linux/net/ipv6
Hannes Frederic Sowa e3bc10bd95 ipv6: ip6_dst_check needs to check for expired dst_entries
On receiving a packet too big icmp error we check if our current cached
dst_entry in the socket is still valid. This validation check did not
care about the expiration of the (cached) route.

The error path I traced down:
The socket receives a packet too big mtu notification. It still has a
valid dst_entry and thus issues the ip6_rt_pmtu_update on this dst_entry,
setting RTF_EXPIRE and updates the dst.expiration value (which could
fail because of not up-to-date expiration values, see previous patch).

In some seldom cases we race with a) the ip6_fib gc or b) another routing
lookup which would result in a recreation of the cached rt6_info from its
parent non-cached rt6_info. While copying the rt6_info we reinitialize the
metrics store by copying it over from the parent thus invalidating the
just installed pmtu update (both dsts use the same key to the inetpeer
storage). The dst_entry with the just invalidated metrics data would
just get its RTF_EXPIRES flag cleared and would continue to stay valid
for the socket.

We should have not issued the pmtu update on the already expired dst_entry
in the first placed. By checking the expiration on the dst entry and
doing a relookup in case it is out of date we close the race because
we would install a new rt6_info into the fib before we issue the pmtu
update, thus closing this race.

Not reliably updating the dst.expire value was fixed by the patch "ipv6:
reset dst.expires value when clearing expire flag".

