Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
kernel-fxtec-pro1x/net/netfilter
History
Hangbin Liu 8bf95f28be net: add bool confirm_neigh parameter for dst_ops.update_pmtu 
[ Upstream commit bd085ef678b2cc8c38c105673dfe8ff8f5ec0c57 ]

The MTU update code is supposed to be invoked in response to real
networking events that update the PMTU. In IPv6 PMTU update function
__ip6_rt_update_pmtu() we called dst_confirm_neigh() to update neighbor
confirmed time.

But for tunnel code, it will call pmtu before xmit, like:
  - tnl_update_pmtu()
    - skb_dst_update_pmtu()
      - ip6_rt_update_pmtu()
        - __ip6_rt_update_pmtu()
          - dst_confirm_neigh()

If the tunnel remote dst mac address changed and we still do the neigh
confirm, we will not be able to update neigh cache and ping6 remote
will failed.

So for this ip_tunnel_xmit() case, _EVEN_ if the MTU is changed, we
should not be invoking dst_confirm_neigh() as we have no evidence
of successful two-way communication at this point.

On the other hand it is also important to keep the neigh reachability fresh
for TCP flows, so we cannot remove this dst_confirm_neigh() call.

To fix the issue, we have to add a new bool parameter for dst_ops.update_pmtu
to choose whether we should do neigh update or not. I will add the parameter
in this patch and set all the callers to true to comply with the previous
way, and fix the tunnel code one by one on later patches.

v5: No change.
v4: No change.
v3: Do not remove dst_confirm_neigh, but add a new bool parameter in
    dst_ops.update_pmtu to control whether we should do neighbor confirm.
    Also split the big patch to small ones for each area.
v2: Remove dst_confirm_neigh in __ip6_rt_update_pmtu.

