[PATCH 4.18 106/150] ipv6: rate-limit probes for neighbourless routes

From: Greg Kroah-Hartman
Date: Fri Nov 02 2018 - 14:43:27 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.18 107/150] llc: set SOCK_RCU_FREE in llc_sap_add_socket()"
Previous message: Greg Kroah-Hartman: "[PATCH 4.18 105/150] ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called"
In reply to: Greg Kroah-Hartman: "[PATCH 4.18 105/150] ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.18 107/150] llc: set SOCK_RCU_FREE in llc_sap_add_socket()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

4.18-stable review patch. If anyone has any objections, please let me know.

------------------

From: Sabrina Dubroca <sd@xxxxxxxxxxxxxxx>

[ Upstream commit f547fac624be53ad8b07e9ebca7654a7827ba61b ]

When commit 270972554c91 ("[IPV6]: ROUTE: Add Router Reachability
Probing (RFC4191).") introduced router probing, the rt6_probe() function
required that a neighbour entry existed. This neighbour entry is used to
record the timestamp of the last probe via the ->updated field.

Later, commit 2152caea7196 ("ipv6: Do not depend on rt->n in rt6_probe().")
removed the requirement for a neighbour entry. Neighbourless routes skip
the interval check and are not rate-limited.

This patch adds rate-limiting for neighbourless routes, by recording the
timestamp of the last probe in the fib6_info itself.

Fixes: 2152caea7196 ("ipv6: Do not depend on rt->n in rt6_probe().")
Signed-off-by: Sabrina Dubroca <sd@xxxxxxxxxxxxxxx>
Reviewed-by: Stefano Brivio <sbrivio@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
include/net/ip6_fib.h | 4 ++++
net/ipv6/route.c | 12 ++++++------
2 files changed, 10 insertions(+), 6 deletions(-)

--- a/include/net/ip6_fib.h
+++ b/include/net/ip6_fib.h
@@ -159,6 +159,10 @@ struct fib6_info {
struct rt6_info * __percpu *rt6i_pcpu;
struct rt6_exception_bucket __rcu *rt6i_exception_bucket;

+#ifdef CONFIG_IPV6_ROUTER_PREF
+ unsigned long last_probe;
+#endif
+
u32 fib6_metric;
u8 fib6_protocol;
u8 fib6_type;
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -517,10 +517,11 @@ static void rt6_probe_deferred(struct wo

static void rt6_probe(struct fib6_info *rt)
{
- struct __rt6_probe_work *work;
+ struct __rt6_probe_work *work = NULL;
const struct in6_addr *nh_gw;
struct neighbour *neigh;
struct net_device *dev;
+ struct inet6_dev *idev;

/*
* Okay, this does not seem to be appropriate
@@ -536,15 +537,12 @@ static void rt6_probe(struct fib6_info *
nh_gw = &rt->fib6_nh.nh_gw;
dev = rt->fib6_nh.nh_dev;
rcu_read_lock_bh();
+ idev = __in6_dev_get(dev);
neigh = __ipv6_neigh_lookup_noref(dev, nh_gw);
if (neigh) {
- struct inet6_dev *idev;
-
if (neigh->nud_state & NUD_VALID)
goto out;

- idev = __in6_dev_get(dev);
- work = NULL;
write_lock(&neigh->lock);
if (!(neigh->nud_state & NUD_VALID) &&
time_after(jiffies,
@@ -554,11 +552,13 @@ static void rt6_probe(struct fib6_info *
__neigh_set_probe_once(neigh);
}
write_unlock(&neigh->lock);
- } else {
+ } else if (time_after(jiffies, rt->last_probe +
+ idev->cnf.rtr_probe_interval)) {
work = kmalloc(sizeof(*work), GFP_ATOMIC);
}

if (work) {
+ rt->last_probe = jiffies;
INIT_WORK(&work->work, rt6_probe_deferred);
work->target = *nh_gw;
dev_hold(dev);

Next message: Greg Kroah-Hartman: "[PATCH 4.18 107/150] llc: set SOCK_RCU_FREE in llc_sap_add_socket()"
Previous message: Greg Kroah-Hartman: "[PATCH 4.18 105/150] ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called"
In reply to: Greg Kroah-Hartman: "[PATCH 4.18 105/150] ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.18 107/150] llc: set SOCK_RCU_FREE in llc_sap_add_socket()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]