[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20130908180052.GB21070@order.stressinduktion.org>
Date: Sun, 8 Sep 2013 20:00:52 +0200
From: Hannes Frederic Sowa <hannes@...essinduktion.org>
To: Duan Jiong <duanj.fnst@...fujitsu.com>
Cc: davem@...emloft.net, netdev@...r.kernel.org
Subject: Re: [PATCH v4] ipv6:introduce function to find route for redirect
On Wed, Sep 04, 2013 at 08:06:11PM +0800, Duan Jiong wrote:
> 于 2013年09月04日 03:17, Hannes Frederic Sowa 写道:
> > On Tue, Sep 03, 2013 at 01:37:19PM +0800, Duan Jiong wrote:
> >>> Btw. I still think it should be possible to eliminate
> >>> ip6_redirect_no_header:
> >>>
> >>> We could always use ip6_redirect_no_header and use the data of the redirected
> >>> header option just for finding the socket to be notified. We can do the whole
> >>> verification and route updating in ndisc layer and then just call into icmpv6
> >>> layer if upper protocols need a notification of the redirect. But that should
> >>> go into another patch. ;)
> >>>
> >>
> >> I think this is good, but i have a question below:
> >>
> >> if the socket type is connection-based, the dst information is stored in related
> >> sock struct, so there is no need to look up the route for redirect in ip6_redirect
> >> or ip6_redirect_no_header, in this case, we do the verification and route
> >> updating in the upper protocols' err_handler is better.
> >>
> >> How do you think of this?
> >
> > This should not be a problem, because every cached dst should be validated
> > with ip6_dst_check before it is used. It uses the fib6_node serial number
> > which is incremented for all fib6_nodes on the path to the new installed
> > node by fib6_add_1. So we are safe here.
> >
> > Btw. this is the same logic redirects get currently picked up, too.
> >
>
> Thanks for you answer, but i still have some questions on dealing with redirect
> in ip4ip6_err() and ipip6_err(), and i need some time to learn more about them.
> So i only send one patch to fix the bug.
Coverity discovered that the redirect code in ip6_tunnel.c is logically
dead, which is correct:
639 }
640 if (rel_type == ICMP_REDIRECT)
641 skb_dst(skb2)->ops->redirect(skb_dst(skb2), NULL, skb2);
642
643 icmp_send(skb2, rel_type, rel_code, htonl(rel_info));
rel_type will never be ICMP_REDIRECT in line 640 because of the updates
to rel_type in ip6_tnl_err.
My guess is that we need to move the call to ->redirect to ip6_tnl_err
and afterwards set rel_msg to 0 or we factor out the calls to ->redirect
into the ndisc layer.
I hope this clears up some confusion you had in ip6ip6_err.
Greetings,
Hannes
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists