
return 1;
|
||||
}
|
||||
|
||||
iov[0].iov_base = "bla";
|
||||
iov[0].iov_len = 4;
|
||||
|
||||
msg.msg_name = ai->ai_addr;
|
||||
msg.msg_namelen = ai->ai_addrlen;
|
||||
msg.msg_iov = iov;
|
||||
msg.msg_iovlen = 1;
|
||||
msg.msg_control = cbuf;
|
||||
msg.msg_controllen = sizeof(cbuf);
|
||||
|
||||
cmsg = CMSG_FIRSTHDR(&msg);
|
||||
cmsg->cmsg_level = SOL_SOCKET;
|
||||
cmsg->cmsg_type = SO_MARK;
|
||||
cmsg->cmsg_len = CMSG_LEN(sizeof(__u32));
|
||||
*(__u32 *)CMSG_DATA(cmsg) = mark;
|
||||
|
||||
err = sendmsg(fd, &msg, 0);
|
||||
|
||||
close(fd);
|
||||
freeaddrinfo(ai);
|
||||
return err != 4;
|
||||
}
|
|
@ -0,0 +1,61 @@
|
|||
#!/bin/bash
|
||||
# SPDX-License-Identifier: GPL-2.0
|
||||
|
||||
NS=ns
|
||||
IP4=172.16.0.1/24
|
||||
TGT4=172.16.0.2
|
||||
IP6=2001:db8:1::1/64
|
||||
TGT6=2001:db8:1::2
|
||||
MARK=1000
|
||||
|
||||
cleanup()
|
||||
{
|
||||
ip netns del $NS
|
||||
}
|
||||
|
||||
trap cleanup EXIT
|
||||
|
||||
# Namespaces
|
||||
ip netns add $NS
|
||||
|
||||
# Connectivity
|
||||
ip -netns $NS link add type dummy
|
||||
ip -netns $NS link set dev dummy0 up
|
||||
ip -netns $NS addr add $IP4 dev dummy0
|
||||
ip -netns $NS addr add $IP6 dev dummy0
|
||||
|
||||
ip -netns $NS rule add fwmark $MARK lookup 300
|
||||
ip -6 -netns $NS rule add fwmark $MARK lookup 300
|
||||
ip -netns $NS route add prohibit any table 300
|
||||
ip -6 -netns $NS route add prohibit any table 300
|
||||
|
||||
# Test
|
||||
BAD=0
|
||||
TOTAL=0
|
||||
|
||||
check_result() {
|
||||
((TOTAL++))
|
||||
if [ $1 -ne $2 ]; then
|
||||
echo " Case $3 returned $1, expected $2"
|
||||
((BAD++))
|
||||
fi
|
||||
}
|
||||
|
||||
ip netns exec $NS ./cmsg_so_mark $TGT4 1234 $((MARK + 1))
|
||||
check_result $? 0 "IPv4 pass"
|
||||
ip netns exec $NS ./cmsg_so_mark $TGT6 1234 $((MARK + 1))
|
||||
check_result $? 0 "IPv6 pass"
|
||||
|
||||
ip netns exec $NS ./cmsg_so_mark $TGT4 1234 $MARK
|
||||
check_result $? 1 "IPv4 rejection"
|
||||
ip netns exec $NS ./cmsg_so_mark $TGT6 1234 $MARK
|
||||
check_result $? 1 "IPv6 rejection"
|
||||
|
||||
# Summary
|
||||
if [ $BAD -ne 0 ]; then
|
||||
echo "FAIL - $BAD/$TOTAL cases failed"
|
||||
exit 1
|
||||
else
|
||||
echo "OK"
|
||||
exit 0
|
||||
fi
|
Загрузка…
Ссылка в новой задаче