bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup

The bpf_ipv6_fib_lookup function should return BPF_FIB_LKUP_RET_FWD_DISABLED
when forwarding is disabled for the input device.  However instead of checking
if forwarding is enabled on the input device, it checked the global
net->ipv6.devconf_all->forwarding flag.  Change it to behave as expected.

Fixes: 87f5fc7e48dd ("bpf: Provide helper to do forwarding lookups in kernel FIB table")
Signed-off-by: Anton Protopopov <a.s.protopopov@gmail.com>
Acked-by: Toke Høiland-Jørgensen <toke@redhat.com>
Reviewed-by: David Ahern <dsahern@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

diff --git a/net/core/filter.c b/net/core/filter.c
index f615e42cf4eff2336a699cf146be801a1efb1ef7..3fdf1b21be366329f53ca4d53267bf86f5d29ae0 100644 (file)
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -4737,7 +4737,7 @@ static int bpf_ipv6_fib_lookup(struct net *net, struct bpf_fib_lookup *params,
                return -ENODEV;
 
        idev = __in6_dev_get_safely(dev);
-       if (unlikely(!idev || !net->ipv6.devconf_all->forwarding))
+       if (unlikely(!idev || !idev->cnf.forwarding))
                return BPF_FIB_LKUP_RET_FWD_DISABLED;
 
        if (flags & BPF_FIB_LOOKUP_OUTPUT) {