Re: git: 50fa27e795ea - main - netinet6: fix interface handling for loopback traffic

Reply: Bjoern A. Zeeb: "Re: git: 50fa27e795ea - main - netinet6: fix interface handling for loopback traffic"
In reply to: Bjoern A. Zeeb: "Re: git: 50fa27e795ea - main - netinet6: fix interface handling for loopback traffic"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Alexander V. Chernikov <melifaro_at_ipfw.ru>
Date: Sun, 10 Jul 2022 14:18:13 UTC


> On 10 Jul 2022, at 14:32, Bjoern A. Zeeb <bz@FreeBSD.org> wrote:
> 
> On Sun, 10 Jul 2022, Alexander V. Chernikov wrote:
> 
>> The branch main has been updated by melifaro:
>> 
>> URL: https://cgit.FreeBSD.org/src/commit/?id=50fa27e795eaae97dae87ac4532799f7aea87e9f
>> 
>> commit 50fa27e795eaae97dae87ac4532799f7aea87e9f
>> Author: Alexander V. Chernikov <melifaro@FreeBSD.org>
>> AuthorDate: 2022-07-10 12:27:23 +0000
>> Commit: Alexander V. Chernikov <melifaro@FreeBSD.org>
>> CommitDate: 2022-07-10 12:47:47 +0000
>> 
>> netinet6: fix interface handling for loopback traffic
>> 
>> Currently, processing of IPv6 local traffic is partially broken:
>> link-local connection fails and global unicast connect() takes
>> 3 seconds to complete.
>> This happens due to the combination of multiple factors.
>> IPv6 code passes original interface "origifp" when passing
>> traffic via loopack to retain the scope that is mandatory for the
>> correct hadling of link-local traffic. First problem is that the logic
>> of passing source interface is not working correcly for TCP connections,
>> resulting in passing "origifp" on the first 2 connection attempts and
>> lo0 on the subsequent ones. Second problem is that source address
>> validation logic skips its checks iff the source interface is loopback,
>> which doesn't cover "origifp" case.
>> More detailed description is available at https://reviews.freebsd.org/D35732
>> 
>> Fix the first problem by untangling&simplifying ifp/origifp logic.
>> Fix the second problem by switching source address validation check to
>> using M_LOOP mbuf flag instead of interface type.
>> 
>> PR: 265089
>> Reviewed by: ae, bz(previous version)
> 
> I did not review, I had only commented on D35117.
Sorry, I chose a wrong wording for mentioning the discussion happened.
Do you prefer me to rollback/commit with an updated message?
> 
> 
>> Differential Revision: https://reviews.freebsd.org/D35732
>> MFC after: 2 weeks
>> ---
>> sys/netinet6/ip6_input.c | 2 +-
>> sys/netinet6/ip6_output.c | 61 ++++++++++++++++++-----------------
>> tests/sys/netinet6/test_ip6_output.py | 4 +--
>> 3 files changed, 35 insertions(+), 32 deletions(-)
> 
> -- 
> Bjoern A. Zeeb r15:7