d/numam-dpdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
c2bd208a90
numam-dpdk/lib/librte_ip_frag/rte_ipv6_reassembly.c

219 lines
6.0 KiB
C
Raw Normal View History

lib: use SPDX tag for Intel copyright files Replace the BSD license header with the SPDX tag for files with only an Intel copyright on them. Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
2017-12-19 15:49:03 +00:00
/* SPDX-License-Identifier: BSD-3-Clause
* Copyright(c) 2010-2014 Intel Corporation
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
*/
#include <stddef.h>
#include <rte_memcpy.h>
#include "ip_frag_common.h"
/**
* @file
* IPv6 reassemble
*
* Implementation of IPv6 reassembly.
*
*/
ip_frag: custom memmove Some implementations of memmove may make a copy of src before writing to dst. We avoid that by explicitly writing from src to dst backwards. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-06-18 14:50:33 +00:00
static inline void
ip_frag_memmove(char *dst, char *src, int len)
{
int i;
/* go backwards to make sure we don't overwrite anything important */
for (i = len - 1; i >= 0; i--)
dst[i] = src[i];
}
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
/*
* Reassemble fragments into one packet.
*/
struct rte_mbuf *
ip_frag: fix double free of chained mbufs If any fragment hole is found in ipv4_frag_reassemble() and ipv6_frag_reassemble(), whole ip_frag_pkt mbufs are moved to death-row. Any mbufs already chained to another mbuf are freed multiple times as there are still in ip_frag_pkt array. Signed-off-by: Chaeyong Chong <cychong@gmail.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2016-04-21 17:28:01 +00:00
ipv6_frag_reassemble(struct ip_frag_pkt *fp)
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
{
net: add rte prefix to IP structure Add 'rte_' prefix to structures: - rename struct ipv4_hdr as struct rte_ipv4_hdr. - rename struct ipv6_hdr as struct rte_ipv6_hdr. Signed-off-by: Olivier Matz <olivier.matz@6wind.com> Reviewed-by: Stephen Hemminger <stephen@networkplumber.org> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-05-21 16:13:10 +00:00
struct rte_ipv6_hdr *ip_hdr;
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
struct ipv6_extension_fragment *frag_hdr;
struct rte_mbuf *m, *prev;
uint32_t i, n, ofs, first_len;
uint32_t last_len, move_len, payload_len;
ip_frag: fix double free of chained mbufs If any fragment hole is found in ipv4_frag_reassemble() and ipv6_frag_reassemble(), whole ip_frag_pkt mbufs are moved to death-row. Any mbufs already chained to another mbuf are freed multiple times as there are still in ip_frag_pkt array. Signed-off-by: Chaeyong Chong <cychong@gmail.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2016-04-21 17:28:01 +00:00
uint32_t curr_idx = 0;
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
first_len = fp->frags[IP_FIRST_FRAG_IDX].len;
n = fp->last_idx - 1;
/*start from the last fragment. */
m = fp->frags[IP_LAST_FRAG_IDX].mb;
ofs = fp->frags[IP_LAST_FRAG_IDX].ofs;
last_len = fp->frags[IP_LAST_FRAG_IDX].len;
ip_frag: fix double free of chained mbufs If any fragment hole is found in ipv4_frag_reassemble() and ipv6_frag_reassemble(), whole ip_frag_pkt mbufs are moved to death-row. Any mbufs already chained to another mbuf are freed multiple times as there are still in ip_frag_pkt array. Signed-off-by: Chaeyong Chong <cychong@gmail.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2016-04-21 17:28:01 +00:00
curr_idx = IP_LAST_FRAG_IDX;
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
payload_len = ofs + last_len;
while (ofs != first_len) {
prev = m;
for (i = n; i != IP_FIRST_FRAG_IDX && ofs != first_len; i--) {
/* previous fragment found. */
if (fp->frags[i].ofs + fp->frags[i].len == ofs) {
ip_frag: check fragment length of incoming packet Under some conditions ill-formed fragments might cause reassembly code to corrupt mbufs and/or crash. Let say the following fragments sequence: <ofs=0,len=100, flags=MF> <ofs=96,len=100, flags=MF> <ofs=200,len=0,flags=MF> <ofs=200,len=100,flags=0> can trigger the problem. To overcome such situation, added check that fragment length of incoming value is greater than zero. Fixes: 601e279df074 ("ip_frag: move fragmentation/reassembly headers into a library") Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Cc: stable@dpdk.org Reported-by: Ryan E Hall <ryan.e.hall@intel.com> Reported-by: Alexander V Gutkin <alexander.v.gutkin@intel.com> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-11-05 12:18:57 +00:00
RTE_ASSERT(curr_idx != i);
mbuf: move chaining from ip_frag library Chaining/segmenting mbufs can be useful in many places, so make it global. Signed-off-by: Simon Kagstrom <simon.kagstrom@netinsight.net> Signed-off-by: Johan Faltstrom <johan.faltstrom@netinsight.net> Acked-by: Olivier Matz <olivier.matz@6wind.com>
