From patchwork Wed Feb 20 16:17:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Darrell Ball X-Patchwork-Id: 1045440 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="C7CMcsin"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 444N9l5md4z9s5c for ; Thu, 21 Feb 2019 03:20:11 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 88E132C69; Wed, 20 Feb 2019 16:20:08 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id BAC862BF3 for ; Wed, 20 Feb 2019 16:17:28 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pg1-f178.google.com (mail-pg1-f178.google.com [209.85.215.178]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 7AAAB7FC for ; Wed, 20 Feb 2019 16:17:28 +0000 (UTC) Received: by mail-pg1-f178.google.com with SMTP id 196so221771pgf.13 for ; Wed, 20 Feb 2019 08:17:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id; bh=UGl0x3D2tnAMzqt0Hk9fwbdaK7cuCejUjn6uks1YvN0=; b=C7CMcsinjX7Ky8/74ZAeXTIMgyLpwqQ6/sbgZr+ceWAIrLDyvgBrBErJeFRvr7yBQ9 KjocaeqJlUHO5udYY9vdWA1JjWWm93ZI9S1bFhRZExI7I31tiQCAyRxlNhzf8f83fkc5 bSUHBKXCzpUe6OueZ/pGAzc9Lv6+2U5x1hpl/oQ81FI+HxRFuGVA580VPfGgkmIeBObf KEyn9jsSrHZHjrpEvZP+0LleEV3A3u4vxH7jpq+Ge8tV9IaSOGlDul99Jm+jE/6gbssN MQh3vnE6oZQekTkuWQCHW72ctz3GiCx5fpHBMbEfYkLHl1o41xopeAPFvXxZJFpgk9So g+lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id; bh=UGl0x3D2tnAMzqt0Hk9fwbdaK7cuCejUjn6uks1YvN0=; b=Kga8VML5gYey90h1CQbegJniQX+e4JhUOG9QLVwUmDksomoMGmDvrmsWuxTz6PtQTW dHWFKifv0e6mUs9pu3GD9+zV4Q0L3LhtX4iudEmMB+Dmjxv/wDO4zHtWABjAUrqZyiF0 eM2MgR4S69kYivL/oEUplmmvZCwkDPfSKQtzmdlVJAYX55SsGW4TFWbfSGoteKED0Sjp YUHLKcNzJtoR5RsE0DM26eIt7UHha7HyM88GFVeiIq7B4Y6Qr8o3JtFabJRhBix4iWbY uoG3G3J2zYCuIOOJs9rpUQnZQWK7wdLbzRgg/j/YGew4YjkjIDbUPL1IuBS21Fxcsyks BU/g== X-Gm-Message-State: AHQUAuZ4Ywakv5djWu4GaA/k/Qi1vBkv4xwQS/NrWwTO/hAj+NUuUdFo WVQFydmX2HJ8pr2dqeghRjryEP10 X-Google-Smtp-Source: AHgI3IZMCiI6clIDSsy+9Z7NMon6dR1JMh5YkMqvRnAjlFMyVKwJ6rwN437KJad0HZ5KRHDRe2SLAQ== X-Received: by 2002:a65:6294:: with SMTP id f20mr29453707pgv.174.1550679447999; Wed, 20 Feb 2019 08:17:27 -0800 (PST) Received: from ubuntu.localdomain (c-76-102-76-212.hsd1.ca.comcast.net. [76.102.76.212]) by smtp.gmail.com with ESMTPSA id q207sm212713pgq.88.2019.02.20.08.17.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 20 Feb 2019 08:17:27 -0800 (PST) From: Darrell Ball To: dlu998@gmail.com, dev@openvswitch.org Date: Wed, 20 Feb 2019 08:17:14 -0800 Message-Id: <1550679439-95810-1-git-send-email-dlu998@gmail.com> X-Mailer: git-send-email 1.9.1 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [patch v3 1/6] ipf: Misc Cleanup. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Signed-off-by: Darrell Ball --- lib/ipf.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/ipf.c b/lib/ipf.c index df5196f..125a815 100644 --- a/lib/ipf.c +++ b/lib/ipf.c @@ -456,7 +456,7 @@ ipf_reassemble_v6_frags(struct ipf_list *ipf_list) int rest_len = frag_list[ipf_list->last_inuse_idx].end_data_byte - frag_list[1].start_data_byte + 1; - if (pl + rest_len > IPV4_PACKET_MAX_SIZE) { + if (pl + rest_len > IPV6_PACKET_MAX_DATA) { ipf_print_reass_packet( "Unsupported big reassembled v6 packet; v6 hdr:", l3); dp_packet_delete(pkt); @@ -530,8 +530,6 @@ ipf_list_state_transition(struct ipf *ipf, struct ipf_list *ipf_list, case IPF_LIST_STATE_LAST_SEEN: if (ff) { next_state = IPF_LIST_STATE_FIRST_LAST_SEEN; - } else if (lf) { - next_state = IPF_LIST_STATE_LAST_SEEN; } else { next_state = IPF_LIST_STATE_LAST_SEEN; } @@ -765,7 +763,7 @@ ipf_list_key_eq(const struct ipf_list_key *key1, static struct ipf_list * ipf_list_key_lookup(struct ipf *ipf, const struct ipf_list_key *key, uint32_t hash) - /* OVS_REQUIRES(ipf->ipf_lock) */ + OVS_REQUIRES(ipf->ipf_lock) { struct ipf_list *ipf_list; HMAP_FOR_EACH_WITH_HASH (ipf_list, node, hash, &ipf->frag_lists) { From patchwork Wed Feb 20 16:17:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Darrell