lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 May 2019 11:31:44 -0700 From: Wei Wang <weiwan@...gle.com> To: Martin Lau <kafai@...com> Cc: Stefano Brivio <sbrivio@...hat.com>, David Ahern <dsahern@...il.com>, Mikael Magnusson <mikael.kernel@...ts.m7n.se>, Linux Kernel Network Developers <netdev@...r.kernel.org> Subject: Re: IPv6 PMTU discovery fails with source-specific routing On Wed, May 15, 2019 at 11:06 AM Martin Lau <kafai@...com> wrote: > > On Tue, May 14, 2019 at 12:33:25PM -0700, Wei Wang wrote: > > I think the bug is because when creating exceptions, src_addr is not > > always set even though fib6_info is in the subtree. (because of > > rt6_is_gw_or_nonexthop() check) > > However, when looking up for exceptions, we always set src_addr to the > > passed in flow->src_addr if fib6_info is in the subtree. That causes > > the exception lookup to fail. > > I will make it consistent. > > However, I don't quite understand the following logic in ip6_rt_cache_alloc(): > > if (!rt6_is_gw_or_nonexthop(ort)) { > > if (ort->fib6_dst.plen != 128 && > > ipv6_addr_equal(&ort->fib6_dst.addr, daddr)) > > rt->rt6i_flags |= RTF_ANYCAST; > > #ifdef CONFIG_IPV6_SUBTREES > > if (rt->rt6i_src.plen && saddr) { > > rt->rt6i_src.addr = *saddr; > > rt->rt6i_src.plen = 128; > > } > > #endif > > } > > Why do we need to check that the route is not gateway and has next hop > > for updating rt6i_src? I checked the git history and it seems this > > part was there from very early on (with some refactor in between)... > I also failed to understand the RTF_GATEWAY check. The earliest related > commit seems to be c440f1609b65 ("ipv6: Do not depend on rt->n in ip6_pol_route().") > > How was it working when the exception route was in the tree? > When adding all exception route to the main routing tree, because route cache has dest_addr as /128, the longest prefix match will always match the /128 route entry. > > > > > > From: Stefano Brivio <sbrivio@...hat.com> > > Date: Tue, May 14, 2019 at 7:33 AM > > To: Mikael Magnusson > > Cc: Wei Wang, David Ahern, Linux Kernel Network Developers, Martin KaFai Lau > > > > > On Mon, 13 May 2019 23:12:31 -0700 > > > Wei Wang <weiwan@...gle.com> wrote: > > > > > > > Thanks Mikael for reporting this issue. And thanks David for the bisection. > > > > Let me spend some time to reproduce it and see what is going on. > > > > > > Mikael, by the way, once this is sorted out, it would be nice if you > > > could add your test as a case in tools/testing/selftests/net/pmtu.sh -- > > > you could probably reuse all the setup parts that are already > > > implemented there. > > > > > > -- > > > Stefano
Powered by blists - more mailing lists