| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1655182915-12897-2-git-send-email-quic_subashab@quicinc.com>
Date: Mon, 13 Jun 2022 23:01:54 -0600
From: Subash Abhinov Kasiviswanathan <quic_subashab@...cinc.com>
To: <davem@...emloft.net>, <dsahern@...nel.org>,
<yoshfuji@...ux-ipv6.org>, <kuba@...nel.org>,
<netdev@...r.kernel.org>, <sbrivio@...hat.com>
CC: Kaustubh Pandey <quic_kapandey@...cinc.com>,
Sean Tranchetti <quic_stranche@...cinc.com>,
Subash Abhinov Kasiviswanathan <quic_subashab@...cinc.com>
Subject: [PATCH net v2 1/2] ipv6: Honor route mtu if it is within limit of dev mtu
From: Kaustubh Pandey <quic_kapandey@...cinc.com>
When netdevice MTU is increased via sysfs, NETDEV_CHANGEMTU is raised.
addrconf_notify -> rt6_mtu_change -> rt6_mtu_change_route ->
fib6_nh_mtu_change
As part of handling NETDEV_CHANGEMTU notification we land up on a
condition where if route mtu is less than dev mtu and route mtu equals
ipv6_devconf mtu, route mtu gets updated.
Due to this v6 traffic end up using wrong MTU then configured earlier.
This commit fixes this by removing comparison with ipv6_devconf
and updating route mtu only when it is greater than incoming dev mtu.
This can be easily reproduced with below script:
pre-condition:
device up(mtu = 1500) and route mtu for both v4 and v6 is 1500
test-script:
ip route change 192.168.0.0/24 dev eth0 src 192.168.0.1 mtu 1400
ip -6 route change 2001::/64 dev eth0 metric 256 mtu 1400
echo 1400 > /sys/class/net/eth0/mtu
ip route change 192.168.0.0/24 dev eth0 src 192.168.0.1 mtu 1500
echo 1500 > /sys/class/net/eth0/mtu
Fixes: e9fa1495d738 ("ipv6: Reflect MTU changes on PMTU of exceptions for MTU-less routes")
Signed-off-by: Kaustubh Pandey <quic_kapandey@...cinc.com>
Signed-off-by: Sean Tranchetti <quic_stranche@...cinc.com>
Signed-off-by: Subash Abhinov Kasiviswanathan <quic_subashab@...cinc.com>
---
v1 -> v2: Update the exception route logic as mentioned by David Ahern.
Also add fixes tag.
net/ipv6/route.c | 11 +----------
1 file changed, 1 insertion(+), 10 deletions(-)
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index d25dc83..6f7e8c5 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -1991,19 +1991,11 @@ static bool rt6_mtu_change_route_allowed(struct inet6_dev *idev,
/* If the new MTU is lower than the route PMTU, this new MTU will be the
* lowest MTU in the path: always allow updating the route PMTU to
* reflect PMTU decreases.
- *
- * If the new MTU is higher, and the route PMTU is equal to the local
- * MTU, this means the old MTU is the lowest in the path, so allow
- * updating it: if other nodes now have lower MTUs, PMTU discovery will
- * handle this.
*/
if (dst_mtu(&rt->dst) >= mtu)
return true;
- if (dst_mtu(&rt->dst) == idev->cnf.mtu6)
- return true;
-
return false;
}
@@ -4914,8 +4906,7 @@ static int fib6_nh_mtu_change(struct fib6_nh *nh, void *_arg)
struct inet6_dev *idev = __in6_dev_get(arg->dev);
u32 mtu = f6i->fib6_pmtu;
- if (mtu >= arg->mtu ||
- (mtu < arg->mtu && mtu == idev->cnf.mtu6))
+ if (mtu >= arg->mtu)
fib6_metric_set(f6i, RTAX_MTU, arg->mtu);
spin_lock_bh(&rt6_exception_lock);
--
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project
Powered by blists - more mailing lists