From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 8 Jun 2021 17:58:45 +0000 (+0200)
Subject: 5.4-stable patches
X-Git-Tag: v4.4.272~5
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=281614a202a4a25e698cd405a93f99298dcb9f7f;p=thirdparty%2Fkernel%2Fstable-queue.git

5.4-stable patches

added patches:
	neighbour-allow-nud_noarp-entries-to-be-forced-gced.patch
---

diff --git a/queue-5.4/neighbour-allow-nud_noarp-entries-to-be-forced-gced.patch b/queue-5.4/neighbour-allow-nud_noarp-entries-to-be-forced-gced.patch
new file mode 100644
index 00000000000..c883753f385
--- /dev/null
+++ b/queue-5.4/neighbour-allow-nud_noarp-entries-to-be-forced-gced.patch
@@ -0,0 +1,37 @@
+From 7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f Mon Sep 17 00:00:00 2001
+From: David Ahern <dsahern@kernel.org>
+Date: Mon, 7 Jun 2021 11:35:30 -0600
+Subject: neighbour: allow NUD_NOARP entries to be forced GCed
+
+From: David Ahern <dsahern@kernel.org>
+
+commit 7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f upstream.
+
+IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to
+fill up the neighbour table with enough entries that it will overflow for
+valid connections after that.
+
+This behaviour is more prevalent after commit 58956317c8de ("neighbor:
+Improve garbage collection") is applied, as it prevents removal from
+entries that are not NUD_FAILED, unless they are more than 5s old.
+
+Fixes: 58956317c8de (neighbor: Improve garbage collection)
+Reported-by: Kasper Dupont <kasperd@gjkwv.06.feb.2021.kasperd.net>
+Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
+Signed-off-by: David Ahern <dsahern@kernel.org>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/core/neighbour.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/core/neighbour.c
++++ b/net/core/neighbour.c
+@@ -239,6 +239,7 @@ static int neigh_forced_gc(struct neigh_
+ 
+ 			write_lock(&n->lock);
+ 			if ((n->nud_state == NUD_FAILED) ||
++			    (n->nud_state == NUD_NOARP) ||
+ 			    (tbl->is_multicast &&
+ 			     tbl->is_multicast(n->primary_key)) ||
+ 			    time_after(tref, n->updated))
diff --git a/queue-5.4/series b/queue-5.4/series
index 120342e69eb..5dbbaa6eff8 100644
--- a/queue-5.4/series
+++ b/queue-5.4/series
@@ -75,3 +75,4 @@ x86-kvm-disable-all-pv-features-on-crash.patch
 lib-lz4-explicitly-support-in-place-decompression.patch
 xen-pciback-redo-vf-placement-in-the-virtual-topology.patch
 i2c-qcom-geni-suspend-and-resume-the-bus-during-system_sleep_pm-ops.patch
+neighbour-allow-nud_noarp-entries-to-be-forced-gced.patch