zebra: fix detection of VRF misconfiguration

The netlink_vrf_change() function is called both when a VRF device is created in the Linux kernel and when it is activated. This commit changes this function to perform the VRF misconfiguration detection only when the VRF device is created, as doing the check twice would cause a false positive followed by a hard failure (not to mention the double check is unnecessary since the VRF table ID can't change once the device is created). Fixes #6319. Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2025-06-06 01:16:01 +00:00 · 2020-04-29 23:12:22 -03:00 · 2020-04-29 23:12:22 -03:00 · 2e86d16d99
commit 2e86d16d99
parent 31b5355d6f
1 changed files with 13 additions and 10 deletions
--- a/zebra/if_netlink.c
+++ b/zebra/if_netlink.c
@ -310,22 +310,25 @@ static void netlink_vrf_change(struct nlmsghdr *h, struct rtattr *tb,
 	nl_table_id = *(uint32_t *)RTA_DATA(attr[IFLA_VRF_TABLE]);

 	if (h->nlmsg_type == RTM_NEWLINK) {
-		vrf_id_t exist_id;
-
 		if (IS_ZEBRA_DEBUG_KERNEL)
 			zlog_debug("RTM_NEWLINK for VRF %s(%u) table %u", name,
 				   ifi->ifi_index, nl_table_id);

-		exist_id = vrf_lookup_by_table(nl_table_id, ns_id);
-		if (exist_id != VRF_DEFAULT) {
-			vrf = vrf_lookup_by_id(exist_id);
+		if (!vrf_lookup_by_id((vrf_id_t)ifi->ifi_index)) {
+			vrf_id_t exist_id;

-			flog_err(
-				EC_ZEBRA_VRF_MISCONFIGURED,
-				"VRF %s id %u table id overlaps existing vrf %s, misconfiguration exiting",
-				name, ifi->ifi_index, vrf->name);
-			exit(-1);
+			exist_id = vrf_lookup_by_table(nl_table_id, ns_id);
+			if (exist_id != VRF_DEFAULT) {
+				vrf = vrf_lookup_by_id(exist_id);
+
+				flog_err(
+					EC_ZEBRA_VRF_MISCONFIGURED,
+					"VRF %s id %u table id overlaps existing vrf %s, misconfiguration exiting",
+					name, ifi->ifi_index, vrf->name);
+				exit(-1);
+			}
 		}
+
 		/*
 		 * vrf_get is implied creation if it does not exist
 		 */