Ball X-Patchwork-Id: 1045445 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="my9ZcjN7"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 444NBT1780z9s5c for ; Thu, 21 Feb 2019 03:20:49 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 4EB752C6D; Wed, 20 Feb 2019 16:20:09 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 828272BF3 for ; Wed, 20 Feb 2019 16:17:29 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pf1-f194.google.com (mail-pf1-f194.google.com [209.85.210.194]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 47A9C7E9 for ; Wed, 20 Feb 2019 16:17:29 +0000 (UTC) Received: by mail-pf1-f194.google.com with SMTP id d25so3784301pfn.8 for ; Wed, 20 Feb 2019 08:17:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=aHZ5wBhOWfXKUTBW56CgA89Wc/HRzemjz8ZCbHJ9jTg=; b=my9ZcjN7U9Q2SvpoHV+uGA/onUJWTSUomv/3GQ12cFvqVI9wEQPXRW3tDw0YVZdgNo qrS+Z/OLmgPRRdG611wWp4r8rcGgjRaH8PbRDT8L72bxCEVyEVmmb9Yafo0m0pfIIfu8 kE5sBlmLB+wAZQC2Eaa7aLzcljYLROktGcwZSaLoamtKaAks0ysphBp45qz1o7mu82qB rf+u8am1Vhk4lIYrJPOEaHt06b5AsXHzSqcMVreKoPRI5TIRTn0an8ZndmShTeMyV9Pa J0cclnOkjK0OjQrPZFVyTGSsEYAGuuDwodLGWrtkR95a7J9YgfIfAg8hvlXFKLzeQTXk rwsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=aHZ5wBhOWfXKUTBW56CgA89Wc/HRzemjz8ZCbHJ9jTg=; b=lI3L6kviQZtC5V2+yyRUneGwHbnO+XzyfGG/mMJKi9lODk2IS5W7OvGi1smQJMneVe ljNxZiFQ4zcbRBvOgvpvchXRqhRpFwMVWYHCFwVvNtw5JXTz1xEC/aIb9WjdTFt/XAsf hKNuAS1eN/to1Hsb5tNBdVZL+nQARa7fVRIgLIhSKJDKLZnZOzf5yEeuowU0ahCAOouB LEhdNr+lW6QS5r5COO1d6db0mL79VC4amogCPDzF4CwBIe66Zjhlj5E9RmFVWNihzTqH UdwESYvwRUhk/E6USRv9k4Q+U2aA8lqJg7WfbMDY61mvJ6S3jFyNp+jBl18jpCIFcOqT GxfQ== X-Gm-Message-State: AHQUAuaUn1PySP5WNCa7bcgnMoiTykZQEkUHYGrxpLu+akl4+UwRylZw vnJLdZysWyFrO9AMZlrdSj6V4neJ X-Google-Smtp-Source: AHgI3IYXsyshuBPETys4QDrdvekhi6SlBLH1PEekBet7DiAv1gpD12wm2sUSWZZoCqzGrYorT6+5SA== X-Received: by 2002:a63:2147:: with SMTP id s7mr23287421pgm.361.1550679448868; Wed, 20 Feb 2019 08:17:28 -0800 (PST) Received: from ubuntu.localdomain (c-76-102-76-212.hsd1.ca.comcast.net. [76.102.76.212]) by smtp.gmail.com with ESMTPSA id q207sm212713pgq.88.2019.02.20.08.17.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 20 Feb 2019 08:17:28 -0800 (PST) From: Darrell Ball To: dlu998@gmail.com, dev@openvswitch.org Date: Wed, 20 Feb 2019 08:17:15 -0800 Message-Id: <1550679439-95810-2-git-send-email-dlu998@gmail.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1550679439-95810-1-git-send-email-dlu998@gmail.com> References: <1550679439-95810-1-git-send-email-dlu998@gmail.com> X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [patch v3 2/6] ipf: Do not preallocate more than needed. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org ipf_reassemble_v4_frags() and ipf_reassemble_v6_frags() are preallocating more than needed for the reassembled packet. Signed-off-by: Darrell Ball --- v3: Add minor optimization. lib/ipf.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/ipf.c b/lib/ipf.c index 125a815..a4608af 100644 --- a/lib/ipf.c +++ b/lib/ipf.c @@ -420,15 +420,16 @@ ipf_reassemble_v4_frags(struct ipf_list *ipf_list) return NULL; } - dp_packet_prealloc_tailroom(pkt, len + rest_len); + dp_packet_prealloc_tailroom(pkt, rest_len); for (int i = 1; i <= ipf_list->last_inuse_idx; i++) { size_t add_len = frag_list[i].end_data_byte - frag_list[i].start_data_byte + 1; - len += add_len; const char *l4 = dp_packet_l4(frag_list[i].pkt); dp_packet_put(pkt, l4, add_len); } + + len += rest_len; l3 = dp_packet_l3(pkt); ovs_be16 new_ip_frag_off = l3->ip_frag_off & ~htons(IP_MORE_FRAGMENTS); l3->ip_csum = recalc_csum16(l3->ip_csum, l3->ip_frag_off, @@ -463,16 +464,16 @@ ipf_reassemble_v6_frags(struct ipf_list *ipf_list) return NULL; } - dp_packet_prealloc_tailroom(pkt, pl + rest_len); + dp_packet_prealloc_tailroom(pkt, rest_len); for (int i = 1; i <= ipf_list->last_inuse_idx; i++) { size_t add_len = frag_list[i].end_data_byte - frag_list[i].start_data_byte + 1; - pl += add_len; const char *l4 = dp_packet_l4(frag_list[i].pkt); dp_packet_put(pkt, l4, add_len); } + pl += rest_len; l3 = dp_packet_l3(pkt); uint8_t nw_proto = l3->ip6_nxt; From patchwork Wed Feb 20 16:17:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Darrell Ball X-Patchwork-Id: 1045447 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="c53/nS1g"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 444NC72Xy9z9s5c for ; Thu, 21 Feb 2019 03:21:23 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 17CB52C72; Wed, 20 Feb 2019 16:20:10 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 714412BF3 for ; Wed, 20 Feb 2019 16:17:30 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 32A417E9 for ; Wed, 20 Feb 2019 16:17:30 +0000 (UTC) Received: by mail-pg1-f179.google.com with SMTP id r124so12101131pgr.3 for ; Wed, 20 Feb 2019 08:17:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=HLPySlQlvIWHY5DzgAcBjQP5DIZdD1Y336RGRtY7GUo=; b=c53/nS1gCoJubliM35wZFIMIKYRAIxenMSnWmZiA8X9Ubw/GW63NTAwrV+LFpb3HwU Nb96tE2YCKWxQ7JUg/1CD0AgY4EeGF4zKEIQOUxACvXIein61sKuGrlm8d2gItWnMEyA /OdBLdzO4m1hFHVu6SmlyKBa1i639oLHWfScNOgnlgKfrlrLAU27a+3pRBkxsYQQx88Q Tq0Lpy48gvCiQvsKpw/RblPaEKmnvt1qrR6vvUuGgPiI4pj04IyYn6gnBzgPe+XXZwwK XL2VT5a9xF7LJ1iY1/HLejD3gTnft4cXGAJ6QUDojMLEWXOByX1u5h2k0Ebv+Q7apyA1 ffbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=HLPySlQlvIWHY5DzgAcBjQP5DIZdD1Y336RGRtY7GUo=; b=md9hSf3IH8bh+ZfNvUJw8SciFir7GtxmEIAxoaZdwkQBEz5Q+H/lsxqx6/rs0SbMIb WRXuJcs8B08os6LV4Ce0JtB5iipHvPHzwXHh7nSxLfAQOeZwqY4Yj8D9GtX3t4e0bEbA tDM09lpv4INphxGYlZ7EJLhpP4Z2H0e+MODfsju3m3oPABT1sBKHKJOvRnoa9Q61JoSH gYclxgKsV415Yv47cL/7dVXW5XugP0OIb2ICOOTwJmkA3uWbNCfcIgmfA5KXMY+W4z9n Rli8QY/P+MGpkdVW7c+0AG7djcBy1USVJlkN8c5j8yOmj/DDuXMAp00Od/2TDsF4Gey1 MA3Q== X-Gm-Message-State: AHQUAuZTaq85riL58YpRQstBcF/INxNwjdmDQNJa767zQDL+QKuaGkFu xWYGK6W6lIpyRH6xf3+gmT4= X-Google-Smtp-Source: AHgI3IbvfxzufSZ8TpGyBqGThRR5keU3X2hnMWD0KhAyQEdnejy6ygHmPRuSSzRYnITq5TfqKFioMw== X-Received: by 2002:a63:e80e:: with SMTP id s14mr29882368pgh.30.1550679449824; Wed, 20 Feb 2019 08:17:29 -0800 (PST) Received: from ubuntu.localdomain (c-76-102-76-212.hsd1.ca.comcast.net. [76.102.76.212]) by smtp.gmail.com with ESMTPSA id q207sm212713pgq.88.2019.02.20.08.17.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 20 Feb 2019 08:17:29 -0800 (PST) From: Darrell Ball To: dlu998@gmail.com, dev@openvswitch.org Date: Wed, 20 Feb 2019 08:17:16 -0800 Message-Id: <1550679439-95810-3-git-send-email-dlu998@gmail.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1550679439-95810-1-git-send-email-dlu998@gmail.com> References: <1550679439-95810-1-git-send-email-dlu998@gmail.com> X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [patch v3 3/6] ipf: Check minimum fragment against L3 size. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Fixes: 4ea96698f667 ("Userspace datapath: Add fragmentation handling.") Signed-off-by: Darrell Ball --- v3: Update documentation. lib/dpctl.man | 2 +- lib/ipf.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/dpctl.man b/lib/dpctl.man index f22029f..1ff3511 100644 --- a/lib/dpctl.man +++ b/lib/dpctl.man @@ -230,7 +230,7 @@ supported for the userspace datapath. . .TP \*(DX\fBipf\-set\-min\-frag\fR [\fIdp\fR] \fBv4\fR|\fBv6\fR \fIminfrag\fR -Sets the minimum fragment size for non-final fragments to +Sets the minimum fragment size (L3 header and data) for non-final fragments to \fIminfrag\fR. Either \fBv4\fR or \fBv6\fR must be specified. For enhanced DOS security, higher minimum fragment sizes can usually be used. The default IPv4 value is 1200 and the clamped minimum is 400. The default diff --git a/lib/ipf.c b/lib/ipf.c index a4608af..acddc02 100644 --- a/lib/ipf.c +++ b/lib/ipf.c @@ -613,7 +613,7 @@ ipf_is_valid_v4_frag(struct ipf *ipf, struct dp_packet *pkt) uint32_t min_v4_frag_size_; atomic_read_relaxed(&ipf->min_v4_frag_size, &min_v4_frag_size_); bool lf = ipf_is_last_v4_frag(pkt); - if (OVS_UNLIKELY(!lf && dp_packet_size(pkt) < min_v4_frag_size_)) { + if (OVS_UNLIKELY(!lf && dp_packet_l3_size(pkt) < min_v4_frag_size_)) { ipf_count(ipf, false, IPF_NFRAGS_TOO_SMALL); goto invalid_pkt; } @@ -693,7 +693,7 @@ ipf_is_valid_v6_frag(struct ipf *ipf, struct dp_packet *pkt) atomic_read_relaxed(&ipf->min_v6_frag_size, &min_v6_frag_size_); bool lf = ipf_is_last_v6_frag(ip6f_offlg); - if (OVS_UNLIKELY(!lf && dp_packet_size(pkt) < min_v6_frag_size_)) { + if (OVS_UNLIKELY(!lf && dp_packet_l3_size(pkt) < min_v6_frag_size_)) { ipf_count(ipf, true, IPF_NFRAGS_TOO_SMALL); goto invalid_pkt; } From patchwork Wed Feb 20 16:17:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Darrell Ball X-Patchwork-Id: 1045449 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="KKVFtY30"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 444NCl1hbwz9s5c for ; Thu, 21 Feb 2019 03:21:55 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id DE4CC2C62; Wed, 20 Feb 2019 16:20:10 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id D500F2BF3 for ; Wed, 20 Feb 2019 16:17:31 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pg1-f196.google.com (mail-pg1-f196.google.com [209.85.215.196]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 260877E9 for ; Wed, 20 Feb 2019 16:17:31 +0000 (UTC) Received: by mail-pg1-f196.google.com with SMTP id s198so12106950pgs.2 for ; Wed, 20 Feb 2019 08:17:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=IBSqt9oUSvJBgVNGs9OMfxvMeWIVZOfbKTIMDIs7uos=; b=KKVFtY30bXWBFIBphpM/9cx2/NbtJ/Oj1/rvOYpf64kC1l9gxc4kUbI7GrRLy5Cp95 pWz0Q0ViAk4uwbrY5hF2O3ejTdNQH+oNOkvMvKO30xnPKSHBbfHZMIGNYJjwedDnxR+9 DsmszYQp0/3if0K5pMiJL/7/NBkCnZQauCBDwNrmQ09Qo5Qapa4Miu1hXA4AP9eYWK6B vNoa0EP2PVRRL46ZCzW8IJw8Ti1AyNuWLHkYC8qzDeLL0o1NvH73DOOM2pAxFChoPBZp 4FQaLAqYLk2SpVfQLWczrjRj6B5aGU/GkoRK5rExg8/WUuo2P+fcPs74x2Y8lmFold3f dQ2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=IBSqt9oUSvJBgVNGs9OMfxvMeWIVZOfbKTIMDIs7uos=; b=X5dTnKlKi6PgqAzxgaBcCHPYUzOK4Wpow6KM11wcOPl699Tt6XcUfQPH1ggTs0NRwL FY1Szf2z/1osGzcC5iqXqlMz5ULo7m+xYPZHyB7qHiqzQnFbA2CmGE3IM0qSwngF0UQE HCgmIMQB1N7jvvfhcjJmqUwlfh4gDU7hjhNbuotAa7f45SroPSsZW28VoU7EpJmb4GbU opEapEWuj6lXbH/e//xrMXC0efQrCiwfrxmauQYdQZEw0Z0oiikV5qYRLJ1e+/if/SVe KWywFJSYgAzuUYG7OVIigcqC0UAvBbbBOqs8EoKHVjjFw0Yb7vY7fnbJaAE/nhiSdqqp A7SA== X-Gm-Message-State: AHQUAuakf1cHV3bJG/JLNPE88eiC6dmVgBvPFtaOiP+Egk+a1q6ga8Wt Wiys+1mpgqUoJRF3yMk2ejc= X-Google-Smtp-Source: AHgI3IbrtLk9p3yAlFfWytduak05XwZrywNdp859GTXlwfwILlllADt825J9ZYVoq1N8Xvm3Fj9adw== X-Received: by 2002:a62:1981:: with SMTP id 123mr35383217pfz.69.1550679450694; Wed, 20 Feb 2019 08:17:30 -0800 (PST) Received: from ubuntu.localdomain (c-76-102-76-212.hsd1.ca.comcast.net. [76.102.76.212]) by smtp.gmail.com with ESMTPSA id q207sm212713pgq.88.2019.02.20.08.17.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 20 Feb 2019 08:17:30 -0800 (PST) From: Darrell Ball To: dlu998@gmail.com, dev@openvswitch.org Date: Wed, 20 Feb 2019 08:17:17 -0800 Message-Id: <1550679439-95810-4-git-send-email-dlu998@gmail.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1550679439-95810-1-git-send-email-dlu998@gmail.com> References: <1550679439-95810-1-git-send-email-dlu998@gmail.com> X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [patch v3 4/6] tests: Fix udp checksums for some tests. