From: Renato Westphal Date: Thu, 30 Apr 2020 02:12:22 +0000 (-0300) Subject: zebra: fix detection of VRF misconfiguration X-Git-Tag: base_7.4~18^2 X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=2e86d16d994f793ff9211b966066dfb5c2e9048b;p=matthieu%2Ffrr.git zebra: fix detection of VRF misconfiguration The netlink_vrf_change() function is called both when a VRF device is created in the Linux kernel and when it is activated. This commit changes this function to perform the VRF misconfiguration detection only when the VRF device is created, as doing the check twice would cause a false positive followed by a hard failure (not to mention the double check is unnecessary since the VRF table ID can't change once the device is created). Fixes #6319. Signed-off-by: Renato Westphal --- diff --git a/zebra/if_netlink.c b/zebra/if_netlink.c index 17b6edfed0..429bb968a5 100644 --- a/zebra/if_netlink.c +++ b/zebra/if_netlink.c @@ -310,22 +310,25 @@ static void netlink_vrf_change(struct nlmsghdr *h, struct rtattr *tb, nl_table_id = *(uint32_t *)RTA_DATA(attr[IFLA_VRF_TABLE]); if (h->nlmsg_type == RTM_NEWLINK) { - vrf_id_t exist_id; - if (IS_ZEBRA_DEBUG_KERNEL) zlog_debug("RTM_NEWLINK for VRF %s(%u) table %u", name, ifi->ifi_index, nl_table_id); - exist_id = vrf_lookup_by_table(nl_table_id, ns_id); - if (exist_id != VRF_DEFAULT) { - vrf = vrf_lookup_by_id(exist_id); + if (!vrf_lookup_by_id((vrf_id_t)ifi->ifi_index)) { + vrf_id_t exist_id; - flog_err( - EC_ZEBRA_VRF_MISCONFIGURED, - "VRF %s id %u table id overlaps existing vrf %s, misconfiguration exiting", - name, ifi->ifi_index, vrf->name); - exit(-1); + exist_id = vrf_lookup_by_table(nl_table_id, ns_id); + if (exist_id != VRF_DEFAULT) { + vrf = vrf_lookup_by_id(exist_id); + + flog_err( + EC_ZEBRA_VRF_MISCONFIGURED, + "VRF %s id %u table id overlaps existing vrf %s, misconfiguration exiting", + name, ifi->ifi_index, vrf->name); + exit(-1); + } } + /* * vrf_get is implied creation if it does not exist */