2015-10-15 07:01:46 +00:00
/* adjust start of the last fragment data. */
ip_frag: check fragment length of incoming packet Under some conditions ill-formed fragments might cause reassembly code to corrupt mbufs and/or crash. Let say the following fragments sequence: <ofs=0,len=100, flags=MF> <ofs=96,len=100, flags=MF> <ofs=200,len=0,flags=MF> <ofs=200,len=100,flags=0> can trigger the problem. To overcome such situation, added check that fragment length of incoming value is greater than zero. Fixes: 601e279df074 ("ip_frag: move fragmentation/reassembly headers into a library") Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Cc: stable@dpdk.org Reported-by: Ryan E Hall <ryan.e.hall@intel.com> Reported-by: Alexander V Gutkin <alexander.v.gutkin@intel.com> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-11-05 12:18:57 +00:00
rte_pktmbuf_adj(m,
(uint16_t)(m->l2_len + m->l3_len));
mbuf: move chaining from ip_frag library Chaining/segmenting mbufs can be useful in many places, so make it global. Signed-off-by: Simon Kagstrom <simon.kagstrom@netinsight.net> Signed-off-by: Johan Faltstrom <johan.faltstrom@netinsight.net> Acked-by: Olivier Matz <olivier.matz@6wind.com>
2015-10-15 07:01:46 +00:00
rte_pktmbuf_chain(fp->frags[i].mb, m);
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
ip_frag: fix double free of chained mbufs If any fragment hole is found in ipv4_frag_reassemble() and ipv6_frag_reassemble(), whole ip_frag_pkt mbufs are moved to death-row. Any mbufs already chained to another mbuf are freed multiple times as there are still in ip_frag_pkt array. Signed-off-by: Chaeyong Chong <cychong@gmail.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2016-04-21 17:28:01 +00:00
/* this mbuf should not be accessed directly */
fp->frags[curr_idx].mb = NULL;
curr_idx = i;
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
/* update our last fragment and offset. */
m = fp->frags[i].mb;
ofs = fp->frags[i].ofs;
}
}
/* error - hole in the packet. */
if (m == prev) {
return NULL;
}
}
/* chain with the first fragment. */
mbuf: move chaining from ip_frag library Chaining/segmenting mbufs can be useful in many places, so make it global. Signed-off-by: Simon Kagstrom <simon.kagstrom@netinsight.net> Signed-off-by: Johan Faltstrom <johan.faltstrom@netinsight.net> Acked-by: Olivier Matz <olivier.matz@6wind.com>
2015-10-15 07:01:46 +00:00
rte_pktmbuf_adj(m, (uint16_t)(m->l2_len + m->l3_len));
rte_pktmbuf_chain(fp->frags[IP_FIRST_FRAG_IDX].mb, m);
ip_frag: fix double free of chained mbufs The first mbuf and the last mbuf to be visited in the preceding loop are not set to NULL in the fragmentation table. This creates the possibility of a double free when the fragmentation table is later freed with rte_ip_frag_table_destroy(). Fixes: 95908f52393d ("ip_frag: free mbufs on reassembly table destroy") Cc: stable@dpdk.org Signed-off-by: Allain Legacy <allain.legacy@windriver.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-03-19 14:25:23 +00:00
fp->frags[curr_idx].mb = NULL;
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
m = fp->frags[IP_FIRST_FRAG_IDX].mb;
ip_frag: fix double free of chained mbufs The first mbuf and the last mbuf to be visited in the preceding loop are not set to NULL in the fragmentation table. This creates the possibility of a double free when the fragmentation table is later freed with rte_ip_frag_table_destroy(). Fixes: 95908f52393d ("ip_frag: free mbufs on reassembly table destroy") Cc: stable@dpdk.org Signed-off-by: Allain Legacy <allain.legacy@windriver.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-03-19 14:25:23 +00:00
fp->frags[IP_FIRST_FRAG_IDX].mb = NULL;
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
/* update ipv6 header for the reassembled datagram */
net: add rte prefix to IP structure Add 'rte_' prefix to structures: - rename struct ipv4_hdr as struct rte_ipv4_hdr. - rename struct ipv6_hdr as struct rte_ipv6_hdr. Signed-off-by: Olivier Matz <olivier.matz@6wind.com> Reviewed-by: Stephen Hemminger <stephen@networkplumber.org> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-05-21 16:13:10 +00:00
ip_hdr = rte_pktmbuf_mtod_offset(m, struct rte_ipv6_hdr *, m->l2_len);
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
ip_hdr->payload_len = rte_cpu_to_be_16(payload_len);
/*
* remove fragmentation header. note that per RFC2460, we need to update
* the last non-fragmentable header with the "next header" field to contain
* type of the first fragmentable header, but we currently don't support
* other headers, so we assume there are no other headers and thus update
* the main IPv6 header instead.