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Also, enable the kernel side tests since these will pass now. Signed-off-by: Darrell Ball --- v3: Enable tests for kernel Associated 4 system tests will fail until patches 5 and 6 of the series; tests could otherwise be disabled in this patch then re-enabled in patch 6. tests/system-kmod-macros.at | 8 -------- tests/system-traffic.at | 12 ++++-------- tests/system-userspace-macros.at | 5 ----- 3 files changed, 4 insertions(+), 21 deletions(-) diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at index 1057e34..87f99a6 100644 --- a/tests/system-kmod-macros.at +++ b/tests/system-kmod-macros.at @@ -93,14 +93,6 @@ m4_define([CHECK_CONNTRACK_FRAG_OVERLAP], AT_SKIP_IF([:]) ]) -# CHECK_CONNTRACK_FRAG_IPV6_MULT_EXTEN() -# -# The kernel does not support fragments with multiple extension headers. -m4_define([CHECK_CONNTRACK_FRAG_IPV6_MULT_EXTEN], -[ - AT_SKIP_IF([:]) -]) - # CHECK_CONNTRACK_NAT() # # Perform requirements checks for running conntrack NAT tests. The kernel diff --git a/tests/system-traffic.at b/tests/system-traffic.at index 6da5ac8..d1f8c10 100644 --- a/tests/system-traffic.at +++ b/tests/system-traffic.at @@ -2888,7 +2888,6 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 fragmentation, multiple extension headers]) CHECK_CONNTRACK() -CHECK_CONNTRACK_FRAG_IPV6_MULT_EXTEN() OVS_TRAFFIC_VSWITCHD_START() DPCTL_SET_MIN_FRAG_SIZE() @@ -2899,7 +2898,7 @@ ADD_VETH(p1, at_ns1, br0, "fc00::2/96") # Add different extension headers AT_DATA([bundle.txt], [dnl -packet-out in_port=1, packet=50540000000a50540000000986dd60000000019800fffc000000000000000000000000000001fc0000000000000000000000000000022c000000000000001100000100000001000100020008d62c00010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607, actions=ct(commit) +packet-out in_port=1, packet=50540000000a50540000000986dd60000000019800fffc000000000000000000000000000001fc0000000000000000000000000000022c000000000000001100000100000001000100020008e04000010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607, actions=ct(commit) packet-out in_port=1, packet=50540000000a50540000000986dd60000000002c00fffc000000000000000000000000000001fc0000000000000000000000000000022c00000000000000110001880000000100010002000800000001020304050607080900010203040506070809, actions=ct(commit) ]) @@ -2914,7 +2913,6 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 fragmentation, multiple extension headers + out of order]) CHECK_CONNTRACK() -CHECK_CONNTRACK_FRAG_IPV6_MULT_EXTEN() OVS_TRAFFIC_VSWITCHD_START() DPCTL_SET_MIN_FRAG_SIZE() @@ -2926,7 +2924,7 @@ ADD_VETH(p1, at_ns1, br0, "fc00::2/96") # Add different extension headers AT_DATA([bundle.txt], [dnl packet-out in_port=1, packet=50540000000a50540000000986dd60000000002c00fffc000000000000000000000000000001fc0000000000000000000000000000022c00000000000000110001880000000100010002000800000001020304050607080900010203040506070809, actions=ct(commit) -packet-out in_port=1, packet=50540000000a50540000000986dd60000000019800fffc000000000000000000000000000001fc0000000000000000000000000000022c000000000000001100000100000001000100020008d62c00010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607, actions=ct(commit) +packet-out in_port=1, packet=50540000000a50540000000986dd60000000019800fffc000000000000000000000000000001fc0000000000000000000000000000022c000000000000001100000100000001000100020008e04000010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607, actions=ct(commit) ]) AT_CHECK([ovs-ofctl bundle br0 bundle.txt]) @@ -2940,7 +2938,6 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 fragmentation, multiple extension headers 2]) CHECK_CONNTRACK() -CHECK_CONNTRACK_FRAG_IPV6_MULT_EXTEN() OVS_TRAFFIC_VSWITCHD_START() DPCTL_SET_MIN_FRAG_SIZE() @@ -2951,7 +2948,7 @@ ADD_VETH(p1, at_ns1, br0, "fc00::2/96") # Add different extension headers AT_DATA([bundle.txt], [dnl -packet-out in_port=1, packet=50540000000a50540000000986dd60000000019800fffc000000000000000000000000000001fc0000000000000000000000000000022c000000050200001100000100000001000100020008d62c00010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607, actions=ct(commit) +packet-out