| b.liu | e958203 | 2025-04-17 19:18:16 +0800 | [diff] [blame] | 1 | From: Sven Eckelmann <sven@narfation.org> |
| 2 | Date: Wed, 2 Mar 2022 19:49:46 +0100 |
| 3 | Subject: batman-adv: Don't expect inter-netns unique iflink indices |
| 4 | |
| 5 | The ifindex doesn't have to be unique for multiple network namespaces on |
| 6 | the same machine. |
| 7 | |
| 8 | $ ip netns add test1 |
| 9 | $ ip -net test1 link add dummy1 type dummy |
| 10 | $ ip netns add test2 |
| 11 | $ ip -net test2 link add dummy2 type dummy |
| 12 | |
| 13 | $ ip -net test1 link show dev dummy1 |
| 14 | 6: dummy1: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 |
| 15 | link/ether 96:81:55:1e:dd:85 brd ff:ff:ff:ff:ff:ff |
| 16 | $ ip -net test2 link show dev dummy2 |
| 17 | 6: dummy2: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 |
| 18 | link/ether 5a:3c:af:35:07:c3 brd ff:ff:ff:ff:ff:ff |
| 19 | |
| 20 | But the batman-adv code to walk through the various layers of virtual |
| 21 | interfaces uses this assumption because dev_get_iflink handles it |
| 22 | internally and doesn't return the actual netns of the iflink. And |
| 23 | dev_get_iflink only documents the situation where ifindex == iflink for |
| 24 | physical devices. |
| 25 | |
| 26 | But only checking for dev->netdev_ops->ndo_get_iflink is also not an option |
| 27 | because ipoib_get_iflink implements it even when it sometimes returns an |
| 28 | iflink != ifindex and sometimes iflink == ifindex. The caller must |
| 29 | therefore make sure itself to check both netns and iflink + ifindex for |
| 30 | equality. Only when they are equal, a "physical" interface was detected |
| 31 | which should stop the traversal. On the other hand, vxcan_get_iflink can |
| 32 | also return 0 in case there was currently no valid peer. In this case, it |
| 33 | is still necessary to stop. |
| 34 | |
| 35 | Fixes: 3d48811b27f5 ("batman-adv: prevent using any virtual device created on batman-adv as hard-interface") |
| 36 | Fixes: 2b45bb6c3aad ("batman-adv: additional checks for virtual interfaces on top of WiFi") |
| 37 | Reported-by: Sabrina Dubroca <sd@queasysnail.net> |
| 38 | Signed-off-by: Sven Eckelmann <sven@narfation.org> |
| 39 | Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/0aac7a9fbbbeec25f2f54a9e6d53ea91217ba720 |
| 40 | |
| 41 | --- a/net/batman-adv/hard-interface.c |
| 42 | +++ b/net/batman-adv/hard-interface.c |
| 43 | @@ -157,13 +157,15 @@ static bool batadv_is_on_batman_iface(co |
| 44 | return true; |
| 45 | |
| 46 | iflink = dev_get_iflink(net_dev); |
| 47 | - |
| 48 | - /* no more parents..stop recursion */ |
| 49 | - if (iflink == 0 || iflink == net_dev->ifindex) |
| 50 | + if (iflink == 0) |
| 51 | return false; |
| 52 | |
| 53 | parent_net = batadv_getlink_net(net_dev, net); |
| 54 | |
| 55 | + /* iflink to itself, most likely physical device */ |
| 56 | + if (net == parent_net && iflink == net_dev->ifindex) |
| 57 | + return false; |
| 58 | + |
| 59 | /* recurse over the parent device */ |
| 60 | parent_dev = __dev_get_by_index((struct net *)parent_net, iflink); |
| 61 | /* if we got a NULL parent_dev there is something broken.. */ |
| 62 | @@ -223,8 +225,7 @@ static struct net_device *batadv_get_rea |
| 63 | return NULL; |
| 64 | |
| 65 | iflink = dev_get_iflink(netdev); |
| 66 | - |
| 67 | - if (netdev->ifindex == iflink) { |
| 68 | + if (iflink == 0) { |
| 69 | dev_hold(netdev); |
| 70 | return netdev; |
| 71 | } |
| 72 | @@ -235,6 +236,14 @@ static struct net_device *batadv_get_rea |
| 73 | |
| 74 | net = dev_net(hard_iface->soft_iface); |
| 75 | real_net = batadv_getlink_net(netdev, net); |
| 76 | + |
| 77 | + /* iflink to itself, most likely physical device */ |
| 78 | + if (net == real_net && netdev->ifindex == iflink) { |
| 79 | + real_netdev = netdev; |
| 80 | + dev_hold(real_netdev); |
| 81 | + goto out; |
| 82 | + } |
| 83 | + |
| 84 | real_netdev = dev_get_by_index(real_net, iflink); |
| 85 | |
| 86 | out: |