Received: by 2002:a17:90a:1609:0:0:0:0 with SMTP id n9csp846723pja; Wed, 1 Apr 2020 09:45:40 -0700 (PDT) X-Google-Smtp-Source: ADFU+vvPDOTVzBKTjau40S9X+FLc6JG84EYeAzCblKZnakmWQXBhNif3/SBpmlyE4ELY99DwiQ2E X-Received: by 2002:a4a:d746:: with SMTP id h6mr17531909oot.21.1585759539985; Wed, 01 Apr 2020 09:45:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585759539; cv=none; d=google.com; s=arc-20160816; b=lenzu7sZgolOfIueWR7c5VfqLwGVHxpFbIm44T/qRyF8RjYijuRN9PCEbUDBuLoxwd stSbXsqcMEZuU8jJ4neu0YcesGMkAsDOHYc+HdtLPGOIWOK2FCV23Gk5mu+KPnLAmYLb bx/G8Ynn5FpV8JNrRhVdbGHIcuFtM0iI2b6PH0+u5JUW5yXEvVU2jMTVi4hTsmzu8cfy aFGek/m2MRPlf8f2So45+tSLqI4lLtkFxCBA3maaLGy/IHcvjBhwbqkTNkZL/UvYBb1z kpgj8SRwCUf6W3vd0GACyH8mBSAgtp3eRL2IXMKxm9D5FUIjKF9QnbvLbZ9trIOXwRmu jmGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=SclqUQmjr7V3GQM/2r3d9h4w+8/ZDiVBVfgVAmqa7Ik=; b=B102XHOPbE4Ak54Xn4o96b0peKqqAN2jcpt2jL5RrunYbVug1DGjDuMiwINYLzZwxl UzHl3QQUjPJAMAe7YcetzaATumuEDwbvW27eg8nR9iWfc0kxI/XFRNS73Or3LrcG/sFB WBFqL3QMdgdav5DEjpGozkYNR5lTlSceZ+27vlQFe81U298s21GbSeU2rtxo2RafKN/0 LFdYA/OLFm45OY1+E6DKH8yIk8Mh6zNXuGa5puDAaJC93DFY/NvZTsnCmD8AatFTnlDW x9eVQohBsqjpKAW4bPmw9h6iu4mUb7KVZURDys9aAaXUrISo3VCbuRdsU8dYcPfXbh+c WiAg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=fIfJYyBe; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i14si936294oov.24.2020.04.01.09.45.27; Wed, 01 Apr 2020 09:45:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=fIfJYyBe; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389655AbgDAQnm (ORCPT + 99 others); Wed, 1 Apr 2020 12:43:42 -0400 Received: from mail.kernel.org ([198.145.29.99]:44562 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389650AbgDAQnl (ORCPT ); Wed, 1 Apr 2020 12:43:41 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id E81D62063A; Wed, 1 Apr 2020 16:43:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1585759421; bh=VqqyroAfWhyQOvnteSX/FAKaG6w+Qak3m5q11T6oLKM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fIfJYyBegzHN6gozLHT6GJPpg5IY/Gohq4OEXBjiSwPgUxV0TcBzC3a761FaNKrvi dejak29f/cyzG/VjJJLw9bkUbYVwnqe5AesEHiNfx95ceWBJSQqg4yCF7oNYOgV4X1 4Rzi+/xbrG1g9h9VCk91Pge7KZFR6hmSO9MMMngo= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sabrina Dubroca , Stefano Brivio , "David S. Miller" , Sasha Levin Subject: [PATCH 4.14 073/148] net: ipv4: dont let PMTU updates increase route MTU Date: Wed, 1 Apr 2020 18:17:45 +0200 Message-Id: <20200401161600.427535721@linuxfoundation.org> X-Mailer: git-send-email 2.26.0 In-Reply-To: <20200401161552.245876366@linuxfoundation.org> References: <20200401161552.245876366@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sabrina Dubroca [ Upstream commit 28d35bcdd3925e7293408cdb8aa5f2aac5f0d6e3 ] When an MTU update with PMTU smaller than net.ipv4.route.min_pmtu is received, we must clamp its value. However, we can receive a PMTU exception with PMTU < old_mtu < ip_rt_min_pmtu, which would lead to an increase in PMTU. To fix this, take the smallest of the old MTU and ip_rt_min_pmtu. Before this patch, in case of an update, the exception's MTU would always change. Now, an exception can have only its lock flag updated, but not the MTU, so we need to add a check on locking to the following "is this exception getting updated, or close to expiring?" test. Fixes: d52e5a7e7ca4 ("ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu") Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio Signed-off-by: David S. Miller Signed-off-by: Sasha Levin --- net/ipv4/route.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 8b855d3eec9e7..05fe1d0075444 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -1014,21 +1014,22 @@ out: kfree_skb(skb); static void __ip_rt_update_pmtu(struct rtable *rt, struct flowi4 *fl4, u32 mtu) { struct dst_entry *dst = &rt->dst; + u32 old_mtu = ipv4_mtu(dst); struct fib_result res; bool lock = false; if (ip_mtu_locked(dst)) return; - if (ipv4_mtu(dst) < mtu) + if (old_mtu < mtu) return; if (mtu < ip_rt_min_pmtu) { lock = true; - mtu = ip_rt_min_pmtu; + mtu = min(old_mtu, ip_rt_min_pmtu); } - if (rt->rt_pmtu == mtu && + if (rt->rt_pmtu == mtu && !lock && time_before(jiffies, dst->expires - ip_rt_mtu_expires / 2)) return; -- 2.20.1