Received: by 10.192.165.156 with SMTP id m28csp1140693imm;
        Wed, 11 Apr 2018 13:11:46 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4+o4tFL/C9MZBVqc6YuSSdon17cSoGewF0h1GcPM5VYrE83MOTGZwnnI62I+ZnZRMQWRJhG
X-Received: by 2002:a17:902:be08:: with SMTP id r8-v6mr6398940pls.289.1523477506379;
        Wed, 11 Apr 2018 13:11:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523477506; cv=none;
        d=google.com; s=arc-20160816;
        b=BcvhTPtenQn6p1tcpEQqU4LecP/hOHgTnxY8ZTLLf3AMn9BoYzUMSE8UDLwl15dsoa
         BkPjSnbYNUknwwYO4FHHBq2LTz9F7vsFpOTzDBcqNIc6Vq4i08QSQeF6AwZ2VyWB1R4E
         TCdwYvEIUFzq1HEqPiF1RuOdMqGt25VbVSPJDswB393o/Q/MB7AwpsH7vXSv1O/EHU/g
         EJmJHCNjufDfKnPV6/59djrlMUFCod4mdh3L8NTi0SBXz1lZHqi4moMDU3AZqWlvhFK6
         1Ab9pUCH7LVZF+g8RJSWtJQD/ZKteLBxaL/bgLknsgoovTQMniBbKegjnb1Vk8sA5elx
         5Q6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :in-reply-to:message-id:date:subject:cc:to:from
         :arc-authentication-results;
        bh=QUNu19oLDV4fiz7sgmyqjNtUfC2NJus/2ozH845U81A=;
        b=nq+QK8oroyB5QIH/wvDh+cWmIvXUsHjJtlRV+g0ItpLgRZjubWXoDIIbHavhU4CJpN
         dibRcYLxnlKyVnD8WBZ+VN2X5qh1HnCwqN0RgEptfK9Do4wlQwVQbxhOf3JeuBxhUpjH
         uytpA+uQ+Hr8hrFMN2+phibsRcHWQi1TqnUwDkEmS2BiYTocPtYvNBSovORy/a0Bmuwq
         JxlSZ8oGejjYxxHXTQQA3qUhbdFsoEdo0qfjiUzxzbhigA8KRDgCy0J46ayiwtPKL4j6
         vYmpUFzOLklQ8E8hHOhmupQEOQobiSebCPD+GZw/74wQmi38TUgkDINQ1hyMt+x3leh8
         yk5A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q14si1202584pgr.311.2018.04.11.13.11.09;
        Wed, 11 Apr 2018 13:11:46 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1757324AbeDKUGm (ORCPT <rfc822;ablacktshirt@gmail.com>
        + 99 others); Wed, 11 Apr 2018 16:06:42 -0400
Received: from mail.linuxfoundation.org ([140.211.169.12]:34962 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S933679AbeDKSzS (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 11 Apr 2018 14:55:18 -0400
Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202])
        by mail.linuxfoundation.org (Postfix) with ESMTPSA id 2D24799F;
        Wed, 11 Apr 2018 18:55:18 +0000 (UTC)
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Ihar Hrachyshka <ihrachys@redhat.com>,
        "David S. Miller" <davem@davemloft.net>,
        Sasha Levin <alexander.levin@microsoft.com>
Subject: [PATCH 4.9 062/310] neighbour: update neigh timestamps iff update is effective
Date:   Wed, 11 Apr 2018 20:33:21 +0200
Message-Id: <20180411183624.897752184@linuxfoundation.org>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180411183622.305902791@linuxfoundation.org>
References: <20180411183622.305902791@linuxfoundation.org>
User-Agent: quilt/0.65
X-stable: review
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

4.9-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Ihar Hrachyshka <ihrachys@redhat.com>


[ Upstream commit 77d7123342dcf6442341b67816321d71da8b2b16 ]

It's a common practice to send gratuitous ARPs after moving an
IP address to another device to speed up healing of a service. To
fulfill service availability constraints, the timing of network peers
updating their caches to point to a new location of an IP address can be
particularly important.

Sometimes neigh_update calls won't touch neither lladdr nor state, for
example if an update arrives in locktime interval. The neigh->updated
value is tested by the protocol specific neigh code, which in turn
will influence whether NEIGH_UPDATE_F_OVERRIDE gets set in the
call to neigh_update() or not. As a result, we may effectively ignore
the update request, bailing out of touching the neigh entry, except that
we still bump its timestamps inside neigh_update.

This may be a problem for updates arriving in quick succession. For
example, consider the following scenario:

A service is moved to another device with its IP address. The new device
sends three gratuitous ARP requests into the network with ~1 seconds
interval between them. Just before the first request arrives to one of
network peer nodes, its neigh entry for the IP address transitions from
STALE to DELAY.  This transition, among other things, updates
neigh->updated. Once the kernel receives the first gratuitous ARP, it
ignores it because its arrival time is inside the locktime interval. The
kernel still bumps neigh->updated. Then the second gratuitous ARP
request arrives, and it's also ignored because it's still in the (new)
locktime interval. Same happens for the third request. The node
eventually heals itself (after delay_first_probe_time seconds since the
initial transition to DELAY state), but it just wasted some time and
require a new ARP request/reply round trip. This unfortunate behaviour
both puts more load on the network, as well as reduces service
availability.

This patch changes neigh_update so that it bumps neigh->updated (as well
as neigh->confirmed) only once we are sure that either lladdr or entry
state will change). In the scenario described above, it means that the
second gratuitous ARP request will actually update the entry lladdr.

Ideally, we would update the neigh entry on the very first gratuitous
ARP request. The locktime mechanism is designed to ignore ARP updates in
a short timeframe after a previous ARP update was honoured by the kernel
layer. This would require tracking timestamps for state transitions
separately from timestamps when actual updates are received. This would
probably involve changes in neighbour struct. Therefore, the patch
doesn't tackle the issue of the first gratuitous APR ignored, leaving
it for a follow-up.

Signed-off-by: Ihar Hrachyshka <ihrachys@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/core/neighbour.c |   14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -1130,10 +1130,6 @@ int neigh_update(struct neighbour *neigh
 		lladdr = neigh->ha;
 	}
 
-	if (new & NUD_CONNECTED)
-		neigh->confirmed = jiffies;
-	neigh->updated = jiffies;
-
 	/* If entry was valid and address is not changed,
 	   do not change entry state, if new one is STALE.
 	 */
@@ -1155,6 +1151,16 @@ int neigh_update(struct neighbour *neigh
 		}
 	}
 
+	/* Update timestamps only once we know we will make a change to the
+	 * neighbour entry. Otherwise we risk to move the locktime window with
+	 * noop updates and ignore relevant ARP updates.
+	 */
+	if (new != old || lladdr != neigh->ha) {
+		if (new & NUD_CONNECTED)
+			neigh->confirmed = jiffies;
+		neigh->updated = jiffies;
+	}
+
 	if (new != old) {
 		neigh_del_timer(neigh);
 		if (new & NUD_PROBE)