This series fixes a couple of crashes that may occur due to the backports of the inet_fragment.c code from upstream. These are primarily related to cases where a fragment is received and cached in the OVS fragment handling code with a timer attached to expire it, then the OVS kernel module is removed before the timer fires. When the timer fires, it attempts to invoke a function residing within the memory that has been released by OVS, leading to the error "Fatal exception in interrupt".
These bugs are fairly easy to reproduce using the existing "system-traffic" testsuite in conjunction with the backported OVS kernel module in the tree. The first patch is a simple fix for an issue of this variety on IPv6. However, even for the IPv6 expiry test there is still another similar bug that can be triggered even with this patch. In the second patch, I reviewed how much of the fragmentation backport was strictly required for the IP/IPv6 fragmentation handling that we need to perform in OVS. There are multiple variations on the shared fragment handling logic upstream, primarily from kernels 3.10-3.17 and 3.17-4.2, but the internal kernel APIs have been consistent enough that with some minor touchups in how inet_fragment code is invoked, we can always rely on upstream versions of these functions. As such, this patch ripped out the majority of inet_fragment.c, leaving a little init/exit code remaining. This solves the remaining issues on updated kernel versions. Patches 3-6 do some additional cleanup of functions I noticed are available on supported kernels 3.10+. I tested this series on CentOS 3.10.0-327 and a variety of Ubuntu kernels 3.13-4.2. Note that the kernel testsuite will still trigger some issues on earlier Ubuntu 3.13 kernels (for example 3.13.0-24), however these are due to upstream kernel bugs that have been fixed in subsequent kernel updates. People using Ubuntu 14.04 should seriously consider upgrading their kernel to at least version 3.13.0-68 (if not newer) if they intend to use the OVS kernel module from the tree in conjunction with conntrack features. These bugs likely affect the branch-2.5 kernel module, although the kernel testsuite at that release did not include tests which would trigger the bugs so the issues are less obvious there. Once this has settled down I would like to consider patches 1-3 for backport. Joe Stringer (6): compat: Fix IPv6 frag expiry crash. compat: Simplify inet_fragment backports. compat: Remove ip6_expire_frag_queue(). compat: IPv6 fragmentation backport cleanups. compat: Remove inet_frag_evictor backport. compat: Only call nf_defrag_ipv[46]_enable() once. acinclude.m4 | 1 + datapath/linux/Modules.mk | 2 - datapath/linux/compat/include/linux/ipv6.h | 15 - datapath/linux/compat/include/net/inet_frag.h | 67 ++-- datapath/linux/compat/inet_fragment.c | 486 ++------------------------ datapath/linux/compat/ip_fragment.c | 45 ++- datapath/linux/compat/nf_conntrack_reasm.c | 67 ++-- datapath/linux/compat/reassembly.c | 110 ------ 8 files changed, 97 insertions(+), 696 deletions(-) delete mode 100644 datapath/linux/compat/include/linux/ipv6.h delete mode 100644 datapath/linux/compat/reassembly.c -- 2.9.0 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