Suggested-by: David Miller <davem@davemloft.net>
Reviewed-by: Guillaume Nault <gnault@redhat.com>
Acked-by: David Ahern <dsahern@gmail.com>
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-01-04 19:13:37 +01:00
..
ipset netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets 2019-11-12 19:21:21 +01:00
ipvs net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2020-01-04 19:13:37 +01:00
core.c jump_label: move 'asm goto' support test to Kconfig 2019-06-04 08:02:34 +02:00
Kconfig netfilter: fix NETFILTER_XT_TARGET_TEE dependencies 2019-05-04 09:20:12 +02:00
Makefile netfilter: nf_tables: add tunnel support 2018-08-03 21:12:12 +02:00
nf_conncount.c netfilter: nf_conncount: fix argument order to find_next_bit 2019-01-22 21:40:29 +01:00
nf_conntrack_acct.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
nf_conntrack_amanda.c netfilter: use nf_conntrack_helpers_register when possible 2017-06-19 19:13:21 +02:00
nf_conntrack_broadcast.c netfilter: check if the socket netns is correct. 2018-06-28 22:21:32 +09:00
nf_conntrack_core.c netfilter: conntrack: Use consistent ct id hash calculation 2019-08-25 10:48:02 +02:00
nf_conntrack_ecache.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
nf_conntrack_expect.c netfilter: use kvmalloc_array to allocate memory for hashtable 2018-08-03 18:37:55 +02:00
nf_conntrack_extend.c netfilter: conntrack: include kmemleak.h for kmemleak_not_leak() 2018-04-17 10:59:43 +02:00
nf_conntrack_ftp.c netfilter: nf_conntrack_ftp: Fix debug output 2019-09-21 07:17:01 +02:00
nf_conntrack_h323_asn1.c netfilter: nf_conntrack_h323: restore boundary check correctness 2019-06-15 11:54:05 +02:00
nf_conntrack_h323_main.c netfilter: move route indirection to struct nf_ipv6_ops 2018-01-08 18:01:26 +01:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: use kvmalloc_array to allocate memory for hashtable 2018-08-03 18:37:55 +02:00
nf_conntrack_irc.c netfilter: add __exit mark to helper modules 2018-04-24 10:29:14 +02:00
nf_conntrack_labels.c netfilter: conntrack: mark extension structs as const 2017-04-26 09:30:22 +02:00
nf_conntrack_netbios_ns.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-03-30 11:41:18 -04:00
nf_conntrack_netlink.c netfilter: ctnetlink: don't use conntrack/expect object addresses as id 2019-05-16 19:41:23 +02:00
nf_conntrack_pptp.c netfilter: Remove duplicated rcu_read_lock. 2017-07-24 13:24:46 +02:00
nf_conntrack_proto.c netfilter: fix nf_l4proto_log_invalid to log invalid packets 2019-05-16 19:41:24 +02:00
nf_conntrack_proto_dccp.c netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT 2018-09-11 01:30:25 +02:00
nf_conntrack_proto_generic.c netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT 2018-09-11 01:30:25 +02:00
nf_conntrack_proto_gre.c netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too 2019-04-17 08:38:46 +02:00
nf_conntrack_proto_icmp.c netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT 2018-09-11 01:30:25 +02:00
nf_conntrack_proto_icmpv6.c netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT 2018-09-11 01:30:25 +02:00
nf_conntrack_proto_sctp.c netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT 2018-09-11 01:30:25 +02:00
nf_conntrack_proto_tcp.c netfilter: conntrack: always store window size un-scaled 2019-08-16 10:12:44 +02:00
nf_conntrack_proto_udp.c netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT 2018-09-11 01:30:25 +02:00
nf_conntrack_sane.c netfilter: add __exit mark to helper modules 2018-04-24 10:29:14 +02:00
nf_conntrack_seqadj.c netfilter: seqadj: re-load tcp header pointer after possible head reallocation 2019-01-13 09:50:57 +01:00
nf_conntrack_sip.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-05-06 21:51:37 -04:00
nf_conntrack_snmp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-03-30 11:41:18 -04:00
nf_conntrack_standalone.c netfilter: conntrack: remove l3proto abstraction 2018-07-17 15:27:49 +02:00
nf_conntrack_tftp.c netfilter: add __exit mark to helper modules 2018-04-24 10:29:14 +02:00
nf_conntrack_timeout.c netfilter: cttimeout: decouple timeout policy from nfnetlink_cttimeout object 2018-08-07 17:14:15 +02:00
nf_conntrack_timestamp.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
nf_dup_netdev.c netfilter: dup: resolve warnings about missing prototypes 2017-05-29 11:32:36 +02:00
nf_flow_table_core.c netfilter: nf_flow_table: set timeout before insertion into hashes 2019-11-12 19:21:00 +01:00
nf_flow_table_inet.c netfilter: nf_flow_table: move init code to nf_flow_table_core.c 2018-04-24 10:28:45 +02:00
nf_flow_table_ip.c netfilter: nf_flow_table: ignore DF bit setting 2019-07-10 09:53:30 +02:00
nf_internals.h netfilter: core: export raw versions of add/delete hook functions 2018-05-23 09:14:05 +02:00
nf_log.c netfilter: nf_log: don't hold nf_log_mutex during user access 2018-06-26 16:48:40 +02:00
nf_log_common.c netfilter: check if the socket netns is correct. 2018-06-28 22:21:32 +09:00
nf_log_netdev.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
nf_nat_amanda.c
nf_nat_core.c netfilter: nat: can't use dst_hold on noref dst 2019-01-13 09:50:59 +01:00
