Received: by 2002:a05:6358:f14:b0:e5:3b68:ec04 with SMTP id b20csp4258971rwj; Tue, 20 Dec 2022 07:58:28 -0800 (PST) X-Google-Smtp-Source: AA0mqf4pv/e5pREUS3kjO+BNzIHSXuZDjFp2uoQ6B9aBRTYOylu4RKzIIkpLVssYUi4HwvRVqfcj X-Received: by 2002:a17:906:fac5:b0:7c1:277:cb05 with SMTP id lu5-20020a170906fac500b007c10277cb05mr44407382ejb.6.1671551908446; Tue, 20 Dec 2022 07:58:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671551908; cv=none; d=google.com; s=arc-20160816; b=T72pAC9rw5snaGkoPopkdXjucIrilP3LfQgMV7uImX1AEq5xvFS4WKCLkwreWY9BTl 7yzi2hR/rMOEDNOGEnOoBU1vKoI2nUGYxbHTuuKcBn0Ccd1I0sRNlMnz4hihO03MKv9P 4rVYQ48cLU6TKwcbrOHTzgM5mJzZgIjfqWgtLwpU9BE/z8T2fJhMRc30Py6xVkFwfq81 9Oxyxgkt+horan45GxY+m1aNTi4eoU0uDRSmK/BZAkl68wPfBYyjrbXCuOWGZHUL+AOF G6y5Dp5152Sj5G21bpwTY2Zf2jQdNJhw+4CWUi0JUM9Q+mIhZDdJGZMqUz1b/Svo6SyD Wq7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:message-id:in-reply-to :subject:cc:to:from:date; bh=Nkoy29PsO5Sr5ZaRzEd7IXmsctlGq98zr9aks1MzhxM=; b=IovrKnDj7JVnajLf0xm+LztUtorY/Rea0CIFN8Ii/84A6PLf7sbW/2AE36Mpj2fsQG GLouNOxka1T3kvZRe3q28f2Uad7qNOOtlcRsHyCbh8N8WhP93xGzgBdQge2iLjMFet3v dh1vetONXHJrzsCYT6HaBw7Rngpfe/2TT8eUOOXKs/4glZlwyvj0v1qNY8IXNShhAYFC WZU4pZmXnm0Qfnz9TgnkfUNTMJSvO0N5/nkLAfw1ShzzUC2rE1QxtBihN0VcmekJWTZR pnu4KpgqFaBhevGzN7RbIURh8CvoEl3n+vnHSbZYCdBvyzVEEm5MXVs/Y+i1u9UWb3Ea s6Aw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ssi.bg Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a21-20020a1709066d5500b00782ff2649a7si9798353ejt.346.2022.12.20.07.58.11; Tue, 20 Dec 2022 07:58:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ssi.bg Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233392AbiLTPlh (ORCPT + 69 others); Tue, 20 Dec 2022 10:41:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37860 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229810AbiLTPl3 (ORCPT ); Tue, 20 Dec 2022 10:41:29 -0500 Received: from mg.ssi.bg (mg.ssi.bg [193.238.174.37]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id F057110045; Tue, 20 Dec 2022 07:41:27 -0800 (PST) Received: from mg.ssi.bg (localhost [127.0.0.1]) by mg.ssi.bg (Proxmox) with ESMTP id 4DB3535200; Tue, 20 Dec 2022 17:41:27 +0200 (EET) Received: from ink.ssi.bg (unknown [193.238.174.40]) by mg.ssi.bg (Proxmox) with ESMTP id 6BCB435183; Tue, 20 Dec 2022 17:41:25 +0200 (EET) Received: from ja.ssi.bg (unknown [178.16.129.10]) by ink.ssi.bg (Postfix) with ESMTPS id C441F3C07CC; Tue, 20 Dec 2022 17:41:22 +0200 (EET) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by ja.ssi.bg (8.17.1/8.16.1) with ESMTP id 2BKFfKDx068357; Tue, 20 Dec 2022 17:41:20 +0200 Date: Tue, 20 Dec 2022 17:41:20 +0200 (EET) From: Julian Anastasov To: Paolo Abeni cc: Jon Maxwell , davem@davemloft.net, edumazet@google.com, kuba@kernel.org, yoshfuji@linux-ipv6.org, dsahern@kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [net-next] ipv6: fix routing cache overflow for raw sockets In-Reply-To: <9f145202ca6a59b48d4430ed26a7ab0fe4c5dfaf.camel@redhat.com> Message-ID: <98a8f9b6-36d1-d184-d860-e07a2e24fc9c@ssi.bg> References: <20221218234801.579114-1-jmaxwell37@gmail.com> <9f145202ca6a59b48d4430ed26a7ab0fe4c5dfaf.camel@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, On Tue, 20 Dec 2022, Paolo Abeni wrote: > Are other FLOWI_FLAG_KNOWN_NH users affected, too? e.g. nf_dup_ipv6, > ipvs, seg6? I forgot to mention one thing: IPVS can cache such routes in its own storage, one per backend server, it still calls dst->ops->check for them. So, such route can live for long time, that is why they were created as uncached. So, IPVS requests one route, remembers it and then can attach it to multiple packets for this backend server with skb_dst_set_noref. So, IPVS have to use 4096 backend servers to hit this limit. It does not look correct in this patch to invalidate the FLOWI_FLAG_KNOWN_NH flag with a FLOWI_FLAG_SKIP_RAW flag. The same thing would be to not set FLOWI_FLAG_KNOWN_NH which is wrong for the hdrincl case. Regards -- Julian Anastasov