From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: David Ahern <dsa@cumulusnetworks.com>
Cc: Netdev <netdev@vger.kernel.org>,
Hannes Frederic Sowa <hannes@stressinduktion.org>,
LKML <linux-kernel@vger.kernel.org>,
WireGuard mailing list <wireguard@lists.zx2c4.com>,
YOSHIFUJI Hideaki <hideaki.yoshifuji@miraclelinux.com>
Subject: Re: [WireGuard] Source address fib invalidation on IPv6
Date: Sun, 13 Nov 2016 01:51:20 +0100 [thread overview]
Message-ID: <CAHmME9qpWCBCHfmjDOL1-7=FJPiqhzh=vg+5dh-hvbbAXnskNQ@mail.gmail.com> (raw)
In-Reply-To: <CAHmME9pMzcwjveOoa08-fVCnZTkaoMz8y9DEc7f6b-4PeWu4xQ@mail.gmail.com>
On Sun, Nov 13, 2016 at 1:43 AM, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> In perusing through the v6 FIB code, I don't even see an analog of
> __ip_dev_find... Hm?
Of all places, the iscsi code actually has a nice side-by-side
comparison. So far as I can see, the other protocols just omit this
check in the v6 case, which I believe to be errant behavior. For
example, grep for ip_dev_find in the sctp v4 code. The equivalent v6
code is missing the dev check. Ugly! Here's the block I found in
cxgbit_cm.c:
static struct net_device *cxgbit_ipv4_netdev(__be32 saddr)
{
struct net_device *ndev;
ndev = __ip_dev_find(&init_net, saddr, false);
if (!ndev)
return NULL;
return cxgbit_get_real_dev(ndev);
}
static struct net_device *cxgbit_ipv6_netdev(struct in6_addr *addr6)
{
struct net_device *ndev = NULL;
bool found = false;
if (IS_ENABLED(CONFIG_IPV6)) {
for_each_netdev_rcu(&init_net, ndev)
if (ipv6_chk_addr(&init_net, addr6, ndev, 1)) {
found = true;
break;
}
}
if (!found)
return NULL;
return cxgbit_get_real_dev(ndev);
}
It seems like __ip6_dev_find could be made out of that inner loop.
Then existing uses like that iscsi code can be replaced with that
helper function, and the existing ip6 route tail function can be
augmented in the manner you recommended. Seem like a decent
implementation strategy?
I might submit some patches, unless you beat me to it.
Jason
prev parent reply other threads:[~2016-11-13 0:49 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-11 19:29 Jason A. Donenfeld
2016-11-11 22:14 ` David Ahern
2016-11-12 2:18 ` Jason A. Donenfeld
2016-11-12 15:40 ` Jason A. Donenfeld
2016-11-12 18:14 ` David Ahern
2016-11-12 19:08 ` Jason A. Donenfeld
2016-11-13 0:43 ` Jason A. Donenfeld
2016-11-13 0:51 ` Hannes Frederic Sowa
2016-11-13 1:00 ` Jason A. Donenfeld
2016-11-13 13:23 ` [WireGuard] [PATCH] ip6_output: ensure flow saddr actually belongs to device Jason A. Donenfeld
2016-11-13 16:30 ` David Ahern
2016-11-13 19:02 ` [WireGuard] [PATCH v2] " Jason A. Donenfeld
2016-11-13 20:45 ` David Ahern
2016-11-13 23:28 ` [WireGuard] [PATCH v3] " Jason A. Donenfeld
2016-11-14 1:36 ` [WireGuard] Debugging AllowedIps John Huttley
2016-11-14 1:39 ` Jason A. Donenfeld
2016-11-14 2:28 ` John Huttley
2016-11-14 2:59 ` Jason A. Donenfeld
2016-11-14 3:10 ` John Huttley
2016-11-14 16:19 ` [WireGuard] [PATCH v3] ip6_output: ensure flow saddr actually belongs to device David Ahern
[not found] ` <CAHmME9p6-mLSs84AwwfRXe8U3Z2sy6Dp9W9H0gKh0rcZuQAfZA@mail.gmail.com>
[not found] ` <CAHmME9qC4xqGOwJnauXrJBDkAtmmuJ+kJKL6ufuU9_XWKNFdSA@mail.gmail.com>
2016-11-14 16:54 ` Jason A. Donenfeld
2016-11-14 16:44 ` Hannes Frederic Sowa
2016-11-14 16:55 ` David Ahern
2016-11-14 17:04 ` Hannes Frederic Sowa
2016-11-14 17:17 ` David Ahern
2016-11-14 17:33 ` Hannes Frederic Sowa
2016-11-14 17:48 ` David Ahern
2016-11-14 18:33 ` Hannes Frederic Sowa
2016-11-15 0:45 ` Jason A. Donenfeld
2016-11-15 14:45 ` Hannes Frederic Sowa
2016-11-15 15:26 ` David Ahern
2016-11-13 20:19 ` [WireGuard] [PATCH] " Jason A. Donenfeld
2016-11-13 20:39 ` David Ahern
2016-11-13 0:51 ` Jason A. Donenfeld [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHmME9qpWCBCHfmjDOL1-7=FJPiqhzh=vg+5dh-hvbbAXnskNQ@mail.gmail.com' \
--to=jason@zx2c4.com \
--cc=dsa@cumulusnetworks.com \
--cc=hannes@stressinduktion.org \
--cc=hideaki.yoshifuji@miraclelinux.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).