in_port=1, packet=50540000000a50540000000986dd60000000019800fffc000000000000000000000000000001fc0000000000000000000000000000022c000000050200001100000100000001000100020008e04000010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607, actions=ct(commit) packet-out in_port=1, packet=50540000000a50540000000986dd60000000002c00fffc000000000000000000000000000001fc0000000000000000000000000000022c00000005020000110001880000000100010002000800000001020304050607080900010203040506070809, actions=ct(commit) ]) @@ -2966,7 +2963,6 @@ AT_CLEANUP AT_SETUP([conntrack - IPv6 fragmentation, multiple extension headers 2 + out of order]) CHECK_CONNTRACK() -CHECK_CONNTRACK_FRAG_IPV6_MULT_EXTEN() OVS_TRAFFIC_VSWITCHD_START() DPCTL_SET_MIN_FRAG_SIZE() @@ -2978,7 +2974,7 @@ ADD_VETH(p1, at_ns1, br0, "fc00::2/96") # Add different extension headers AT_DATA([bundle.txt], [dnl packet-out in_port=1, packet=50540000000a50540000000986dd60000000002c00fffc000000000000000000000000000001fc0000000000000000000000000000022c00000005020000110001880000000100010002000800000001020304050607080900010203040506070809, actions=ct(commit) -packet-out in_port=1, packet=50540000000a50540000000986dd60000000019800fffc000000000000000000000000000001fc0000000000000000000000000000022c000000050200001100000100000001000100020008d62c00010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607, actions=ct(commit) +packet-out in_port=1, packet=50540000000a50540000000986dd60000000019800fffc000000000000000000000000000001fc0000000000000000000000000000022c000000050200001100000100000001000100020008e04000010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607080900010203040506070809000102030405060708090001020304050607, actions=ct(commit) ]) AT_CHECK([ovs-ofctl bundle br0 bundle.txt]) diff --git a/tests/system-userspace-macros.at b/tests/system-userspace-macros.at index 4ea55ea..5cebe58 100644 --- a/tests/system-userspace-macros.at +++ b/tests/system-userspace-macros.at @@ -89,11 +89,6 @@ m4_define([CHECK_CONNTRACK_LOCAL_STACK], # The userspace datapath supports fragment overlap check. m4_define([CHECK_CONNTRACK_FRAG_OVERLAP]) -# CHECK_CONNTRACK_FRAG_IPV6_MULT_EXTEN -# -# The userspace datapath supports fragments with multiple extension headers. -m4_define([CHECK_CONNTRACK_FRAG_IPV6_MULT_EXTEN]) - # CHECK_CONNTRACK_NAT() # # Perform requirements checks for running conntrack NAT tests. The userspace From patchwork Wed Feb 20 16:17:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Darrell Ball X-Patchwork-Id: 1045451 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="e6cwT2nh"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 444NDN1vk3z9s5c for ; Thu, 21 Feb 2019 03:22:28 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 99A0D2C7B; Wed, 20 Feb 2019 16:20:11 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 2A0C92BF3 for ; Wed, 20 Feb 2019 16:17:32 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pg1-f196.google.com (mail-pg1-f196.google.com [209.85.215.196]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id DC4717E9 for ; Wed, 20 Feb 2019 16:17:31 +0000 (UTC) Received: by mail-pg1-f196.google.com with SMTP id m1so12081891pgq.8 for ; Wed, 20 Feb 2019 08:17:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=lULv/9k1+jDzL7zVIz1hBjEsiTxmmZdXxDpZ18IfFDE=; b=e6cwT2nh30OGD//Hb2Ik8fi5PKpxK7mdRdpkC2JGJIZvyYjFXdVo3PM+p72wpMp3xH xqUy5i9clHPwzsD9Inuz6YbON0f8WG+0W0VWSe2x1zq+pMLIs1FvnaijdgyME28Hb9/J n7FMSDYTeMnw72dJ7avIOysc32qHvU/YaEWFrjKtqDlK8gwKDXDKUtsQPr4XzgG2cPMa 582uFckVU3Tt35mDDBMxvPLBNfXeRqbWELKvGjuWt4JPwC7al4Ehb0rL04IBUVPZl444 JtaHJkGhi83Epd9/lrGfvWhpBqlkKaWTHRDh8a8pWHN7gtvr0U5auM2UAuaiue/m06ix zkRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=lULv/9k1+jDzL7zVIz1hBjEsiTxmmZdXxDpZ18IfFDE=; b=VLd9YVMOB206SW8yFuEQR0F1RIO9YR+flPqSBhC/bePuF7pwtJz6duu2XToGBFOV3O WT5NyvluK6q7DQWn3hN6PiU936mvVS78prYH8CL6oNRypPbqPErinx9+2mMCMPJBa6c1 