From patchwork Thu Feb 8 15:40:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eelco Chaudron X-Patchwork-Id: 870911 X-Patchwork-Delegate: ian.stokes@intel.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3zcj8M1K4mz9s7v for ; Fri, 9 Feb 2018 02:40:50 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id BAB3B122F; Thu, 8 Feb 2018 15:40:46 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id BA153121C for ; Thu, 8 Feb 2018 15:40:45 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5D55A5E5 for ; Thu, 8 Feb 2018 15:40:45 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 79B9B404008D; Thu, 8 Feb 2018 15:40:44 +0000 (UTC) Received: from rhvm.com (ovpn-116-254.ams2.redhat.com [10.36.116.254]) by smtp.corp.redhat.com (Postfix) with ESMTP id C9AB42026E04; Thu, 8 Feb 2018 15:40:43 +0000 (UTC) From: Eelco Chaudron To: dev@openvswitch.org Date: Thu, 8 Feb 2018 16:40:38 +0100 Message-Id: <550161ff4e3892d21bcbe9b8f0fb2bbe8e2025b5.1518104026.git.echaudro@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Thu, 08 Feb 2018 15:40:44 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Thu, 08 Feb 2018 15:40:44 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'echaudro@redhat.com' RCPT:'' X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_LOW, T_RP_MATCHES_RCVD autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: e@erig.me Subject: [ovs-dev] [PATCH v2 1/1] userspace: Add IPv6 extension header parsing for tunnels X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org While OVS userspace datapath (OVS-DPDK) supports GREv6, it does not inter-operate with a native Linux ip6gretap tunnel. This is because the Linux driver uses IPv6 optional headers for the Tunnel Encapsulation Limit (RFC 2473, section 6.6). OVS userspace simply does not parse these IPv6 extension headers inside netdev_tnl_ip_extract_tnl_md(), as such popping the tunnel leaves extra bytes resulting in a mangled decapsulated frame. The change below will parse the IPv6 "next header" chain and return the offset to the upper layer protocol. v1->v2 - Remove netdev_tnl_ip6_get_upperlayer_offset() and reused existing parse_ipv6_ext_hdrs() function. Signed-off-by: Eelco Chaudron Tested-by: Eric Garver --- lib/netdev-native-tnl.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/lib/netdev-native-tnl.c b/lib/netdev-native-tnl.c index fb5eab033..4f520a0f9 100644 --- a/lib/netdev-native-tnl.c +++ b/lib/netdev-native-tnl.c @@ -115,6 +115,10 @@ netdev_tnl_ip_extract_tnl_md(struct dp_packet *packet, struct flow_tnl *tnl, *hlen += IP_HEADER_LEN; } else if (IP_VER(ip->ip_ihl_ver) == 6) { + const void *ip6_data; + size_t ip6_size; + uint8_t nw_proto; + uint8_t nw_frag; ovs_be32 tc_flow = get_16aligned_be32(&ip6->ip6_flow); memcpy(tnl->ipv6_src.s6_addr, ip6->ip6_src.be16, sizeof ip6->ip6_src); @@ -125,6 +129,20 @@ netdev_tnl_ip_extract_tnl_md(struct dp_packet *packet, struct flow_tnl *tnl, *hlen += IPV6_HEADER_LEN; + ip6_data = ip6 + 1; + ip6_size = l3_size - IPV6_HEADER_LEN; + nw_proto = ip6->ip6_nxt; + nw_frag = 0; + + if (!parse_ipv6_ext_hdrs(&ip6_data, &ip6_size, &nw_proto, &nw_frag) || + nw_frag != 0) { + VLOG_WARN_RL(&err_rl, + "ipv6 packet has unsupported extension headers"); + return NULL; + } + + *hlen += l3_size - IPV6_HEADER_LEN - ip6_size; + } else { VLOG_WARN_RL(&err_rl, "ipv4 packet has invalid version (%d)", IP_VER(ip->ip_ihl_ver));