* [PATCH net] neighbour: allow NUD_NOARP entries to be forced GCed
@ 2021-06-07 17:35 David Ahern
2021-06-07 18:53 ` Roopa Prabhu
2021-06-07 22:26 ` David Miller
0 siblings, 2 replies; 5+ messages in thread
From: David Ahern @ 2021-06-07 17:35 UTC (permalink / raw)
To: netdev, kuba, davem
Cc: David Ahern, Kasper Dupont, Thadeu Lima de Souza Cascardo
IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to
fill up the neighbour table with enough entries that it will overflow for
valid connections after that.
This behaviour is more prevalent after commit 58956317c8de ("neighbor:
Improve garbage collection") is applied, as it prevents removal from
entries that are not NUD_FAILED, unless they are more than 5s old.
Fixes: 58956317c8de (neighbor: Improve garbage collection)
Reported-by: Kasper Dupont <kasperd@gjkwv.06.feb.2021.kasperd.net>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
---
rebased to net tree
net/core/neighbour.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 98f20efbfadf..bf774575ad71 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -238,6 +238,7 @@ static int neigh_forced_gc(struct neigh_table *tbl)
write_lock(&n->lock);
if ((n->nud_state == NUD_FAILED) ||
+ (n->nud_state == NUD_NOARP) ||
(tbl->is_multicast &&
tbl->is_multicast(n->primary_key)) ||
time_after(tref, n->updated))
--
2.24.3 (Apple Git-128)
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH net] neighbour: allow NUD_NOARP entries to be forced GCed
2021-06-07 17:35 [PATCH net] neighbour: allow NUD_NOARP entries to be forced GCed David Ahern
@ 2021-06-07 18:53 ` Roopa Prabhu
2021-06-07 22:04 ` David Ahern
2021-06-07 22:26 ` David Miller
1 sibling, 1 reply; 5+ messages in thread
From: Roopa Prabhu @ 2021-06-07 18:53 UTC (permalink / raw)
To: David Ahern, netdev, kuba, davem
Cc: Kasper Dupont, Thadeu Lima de Souza Cascardo
On 6/7/21 10:35 AM, David Ahern wrote:
> IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to
> fill up the neighbour table with enough entries that it will overflow for
> valid connections after that.
>
> This behaviour is more prevalent after commit 58956317c8de ("neighbor:
> Improve garbage collection") is applied, as it prevents removal from
> entries that are not NUD_FAILED, unless they are more than 5s old.
>
> Fixes: 58956317c8de (neighbor: Improve garbage collection)
> Reported-by: Kasper Dupont <kasperd@gjkwv.06.feb.2021.kasperd.net>
> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
> Signed-off-by: David Ahern <dsahern@kernel.org>
> ---
> rebased to net tree
There are other use-cases that use NUD_NOARP as static neighbour
entries which should be exempt from forced gc.
for example when qualified by NTF_EXT_LEARNED for the E-VPN use-case.
The check in your patch below should exclude NTF_EXT_LEARNED entries.
(unrelated to the neighbour code , but bridge driver also uses
NUD_NOARP for static entries)
>
> net/core/neighbour.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/net/core/neighbour.c b/net/core/neighbour.c
> index 98f20efbfadf..bf774575ad71 100644
> --- a/net/core/neighbour.c
> +++ b/net/core/neighbour.c
> @@ -238,6 +238,7 @@ static int neigh_forced_gc(struct neigh_table *tbl)
>
> write_lock(&n->lock);
> if ((n->nud_state == NUD_FAILED) ||
> + (n->nud_state == NUD_NOARP) ||
> (tbl->is_multicast &&
> tbl->is_multicast(n->primary_key)) ||
> time_after(tref, n->updated))
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net] neighbour: allow NUD_NOARP entries to be forced GCed
2021-06-07 18:53 ` Roopa Prabhu
@ 2021-06-07 22:04 ` David Ahern
2021-06-07 22:16 ` Roopa Prabhu
0 siblings, 1 reply; 5+ messages in thread
From: David Ahern @ 2021-06-07 22:04 UTC (permalink / raw)
To: Roopa Prabhu, David Ahern, netdev, kuba, davem
Cc: Kasper Dupont, Thadeu Lima de Souza Cascardo
On 6/7/21 12:53 PM, Roopa Prabhu wrote:
>
> On 6/7/21 10:35 AM, David Ahern wrote:
>> IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's
>> possible to
>> fill up the neighbour table with enough entries that it will overflow for
>> valid connections after that.
>>
>> This behaviour is more prevalent after commit 58956317c8de ("neighbor:
>> Improve garbage collection") is applied, as it prevents removal from
>> entries that are not NUD_FAILED, unless they are more than 5s old.
