Message ID | cover.1650470610.git.gnault@redhat.com (mailing list archive) |
---|---|
Headers | show |
Series | ipv4: First steps toward removing RTO_ONLINK | expand |
On 4/20/22 5:21 PM, Guillaume Nault wrote: > RTO_ONLINK is a flag that allows to reduce the scope of route lookups. > It's stored in a normally unused bit of the ->flowi4_tos field, in > struct flowi4. However it has several problems: > > * This bit is also used by ECN. Although ECN bits are supposed to be > cleared before doing a route lookup, it happened that some code > paths didn't properly sanitise their ->flowi4_tos. So this mechanism > is fragile and we had bugs in the past where ECN bits slipped in and > could end up being erroneously interpreted as RTO_ONLINK. > > * A dscp_t type was recently introduced to ensure ECN bits are cleared > during route lookups. ->flowi4_tos is the most important structure > field to convert, but RTO_ONLINK prevents such conversion, as dscp_t > mandates that ECN bits (where RTO_ONLINK is stored) be zero. > > Therefore we need to stop using RTO_ONLINK altogether. Fortunately > RTO_ONLINK isn't a necessity. Instead of passing a flag in ->flowi4_tos > to tell the route lookup function to restrict the scope, we can simply > initialise the scope correctly. > I believe the set looks ok. I think the fib test coverage in selftests could use more tests to cover tos.
On Thu, Apr 21, 2022 at 09:10:21PM -0600, David Ahern wrote: > On 4/20/22 5:21 PM, Guillaume Nault wrote: > > RTO_ONLINK is a flag that allows to reduce the scope of route lookups. > > It's stored in a normally unused bit of the ->flowi4_tos field, in > > struct flowi4. However it has several problems: > > > > * This bit is also used by ECN. Although ECN bits are supposed to be > > cleared before doing a route lookup, it happened that some code > > paths didn't properly sanitise their ->flowi4_tos. So this mechanism > > is fragile and we had bugs in the past where ECN bits slipped in and > > could end up being erroneously interpreted as RTO_ONLINK. > > > > * A dscp_t type was recently introduced to ensure ECN bits are cleared > > during route lookups. ->flowi4_tos is the most important structure > > field to convert, but RTO_ONLINK prevents such conversion, as dscp_t > > mandates that ECN bits (where RTO_ONLINK is stored) be zero. > > > > Therefore we need to stop using RTO_ONLINK altogether. Fortunately > > RTO_ONLINK isn't a necessity. Instead of passing a flag in ->flowi4_tos > > to tell the route lookup function to restrict the scope, we can simply > > initialise the scope correctly. > > > > I believe the set looks ok. I think the fib test coverage in selftests > could use more tests to cover tos. Yes, this is on my todo list. I also plan to review existing tests that cover route lookups with link scope, and extend them if necessary. Thanks for the review.
Hello: This series was applied to netdev/net-next.git (master) by David S. Miller <davem@davemloft.net>: On Thu, 21 Apr 2022 01:21:19 +0200 you wrote: > RTO_ONLINK is a flag that allows to reduce the scope of route lookups. > It's stored in a normally unused bit of the ->flowi4_tos field, in > struct flowi4. However it has several problems: > > * This bit is also used by ECN. Although ECN bits are supposed to be > cleared before doing a route lookup, it happened that some code > paths didn't properly sanitise their ->flowi4_tos. So this mechanism > is fragile and we had bugs in the past where ECN bits slipped in and > could end up being erroneously interpreted as RTO_ONLINK. > > [...] Here is the summary with links: - [net-next,1/3] ipv4: Don't reset ->flowi4_scope in ip_rt_fix_tos(). https://git.kernel.org/netdev/net-next/c/16a28267774c - [net-next,2/3] ipv4: Avoid using RTO_ONLINK with ip_route_connect(). https://git.kernel.org/netdev/net-next/c/67e1e2f4854b - [net-next,3/3] ipv4: Initialise ->flowi4_scope properly in ICMP handlers. https://git.kernel.org/netdev/net-next/c/b1ad41384866 You are awesome, thank you!