lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <56A72430.4030107@gmail.com> Date: Tue, 26 Jan 2016 15:45:52 +0800 From: zhuyj <zyjzyj2000@...il.com> To: Jiri Pirko <jiri@...nulli.us>, Wengang Wang <wen.gang.wang@...cle.com> Cc: netdev@...r.kernel.org, sd@...asysnail.net, jay.vosburgh@...onical.com, zhuyj <zyjzyj2000@...il.com> Subject: Re: [PATCH] net: take care of bonding in build_skb_flow_key (v4) On 01/22/2016 02:52 PM, Jiri Pirko wrote: > Fri, Jan 22, 2016 at 05:21:28AM CET, wen.gang.wang@...cle.com wrote: >> >> 在 2016年01月21日 16:35, Jiri Pirko 写道: >>> Thu, Jan 21, 2016 at 06:32:58AM CET, wen.gang.wang@...cle.com wrote: >>>> In a bonding setting, we determines fragment size according to MTU and >>>> PMTU associated to the bonding master. If the slave finds the fragment >>>> size is too big, it drops the fragment and calls ip_rt_update_pmtu(), >>>> passing _skb_ and _pmtu_, trying to update the path MTU. >>>> Problem is that the target device that function ip_rt_update_pmtu actually >>>> tries to update is the slave (skb->dev), not the master. Thus since no >>>> PMTU change happens on master, the fragment size for later packets doesn't >>>> change so all later fragments/packets are dropped too. >>>> >>>> The fix is letting build_skb_flow_key() take care of the transition of >>>> device index from bonding slave to the master. That makes the master become >>>> the target device that ip_rt_update_pmtu tries to update PMTU to. >>>> >>>> Signed-off-by: Wengang Wang <wen.gang.wang@...cle.com> >>>> --- >>>> net/ipv4/route.c | 9 +++++++++ >>>> 1 file changed, 9 insertions(+) >>>> >>>> diff --git a/net/ipv4/route.c b/net/ipv4/route.c >>>> index 85f184e..7e766b5 100644 >>>> --- a/net/ipv4/route.c >>>> +++ b/net/ipv4/route.c >>>> @@ -524,10 +524,19 @@ static void build_skb_flow_key(struct flowi4 *fl4, const struct sk_buff *skb, >>>> { >>>> const struct iphdr *iph = ip_hdr(skb); >>>> int oif = skb->dev->ifindex; >>>> + struct net_device *master; >>>> u8 tos = RT_TOS(iph->tos); >>>> u8 prot = iph->protocol; >>>> u32 mark = skb->mark; >>>> >>>> + if (netif_is_bond_slave(skb->dev)) { >>>> + rcu_read_lock(); >>>> + master = netdev_master_upper_dev_get_rcu(skb->dev); >>>> + if (master) >>>> + oif = master->ifindex; >>>> + rcu_read_unlock(); >>>> + } >>> This is certainly not correct as it should not be bond-specific but >>> rather generic. >> Then what you would suggest to fix it? >>> Note that you may have bond over bond or bridge over >>> bond or other scenarios, which this patch ignores. >> I don't think bond over bond is a good configuration. Do you have a real use >> case for that configuration? > Stacking of multiple master devices is absolutelly common. > > You have to go in the upper tree all the way up, for all master device > types. I am not sure that the following can work or not. Just a test patch. diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 85f184e..12b4982 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -523,10 +523,19 @@ static void build_skb_flow_key(struct flowi4 *fl4, const struct sk_buff *skb, const struct sock *sk) { const struct iphdr *iph = ip_hdr(skb); - int oif = skb->dev->ifindex; + struct net_device *master = NULL; u8 tos = RT_TOS(iph->tos); u8 prot = iph->protocol; u32 mark = skb->mark; + int oif = skb->dev->ifindex; + + if (skb->dev->flags & IFF_SLAVE) { + rcu_read_lock(); + master = skb_dst(skb)->dev; + if (master) + oif = master->ifindex; + rcu_read_unlock(); + } __build_flow_key(fl4, sk, iph, oif, tos, prot, mark, 0); } Thanks a lot. Zhu Yanjun > > >> thanks, >> wengang >>
Powered by blists - more mailing lists