Received: by 10.192.165.156 with SMTP id m28csp1176353imm;
        Wed, 11 Apr 2018 13:57:49 -0700 (PDT)
X-Google-Smtp-Source: AIpwx48HHLaTubzHg6hN9jiQBE3TBKADft74YwNstvDny2KKTLRnKacfSc3OPIzb53OgqkAkz1HC
X-Received: by 10.99.110.129 with SMTP id j123mr4472450pgc.65.1523480269266;
        Wed, 11 Apr 2018 13:57:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523480269; cv=none;
        d=google.com; s=arc-20160816;
        b=BziRGGslBkvfX8TBNLwhNlGTdTtpG+sA4m3tMeWa5GLdLqsEhV33mdzGOHpBCQf/8I
         Oo8mjVhF+tNDYmf+7YNnILcAsmsk8iaB2iSl6tJbRP5YWSn0usk1xDr4+nwL8TSNwP65
         AFQmVueIcQD58QSJwfJQv9bqK4oiP8Z+ERVWid3Olhc5F6haq0Y56QY0BkmQ0RTRhTRC
         RxVV4vbTINGUEq1HNcXgg5BdGlFoYfvNGlMpHyLRQ94OGdDLdFWgVMp86melNeRxahCz
         +lHO+FDtFpTn6ILzLDEhMf54cZAHGzkMn5t90ZpSl0EXFNXLCpIOuom25LJ/hmOKAp80
         HSKA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :in-reply-to:message-id:date:subject:cc:to:from
         :arc-authentication-results;
        bh=jWVjVXP0tkTOB+mlfa3A5GvmypqbBaq+Chdiq550n08=;
        b=GPikw+8uwxQkL2BhAKeIH2NvOlDPG3VCh9U940cgB6DSeuozUfXj1pHF3Bi7qHgnam
         uuKVQh3iCH2ykjev6b/VzIsk5I5tRhtDQf5AyUf5joWSUXMUdaMY2rSEIfpGwnuSoBzh
         G2V5d07voFnuuhFHHXAgETTtwpJOdA/0cu5ZexLOUGMoxZ5JbaaVXptlaRU/B7JwAKbF
         1qEeOnfTNJeCl8bq3LNgWpEhmVqHKaAtI8NLQ3QmTKUhE1mOA1zUea8E6+VppX2YUJOI
         YIp0x8V77m+RMfvaXNx9+/Fb9/Feusvhc9sl2oXtrDIZS90amBuIQ2fox4dngoMPRmsG
         uIVA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 1-v6si1801272plj.510.2018.04.11.13.57.12;
        Wed, 11 Apr 2018 13:57:49 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755723AbeDKUx4 (ORCPT <rfc822;ablacktshirt@gmail.com>
        + 99 others); Wed, 11 Apr 2018 16:53:56 -0400
Received: from mail.linuxfoundation.org ([140.211.169.12]:58512 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932280AbeDKSpK (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 11 Apr 2018 14:45:10 -0400
Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202])
        by mail.linuxfoundation.org (Postfix) with ESMTPSA id 73531A59;
        Wed, 11 Apr 2018 18:45:09 +0000 (UTC)
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Ihar Hrachyshka <ihrachys@redhat.com>,
        "David S. Miller" <davem@davemloft.net>,
        Sasha Levin <alexander.levin@microsoft.com>
Subject: [PATCH 4.4 041/190] neighbour: update neigh timestamps iff update is effective
Date:   Wed, 11 Apr 2018 20:34:47 +0200
Message-Id: <20180411183552.546752390@linuxfoundation.org>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180411183550.114495991@linuxfoundation.org>
References: <20180411183550.114495991@linuxfoundation.org>
User-Agent: quilt/0.65
X-stable: review
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

4.4-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Ihar Hrachyshka <ihrachys@redhat.com>


[ Upstream commit 77d7123342dcf6442341b67816321d71da8b2b16 ]

It's a common practice to send gratuitous ARPs after moving an
IP address to another device to speed up healing of a service. To
fulfill service availability constraints, the timing of network peers
updating their caches to point to a new location of an IP address can be
particularly important.

Sometimes neigh_update calls won't touch neither lladdr nor state, for
example if an update arrives in locktime interval. The neigh->updated
value is tested by the protocol specific neigh code, which in turn
will influence whether NEIGH_UPDATE_F_OVERRIDE gets set in the
call to neigh_update() or not. As a result, we may effectively ignore
the update request, bailing out of touching the neigh entry, except that
we still bump its timestamps inside neigh_update.

This may be a problem for updates arriving in quick succession. For
example, consider the following scenario:

A service is moved to another device with its IP address. The new device
sends three gratuitous ARP requests into the network with ~1 seconds
interval between them. Just before the first request arrives to one of
network peer nodes, its neigh entry for the IP address transitions from
STALE to DELAY.  This transition, among other things, updates
neigh->updated. Once the kernel receives the first gratuitous ARP, it
ignores it because its arrival time is inside the locktime interval. The
kernel still bumps neigh->updated. Then the second gratuitous ARP
request arrives, and it's also ignored because it's still in the (new)
locktime interval. Same happens for the third request. The node
eventually heals itself (after delay_first_probe_time seconds since the
initial transition to DELAY state), but it just wasted some time and
require a new ARP request/reply round trip. This unfortunate behaviour
both puts more load on the network, as well as reduces service
availability.

This patch changes neigh_update so that it bumps neigh->updated (as well
as neigh->confirmed) only once we are sure that either lladdr or entry
state will change). In the scenario described above, it means that the
second gratuitous ARP request will actually update the entry lladdr.

Ideally, we would update the neigh entry on the very first gratuitous
ARP request. The locktime mechanism is designed to ignore ARP updates in
a short timeframe after a previous ARP update was honoured by the kernel
layer. This would require tracking timestamps for state transitions
separately from timestamps when actual updates are received. This would
probably involve changes in neighbour struct. Therefore, the patch
doesn't tackle the issue of the first gratuitous APR ignored, leaving
it for a follow-up.

Signed-off-by: Ihar Hrachyshka <ihrachys@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/core/neighbour.c |   14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -1132,10 +1132,6 @@ int neigh_update(struct neighbour *neigh
 		lladdr = neigh->ha;
 	}
 
-	if (new & NUD_CONNECTED)
-		neigh->confirmed = jiffies;
-	neigh->updated = jiffies;
-
 	/* If entry was valid and address is not changed,
 	   do not change entry state, if new one is STALE.
 	 */
@@ -1159,6 +1155,16 @@ int neigh_update(struct neighbour *neigh
 		}
 	}
 
+	/* Update timestamps only once we know we will make a change to the
+	 * neighbour entry. Otherwise we risk to move the locktime window with
+	 * noop updates and ignore relevant ARP updates.
+	 */
+	if (new != old || lladdr != neigh->ha) {
+		if (new & NUD_CONNECTED)
+			neigh->confirmed = jiffies;
+		neigh->updated = jiffies;
+	}
+
 	if (new != old) {
 		neigh_del_timer(neigh);
 		if (new & NUD_PROBE)