* [PATCH net] ipv6: don't set DST_NOCOUNT for remotely added routes
@ 2014-03-06 16:51 Sabrina Dubroca
2014-03-06 20:27 ` David Miller
0 siblings, 1 reply; 4+ messages in thread
From: Sabrina Dubroca @ 2014-03-06 16:51 UTC (permalink / raw)
To: davem; +Cc: netdev, hannes, Sabrina Dubroca
DST_NOCOUNT should only be used if an authorized user adds routes
locally. In case of routes which are added on behalf of router
advertisments this flag must not get used as it allows an unlimited
number of routes getting added remotely.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
---
Hannes suggested this for stable
net/ipv6/route.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 11dac21e6586..fba54a407bb2 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -1513,7 +1513,7 @@ int ip6_route_add(struct fib6_config *cfg)
if (!table)
goto out;
- rt = ip6_dst_alloc(net, NULL, DST_NOCOUNT, table);
+ rt = ip6_dst_alloc(net, NULL, (cfg->fc_flags & RTF_ADDRCONF) ? 0 : DST_NOCOUNT, table);
if (!rt) {
err = -ENOMEM;
--
1.9.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH net] ipv6: don't set DST_NOCOUNT for remotely added routes
2014-03-06 16:51 [PATCH net] ipv6: don't set DST_NOCOUNT for remotely added routes Sabrina Dubroca
@ 2014-03-06 20:27 ` David Miller
2014-03-06 21:03 ` Sabrina Dubroca
0 siblings, 1 reply; 4+ messages in thread
From: David Miller @ 2014-03-06 20:27 UTC (permalink / raw)
To: sd; +Cc: netdev, hannes
From: Sabrina Dubroca <sd@queasysnail.net>
Date: Thu, 6 Mar 2014 17:51:57 +0100
> DST_NOCOUNT should only be used if an authorized user adds routes
> locally. In case of routes which are added on behalf of router
> advertisments this flag must not get used as it allows an unlimited
> number of routes getting added remotely.
>
> Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
> Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
> ---
>
> Hannes suggested this for stable
This seems to conflict with the intentions of:
commit a3300ef4bbb1f1e33ff0400e1e6cf7733d988f4f
Author: Hannes Frederic Sowa <hannes@stressinduktion.org>
Date: Sat Dec 7 03:33:45 2013 +0100
ipv6: don't count addrconf generated routes against gc limit
If not, why not?
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH net] ipv6: don't set DST_NOCOUNT for remotely added routes
2014-03-06 20:27 ` David Miller
@ 2014-03-06 21:03 ` Sabrina Dubroca
2014-03-06 22:30 ` David Miller
0 siblings, 1 reply; 4+ messages in thread
From: Sabrina Dubroca @ 2014-03-06 21:03 UTC (permalink / raw)
To: David Miller; +Cc: netdev, hannes
2014-03-06, 15:27:15 -0500, David Miller wrote:
> From: Sabrina Dubroca <sd@queasysnail.net>
> Date: Thu, 6 Mar 2014 17:51:57 +0100
>
> > DST_NOCOUNT should only be used if an authorized user adds routes
> > locally. In case of routes which are added on behalf of router
> > advertisments this flag must not get used as it allows an unlimited
> > number of routes getting added remotely.
> >
> > Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
> > Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
> > ---
> >
> > Hannes suggested this for stable
>
> This seems to conflict with the intentions of:
>
> commit a3300ef4bbb1f1e33ff0400e1e6cf7733d988f4f
> Author: Hannes Frederic Sowa <hannes@stressinduktion.org>
> Date: Sat Dec 7 03:33:45 2013 +0100
>
> ipv6: don't count addrconf generated routes against gc limit
>
> If not, why not?
These are not the same routes. The commit you mention is for the
routes added to the loopback device in the local table (limited by
max_addresses as the log says).
This patch limits the number of "real" routes that can be added,
which is currently unlimited.
--
Sabrina
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH net] ipv6: don't set DST_NOCOUNT for remotely added routes
2014-03-06 21:03 ` Sabrina Dubroca
@ 2014-03-06 22:30 ` David Miller
0 siblings, 0 replies; 4+ messages in thread
From: David Miller @ 2014-03-06 22:30 UTC (permalink / raw)
To: sd; +Cc: netdev, hannes
From: Sabrina Dubroca <sd@queasysnail.net>
Date: Thu, 6 Mar 2014 22:03:17 +0100
> 2014-03-06, 15:27:15 -0500, David Miller wrote:
>> From: Sabrina Dubroca <sd@queasysnail.net>
>> Date: Thu, 6 Mar 2014 17:51:57 +0100
>>
>> > DST_NOCOUNT should only be used if an authorized user adds routes
>> > locally. In case of routes which are added on behalf of router
>> > advertisments this flag must not get used as it allows an unlimited
>> > number of routes getting added remotely.
>> >
>> > Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
>> > Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
>> > ---
>> >
>> > Hannes suggested this for stable
>>
>> This seems to conflict with the intentions of:
>>
>> commit a3300ef4bbb1f1e33ff0400e1e6cf7733d988f4f
>> Author: Hannes Frederic Sowa <hannes@stressinduktion.org>
>> Date: Sat Dec 7 03:33:45 2013 +0100
>>
>> ipv6: don't count addrconf generated routes against gc limit
>>
>> If not, why not?
>
> These are not the same routes. The commit you mention is for the
> routes added to the loopback device in the local table (limited by
> max_addresses as the log says).
>
> This patch limits the number of "real" routes that can be added,
> which is currently unlimited.
Ok, I see the difference now, thanks for explaining.
Applied and queued up for -stable.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-03-06 22:30 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-03-06 16:51 [PATCH net] ipv6: don't set DST_NOCOUNT for remotely added routes Sabrina Dubroca
2014-03-06 20:27 ` David Miller
2014-03-06 21:03 ` Sabrina Dubroca
2014-03-06 22:30 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).