Hi Roi,
On Sun, Apr 11, 2021 at 11:13:34AM +0300, Roi Dayan wrote:
> It could be dst_cache was not set so check it's not null before using
> it.
Could you give a try to this fix?
net/sched/act_ct.c leaves the xmit_type as FLOW_OFFLOAD_XMIT_UNSPEC
since it does not cache a route.
Thanks.
> Fixes: 8b9229d15877 ("netfilter: flowtable: dst_check() from garbage
> collector path")
> Signed-off-by: Roi Dayan <[email protected]>
> ---
> net/netfilter/nf_flow_table_core.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/net/netfilter/nf_flow_table_core.c
> b/net/netfilter/nf_flow_table_core.c
> index 76573bae6664..e426077aaed1 100644
> --- a/net/netfilter/nf_flow_table_core.c
> +++ b/net/netfilter/nf_flow_table_core.c
> @@ -410,6 +410,8 @@ static bool flow_offload_stale_dst(struct
> flow_offload_tuple *tuple)
> if (tuple->xmit_type == FLOW_OFFLOAD_XMIT_NEIGH ||
> tuple->xmit_type == FLOW_OFFLOAD_XMIT_XFRM) {
> dst = tuple->dst_cache;
> + if (!dst)
> + return false;
> if (!dst_check(dst, tuple->dst_cookie))
> return true;
> }
> --
> 2.26.2
>
diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h
index 583b327d8fc0..9b42c6523b4d 100644
--- a/include/net/netfilter/nf_flow_table.h
+++ b/include/net/netfilter/nf_flow_table.h
@@ -90,7 +90,8 @@ enum flow_offload_tuple_dir {
#define FLOW_OFFLOAD_DIR_MAX IP_CT_DIR_MAX
enum flow_offload_xmit_type {
- FLOW_OFFLOAD_XMIT_NEIGH = 0,
+ FLOW_OFFLOAD_XMIT_UNSPEC = 0,
+ FLOW_OFFLOAD_XMIT_NEIGH,
FLOW_OFFLOAD_XMIT_XFRM,
FLOW_OFFLOAD_XMIT_DIRECT,
};
diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c
index 76573bae6664..ea23a36dc14e 100644
--- a/net/netfilter/nf_flow_table_core.c
+++ b/net/netfilter/nf_flow_table_core.c
@@ -130,6 +130,9 @@ static int flow_offload_fill_route(struct flow_offload *flow,
flow_tuple->dst_cache = dst;
flow_tuple->dst_cookie = flow_offload_dst_cookie(flow_tuple);
break;
+ case FLOW_OFFLOAD_XMIT_UNSPEC:
+ WARN_ON_ONCE(1);
+ break;
}
flow_tuple->xmit_type = route->tuple[dir].xmit_type;
