Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/1370074/?format=api
{ "id": 1370074, "url": "http://patchwork.ozlabs.org/api/patches/1370074/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/patch/20200923201815.388347-1-zenczykowski@gmail.com/", "project": { "id": 7, "url": "http://patchwork.ozlabs.org/api/projects/7/?format=api", "name": "Linux network development", "link_name": "netdev", "list_id": "netdev.vger.kernel.org", "list_email": "netdev@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20200923201815.388347-1-zenczykowski@gmail.com>", "list_archive_url": null, "date": "2020-09-23T20:18:15", "name": "[v3] net/ipv4: always honour route mtu during forwarding", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "3092abf766cae6eef5b26453a7ad96b87181c4a0", "submitter": { "id": 2960, "url": "http://patchwork.ozlabs.org/api/people/2960/?format=api", "name": "Maciej Żenczykowski", "email": "zenczykowski@gmail.com" }, "delegate": { "id": 34, "url": "http://patchwork.ozlabs.org/api/users/34/?format=api", "username": "davem", "first_name": "David", "last_name": "Miller", "email": "davem@davemloft.net" }, "mbox": "http://patchwork.ozlabs.org/project/netdev/patch/20200923201815.388347-1-zenczykowski@gmail.com/mbox/", "series": [ { "id": 203772, "url": "http://patchwork.ozlabs.org/api/series/203772/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/list/?series=203772", "date": "2020-09-23T20:18:15", "name": "[v3] net/ipv4: always honour route mtu during forwarding", "version": 3, "mbox": "http://patchwork.ozlabs.org/series/203772/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/1370074/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/1370074/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<netdev-owner@vger.kernel.org>", "X-Original-To": "patchwork-incoming-netdev@ozlabs.org", "Delivered-To": "patchwork-incoming-netdev@ozlabs.org", "Authentication-Results": [ "ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=23.128.96.18; helo=vger.kernel.org;\n envelope-from=netdev-owner@vger.kernel.org; receiver=<UNKNOWN>)", "ozlabs.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com", "ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256\n header.s=20161025 header.b=pO5v1itD;\n\tdkim-atps=neutral" ], "Received": [ "from vger.kernel.org (vger.kernel.org [23.128.96.18])\n\tby ozlabs.org (Postfix) with ESMTP id 4BxTyW6Djjz9sTH\n\tfor <patchwork-incoming-netdev@ozlabs.org>;\n Thu, 24 Sep 2020 06:18:27 +1000 (AEST)", "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n id S1726557AbgIWUSZ (ORCPT\n <rfc822;patchwork-incoming-netdev@ozlabs.org>);\n Wed, 23 Sep 2020 16:18:25 -0400", "from lindbergh.monkeyblade.net ([23.128.96.19]:59164 \"EHLO\n lindbergh.monkeyblade.net\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n with ESMTP id S1726381AbgIWUSY (ORCPT\n <rfc822;netdev@vger.kernel.org>); Wed, 23 Sep 2020 16:18:24 -0400", "from mail-pg1-x543.google.com (mail-pg1-x543.google.com\n [IPv6:2607:f8b0:4864:20::543])\n by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D2D4EC0613CE\n for <netdev@vger.kernel.org>; Wed, 23 Sep 2020 13:18:24 -0700 (PDT)", "by mail-pg1-x543.google.com with SMTP id p16so384783pgi.9\n for <netdev@vger.kernel.org>; Wed, 23 Sep 2020 13:18:24 -0700 (PDT)", "from athina.mtv.corp.google.com\n ([2620:15c:211:0:a28c:fdff:fee1:f370])\n by smtp.gmail.com with ESMTPSA id\n e10sm311196pjj.32.2020.09.23.13.18.23\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Wed, 23 Sep 2020 13:18:23 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=gmail.com; s=20161025;\n h=from:to:cc:subject:date:message-id:in-reply-to:references\n :mime-version:content-transfer-encoding;\n bh=boOIxhUxOHbOCqVTnoxAdSoDT3OVN0nOXlllUNKf4Lk=;\n b=pO5v1itDUPv8ky0LzVzzyajNFBb1ypuvxZ9UUPxjvENEsnkgGwb6JjmrseFmh0mMWJ\n nxAxqBswRWUruJY8lbw7WBjwiu36i8jw95C4E/o2U8yMD7Uo6Iy4HRfeMkQWcHEpkF+/\n iXzr+N8tS/QnQXPeD1TQcYlpAElS3LVcfk0tZRCmi/ucHaTJ1MYqiyGUj5llAHUQmng1\n 0ja6WuyUAIRjzksB+wD30bQfeD1GP3NcxaXhNzurRmq6310gpBMx0851axLYx0Yy3vVe\n Gn47gtDIM4x/P7hha2FbbXMcxZTbu3M0ujNEzMNF5V3HCQZlwmoBAkhs99vjdwNvwCKN\n HpJw==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20161025;\n h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to\n :references:mime-version:content-transfer-encoding;\n bh=boOIxhUxOHbOCqVTnoxAdSoDT3OVN0nOXlllUNKf4Lk=;\n b=YAajc71Um/sk9dRcJEX1haMHeey63hHZgDFHwe0MsHMvB8LvcSPuRUtq7SH6NODjg/\n qB5I82pVNajDW7kpKSmZpuvCyixLYKcFjQ2P1OWBT1FXjgytrCe6a2QkYRH7bHUJfJLE\n sfyXOvsDTzxV25mxkx7hFPb18VX8gEhR9Byy60OXQTdZZ2qubCXDvarvZ1HlZvu+J4cI\n XHoumn/hSNeDWM6QCQecMsJF0nMQUWkt3pqDRgAq9FpQtc/xSP9BQXQoXNF9o2zXFCTc\n 5SbKGSqVncjGrADRK9dSn5+4dbOPhAE5PWyDRhpnvh/ji+IcL/S2qz0dzYCXTjbB9OMm\n /Wjw==", "X-Gm-Message-State": "AOAM530Uoxw5wTghSv6ONTG5U2rnaXBL2KYZzjZuUW3YyFGFVmki2an4\n mvTCGDFti2iH1f2LtPwhH8M=", "X-Google-Smtp-Source": "\n ABdhPJy0Bq1y5NQbOvctNGDA8kb+sufrxVEtNfxErQjAHvvpiDfQXzSY0QONg7CsB4OcJqflAMN7pA==", "X-Received": "by 2002:a63:ff07:: with SMTP id k7mr1193434pgi.39.1600892304324;\n Wed, 23 Sep 2020 13:18:24 -0700 (PDT)", "From": "=?utf-8?q?Maciej_=C5=BBenczykowski?