1 From: Felix Fietkau <nbd@nbd.name>
2 Date: Fri, 6 May 2022 12:43:58 +0200
3 Subject: [PATCH] netfilter: nft_flow_offload: skip dst neigh lookup for
6 The dst entry does not contain a valid hardware address, so skip the lookup
7 in order to avoid running into errors here.
8 The proper hardware address is filled in from nft_dev_path_info
10 Signed-off-by: Felix Fietkau <nbd@nbd.name>
13 --- a/net/netfilter/nft_flow_offload.c
14 +++ b/net/netfilter/nft_flow_offload.c
15 @@ -36,6 +36,15 @@ static void nft_default_forward_path(str
16 route->tuple[dir].xmit_type = nft_xmit_type(dst_cache);
19 +static bool nft_is_valid_ether_device(const struct net_device *dev)
21 + if (!dev || (dev->flags & IFF_LOOPBACK) || dev->type != ARPHRD_ETHER ||
22 + dev->addr_len != ETH_ALEN || !is_valid_ether_addr(dev->dev_addr))
28 static int nft_dev_fill_forward_path(const struct nf_flow_route *route,
29 const struct dst_entry *dst_cache,
30 const struct nf_conn *ct,
31 @@ -47,6 +56,9 @@ static int nft_dev_fill_forward_path(con
35 + if (!nft_is_valid_ether_device(dev))
38 n = dst_neigh_lookup(dst_cache, daddr);
41 @@ -60,6 +72,7 @@ static int nft_dev_fill_forward_path(con
42 if (!(nud_state & NUD_VALID))
46 return dev_fill_forward_path(dev, ha, stack);
49 @@ -78,15 +91,6 @@ struct nft_forward_info {
50 enum flow_offload_xmit_type xmit_type;
53 -static bool nft_is_valid_ether_device(const struct net_device *dev)
55 - if (!dev || (dev->flags & IFF_LOOPBACK) || dev->type != ARPHRD_ETHER ||
56 - dev->addr_len != ETH_ALEN || !is_valid_ether_addr(dev->dev_addr))
62 static void nft_dev_path_info(const struct net_device_path_stack *stack,
63 struct nft_forward_info *info,
64 unsigned char *ha, struct nf_flowtable *flowtable)