MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-10-22 23:13:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
de9476bb4f
linux-yocto/net/ipv6
History
Fabian Bläse 348a01c857 icmp: fix icmp_ndo_send address translation for reply direction 
[ Upstream commit c6dd1aa2cbb72b33e0569f3e71d95792beab5042 ]

The icmp_ndo_send function was originally introduced to ensure proper
rate limiting when icmp_send is called by a network device driver,
where the packet's source address may have already been transformed
by SNAT.

However, the original implementation only considers the
IP_CT_DIR_ORIGINAL direction for SNAT and always replaced the packet's
source address with that of the original-direction tuple. This causes
two problems:

1. For SNAT:
   Reply-direction packets were incorrectly translated using the source
   address of the CT original direction, even though no translation is
   required.

2. For DNAT:
   Reply-direction packets were not handled at all. In DNAT, the original
   direction's destination is translated. Therefore, in the reply
   direction the source address must be set to the reply-direction
   source, so rate limiting works as intended.

Fix this by using the connection direction to select the correct tuple
for source address translation, and adjust the pre-checks to handle
reply-direction packets in case of DNAT.

Additionally, wrap the `ct->status` access in READ_ONCE(). This avoids
possible KCSAN reports about concurrent updates to `ct->status`.

Fixes: 0b41713b60 ("icmp: introduce helper for nat'd source address in network device context")
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Cc: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-09-09 18:50:18 +02:00
..
ila net: Fix checksum update for ILA adj-transport 2025-06-27 11:05:38 +01:00
netfilter netfilter: nf_reject: don't leak dst refcount for loopback packets 2025-08-28 16:24:39 +02:00
addrconf_core.c ipv6: Ensure natural alignment of const ipv6 loopback and router addresses 2024-02-23 08:54:54 +01:00
addrconf.c ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc(). 2025-08-28 16:24:21 +02:00
addrlabel.c
af_inet6.c net: inet6: do not leave a dangling sk pointer in inet6_create() 2024-12-14 19:51:37 +01:00
ah6.c
anycast.c
calipso.c calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). 2025-06-27 11:05:36 +01:00
datagram.c
esp6_offload.c
esp6.c net: esp: cleanup esp_output_tail_tcp() in case of unsupported ESPINTCP 2024-08-19 05:44:55 +02:00
exthdrs_core.c
exthdrs_offload.c
exthdrs.c
fib6_notifier.c
fib6_rules.c ip: fib_rules: Fetch net from fib_rule in fib[46]_rule_configure(). 2025-06-04 14:38:03 +02:00
fou6.c
icmp.c
inet6_connection_sock.c
inet6_hashtables.c net: remove duplicate reuseport_lookup functions 2024-06-16 13:39:21 +02:00
ioam6_iptunnel.c
ioam6.c
ip6_checksum.c
ip6_fib.c ipv6: fix possible race in __fib6_drop_pcpu_from() 2024-07-05 09:14:09 +02:00
ip6_flowlabel.c
ip6_gre.c erspan: make sure erspan_base_hdr is present in skb->head 2024-04-10 16:19:38 +02:00
ip6_icmp.c icmp: fix icmp_ndo_send address translation for reply direction 2025-09-09 18:50:18 +02:00
ip6_input.c ipv6: annotate data-races around cnf.disable_ipv6 2024-07-18 13:07:43 +02:00
ip6_offload.c ipv6: reject malicious packets in ipv6_gso_segment() 2025-08-28 16:24:13 +02:00
ip6_offload.h
ip6_output.c Revert "ipv6: save dontfrag in cork" 2025-07-10 15:57:42 +02:00
ip6_tunnel.c ip6_tunnel: Fix broken GRO 2024-09-04 13:23:32 +02:00
ip6_udp_tunnel.c
ip6_vti.c
ip6mr.c
ipcomp6.c
ipv6_sockglue.c tcp: Fix data races around icsk->icsk_af_ops. 2024-07-05 09:14:51 +02:00
Kconfig net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL 2024-10-17 15:11:08 +02:00
Makefile
mcast_snoop.c
mcast.c ipv6: mcast: Check inet6_dev->dead under idev->mc_lock in __ipv6_dev_mc_inc(). 2025-08-28 16:24:21 +02:00
mip6.c
ndisc.c ndisc: extend RCU protection in ndisc_send_skb() 2025-03-13 12:50:44 +01:00
netfilter.c netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it 2025-06-27 11:05:12 +01:00
output_core.c
ping.c
proc.c
protocol.c
raw.c
reassembly.c net: ipv6: fix wrong start position when receive hop-by-hop fragment 2024-06-16 13:39:25 +02:00
route.c ipv6: release nexthop on device removal 2025-05-02 07:44:18 +02:00
rpl_iptunnel.c rpl: Fix use-after-free in rpl_do_srh_inline(). 2025-08-28 16:24:01 +02:00
rpl.c
seg6_hmac.c ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add 2025-08-28 16:24:38 +02:00
seg6_iptunnel.c net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels 2025-03-13 12:51:13 +01:00
seg6_local.c seg6: Fix validation of nexthop addresses 2025-06-27 11:05:18 +01:00
seg6.c ipv6: sr: fix invalid unregister error path 2024-06-16 13:39:26 +02:00
sit.c
syncookies.c dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. 2023-11-20 11:08:28 +01:00
sysctl_net_ipv6.c
tcp_ipv6.c net: fix data-races around sk->sk_forward_alloc 2025-01-23 17:16:04 +01:00
tcpv6_offload.c
tunnel6.c
udp_impl.h
udp_offload.c gro: remove rcu_read_lock/rcu_read_unlock from gro_receive handlers 2024-09-12 11:07:47 +02:00
udp.c udp: gso: do not drop small packets when PMTU reduces 2025-03-13 12:50:22 +01:00
udplite.c
xfrm6_input.c xfrm: Preserve vlan tags for transport mode software GRO 2024-05-17 11:50:57 +02:00
xfrm6_output.c
xfrm6_policy.c xfrm: respect ip protocols rules criteria when performing dst lookups 2024-11-01 01:52:36 +01:00
xfrm6_protocol.c
xfrm6_state.c
xfrm6_tunnel.c