net: ipv6: check route protocol when deleting routes (Closes: #855153)
This commit is contained in:
parent
8cf3230524
commit
e035177b13
|
@ -247,6 +247,7 @@ linux (4.9.10-1) UNRELEASED; urgency=medium
|
||||||
* test-patches: Use the pkg.linux.notools build profile
|
* test-patches: Use the pkg.linux.notools build profile
|
||||||
* test-patches: Set default number of jobs to number of available processors
|
* test-patches: Set default number of jobs to number of available processors
|
||||||
* dccp: Disable auto-loading as mitigation against local exploits
|
* dccp: Disable auto-loading as mitigation against local exploits
|
||||||
|
* net: ipv6: check route protocol when deleting routes (Closes: #855153)
|
||||||
|
|
||||||
[ Roger Shimizu ]
|
[ Roger Shimizu ]
|
||||||
* [armel] ARM: dts: orion5x-lschl: Fix model name
|
* [armel] ARM: dts: orion5x-lschl: Fix model name
|
||||||
|
|
32
debian/patches/bugfix/all/net-ipv6-check-route-protocol-when-deleting-routes.patch
vendored
Normal file
32
debian/patches/bugfix/all/net-ipv6-check-route-protocol-when-deleting-routes.patch
vendored
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
From: Mantas M <grawity@gmail.com>
|
||||||
|
Date: Fri, 16 Dec 2016 10:30:59 +0200
|
||||||
|
Subject: net: ipv6: check route protocol when deleting routes
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
Origin: https://git.kernel.org/linus/c2ed1880fd61a998e3ce40254a99a2ad000f1a7d
|
||||||
|
Bug-Debian: https://bugs.debian.org/855153
|
||||||
|
|
||||||
|
The protocol field is checked when deleting IPv4 routes, but ignored for
|
||||||
|
IPv6, which causes problems with routing daemons accidentally deleting
|
||||||
|
externally set routes (observed by multiple bird6 users).
|
||||||
|
|
||||||
|
This can be verified using `ip -6 route del <prefix> proto something`.
|
||||||
|
|
||||||
|
Signed-off-by: Mantas Mikulėnas <grawity@gmail.com>
|
||||||
|
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||||
|
---
|
||||||
|
net/ipv6/route.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
--- a/net/ipv6/route.c
|
||||||
|
+++ b/net/ipv6/route.c
|
||||||
|
@@ -2166,6 +2166,8 @@ static int ip6_route_del(struct fib6_con
|
||||||
|
continue;
|
||||||
|
if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
|
||||||
|
continue;
|
||||||
|
+ if (cfg->fc_protocol && cfg->fc_protocol != rt->rt6i_protocol)
|
||||||
|
+ continue;
|
||||||
|
dst_hold(&rt->dst);
|
||||||
|
read_unlock_bh(&table->tb6_lock);
|
||||||
|
|
|
@ -75,6 +75,7 @@ bugfix/all/nbd-use-loff_t-for-blocksize-and-nbd_set_size-args.patch
|
||||||
bugfix/all/ath9k-fix-null-pointer-dereference.patch
|
bugfix/all/ath9k-fix-null-pointer-dereference.patch
|
||||||
bugfix/all/nbd-fix-64-bit-division.patch
|
bugfix/all/nbd-fix-64-bit-division.patch
|
||||||
bugfix/all/pegasus-use-heap-buffers-for-all-register-access.patch
|
bugfix/all/pegasus-use-heap-buffers-for-all-register-access.patch
|
||||||
|
bugfix/all/net-ipv6-check-route-protocol-when-deleting-routes.patch
|
||||||
|
|
||||||
# Miscellaneous features
|
# Miscellaneous features
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue