redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/net/ipv6
History
Jesper Dangaard Brouer 849a44de91 net: don't global ICMP rate limit packets originating from loopback 
Florian Weimer seems to have a glibc test-case which requires that
loopback interfaces does not get ICMP ratelimited.  This was broken by
commit c0303efeab ("net: reduce cycles spend on ICMP replies that
gets rate limited").

An ICMP response will usually be routed back-out the same incoming
interface.  Thus, take advantage of this and skip global ICMP
ratelimit when the incoming device is loopback.  In the unlikely event
that the outgoing it not loopback, due to strange routing policy
rules, ICMP rate limiting still works via peer ratelimiting via
icmpv4_xrlim_allow().  Thus, we should still comply with RFC1812
(section 4.3.2.8 "Rate Limiting").

This seems to fix the reproducer given by Florian.  While still
avoiding to perform expensive and unneeded outgoing route lookup for
rate limited packets (in the non-loopback case).

Fixes: c0303efeab ("net: reduce cycles spend on ICMP replies that gets rate limited")
Reported-by: Florian Weimer <fweimer@redhat.com>
Reported-by: "H.J. Lu" <hjl.tools@gmail.com>
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2017-06-14 15:33:58 -04:00
..
ila ila_xlat: add missing hash secret initialization 2017-06-08 15:36:56 -04:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2017-05-03 10:11:26 -04:00
Kconfig ipv6: sr: select DST_CACHE by default 2017-03-27 16:05:06 -07:00
Makefile esp: Add a software GRO codepath 2017-02-15 11:04:11 +01:00
addrconf.c ipv6: avoid dad-failures for addresses with NODAD 2017-05-15 14:31:51 -04:00
addrconf_core.c
addrlabel.c net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
af_inet6.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-04-26 22:39:08 -04:00
ah6.c IPsec: do not ignore crypto err in ah6 input 2017-01-16 12:57:48 +01:00
anycast.c
calipso.c net/ipv6: Fix CALIPSO causing GPF with datagram support 2017-06-06 15:18:20 -04:00
datagram.c net-timestamp: avoid use-after-free in ip_recv_error 2017-04-17 12:59:22 -04:00
esp6.c esp: Fix misplaced spin_unlock_bh. 2017-04-24 07:56:31 +02:00
esp6_offload.c esp4/6: Fix GSO path for non-GSO SW-crypto packets 2017-04-19 07:48:57 +02:00
exthdrs.c ipv6: Need to export ipv6_push_frag_opts for tunneling now. 2017-05-01 15:10:20 -04:00
exthdrs_core.c ipv6: constify the skb pointer of ipv6_find_tlv(). 2016-06-27 15:06:15 -04:00
exthdrs_offload.c
fib6_rules.c net: flow: Add l3mdev flow update 2016-09-10 23:12:51 -07:00
fou6.c fou: add Kconfig options for IPv6 support 2016-05-29 22:24:21 -07:00
icmp.c net: don't global ICMP rate limit packets originating from loopback 2017-06-14 15:33:58 -04:00
inet6_connection_sock.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-01-28 10:33:06 -05:00
inet6_hashtables.c inet: collapse ipv4/v6 rcv_saddr_equal functions into one 2017-01-18 13:04:28 -05:00
ip6_checksum.c ipv6: fix checksum annotation in udp6_csum_init 2016-06-14 15:26:42 -04:00
ip6_fib.c ipv6: make ECMP route replacement less greedy 2017-03-13 12:16:17 -07:00
ip6_flowlabel.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
ip6_gre.c net: Fix inconsistent teardown and release of private netdev state. 2017-06-07 15:53:24 -04:00
ip6_icmp.c ipv6: icmp: add a force_saddr param to icmp6_send() 2016-06-18 22:11:38 -07:00
ip6_input.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-04-20 10:35:33 -04:00
