Go to file
Matteo Croce 258bbb1b0e icmp: don't fail on fragment reassembly time exceeded
The ICMP implementation currently replies to an ICMP time exceeded message
(type 11) with an ICMP host unreachable message (type 3, code 1).

However, time exceeded messages can either represent "time to live exceeded
in transit" (code 0) or "fragment reassembly time exceeded" (code 1).

Unconditionally replying to "fragment reassembly time exceeded" with
host unreachable messages might cause unjustified connection resets
which are now easily triggered as UFO has been removed, because, in turn,
sending large buffers triggers IP fragmentation.

The issue can be easily reproduced by running a lot of UDP streams
which is likely to trigger IP fragmentation:

  # start netserver in the test namespace
  ip netns add test
  ip netns exec test netserver

  # create a VETH pair
  ip link add name veth0 type veth peer name veth0 netns test
  ip link set veth0 up
  ip -n test link set veth0 up

  for i in $(seq 20 29); do
      # assign addresses to both ends
      ip addr add dev veth0 192.168.$i.1/24
      ip -n test addr add dev veth0 192.168.$i.2/24

      # start the traffic
      netperf -L 192.168.$i.1 -H 192.168.$i.2 -t UDP_STREAM -l 0 &
  done

  # wait
  send_data: data send error: No route to host (errno 113)
  netperf: send_omni: send_data failed: No route to host

We need to differentiate instead: if fragment reassembly time exceeded
is reported, we need to silently drop the packet,
if time to live exceeded is reported, maintain the current behaviour.
In both cases increment the related error count "icmpInTimeExcds".

While at it, fix a typo in a comment, and convert the if statement
into a switch to mate it more readable.

Signed-off-by: Matteo Croce <mcroce@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-10-14 11:05:26 -07:00
arch Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-10-09 20:11:09 -07:00
block bsg-lib: fix use-after-free under memory-pressure 2017-10-04 08:35:04 -06:00
certs
crypto crypto: af_alg - update correct dst SGL entry 2017-09-20 17:42:42 +08:00
Documentation Work continues in various areas: 2017-10-11 10:15:01 -07:00
drivers ravb: Consolidate clock handling 2017-10-12 23:00:50 -07:00
firmware
fs NFS client bugfixes for Linux 4.14 2017-10-09 10:55:37 -07:00
include tipc: receive group membership events via member socket 2017-10-13 08:46:00 -07:00
init
ipc fix a typo in put_compat_shm_info() 2017-09-25 20:41:46 -04:00
kernel bpf: remove redundant variable old_flags 2017-10-11 20:22:34 -07:00
lib once: switch to new jump label API 2017-10-09 20:26:23 -07:00
mm mm/memory_hotplug: define find_{smallest|biggest}_section_pfn as unsigned long 2017-10-03 17:54:26 -07:00
net icmp: don't fail on fragment reassembly time exceeded 2017-10-14 11:05:26 -07:00
samples bpf: add a test case for helper bpf_perf_prog_read_value 2017-10-07 23:05:57 +01:00
scripts Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-10-05 18:19:22 -07:00
security lsm: fix smack_inode_removexattr and xattr_getsecurity memleak 2017-10-04 18:03:15 +11:00
sound sound fixes for 4.14-rc4 2017-10-05 10:39:29 -07:00
tools selftests: rtnetlink: add a small macsec test case 2017-10-12 23:05:55 -07:00
usr
virt Revert "KVM: Don't accept obviously wrong gsi values via KVM_IRQFD" 2017-09-19 08:37:17 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap Update James Hogan's email address 2017-10-04 17:11:53 -07:00
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS Work continues in various areas: 2017-10-11 10:15:01 -07:00
Makefile Linux 4.14-rc4 2017-10-08 20:53:29 -07:00
README

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.