= <zenczykowski@gmail.com>", "To": "=?utf-8?q?Maciej_=C5=BBenczykowski?= <maze@google.com>,\n \"David S . Miller\" <davem@davemloft.net>", "Cc": "Linux Network Development Mailing List <netdev@vger.kernel.org>,\n Eric Dumazet <edumazet@google.com>,\n Willem de Bruijn <willemb@google.com>,\n Lorenzo Colitti <lorenzo@google.com>,\n Sunmeet Gill <sgill@quicinc.com>,\n Vinay Paradkar <vparadka@qti.qualcomm.com>,\n Tyler Wear <twear@quicinc.com>,\n David Ahern <dsahern@kernel.org>", "Subject": "[PATCH v3] net/ipv4: always honour route mtu during forwarding", "Date": "Wed, 23 Sep 2020 13:18:15 -0700", "Message-Id": "<20200923201815.388347-1-zenczykowski@gmail.com>", "X-Mailer": "git-send-email 2.28.0.681.g6f77f65b4e-goog", "In-Reply-To": "<10fbde1b-f852-2cc1-2e23-4c014931fed8@gmail.com>", "References": "<10fbde1b-f852-2cc1-2e23-4c014931fed8@gmail.com>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=UTF-8", "Content-Transfer-Encoding": "8bit", "Precedence": "bulk", "List-ID": "<netdev.vger.kernel.org>", "X-Mailing-List": "netdev@vger.kernel.org" }, "content": "From: Maciej Żenczykowski <maze@google.com>\n\nDocumentation/networking/ip-sysctl.txt:46 says:\n ip_forward_use_pmtu - BOOLEAN\n By default we don't trust protocol path MTUs while forwarding\n because they could be easily forged and can lead to unwanted\n fragmentation by the router.\n You only need to enable this if you have user-space software\n which tries to discover path mtus by itself and depends on the\n kernel honoring this information. This is normally not the case.\n Default: 0 (disabled)\n Possible values:\n 0 - disabled\n 1 - enabled\n\nWhich makes it pretty clear that setting it to 1 is a potential\nsecurity/safety/DoS issue, and yet it is entirely reasonable to want\nforwarded traffic to honour explicitly administrator configured\nroute mtus (instead of defaulting to device mtu).\n\nIndeed, I can't think of a single reason why you wouldn't want to.\nSince you configured a route mtu you probably know better...\n\nIt is pretty common to have a higher device mtu to allow receiving\nlarge (jumbo) frames, while having some routes via that interface\n(potentially including the default route to the internet) specify\na lower mtu.\n\nNote that ipv6 forwarding uses device mtu unless the route is locked\n(in which case it will use the route mtu).\n\nThis approach is not usable for IPv4 where an 'mtu lock' on a route\nalso has the side effect of disabling TCP path mtu discovery via\ndisabling the IPv4 DF (don't frag) bit on all outgoing frames.\n\nI'm not aware of a way to lock a route from an IPv6 RA, so that also\npotentially seems wrong.\n\nSigned-off-by: Maciej Żenczykowski <maze@google.com>\nCc: Eric Dumazet <edumazet@google.com>\nCc: Willem de Bruijn <willemb@google.com>\nCc: Lorenzo Colitti <lorenzo@google.com>\nCc: Sunmeet Gill (Sunny) <sgill@quicinc.com>\nCc: Vinay Paradkar <vparadka@qti.qualcomm.com>\nCc: Tyler Wear <twear@quicinc.com>\nCc: David Ahern <dsahern@kernel.org>\n---\n include/net/ip.h | 6 ++++++\n 1 file changed, 6 insertions(+)", "diff": "diff --git a/include/net/ip.h b/include/net/ip.h\nindex b09c48d862cc..2a52787db64a 100644\n--- a/include/net/ip.h\n+++ b/include/net/ip.h\n@@ -436,12 +436,18 @@ static inline unsigned int ip_dst_mtu_maybe_forward(const struct dst_entry *dst,\n \t\t\t\t\t\t bool forwarding)\n {\n \tstruct net *net = dev_net(dst->dev);\n+\tunsigned int mtu;\n \n \tif (net->ipv4.sysctl_ip_fwd_use_pmtu ||\n \t ip_mtu_locked(dst) ||\n \t !forwarding)\n \t\treturn dst_mtu(dst);\n \n+\t/* 'forwarding = true' case should always honour route mtu */\n+\tmtu = dst_metric_raw(dst, RTAX_MTU);\n+\tif (mtu)\n+\t\treturn mtu;\n+\n \treturn min(READ_ONCE(dst->dev->mtu), IP_MAX_MTU);\n }\n \n", "prefixes": [ "v3" ] }