These changes are the raw update to linux-4.4.6-rt14. Kernel sources

[kvmfornfv.git] / kernel / net / ipv4 / icmp.c

diff --git a/kernel/net/ipv4/icmp.c b/kernel/net/ipv4/icmp.c
index be5fd9b..74314d9 100644 (file)
--- a/kernel/net/ipv4/icmp.c
+++ b/kernel/net/ipv4/icmp.c
@@ -97,6 +97,7 @@
 #include <net/xfrm.h>
 #include <net/inet_common.h>
 #include <net/ip_fib.h>
+#include <net/l3mdev.h>
 
 /*
  *     Build xmit assembly blocks
@@ -309,9 +310,10 @@ static bool icmpv4_xrlim_allow(struct net *net, struct rtable *rt,
 
        rc = false;
        if (icmp_global_allow()) {
+               int vif = l3mdev_master_ifindex(dst->dev);
                struct inet_peer *peer;
 
-               peer = inet_getpeer_v4(net->ipv4.peers, fl4->daddr, 1);
+               peer = inet_getpeer_v4(net->ipv4.peers, fl4->daddr, vif, 1);
                rc = inet_peer_xrlim_allow(peer,
                                           net->ipv4.sysctl_icmp_ratelimit);
                if (peer)
@@ -426,6 +428,7 @@ static void icmp_reply(struct icmp_bxm *icmp_param, struct sk_buff *skb)
        fl4.flowi4_mark = mark;
        fl4.flowi4_tos = RT_TOS(ip_hdr(skb)->tos);
        fl4.flowi4_proto = IPPROTO_ICMP;
+       fl4.flowi4_oif = l3mdev_master_ifindex(skb->dev);
        security_skb_classify_flow(skb, flowi4_to_flowi(&fl4));
        rt = ip_route_output_key(net, &fl4);
        if (IS_ERR(rt))
@@ -438,6 +441,22 @@ out_unlock:
        icmp_xmit_unlock(sk);
 }
 
+#ifdef CONFIG_IP_ROUTE_MULTIPATH
+
+/* Source and destination is swapped. See ip_multipath_icmp_hash */
+static int icmp_multipath_hash_skb(const struct sk_buff *skb)
+{
+       const struct iphdr *iph = ip_hdr(skb);
+
+       return fib_multipath_hash(iph->daddr, iph->saddr);
+}
+
+#else
+
+#define icmp_multipath_hash_skb(skb) (-1)
+
+#endif
+
 static struct rtable *icmp_route_lookup(struct net *net,
                                        struct flowi4 *fl4,
                                        struct sk_buff *skb_in,
@@ -459,8 +478,11 @@ static struct rtable *icmp_route_lookup(struct net *net,
        fl4->flowi4_proto = IPPROTO_ICMP;
        fl4->fl4_icmp_type = type;
        fl4->fl4_icmp_code = code;
+       fl4->flowi4_oif = l3mdev_master_ifindex(skb_in->dev);
+
        security_skb_classify_flow(skb_in, flowi4_to_flowi(fl4));
-       rt = __ip_route_output_key(net, fl4);
+       rt = __ip_route_output_key_hash(net, fl4,
+                                       icmp_multipath_hash_skb(skb_in));
        if (IS_ERR(rt))
                return rt;
 
@@ -481,7 +503,8 @@ static struct rtable *icmp_route_lookup(struct net *net,
        if (err)
                goto relookup_failed;
 
-       if (inet_addr_type(net, fl4_dec.saddr) == RTN_LOCAL) {
+       if (inet_addr_type_dev_table(net, skb_in->dev,
+                                    fl4_dec.saddr) == RTN_LOCAL) {
                rt2 = __ip_route_output_key(net, &fl4_dec);
                if (IS_ERR(rt2))
                        err = PTR_ERR(rt2);
@@ -497,6 +520,7 @@ static struct rtable *icmp_route_lookup(struct net *net,
                }
                /* Ugh! */
                orefdst = skb_in->_skb_refdst; /* save old refdst */
+               skb_dst_set(skb_in, NULL);
                err = ip_route_input(skb_in, fl4_dec.daddr, fl4_dec.saddr,
                                     RT_TOS(tos), rt2->dst.dev);
 
@@ -829,7 +853,7 @@ static bool icmp_unreach(struct sk_buff *skb)
         */
 
        if (!net->ipv4.sysctl_icmp_ignore_bogus_error_responses &&
-           inet_addr_type(net, iph->daddr) == RTN_BROADCAST) {
+           inet_addr_type_dev_table(net, skb->dev, iph->daddr) == RTN_BROADCAST) {
                net_warn_ratelimited("%pI4 sent an invalid ICMP type %u, code %u error to a broadcast: %pI4 on %s\n",
                                     &ip_hdr(skb)->saddr,
                                     icmph->type, icmph->code,