diff options
author | Paolo Abeni <pabeni@redhat.com> | 2019-10-04 15:11:17 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2019-10-04 17:27:04 -0700 |
commit | b406472b5ad79ede8d10077f0c8f05505ace8b6d (patch) | |
tree | e68b820360cf0a2f45dcba1d2a13a0f18a06cd61 /mm/Makefile | |
parent | a54cdeeb04fc719e4c7f19d6e28dba7ea86cee5b (diff) |
net: ipv4: avoid mixed n_redirects and rate_tokens usage
Since commit c09551c6ff7f ("net: ipv4: use a dedicated counter
for icmp_v4 redirect packets") we use 'n_redirects' to account
for redirect packets, but we still use 'rate_tokens' to compute
the redirect packets exponential backoff.
If the device sent to the relevant peer any ICMP error packet
after sending a redirect, it will also update 'rate_token' according
to the leaking bucket schema; typically 'rate_token' will raise
above BITS_PER_LONG and the redirect packets backoff algorithm
will produce undefined behavior.
Fix the issue using 'n_redirects' to compute the exponential backoff
in ip_rt_send_redirect().
Note that we still clear rate_tokens after a redirect silence period,
to avoid changing an established behaviour.
The root cause predates git history; before the mentioned commit in
the critical scenario, the kernel stopped sending redirects, after
the mentioned commit the behavior more randomic.
Reported-by: Xiumei Mu <xmu@redhat.com>
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Fixes: c09551c6ff7f ("net: ipv4: use a dedicated counter for icmp_v4 redirect packets")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'mm/Makefile')
0 files changed, 0 insertions, 0 deletions