From patchwork Sat Jan  5 21:44:03 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Romain KUNTZ <r.kuntz@ipflavors.com>
X-Patchwork-Id: 209701
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 215FE2C0086
	for <patchwork-incoming@ozlabs.org>;
	Sun,  6 Jan 2013 08:44:13 +1100 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1755898Ab3AEVoH (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Sat, 5 Jan 2013 16:44:07 -0500
Received: from mail-wg0-f52.google.com ([74.125.82.52]:44307 "EHLO
	mail-wg0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755865Ab3AEVoG convert rfc822-to-8bit (ORCPT
	<rfc822;netdev@vger.kernel.org>); Sat, 5 Jan 2013 16:44:06 -0500
Received: by mail-wg0-f52.google.com with SMTP id 12so8540133wgh.19
	for <netdev@vger.kernel.org>; Sat, 05 Jan 2013 13:44:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=ipflavors.com; s=google;
	h=x-received:content-type:mime-version:subject:from:in-reply-to:date
	:cc:content-transfer-encoding:message-id:references:to:x-mailer;
	bh=XLbxsd9cbKRGp0BZgbpcA3BO4NQvmJmueGTcKro1oYc=;
	b=IwLg4FU48blMZuPAbzsJ0kWXPhEfymPYf8PhnUU/xFxgV8qNoXxB9RnIX59fWuH26f
	T/5g6MZoYtwWwF8i7BKeauUO1ustPZxKCYxsR/+6RR9ncXyblAHWXGeV+UwoIh4KgWIS
	NQ6kc4YR7XkcKWd8J5OSsFyBNsnurpKE0ixqQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=x-received:content-type:mime-version:subject:from:in-reply-to:date
	:cc:content-transfer-encoding:message-id:references:to:x-mailer
	:x-gm-message-state;
	bh=XLbxsd9cbKRGp0BZgbpcA3BO4NQvmJmueGTcKro1oYc=;
	b=Mzj5VhLCHs5SICkZU8V9ZTwWtz/6c1Ym5GhokRSBTk0jhV/U+NzzQpPSkegYx45pds
	YLTfOlEbjVj4xL9yFONaJLxg0z2H/pJYp+UhWqGb1dx+ijF4UUaiTu3HGNszZ4BgsaUv
	xvGAKrpnH1uoxoMFMO/vpl1HgBkYmHDl99/agetaWm4YiIOtZSmW1iQs6YQj+wcqyItE
	S5XSrJCnxBEXgSiR/EsLMRoo/rvGegikiiexa/jLvG23hfFVO85zsGbUp2dI6MO2upp9
	GMdTDkOv3Cu9svaVyJCdtPvgAmjwMHM5Du7r6FDqRCDEIc8NKiK6KDHqniTl0STgLKmj
	Y+Og==
X-Received: by 10.180.84.131 with SMTP id z3mr3180573wiy.25.1357422244006;
	Sat, 05 Jan 2013 13:44:04 -0800 (PST)
Received: from [192.168.1.11] (bro67-1-87-91-122-114.dsl.sta.abo.bbox.fr.
	[87.91.122.114])
	by mx.google.com with ESMTPS id t17sm5684502wiv.6.2013.01.05.13.44.02
	(version=TLSv1/SSLv3 cipher=OTHER);
	Sat, 05 Jan 2013 13:44:03 -0800 (PST)
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
Subject: Re: [PATCH 1/2] ipv6: avoid blackhole and prohibited entries upon
	prefix purge [v2]
From: Romain KUNTZ <r.kuntz@ipflavors.com>
In-Reply-To: <1357415941.1678.4163.camel@edumazet-glaptop>
Date: Sat, 5 Jan 2013 22:44:03 +0100
Cc: Eric Dumazet <eric.dumazet@gmail.com>, yoshfuji@linux-ipv6.org,
	davem@davemloft.net
Message-Id: <2A507F9D-3D53-475F-8FA9-9E6CFEE9C97A@ipflavors.com>
References: <0CC79564-4AF2-42F9-8D06-1BCC912A1AF7@ipflavors.com>
	<1357415941.1678.4163.camel@edumazet-glaptop>
To: "netdev@vger.kernel.org" <netdev@vger.kernel.org>
X-Mailer: Apple Mail (2.1499)
X-Gm-Message-State: 
 ALoCoQkjr8pNxJr7o+WVVgBXgwJJCKu5+U8kDz4t9tHNU6n7lL06qRPjO2RI6bYlJ8tnzwB8zqqC
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Mobile IPv6 provokes a kernel Oops since commit 64c6d08e (ipv6:
del unreachable route when an addr is deleted on lo), because
ip6_route_lookup() may also return blackhole and prohibited
entry. However, these entries have a NULL rt6i_table argument,
which provokes an Oops in __ip6_del_rt() when trying to lock
rt6i_table->tb6_lock.