nf_nat_ftp.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
nf_nat_helper.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_nat_irc.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
nf_nat_proto_common.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_nat_proto_dccp.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_nat_proto_sctp.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_nat_proto_tcp.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_nat_proto_udp.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_nat_proto_unknown.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_nat_redirect.c netfilter: nat: merge nf_nat_redirect into nf_nat 2018-05-29 00:25:40 +02:00
nf_nat_sip.c netfilter: nf_nat_sip: fix RTP/RTCP source port translations 2019-12-05 09:20:31 +01:00
nf_nat_tftp.c
nf_queue.c netfilter: nf_queue: enqueue skbs with NULL dst 2020-01-04 19:13:21 +01:00
nf_sockopt.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nf_synproxy_core.c proc: introduce proc_create_net{,_data} 2018-05-16 07:24:30 +02:00
nf_tables_api.c netfilter: nf_tables: don't use position attribute on rule replacement 2019-12-13 08:51:11 +01:00
nf_tables_core.c netfilter: nf_tables: check the result of dereferencing base_chain->stats 2019-04-05 22:33:00 +02:00
nf_tables_set_core.c netfilter: nf_tables: place all set backends in one single module 2018-07-06 19:31:53 +02:00
nf_tables_trace.c netfilter: nf_tables: Allow chain name of up to 255 chars 2017-07-31 20:41:57 +02:00
nfnetlink.c netfilter: nfnetlink: avoid deadlock due to synchronous request_module 2019-08-16 10:12:43 +02:00
nfnetlink_acct.c netfilter: fix memory leaks on netlink_dump_start error 2018-08-16 19:37:00 +02:00
nfnetlink_cthelper.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
nfnetlink_cttimeout.c netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too 2019-04-17 08:38:46 +02:00
nfnetlink_log.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
nfnetlink_osf.c netfilter: nfnetlink_osf: add missing fmatch check 2019-02-27 10:09:03 +01:00
nfnetlink_queue.c netfilter: nfnetlink_queue: Solve the NFQUEUE/conntrack clash for NF_REPEAT 2018-09-11 01:31:47 +02:00
nft_bitwise.c netfilter: nf_tables: revisit chain/object refcounting from elements 2017-05-15 12:51:41 +02:00
nft_byteorder.c
nft_chain_filter.c netfilter: nf_tables: don't prevent event handler from device cleanup on netns exit 2018-08-16 19:37:03 +02:00
nft_cmp.c netfilter: nf_tables: avoid BUG_ON usage 2019-11-20 18:46:50 +01:00
nft_compat.c netfilter: nft_compat: do not dump private area 2019-11-24 08:21:03 +01:00
nft_connlimit.c netfilter: nft_connlimit: disable bh on garbage collection 2019-10-29 09:19:34 +01:00
nft_counter.c netfilter: nf_tables: add destroy_clone expression 2018-06-03 00:02:11 +02:00
nft_ct.c netfilter: nf_tables: rework ct timeout set support 2018-08-29 13:04:38 +02:00
nft_dup_netdev.c
nft_dynset.c netfilter: nf_tables: bogus EBUSY when deleting set after flush 2019-05-02 09:58:51 +02:00
nft_exthdr.c netfilter: nf_tables: merge exthdr expression into nft core 2018-04-27 00:00:56 +02:00
nft_fib.c
nft_fib_inet.c
nft_fib_netdev.c netfilter: nf_tables: add fib expression to the netdev family 2017-07-31 19:01:40 +02:00
nft_flow_offload.c netfilter: nft_flow_offload: missing netlink attribute policy 2019-09-21 07:16:54 +02:00
nft_fwd_netdev.c netfilter: nft_fwd_netdev: allow to forward packets via neighbour layer 2018-06-01 10:35:47 +02:00
nft_hash.c netfilter: nft_hash: fix symhash with modulus one 2019-08-16 10:12:44 +02:00
nft_immediate.c netfilter: nf_tables: unbind set in rule from commit path 2019-05-02 09:58:50 +02:00
nft_limit.c netfilter: nft_limit: fix packet ratelimiting 2018-05-23 09:50:28 +02:00
nft_log.c netfilter: nf_tables: add NFT_LOGLEVEL_* enumeration and use it 2018-06-07 16:14:00 -04:00
nft_lookup.c netfilter: nf_tables: allow lookups in dynamic sets 2019-10-11 18:21:16 +02:00
nft_masq.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_meta.c netfilter: nf_tables: handle meta/lookup with direct call 2018-07-30 11:52:02 +02:00
nft_nat.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nft_numgen.c Revert "netfilter: nft_numgen: add map lookups for numgen random operations" 2018-11-27 16:13:02 +01:00
nft_objref.c netfilter: nf_tables: bogus EBUSY in helper removal from transaction 2019-05-02 09:58:51 +02:00
nft_osf.c netfilter: nft_osf: use enum nft_data_types for nft_validate_register_store 2018-09-20 18:38:40 +02:00
nft_payload.c netfilter: fix a few (harmless) sparse warnings 2017-08-28 17:42:56 +02:00
nft_queue.c
nft_quota.c netfilter: nf_tables: add select_ops for stateful objects 2017-09-04 13:25:09 +02:00
nft_range.c netfilter: nf_tables: revisit chain/object refcounting from elements 2017-05-15 12:51:41 +02:00
nft_redir.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_reject.c netfilter: nf_tables: avoid BUG_ON usage 2019-11-20 18:46:50 +01:00
nft_reject_inet.c
nft_rt.c netfilter: nf_tables: merge rt expression into nft core 2018-04-27 00:00:55 +02:00
nft_set_bitmap.c netfilter: nft_set: fix allocation size overflow in privsize callback. 2018-08-16 19:36:59 +02:00