*/
mbuf: flatten struct vlan_macip The vlan_macip structure combined a vlan tag id with l2 and l3 headers lengths for tracking offloads. However, this structure was only used as a unit by the e1000 and ixgbe drivers, not generally. This patch removes the structure from the mbuf header and places the fields into the mbuf structure directly at the required point, without any net effect on the structure layout. This allows us to treat the vlan tags and header length fields as separate for future mbuf changes. The drivers which were written to use the combined structure still do so, using a driver-local definition of it. Reduce perf regression caused by splitting vlan_macip field. This is done by providing a single uint16_t value to allow writing/clearing the l2 and l3 lengths together. There is still a small perf hit to the slow path TX due to the reads from vlan_tci and l2/l3 lengths being separated. (<5% in my tests with testpmd with no extra params). Unfortunately, this cannot be eliminated, without restoring the vlan tags and l2/l3 lengths as a combined 32-bit field. This would prevent us from ever looking to move those fields about and is an artificial tie that applies only for performance in igb and ixgbe drivers. Therefore, this patch keeps the vlan_tci field separate from the lengths as the best solution going forward. Signed-off-by: Bruce Richardson <bruce.richardson@intel.com> Acked-by: Olivier Matz <olivier.matz@6wind.com> Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2014-09-09 14:40:56 +00:00
move_len = m->l2_len + m->l3_len - sizeof(*frag_hdr);
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
frag_hdr = (struct ipv6_extension_fragment *) (ip_hdr + 1);
ip_hdr->proto = frag_hdr->next_header;
mbuf: use offset macro This patch simply applies the transform previously committed in scripts/cocci/mtod-offset.cocci. No other modifications have been made here. Signed-off-by: Cyril Chemparathy <cchemparathy@ezchip.com> Acked-by: Olivier Matz <olivier.matz@6wind.com>
2015-06-22 18:34:23 +00:00
ip_frag_memmove(rte_pktmbuf_mtod_offset(m, char *, sizeof(*frag_hdr)),
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
rte_pktmbuf_mtod(m, char*), move_len);
rte_pktmbuf_adj(m, sizeof(*frag_hdr));
return m;
}
/*
* Process new mbuf with fragment of IPV6 datagram.
* Incoming mbuf should have its l2_len/l3_len fields setup correctly.
* @param tbl
* Table where to lookup/add the fragmented packet.
* @param mb
* Incoming mbuf with IPV6 fragment.
* @param tms
* Fragment arrival timestamp.
* @param ip_hdr
* Pointer to the IPV6 header.
* @param frag_hdr
* Pointer to the IPV6 fragment extension header.
* @return
* Pointer to mbuf for reassembled packet, or NULL if:
fix typos using codespell utility Fixing typos across dpdk source code using codespell utility. Skipped the ethdev driver's base code fixes to keep the base code intact. Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com> Acked-by: John McNamara <john.mcnamara@intel.com>
2017-06-07 05:05:06 +00:00
* - an error occurred.
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
* - not all fragments of the packet are collected yet.
