From patchwork Tue Nov 9 08:03:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wilson Peng X-Patchwork-Id: 1552773 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HpL8m3VnPz9sCD for ; Tue, 9 Nov 2021 19:03:52 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id E0B3680C80; Tue, 9 Nov 2021 08:03:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id szYObl_asVXf; Tue, 9 Nov 2021 08:03:49 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp1.osuosl.org (Postfix) with ESMTPS id 09CBB80B95; Tue, 9 Nov 2021 08:03:48 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id DB957C0019; Tue, 9 Nov 2021 08:03:47 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 08B16C000E for ; Tue, 9 Nov 2021 08:03:46 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id D7EB06069F for ; Tue, 9 Nov 2021 08:03:45 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id frNhIo3G__kp for ; Tue, 9 Nov 2021 08:03:44 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from EX13-EDG-OU-002.vmware.com (ex13-edg-ou-002.vmware.com [208.91.0.190]) by smtp3.osuosl.org (Postfix) with ESMTPS id A338860608 for ; Tue, 9 Nov 2021 08:03:44 +0000 (UTC) Received: from sc9-mailhost3.vmware.com (10.113.161.73) by EX13-EDG-OU-002.vmware.com (10.113.208.156) with Microsoft SMTP Server id 15.0.1156.6; Tue, 9 Nov 2021 00:03:40 -0800 Received: from pweisong-a01.vmware.com.com (unknown [10.117.181.32]) by sc9-mailhost3.vmware.com (Postfix) with ESMTP id A331020480; Tue, 9 Nov 2021 00:03:42 -0800 (PST) From: Wilson Peng To: Date: Tue, 9 Nov 2021 16:03:39 +0800 Message-ID: <20211109080339.49219-1-pweisong@vmware.com> X-Mailer: git-send-email 2.24.3 (Apple Git-128) MIME-Version: 1.0 Received-SPF: None (EX13-EDG-OU-002.vmware.com: pweisong@vmware.com does not designate permitted sender hosts) Subject: [ovs-dev] [PATCH v1 1/1] datapath-windows: Reset flow key after Ipv4 fragments are reassembled X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" While testing OVS-windows flows for the Ip fragments, the traffic will be dropped As it may match incorrect OVS flow. From the code, after the Ipv4 fragments are Reassembled, it willl still use the flow key of the last Ipv4 fragments to match CT causing match error. Reported-at:https://github.com/openvswitch/ovs-issues/issues/232 Signed-off-by: Wilson Peng --- datapath-windows/ovsext/Conntrack.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/datapath-windows/ovsext/Conntrack.c b/datapath-windows/ovsext/Conntrack.c index 2610d626a..8d0e55eed 100644 --- a/datapath-windows/ovsext/Conntrack.c +++ b/datapath-windows/ovsext/Conntrack.c @@ -493,15 +493,33 @@ static __inline NDIS_STATUS OvsDetectCtPacket(OvsForwardingContext *fwdCtx, OvsFlowKey *key) { + NDIS_STATUS status = NDIS_STATUS_SUCCESS; + OvsFlowKey newFlowKey = { 0 }; + switch (ntohs(key->l2.dlType)) { case ETH_TYPE_IPV4: if (key->ipKey.nwFrag != OVS_FRAG_TYPE_NONE) { - return OvsProcessIpv4Fragment(fwdCtx->switchContext, + status = OvsProcessIpv4Fragment(fwdCtx->switchContext, &fwdCtx->curNbl, fwdCtx->completionList, fwdCtx->fwdDetail->SourcePortId, &fwdCtx->layers, key->tunKey.tunnelId); + if (status == NDIS_STATUS_SUCCESS) { + /*after the Ipv4 Fragment is reassembled, update flow key as + L3 and L4 headers are not correct */ + status = + OvsExtractFlow(fwdCtx->curNbl, fwdCtx->srcVportNo, + &newFlowKey, &fwdCtx->layers, + fwdCtx->tunKey.dst != 0 ? &fwdCtx->tunKey : NULL); + if (status != NDIS_STATUS_SUCCESS) { + OVS_LOG_INFO("Extract flow failed status %d Nbl %p", + status, fwdCtx->curNbl); + return status; + } + *key = newFlowKey; + } + return status; } if (key->ipKey.nwProto == IPPROTO_TCP || key->ipKey.nwProto == IPPROTO_UDP