Beside, when purging a prefix, blakhole and prohibited entries
should not be selected because they are not what we are looking
for.

We fix this by adding two new lookup flags (RT6_LOOKUP_F_NO_BLK_HOLE
and RT6_LOOKUP_F_NO_PROHIBIT) in order to ensure that such entries
are skipped during lookup and that the correct entry is returned.

[v2]: use 'goto out;' instead of 'goto again;' to avoid unnecessary
oprations on rt (as suggested by Eric Dumazet).

Signed-off-by: Romain Kuntz <r.kuntz@ipflavors.com>
---
 include/net/ip6_route.h |    2 ++
 net/ipv6/addrconf.c     |    4 +++-
 net/ipv6/fib6_rules.c   |    4 ++++
 3 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h
index 27d8318..3c93743 100644
--- a/include/net/ip6_route.h
+++ b/include/net/ip6_route.h
@@ -30,6 +30,8 @@ struct route_info {
 #define RT6_LOOKUP_F_SRCPREF_TMP	0x00000008
 #define RT6_LOOKUP_F_SRCPREF_PUBLIC	0x00000010
 #define RT6_LOOKUP_F_SRCPREF_COA	0x00000020
+#define RT6_LOOKUP_F_NO_BLK_HOLE	0x00000040
+#define RT6_LOOKUP_F_NO_PROHIBIT	0x00000080
 
 /*
  * rt6_srcprefs2flags() and rt6_flags2srcprefs() translate
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 408cac4a..1891e23 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -948,7 +948,9 @@ static void ipv6_del_addr(struct inet6_ifaddr *ifp)
 		fl6.flowi6_oif = ifp->idev->dev->ifindex;
 		fl6.daddr = prefix;
 		rt = (struct rt6_info *)ip6_route_lookup(net, &fl6,
-							 RT6_LOOKUP_F_IFACE);
+						RT6_LOOKUP_F_IFACE |
+						RT6_LOOKUP_F_NO_BLK_HOLE |
+						RT6_LOOKUP_F_NO_PROHIBIT);
 
 		if (rt != net->ipv6.ip6_null_entry &&
 		    addrconf_is_prefix_route(rt)) {
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
index 2e1a432..9b48128 100644
--- a/net/ipv6/fib6_rules.c
+++ b/net/ipv6/fib6_rules.c
@@ -64,9 +64,13 @@ static int fib6_rule_action(struct fib_rule *rule, struct flowi *flp,
 		goto discard_pkt;
 	default:
 	case FR_ACT_BLACKHOLE:
+		if (flags & RT6_LOOKUP_F_NO_BLK_HOLE)
+			goto out;
 		rt = net->ipv6.ip6_blk_hole_entry;
 		goto discard_pkt;
 	case FR_ACT_PROHIBIT:
+		if (flags & RT6_LOOKUP_F_NO_PROHIBIT)
+			goto out;
 		rt = net->ipv6.ip6_prohibit_entry;
 		goto discard_pkt;
 	}