ip6_offload.c ipv6: Fix leak in ipv6_gso_segment(). 2017-06-04 21:41:10 -04:00
ip6_offload.h udp: Add GRO functions to UDP socket 2016-04-07 16:53:29 -04:00
ip6_output.c ipv6: fix out of bound writes in __ip6_append_data() 2017-05-22 11:47:44 -04:00
ip6_tunnel.c net: Fix inconsistent teardown and release of private netdev state. 2017-06-07 15:53:24 -04:00
ip6_udp_tunnel.c ip6_udp_tunnel: remove unused IPCB related codes 2016-11-02 15:18:36 -04:00
ip6_vti.c net: Fix inconsistent teardown and release of private netdev state. 2017-06-07 15:53:24 -04:00
ip6mr.c net: Fix inconsistent teardown and release of private netdev state. 2017-06-07 15:53:24 -04:00
ipcomp6.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
ipv6_sockglue.c net: Allow IP_MULTICAST_IF to set index to L3 slave 2016-12-30 15:24:47 -05:00
mcast.c ipv6: add support for NETDEV_RESEND_IGMP event 2017-03-28 22:02:21 -07:00
mcast_snoop.c
mip6.c ktime: Get rid of ktime_equal() 2016-12-25 17:21:23 +01:00
ndisc.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-04-26 22:39:08 -04:00
netfilter.c net: inet: Support UID-based routing in IP protocols. 2016-11-04 14:45:23 -04:00
output_core.c ipv6: Prevent overrun when parsing v6 header options 2017-05-17 14:55:59 -04:00
ping.c net: ping: do not abuse udp_poll() 2017-06-04 22:56:55 -04:00
proc.c proc: snmp6: Use correct type in memset 2017-06-12 09:53:14 -04:00
protocol.c net: Add sysctl to toggle early demux for tcp and udp 2017-03-24 13:17:07 -07:00
raw.c net: ping: do not abuse udp_poll() 2017-06-04 22:56:55 -04:00
reassembly.c ipv6: on reassembly, record frag_max_size 2016-11-03 15:41:11 -04:00
route.c net: ipv6: Release route when device is unregistering 2017-06-08 11:12:39 -04:00
seg6.c ipv6: sr: fix out-of-bounds access in SRH validation 2017-04-20 15:40:33 -04:00
seg6_hmac.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-02-07 16:29:30 -05:00
seg6_iptunnel.c ipv6: sr: fix BUG due to headroom too small after SRH push 2017-04-17 15:33:53 -04:00
sit.c net: Fix inconsistent teardown and release of private netdev state. 2017-06-07 15:53:24 -04:00
syncookies.c tcp: randomize timestamps on syncookies 2017-05-05 12:00:11 -04:00
sysctl_net_ipv6.c calipso: Add a label cache. 2016-06-27 15:06:17 -04:00
tcp_ipv6.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-05-15 15:50:49 -07:00
tcpv6_offload.c
tunnel6.c ipv6: fix tunnel error handling 2015-11-03 10:52:13 -05:00
udp.c udp: make *udp*_queue_rcv_skb() functions static 2017-05-18 10:23:33 -04:00
udp_impl.h udp: make *udp*_queue_rcv_skb() functions static 2017-05-18 10:23:33 -04:00
udp_offload.c ipv6: Check ip6_find_1stfragopt() return value properly. 2017-05-17 22:54:11 -04:00
udplite.c udplite: call proper backlog handlers 2016-11-24 15:32:14 -05:00
xfrm6_input.c esp: Add a software GRO codepath 2017-02-15 11:04:11 +01:00
xfrm6_mode_beet.c
xfrm6_mode_ro.c ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() 2017-06-02 13:57:27 -04:00
xfrm6_mode_transport.c ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() 2017-06-02 13:57:27 -04:00
xfrm6_mode_tunnel.c xfrm: Add encapsulation header offsets while SKB is not encrypted 2017-04-14 10:07:39 +02:00
xfrm6_output.c xfrm: Add an IPsec hardware offloading API 2017-04-14 10:06:10 +02:00
xfrm6_policy.c xfrm: policy: make policy backend const 2017-02-09 10:22:19 +01:00
xfrm6_protocol.c xfrm: input: constify xfrm_input_afinfo 2017-02-09 10:22:17 +01:00
xfrm6_state.c
xfrm6_tunnel.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00