net/ipv4: Move device validation to helper

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Move the device matching check in __fib_validate_source to a helper and
export it for use by netfilter modules. Code move only; no functional
change intended.

Signed-off-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

David Ahern and committed by

David S. Miller 7 years ago 78f2756c 5678cb3c

+28 -17

2 changed files

expand all

include

net

ip_fib.h

net

ipv4

fib_frontend.c

include/net/ip_fib.h

··· 373 373 extern const struct nla_policy rtm_ipv4_policy[]; 374 374 void ip_fib_init(void); 375 375 __be32 fib_compute_spec_dst(struct sk_buff *skb); 376 + bool fib_info_nh_uses_dev(struct fib_info *fi, const struct net_device *dev); 376 377 int fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, 377 378 u8 tos, int oif, struct net_device *dev, 378 379 struct in_device *idev, u32 *itag);

+27 -17

net/ipv4/fib_frontend.c

··· 315 315 return inet_select_addr(dev, ip_hdr(skb)->saddr, scope); 316 316 } 317 317 318 + bool fib_info_nh_uses_dev(struct fib_info *fi, const struct net_device *dev) 319 + { 320 + bool dev_match = false; 321 + int ret; 322 + 323 + #ifdef CONFIG_IP_ROUTE_MULTIPATH 324 + for (ret = 0; ret < fi->fib_nhs; ret++) { 325 + struct fib_nh *nh = &fi->fib_nh[ret]; 326 + 327 + if (nh->nh_dev == dev) { 328 + dev_match = true; 329 + break; 330 + } else if (l3mdev_master_ifindex_rcu(nh->nh_dev) == dev->ifindex) { 331 + dev_match = true; 332 + break; 333 + } 334 + } 335 + #else 336 + if (fi->fib_nh[0].nh_dev == dev) 337 + dev_match = true; 338 + #endif 339 + 340 + return dev_match; 341 + } 342 + EXPORT_SYMBOL_GPL(fib_info_nh_uses_dev); 343 + 318 344 /* Given (packet source, input interface) and optional (dst, oif, tos): 319 345 * - (main) check, that source is valid i.e. not broadcast or our local 320 346 * address. ··· 387 361 (res.type != RTN_LOCAL || !IN_DEV_ACCEPT_LOCAL(idev))) 388 362 goto e_inval; 389 363 fib_combine_itag(itag, &res); 390 - dev_match = false; 391 364 392 - #ifdef CONFIG_IP_ROUTE_MULTIPATH 393 - for (ret = 0; ret < res.fi->fib_nhs; ret++) { 394 - struct fib_nh *nh = &res.fi->fib_nh[ret]; 395 - 396 - if (nh->nh_dev == dev) { 397 - dev_match = true; 398 - break; 399 - } else if (l3mdev_master_ifindex_rcu(nh->nh_dev) == dev->ifindex) { 400 - dev_match = true; 401 - break; 402 - } 403 - } 404 - #else 405 - if (FIB_RES_DEV(res) == dev) 406 - dev_match = true; 407 - #endif 365 + dev_match = fib_info_nh_uses_dev(res.fi, dev); 408 366 if (dev_match) { 409 367 ret = FIB_RES_NH(res).nh_scope >= RT_SCOPE_HOST; 410 368 return ret;