nft_set_hash.c netfilter: nft_set: fix allocation size overflow in privsize callback. 2018-08-16 19:36:59 +02:00
nft_set_rbtree.c netfilter: nft_set_rbtree: check for inactive element after flag mismatch 2019-05-04 09:20:12 +02:00
nft_socket.c netfilter: nft_socket: fix erroneous socket assignment 2019-10-01 08:26:12 +02:00
nft_tproxy.c netfilter: nft_tproxy: Fix missing-braces warning 2018-08-16 19:37:10 +02:00
nft_tunnel.c netfilter: nft_tunnel: fix sparse errors 2018-08-04 00:53:29 +02:00
utils.c netfilter: utils: move nf_ip6_checksum* from ipv6 to utils 2018-07-16 17:51:48 +02:00
x_tables.c netfilter: compat: initialize all fields in xt_init 2019-03-23 20:09:45 +01:00
xt_addrtype.c netfilter: x_tables: use pr ratelimiting in matches/targets 2018-02-14 21:05:37 +01:00
xt_AUDIT.c audit: eliminate audit_enabled magic number comparison 2018-06-19 10:43:55 -04:00
xt_bpf.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_cgroup.c netfilter: xt_cgroup: shrink size of v2 path 2019-04-20 09:16:00 +02:00
xt_CHECKSUM.c netfilter: xt_checksum: ignore gso skbs 2018-08-24 09:58:16 +02:00
xt_CLASSIFY.c
xt_cluster.c netfilter: xt_cluster: add dependency on conntrack module 2018-08-23 20:26:53 +02:00
xt_comment.c
xt_connbytes.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_connlabel.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_connlimit.c netfilter: use PTR_ERR_OR_ZERO() 2018-07-30 14:07:09 +02:00
xt_connmark.c netfilter: xt_connmark: fix list corruption on rmmod 2018-06-12 19:35:52 +02:00
xt_CONNSECMARK.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_conntrack.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_cpu.c
xt_CT.c netfilter: cttimeout: decouple timeout policy from nfnetlink_cttimeout object 2018-08-07 17:14:15 +02:00
xt_dccp.c
xt_devgroup.c
xt_dscp.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_DSCP.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_ecn.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_esp.c
xt_hashlimit.c netfilter: xt_hashlimit: fix a possible memory leak in htable_create() 2018-12-17 09:24:33 +01:00
xt_helper.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_hl.c
xt_HL.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_HMARK.c netfilter: x_tables: use pr ratelimiting in matches/targets 2018-02-14 21:05:37 +01:00
xt_IDLETIMER.c netfilter: xt_IDLETIMER: add sysfs filename checking routine 2018-11-27 16:13:03 +01:00
xt_ipcomp.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_iprange.c
xt_ipvs.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_l2tp.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_LED.c netfilter: x_tables: fix missing timer initialization in xt_LED 2018-02-14 21:05:39 +01:00
xt_length.c
xt_limit.c netfilter: xt_limit: Spelling s/maxmum/maximum/ 2018-03-05 23:15:50 +01:00
xt_LOG.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nat.c netfilter: xt_nat: fix DNAT target for shifted portmap ranges 2018-11-13 11:08:20 -08:00
xt_NETMAP.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
xt_nfacct.c netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info 2019-09-21 07:16:55 +02:00
xt_NFLOG.c netfilter: xt_NFLOG: use nf_log_packet instead of nfulnl_log_packet. 2018-04-19 13:02:44 +02:00
xt_NFQUEUE.c netfilter: xt_NFQUEUE: use pr ratelimiting 2018-02-14 21:05:35 +01:00
xt_osf.c netfilter: nfnetlink_osf: extract nfnetlink_subsystem code from xt_osf.c 2018-07-30 14:07:11 +02:00
xt_owner.c netfilter: check if the socket netns is correct. 2018-06-28 22:21:32 +09:00
xt_physdev.c netfilter: xt_physdev: Fix spurious error message in physdev_mt_check 2019-09-21 07:17:01 +02:00
xt_pkttype.c
xt_policy.c netfilter: x_tables: use pr ratelimiting in matches/targets 2018-02-14 21:05:37 +01:00
xt_quota.c
xt_rateest.c netfilter: make xt_rateest hash table per net 2018-03-05 23:15:44 +01:00
xt_RATEEST.c netfilter: xt_RATEEST: remove netns exit routine 2018-12-17 09:24:31 +01:00
xt_realm.c
xt_recent.c netfilter: check if the socket netns is correct. 2018-06-28 22:21:32 +09:00
xt_REDIRECT.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
xt_repldata.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xt_sctp.c sctp: remove the typedef sctp_chunkhdr_t 2017-07-01 09:08:41 -07:00
xt_SECMARK.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_set.c netfilter: ipset: Limit max timeout value 2018-06-06 14:00:54 +02:00
xt_socket.c netfilter: xt_socket: check sk before checking for netns. 2018-09-28 14:47:41 +02:00
xt_state.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_statistic.c netfilter: x_tables: fix pointer leaks to userspace 2018-01-31 14:59:24 +01:00
xt_string.c netfilter: ebtables: Add string filter 2018-03-30 11:04:12 +02:00
xt_TCPMSS.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_tcpmss.c
xt_TCPOPTSTRIP.c
xt_tcpudp.c
xt_TEE.c netfilter: xt_TEE: add missing code to get interface index in checkentry. 2019-03-13 14:02:40 -07:00
xt_time.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
xt_TPROXY.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-07-20 22:28:28 -07:00
xt_TRACE.c
xt_u32.c