Merge branch 'net-ipv6-Address-checks-need-to-consider-the-L3-domain'

int ipv6_chk_addr(struct net *net, const struct in6_addr *addr,

		  const struct net_device *dev, int strict);

int ipv6_chk_addr_and_flags(struct net *net, const struct in6_addr *addr,

			    const struct net_device *dev, int strict,

			    u32 banned_flags);

			    const struct net_device *dev, bool skip_dev_check,

			    int strict, u32 banned_flags);

#if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)

int ipv6_chk_home_addr(struct net *net, const struct in6_addr *addr);

int ipv6_chk_addr(struct net *net, const struct in6_addr *addr,

		  const struct net_device *dev, int strict)

{

	return ipv6_chk_addr_and_flags(net, addr, dev, strict, IFA_F_TENTATIVE);

	return ipv6_chk_addr_and_flags(net, addr, dev, !dev,

				       strict, IFA_F_TENTATIVE);

}

EXPORT_SYMBOL(ipv6_chk_addr);

/* device argument is used to find the L3 domain of interest. If

 * skip_dev_check is set, then the ifp device is not checked against

 * the passed in dev argument. So the 2 cases for addresses checks are:

 *   1. does the address exist in the L3 domain that dev is part of

 *      (skip_dev_check = true), or

 *

 *   2. does the address exist on the specific device

 *      (skip_dev_check = false)

 */

int ipv6_chk_addr_and_flags(struct net *net, const struct in6_addr *addr,

			    const struct net_device *dev, int strict,

			    u32 banned_flags)

			    const struct net_device *dev, bool skip_dev_check,

			    int strict, u32 banned_flags)

{

	unsigned int hash = inet6_addr_hash(net, addr);

	const struct net_device *l3mdev;

	struct inet6_ifaddr *ifp;

	u32 ifp_flags;

	rcu_read_lock();

	l3mdev = l3mdev_master_dev_rcu(dev);

	if (skip_dev_check)

		dev = NULL;

	hlist_for_each_entry_rcu(ifp, &inet6_addr_lst[hash], addr_lst) {

		if (!net_eq(dev_net(ifp->idev->dev), net))

			continue;

		if (l3mdev_master_dev_rcu(ifp->idev->dev) != l3mdev)

			continue;

		/* Decouple optimistic from tentative for evaluation here.

		 * Ban optimistic addresses explicitly, when required.

		 */

		return -EPERM;

	if (ipv6_addr_is_multicast(addr))

		return -EINVAL;

	if (ipv6_chk_addr(net, addr, NULL, 0))

	if (ifindex)

		dev = __dev_get_by_index(net, ifindex);

	if (ipv6_chk_addr_and_flags(net, addr, dev, true, 0, IFA_F_TENTATIVE))

		return -EINVAL;

	pac = sock_kmalloc(sk, sizeof(struct ipv6_ac_socklist), GFP_KERNEL);

			dev = __dev_get_by_flags(net, IFF_UP,

						 IFF_UP | IFF_LOOPBACK);

		}

	} else

		dev = __dev_get_by_index(net, ifindex);

	}

	if (!dev) {

		err = -ENODEV;

			if (addr_type != IPV6_ADDR_ANY) {

				int strict = __ipv6_addr_src_scope(addr_type) <= IPV6_ADDR_SCOPE_LINKLOCAL;

				if (!(inet_sk(sk)->freebind || inet_sk(sk)->transparent) &&

				    !ipv6_chk_addr(net, &src_info->ipi6_addr,

						   strict ? dev : NULL, 0) &&

				    !ipv6_chk_addr_and_flags(net, &src_info->ipi6_addr,

							     dev, !strict, 0,

							     IFA_F_TENTATIVE) &&

				    !ipv6_chk_acast_addr_src(net, dev,

							     &src_info->ipi6_addr))

					err = -EINVAL;

			ldev = dev_get_by_index_rcu(net, p->link);

		if ((ipv6_addr_is_multicast(laddr) ||

		     likely(ipv6_chk_addr(net, laddr, ldev, 0))) &&

		     likely(ipv6_chk_addr_and_flags(net, laddr, ldev, false,

						    0, IFA_F_TENTATIVE))) &&

		    ((p->flags & IP6_TNL_F_ALLOW_LOCAL_REMOTE) ||

		     likely(!ipv6_chk_addr(net, raddr, NULL, 0))))

		     likely(!ipv6_chk_addr_and_flags(net, raddr, ldev, true,

						     0, IFA_F_TENTATIVE))))

			ret = 1;

	}

	return ret;

		if (p->link)

			ldev = dev_get_by_index_rcu(net, p->link);

		if (unlikely(!ipv6_chk_addr(net, laddr, ldev, 0)))

		if (unlikely(!ipv6_chk_addr_and_flags(net, laddr, ldev, false,

						      0, IFA_F_TENTATIVE)))

			pr_warn("%s xmit: Local address not yet configured!\n",

				p->name);

		else if (!(p->flags & IP6_TNL_F_ALLOW_LOCAL_REMOTE) &&

			 !ipv6_addr_is_multicast(raddr) &&

			 unlikely(ipv6_chk_addr(net, raddr, NULL, 0)))

			 unlikely(ipv6_chk_addr_and_flags(net, raddr, ldev,

							  true, 0, IFA_F_TENTATIVE)))

			pr_warn("%s xmit: Routing loop! Remote address found on this node!\n",

				p->name);

		else