net: ipv6: check route protocol when deleting routes (Closes: #855153)
This commit is contained in:
parent
8cf3230524
commit
e035177b13
|
@ -247,6 +247,7 @@ linux (4.9.10-1) UNRELEASED; urgency=medium
|
|||
* test-patches: Use the pkg.linux.notools build profile
|
||||
* test-patches: Set default number of jobs to number of available processors
|
||||
* dccp: Disable auto-loading as mitigation against local exploits
|
||||
* net: ipv6: check route protocol when deleting routes (Closes: #855153)
|
||||
|
||||
[ Roger Shimizu ]
|
||||
* [armel] ARM: dts: orion5x-lschl: Fix model name
|
||||
|
|
32
debian/patches/bugfix/all/net-ipv6-check-route-protocol-when-deleting-routes.patch
vendored
Normal file
32
debian/patches/bugfix/all/net-ipv6-check-route-protocol-when-deleting-routes.patch
vendored
Normal file
|
@ -0,0 +1,32 @@
|
|||
From: Mantas M <grawity@gmail.com>
|
||||
Date: Fri, 16 Dec 2016 10:30:59 +0200
|
||||
Subject: net: ipv6: check route protocol when deleting routes
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
Origin: https://git.kernel.org/linus/c2ed1880fd61a998e3ce40254a99a2ad000f1a7d
|
||||
Bug-Debian: https://bugs.debian.org/855153
|
||||
|
||||
The protocol field is checked when deleting IPv4 routes, but ignored for
|
||||
IPv6, which causes problems with routing daemons accidentally deleting
|
||||
externally set routes (observed by multiple bird6 users).
|
||||
|
||||
This can be verified using `ip -6 route del <prefix> proto something`.
|
||||
|
||||
Signed-off-by: Mantas Mikulėnas <grawity@gmail.com>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/ipv6/route.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
--- a/net/ipv6/route.c
|
||||
+++ b/net/ipv6/route.c
|
||||
@@ -2166,6 +2166,8 @@ static int ip6_route_del(struct fib6_con
|
||||
continue;
|
||||
if (cfg->fc_metric && cfg->fc_metric != rt->rt6i_metric)
|
||||
continue;
|
||||
+ if (cfg->fc_protocol && cfg->fc_protocol != rt->rt6i_protocol)
|
||||
+ continue;
|
||||
dst_hold(&rt->dst);
|
||||
read_unlock_bh(&table->tb6_lock);
|
||||
|
|
@ -75,6 +75,7 @@ bugfix/all/nbd-use-loff_t-for-blocksize-and-nbd_set_size-args.patch
|
|||
bugfix/all/ath9k-fix-null-pointer-dereference.patch
|
||||
bugfix/all/nbd-fix-64-bit-division.patch
|
||||
bugfix/all/pegasus-use-heap-buffers-for-all-register-access.patch
|
||||
bugfix/all/net-ipv6-check-route-protocol-when-deleting-routes.patch
|
||||
|
||||
# Miscellaneous features
|
||||
|
||||
|
|
Loading…
Reference in New Issue