SP0GF0mJRg+Z03ERZnaEcJKxZvNNQr4CnJ8GNXUFZCxK1f3LVnZFh9c8jsI5lYoetyiK yixHQrjHyQVphdgOcWDB2nZY6eed52Wz6b6iwRNI/bNlyIK1LqDIbkH88y3QxTMFJ7pS UTkKhshvvn+QCiVbnnXYkNRS8qrFHTqoyQb4jW+EV/xZZU6ANP3Dx7nOgL05zjTS/C2+ T8Dg== X-Gm-Message-State: AHQUAube66prW+MpPZo/4UaUxtlgZzpZptYoxWBwEWxsYv1tUIyccm3A 3fuz1FVtpCZquw12u7zCgsGQVV72 X-Google-Smtp-Source: AHgI3Iay0ZQXKiGjMIROZZTT3acda/WsN8bL7ysYWMOayP2XcCrOBrO4jELOCclxUv8zo0i25wm31Q== X-Received: by 2002:a63:bf4c:: with SMTP id i12mr30072813pgo.382.1550679451599; Wed, 20 Feb 2019 08:17:31 -0800 (PST) Received: from ubuntu.localdomain (c-76-102-76-212.hsd1.ca.comcast.net. [76.102.76.212]) by smtp.gmail.com with ESMTPSA id q207sm212713pgq.88.2019.02.20.08.17.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 20 Feb 2019 08:17:31 -0800 (PST) From: Darrell Ball To: dlu998@gmail.com, dev@openvswitch.org Date: Wed, 20 Feb 2019 08:17:18 -0800 Message-Id: <1550679439-95810-5-git-send-email-dlu998@gmail.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1550679439-95810-1-git-send-email-dlu998@gmail.com> References: <1550679439-95810-1-git-send-email-dlu998@gmail.com> X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [patch v3 5/6] ipf: Handle non-zero L2 padding for first fragments. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Fixes: 4ea96698f667 ("Userspace datapath: Add fragmentation handling.") Signed-off-by: Darrell Ball --- Following system tests will fail until patch 6 of the series; tests could otherwise be disabled in patch 4 then re-enabled in patch 6. conntrack - IPv6 fragmentation, multiple extension headers conntrack - IPv6 fragmentation, multiple extension headers + out of order conntrack - IPv6 fragmentation, multiple extension headers 2 conntrack - IPv6 fragmentation, multiple extension headers 2 + out of order lib/ipf.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/ipf.c b/lib/ipf.c index acddc02..97d5b58 100644 --- a/lib/ipf.c +++ b/lib/ipf.c @@ -407,6 +407,7 @@ ipf_reassemble_v4_frags(struct ipf_list *ipf_list) { struct ipf_frag *frag_list = ipf_list->frag_list; struct dp_packet *pkt = dp_packet_clone(frag_list[0].pkt); + dp_packet_set_size(pkt, dp_packet_size(pkt) - dp_packet_l2_pad_size(pkt)); struct ip_header *l3 = dp_packet_l3(pkt); int len = ntohs(l3->ip_tot_len); @@ -451,6 +452,7 @@ ipf_reassemble_v6_frags(struct ipf_list *ipf_list) { struct ipf_frag *frag_list = ipf_list->frag_list; struct dp_packet *pkt = dp_packet_clone(frag_list[0].pkt); + dp_packet_set_size(pkt, dp_packet_size(pkt) - dp_packet_l2_pad_size(pkt)); struct ovs_16aligned_ip6_hdr *l3 = dp_packet_l3(pkt); int pl = ntohs(l3->ip6_plen) - sizeof(struct ovs_16aligned_ip6_frag); From patchwork Wed Feb 20 16:17:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Darrell Ball X-Patchwork-Id: 1045452 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="nNrFeV+p"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 444NDw1ZLJz9s5c for ; Thu, 21 Feb 2019 03:22:56 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 6AAE72C81; Wed, 20 Feb 2019 16:20:12 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 450EB2BF3 for ; Wed, 20 Feb 2019 16:17:33 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pf1-f193.google.com (mail-pf1-f193.google.com [209.85.210.193]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id EFEFD7E9 for ; Wed, 20 Feb 2019 16:17:32 +0000 (UTC) Received: by mail-pf1-f193.google.com with SMTP id u9so4874070pfn.1 for ; Wed, 20 Feb 2019 08:17:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=DEmCqqnvjI1CTCvPNTM1H1NPFjZAXpCyWfyqLpVhiQU=; b=nNrFeV+p3nMWoQsaqm49ntGgMIdz6DJOMA23+QBZRmB0liHDxRaby113dNSBaMH8o6 +kwO1EKHDcdC5AqQfMvFnfnber4o/yG3XZ9c4261+9zYJFbjfSlJeDXV65WFdwKZLBu1 oEbMRClj3LtVLryuqWzEM/cymLdj5ETLReyHXT7k87Igu3W+FHZJ1WTIvXLjZy0JZuU1 DxYwifO+MynmmdUfxAPvik4c+pmVmPPYh7bbLiGsJL0H50h6Qcx8B34bgeX9ftmsW/cj +QI7WPERdazYZGi24/FPhQfjPPJ42J911ELoA7u5Pi4YoMdTCHJdVGOd+gyLwlg+ECEO cHhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=DEmCqqnvjI1CTCvPNTM1H1NPFjZAXpCyWfyqLpVhiQU=; b=lm0bpxeGjyJaj/l8IhD6LwCDi0tXD7kWoXb/qJMp+5EMg57e0YdaggpaOBueWo0tTG tdNFLU4zKToU74wZz2pWCj0zzCy7XLVS+HpV6MJL3H0q9ZTiiMnlPllfkPle5vOys8Ai NzTPMgZCPnGPJG+Qxdv8g5hb+8XnGUzXhoeSUr8KWeHcpHKjrxdk4d2BqR6GLEuyrycT Ys9Piz0Nw9SeMhM2mlnJIt2m0BkICDzZqjRwgXBHtWdGfaaDplv1wqjuw0QC+RDVZSI/ y69SQFwlCkfpes3wfmupKAT/m8QLG1qq5AFaYCK0HvVWNNlgsqr1LH3PC3nsjf0mNgXK Z4Tw== X-Gm-Message-State: AHQUAuZZXypS3gPUB7GNcpbpd3jSVx2pbN9rv+6bJg/oSjN14BDS1xRH masXHwZCEfpSlkwE3XRPn+E= X-Google-Smtp-Source: AHgI3Ia6ryMq1NN3gFzHGqG0qP0cOLh79lDUnUn/TiEn9g/ThCyPid6VNVMP2wHHbryd3z3VZ1UUrg== X-Received: by 2002:a62:1d0c:: with SMTP id d12mr35593900pfd.126.1550679452591; Wed, 20 Feb 2019 08:17:32 -0800 (PST) Received: from ubuntu.localdomain (c-76-102-76-212.hsd1.ca.comcast.net. [76.102.76.212]) by smtp.gmail.com with ESMTPSA id q207sm212713pgq.88.2019.02.20.08.17.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 20 Feb 2019 08:17:32 -0800 (PST) From: Darrell Ball To: dlu998@gmail.com, dev@openvswitch.org Date: Wed, 20 Feb 2019 08:17:19 -0800 Message-Id: <1550679439-95810-6-git-send-email-dlu998@gmail.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1550679439-95810-1-git-send-email-dlu998@gmail.com> References: <1550679439-95810-1-git-send-email-dlu998@gmail.com> X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [patch v3 6/6] conntrack: Fix L4 csum for V6 extension hdr pkts. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org It is a day one issue that got copied to the FTP handling code. Fixes: a489b16854b5 ("conntrack: New userspace connection tracker.") Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.") CC: Daniele Di Proietto Signed-off-by: Darrell Ball --- v3: New patch. lib/conntrack.c | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/lib/conntrack.c b/lib/conntrack.c index 4d76552..d605382 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -686,10 +686,10 @@ reverse_nat_packet(struct dp_packet *pkt, const struct conn *conn) &conn->key.dst.addr.ipv6, true); } reverse_pat_packet(pkt, conn); - uint32_t icmp6_csum = packet_csum_pseudoheader6(nh6); icmp6->icmp6_base.icmp6_cksum = 0; - icmp6->icmp6_base.icmp6_cksum = csum_finish( - csum_continue(icmp6_csum, icmp6, tail - (char *) icmp6 - pad)); + icmp6->icmp6_base.icmp6_cksum = packet_csum_upperlayer6( + nh6, icmp6, IPPROTO_ICMPV6, + tail - (char *) icmp6 - pad); } pkt->l3_ofs = orig_l3_ofs; pkt->l4_ofs = orig_l4_ofs; @@ -1595,15 +1595,14 @@ checksum_valid(const struct conn_key *key, const void *data, size_t size, if (key->dl_type == htons(ETH_TYPE_IP)) { csum = packet_csum_pseudoheader(l3); + csum = csum_finish(csum_continue(csum, data, size)); } else if (key->dl_type == htons(ETH_TYPE_IPV6)) { - csum = packet_csum_pseudoheader6(l3); + csum = packet_csum_upperlayer6(l3, data, key->nw_proto, size); } else { return false; } - csum = csum_continue(csum, data, size); - - return csum_finish(csum) == 0; + return csum == 0; } static inline bool @@ -3261,16 +3260,14 @@ handle_ftp_ctl(struct conntrack *ct, const struct conn_lookup_ctx *ctx, } th->tcp_csum = 0; - uint32_t tcp_csum; if (ctx->key.dl_type == htons(ETH_TYPE_IPV6)) { - tcp_csum = packet_csum_pseudoheader6(nh6); + th->tcp_csum = packet_csum_upperlayer6(nh6, th, ctx->key.nw_proto, + dp_packet_l4_size(pkt)); } else { - tcp_csum = packet_csum_pseudoheader(l3_hdr); + uint32_t tcp_csum = packet_csum_pseudoheader(l3_hdr); + th->tcp_csum = csum_finish( + csum_continue(tcp_csum, th, dp_packet_l4_size(pkt))); } - const char *tail = dp_packet_tail(pkt); - uint8_t pad = dp_packet_l2_pad_size(pkt); - th->tcp_csum = csum_finish( - csum_continue(tcp_csum, th, tail - (char *) th - pad)); if (seq_skew) { conn_seq_skew_set(ct, &ec->key, now, seq_skew + ec->seq_skew,