>>
>> Fixes: 58956317c8de (neighbor: Improve garbage collection)
>> Reported-by: Kasper Dupont <kasperd@gjkwv.06.feb.2021.kasperd.net>
>> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
>> Signed-off-by: David Ahern <dsahern@kernel.org>
>> ---
>> rebased to net tree
>
>
> There are other use-cases that use NUD_NOARP as static neighbour
> entries which should be exempt from forced gc.
>
> for example when qualified by NTF_EXT_LEARNED for the E-VPN use-case.
>
> The check in your patch below should exclude NTF_EXT_LEARNED entries.
>
>
> (unrelated to the neighbour code , but bridge driver also uses
> NUD_NOARP for static entries)
>
>
Maybe I misunderstand your comment: forced_gc does not apply to static
entries; those were moved to a separate list to avoid walking them.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net] neighbour: allow NUD_NOARP entries to be forced GCed
2021-06-07 22:04 ` David Ahern
@ 2021-06-07 22:16 ` Roopa Prabhu
0 siblings, 0 replies; 5+ messages in thread
From: Roopa Prabhu @ 2021-06-07 22:16 UTC (permalink / raw)
To: David Ahern, David Ahern, netdev, kuba, davem
Cc: Kasper Dupont, Thadeu Lima de Souza Cascardo
On 6/7/21 3:04 PM, David Ahern wrote:
> On 6/7/21 12:53 PM, Roopa Prabhu wrote:
>> On 6/7/21 10:35 AM, David Ahern wrote:
>>> IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's
>>> possible to
>>> fill up the neighbour table with enough entries that it will overflow for
>>> valid connections after that.
>>>
>>> This behaviour is more prevalent after commit 58956317c8de ("neighbor:
>>> Improve garbage collection") is applied, as it prevents removal from
>>> entries that are not NUD_FAILED, unless they are more than 5s old.
>>>
>>> Fixes: 58956317c8de (neighbor: Improve garbage collection)
>>> Reported-by: Kasper Dupont <kasperd@gjkwv.06.feb.2021.kasperd.net>
>>> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
>>> Signed-off-by: David Ahern <dsahern@kernel.org>
>>> ---
>>> rebased to net tree
>>
>> There are other use-cases that use NUD_NOARP as static neighbour
>> entries which should be exempt from forced gc.
>>
>> for example when qualified by NTF_EXT_LEARNED for the E-VPN use-case.
>>
>> The check in your patch below should exclude NTF_EXT_LEARNED entries.
>>
>>
>> (unrelated to the neighbour code , but bridge driver also uses
>> NUD_NOARP for static entries)
>>
>>
> Maybe I misunderstand your comment: forced_gc does not apply to static
> entries; those were moved to a separate list to avoid walking them.
>
I think you are right. so just to confirm, NUD_NOARP + NTF_EXT_LEARNED
will never be included in the list for forced_gc and hence not affected
by your patch ?
if yes, I am good.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net] neighbour: allow NUD_NOARP entries to be forced GCed
2021-06-07 17:35 [PATCH net] neighbour: allow NUD_NOARP entries to be forced GCed David Ahern
2021-06-07 18:53 ` Roopa Prabhu
@ 2021-06-07 22:26 ` David Miller
1 sibling, 0 replies; 5+ messages in thread
From: David Miller @ 2021-06-07 22:26 UTC (permalink / raw)
To: dsahern; +Cc: netdev, kuba, kasperd, cascardo
From: David Ahern <dsahern@kernel.org>
Date: Mon, 7 Jun 2021 11:35:30 -0600
> IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to
> fill up the neighbour table with enough entries that it will overflow for
> valid connections after that.
>
> This behaviour is more prevalent after commit 58956317c8de ("neighbor:
> Improve garbage collection") is applied, as it prevents removal from
> entries that are not NUD_FAILED, unless they are more than 5s old.
>
> Fixes: 58956317c8de (neighbor: Improve garbage collection)
> Reported-by: Kasper Dupont <kasperd@gjkwv.06.feb.2021.kasperd.net>
> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
> Signed-off-by: David Ahern <dsahern@kernel.org>
> ---
> rebased to net tree
Applied, thanks.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-06-07 22:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-07 17:35 [PATCH net] neighbour: allow NUD_NOARP entries to be forced GCed David Ahern
2021-06-07 18:53 ` Roopa Prabhu
2021-06-07 22:04 ` David Ahern
2021-06-07 22:16 ` Roopa Prabhu
2021-06-07 22:26 ` David Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.