Reported-by: Steinar H. Gunderson <sgunderson@bigfoot.com>
Reported-by: Valentijn Sessink <valentyn@blub.net>
Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Tested-by: Valentijn Sessink <valentyn@blub.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-10-25 19:26:59 -04:00
..
netfilter netfilter: x_tables: fix ordering of jumpstack allocation and table update 2013-10-22 10:11:29 +02:00
addrconf_core.c ipv6: move in6_dev_finish_destroy() into core kernel 2013-08-31 22:30:00 -04:00
addrconf.c ipv6: Fix preferred_lft not updating in some cases 2013-09-30 15:06:19 -04:00
addrlabel.c ipv6: fix null pointer dereference in __ip6addrlbl_add 2013-09-04 14:14:53 -04:00
af_inet6.c ipv6: don't call fib6_run_gc() until routing is ready 2013-09-11 17:04:09 -04:00
ah6.c ipsec: Don't update the pmtu on ICMPV6_DEST_UNREACH 2013-09-16 09:45:32 +02:00
anycast.c net: proc: change proc_net_remove to remove_proc_entry 2013-02-18 14:53:08 -05:00
datagram.c net: proc_fs: trivial: print UIDs as unsigned int 2013-08-15 14:37:46 -07:00
esp6.c ipsec: Don't update the pmtu on ICMPV6_DEST_UNREACH 2013-09-16 09:45:32 +02:00
exthdrs_core.c ipv6: Correct comparisons and calculations using skb->tail and skb-transport_header 2013-05-28 23:49:07 -07:00
exthdrs_offload.c ipv6: Pull IPv6 GSO registration out of the module 2012-11-15 17:39:24 -05:00
exthdrs.c ipv6/exthdrs: accept tlv which includes only padding 2013-09-11 15:52:27 -04:00
fib6_rules.c fib6_rules: fix indentation 2013-09-11 16:16:29 -04:00
icmp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-09-05 14:58:52 -04:00
inet6_connection_sock.c ipv6: use newly introduced __ipv6_addr_needs_scope_id and ipv6_iface_scope_id 2013-03-08 12:29:22 -05:00
inet6_hashtables.c net: do not call sock_put() on TIMEWAIT sockets 2013-10-02 17:05:54 -04:00
ip6_checksum.c ipv6: move csum_ipv6_magic() and udp6_csum_init() into static library 2013-01-08 17:56:10 -08:00
ip6_fib.c net: fib: fib6_add: fix potential NULL pointer dereference 2013-09-11 16:09:59 -04:00
ip6_flowlabel.c ipv6 flowlabel: add __rcu annotations 2013-03-07 16:33:10 -05:00
ip6_gre.c ipv6: Initialize ip6_tnl.hlen in gre tunnel even if no route is found 2013-10-11 17:50:59 -04:00
ip6_icmp.c ipv6: Kill ipv6 dependency of icmpv6_send(). 2013-04-29 13:54:36 -04:00
ip6_input.c net: add SNMP counters tracking incoming ECN bits 2013-08-08 22:24:59 -07:00
ip6_offload.c ipv6: Add generic UDP Tunnel segmentation 2013-08-31 22:30:01 -04:00
ip6_offload.h ipv6: Pull IPv6 GSO registration out of the module 2012-11-15 17:39:24 -05:00
ip6_output.c ipv6: fill rt6i_gateway with nexthop address 2013-10-21 18:37:01 -04:00
ip6_tunnel.c ipv6: Allow the MTU of ipip6 tunnel to be set below 1280 2013-10-07 12:32:26 -04:00
ip6mr.c tunnels: harmonize cleanup done on skb on rx path 2013-09-04 00:27:26 -04:00
ipcomp6.c ipsec: Don't update the pmtu on ICMPV6_DEST_UNREACH 2013-09-16 09:45:32 +02:00
ipv6_sockglue.c ipv6: rename datagram_send_ctl and datagram_recv_ctl 2013-01-31 13:53:08 -05:00
Kconfig Tunneling: use IP Tunnel stats APIs. 2013-03-26 12:27:19 -04:00
Makefile net: ipv6: Add IPv6 support to the ping socket. 2013-05-25 21:07:49 -07:00
mcast.c ipv6 mcast: use in6_dev_put in timer handlers instead of __in6_dev_put 2013-09-30 22:28:58 -07:00
mip6.c ipv6: Correct comparisons and calculations using skb->tail and skb-transport_header 2013-05-28 23:49:07 -07:00
ndisc.c ipv6: don't call fib6_run_gc() until routing is ready 2013-09-11 17:04:09 -04:00
netfilter.c netfilter: add nf_ipv6_ops hook to fix xt_addrtype with IPv6 2013-05-23 11:58:55 +02:00
output_core.c ipv6: move ip6_local_out into core kernel 2013-08-31 22:30:00 -04:00
ping.c net: ipv6: fix wrong ping_v6_sendmsg return value 2013-07-03 17:42:05 -07:00
proc.c net: add SNMP counters tracking incoming ECN bits 2013-08-08 22:24:59 -07:00
protocol.c ipv6: Pull IPv6 GSO registration out of the module 2012-11-15 17:39:24 -05:00
raw.c net: raw: do not report ICMP redirects to user space 2013-09-24 10:15:49 -04:00
reassembly.c ipv6: drop packets with multiple fragmentation headers 2013-08-20 00:11:24 -07:00
route.c ipv6: ip6_dst_check needs to check for expired dst_entries 2013-10-25 19:26:59 -04:00
sit.c sit: allow to use rtnl ops on fb tunnel 2013-10-01 12:55:53 -04:00
syncookies.c net: syncookies: export cookie_v6_init_sequence/cookie_v6_check 2013-08-28 00:28:04 +02:00
sysctl_net_ipv6.c net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
tcp_ipv6.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-09-05 14:58:52 -04:00
tcpv6_offload.c net: Remove code duplication between offload structures 2012-11-15 17:39:51 -05:00
tunnel6.c net: ipv6: Standardize prefixes for message logging 2012-05-16 01:01:03 -04:00
udp_impl.h ipv6: do not clear pinet6 field 2013-05-11 16:26:38 -07:00
udp_offload.c net: unify skb_udp_tunnel_segment() and skb_udp6_tunnel_segment() 2013-08-31 22:30:01 -04:00
udp.c udp6: respect IPV6_DONTFRAG sockopt in case there are pending frames 2013-10-19 19:20:52 -04:00
udplite.c ipv6: do not clear pinet6 field 2013-05-11 16:26:38 -07:00
xfrm6_input.c netfilter: ipv6: use NFPROTO values for NF_HOOK invocation 2010-03-25 16:00:49 +01:00
xfrm6_mode_beet.c ipsec: be careful of non existing mac headers 2012-02-23 16:50:45 -05:00
xfrm6_mode_ro.c
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c xfrm: allow to avoid copying DSCP during encapsulation 2013-03-06 07:02:45 +01:00
xfrm6_output.c xfrm: revert ipv4 mtu determination to dst_mtu 2013-08-26 12:40:53 +02:00
xfrm6_policy.c xfrm: Decode sessions with output interface. 2013-09-16 09:39:43 +02:00
xfrm6_state.c xfrm: make local error reporting more robust 2013-08-14 13:07:12 +02:00
xfrm6_tunnel.c hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00