[ovs-dev] [PATCH] compat: Initialize IPv4 reassembly secret timer

Yi-Hung Wei yihung.wei at gmail.com
Fri Jul 20 21:00:30 UTC 2018


On Thu, Jul 19, 2018 at 6:48 PM, Greg Rose <gvrose8192 at gmail.com> wrote:
> The RHEL 7 kernels expect the secret timer interval to be initialized
> before calling the inet_frags_init() function.  By not initializing it
> the inet_frags_secret_rebuild() function was running on every tick
> rather than on the expected interval.  This caused occasional panics
> from page faults when inet_frags_secret_rebuild() would try to rearm a
> timer from the openvswitch kernel module which had just been removed.
Thanks Greg for the patch.  The bug hides much deeper than I would expect.

> Also remove the prior, and now unnecessary, work around.
>
> VMware BZ 2094203
A minor nit, maybe VMware-BZ: #2094203

> --- a/datapath/linux/compat/ip_fragment.c
> +++ b/datapath/linux/compat/ip_fragment.c
> @@ -812,6 +812,9 @@ int __init rpl_ipfrag_init(void)
>  #ifdef HAVE_INET_FRAGS_WITH_FRAGS_WORK
>         ip4_frags.frags_cache_name = ip_frag_cache_name;
>  #endif
> +#if RHEL_RELEASE_CODE < RHEL_RELEASE_VERSION(8,0)
> +       ip4_frags.secret_interval = 10 * 60 * HZ;
> +#endif
This is a great catch!  Looks like we remove the secret_interval in
net-next commit
e3a57d18b061 ("inet: frag: remove periodic secret rebuild timer")
But somehow RHEL kernel still retain this field, and the
secret_interval was set to 10 * 60 * HZ.

I would recommend to set 'secret_interval' by grepping this filed in
'struct inet_frags' rather than by kernel version. So that if RHEL 8
kernel still have this field, your fix will apply.

> --- a/datapath/linux/compat/nf_conntrack_reasm.c
> +++ b/datapath/linux/compat/nf_conntrack_reasm.c
> @@ -643,6 +643,9 @@ int rpl_nf_ct_frag6_init(void)
>  #ifdef HAVE_INET_FRAGS_WITH_FRAGS_WORK
>         nf_frags.frags_cache_name = nf_frags_cache_name;
>  #endif
> +#if RHEL_RELEASE_CODE < RHEL_RELEASE_VERSION(8,0)
> +       nf_frags.secret_interval = 10 * 60 * HZ;
> +#endif
Same for here.

-Yi-Hung


More information about the dev mailing list