*/
#define MORE_FRAGS(x) (((x) & 0x100) >> 8)
#define FRAG_OFFSET(x) (rte_cpu_to_be_16(x) >> 3)
struct rte_mbuf *
rte_ipv6_frag_reassemble_packet(struct rte_ip_frag_tbl *tbl,
ip_frag: check fragment length of incoming packet Under some conditions ill-formed fragments might cause reassembly code to corrupt mbufs and/or crash. Let say the following fragments sequence: <ofs=0,len=100, flags=MF> <ofs=96,len=100, flags=MF> <ofs=200,len=0,flags=MF> <ofs=200,len=100,flags=0> can trigger the problem. To overcome such situation, added check that fragment length of incoming value is greater than zero. Fixes: 601e279df074 ("ip_frag: move fragmentation/reassembly headers into a library") Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Cc: stable@dpdk.org Reported-by: Ryan E Hall <ryan.e.hall@intel.com> Reported-by: Alexander V Gutkin <alexander.v.gutkin@intel.com> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-11-05 12:18:57 +00:00
struct rte_ip_frag_death_row *dr, struct rte_mbuf *mb, uint64_t tms,
net: add rte prefix to IP structure Add 'rte_' prefix to structures: - rename struct ipv4_hdr as struct rte_ipv4_hdr. - rename struct ipv6_hdr as struct rte_ipv6_hdr. Signed-off-by: Olivier Matz <olivier.matz@6wind.com> Reviewed-by: Stephen Hemminger <stephen@networkplumber.org> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com> Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-05-21 16:13:10 +00:00
struct rte_ipv6_hdr *ip_hdr, struct ipv6_extension_fragment *frag_hdr)
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
{
ip_frag: remove unneeded rte prefixes Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-06-18 14:50:28 +00:00
struct ip_frag_pkt *fp;
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
struct ip_frag_key key;
ip_frag: check fragment length of incoming packet Under some conditions ill-formed fragments might cause reassembly code to corrupt mbufs and/or crash. Let say the following fragments sequence: <ofs=0,len=100, flags=MF> <ofs=96,len=100, flags=MF> <ofs=200,len=0,flags=MF> <ofs=200,len=100,flags=0> can trigger the problem. To overcome such situation, added check that fragment length of incoming value is greater than zero. Fixes: 601e279df074 ("ip_frag: move fragmentation/reassembly headers into a library") Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Cc: stable@dpdk.org Reported-by: Ryan E Hall <ryan.e.hall@intel.com> Reported-by: Alexander V Gutkin <alexander.v.gutkin@intel.com> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-11-05 12:18:57 +00:00
uint16_t ip_ofs;
int32_t ip_len;
ip_frag: remove padding length of fragment In some situations, we would get several ip fragments, which total data length is less than min_ip_len(64) and padding with zeros. We simulated intermediate fragments by modifying the MTU. To illustrate the problem, we simplify the packet format and ignore the impact of the packet header.In namespace2, a packet whose data length is 1520 is sent. When the packet passes tap2, the packet is divided into two fragments: fragment A and B, similar to (1520 = 1510 + 10). When the packet passes tap3, the larger fragment packet A is divided into two fragments A1 and A2, similar to (1510 = 1500 + 10). Finally, the bond interface receives three fragments: A1, A2, and B (1520 = 1500 + 10 + 10). One fragmented packet A2 is smaller than the minimum Ethernet frame length, so it needs to be padded. |---------------------------------------------------| | HOST | | |--------------| |----------------------------| | | | ns2 | | |--------------| | | | | |--------| | | |--------| |--------| | | | | | tap1 | | | | tap2 | ns1| tap3 | | | | | |mtu=1510| | | |mtu=1510| |mtu=1500| | | | |--|1.1.1.1 |--| |--|1.1.1.2 |----|2.1.1.1 |--| | | |--------| |--------| |--------| | | | | | | | |-----------------| | | | | | | |--------| | | | bond | | |--------------------------------------|mtu=1500|---| |--------| When processing the preceding packets above, DPDK would aggregate fragmented packets A2 and B. And error packets are generated, which padding(zero) is displayed in the middle of the packet. A2 + B: 0000 fa 16 3e 9f fb 82 fa 47 b2 57 dc 20 08 00 45 00 0010 00 33 b4 66 00 ba 3f 01 c1 a5 01 01 01 01 02 01 0020 01 02 c0 c1 c2 c3 c4 c5 c6 c7 00 00 00 00 00 00 0030 00 00 00 00 00 00 00 00 00 00 00 00 c8 c9 ca cb 0040 cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db 0050 dc dd de df e0 e1 e2 e3 e4 e5 e6 So, we would calculate the length of padding, and remove the padding in pkt_len and data_len before aggregation. And also we have the fix for both ipv4 and ipv6. Fixes: 7f0983ee331c ("ip_frag: check fragment length of incoming packet") Cc: stable@dpdk.org Signed-off-by: Yicai Lu <luyicai@huawei.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2020-12-16 13:36:30 +00:00
int32_t trim;
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
rte_memcpy(&key.src_dst[0], ip_hdr->src_addr, 16);
rte_memcpy(&key.src_dst[2], ip_hdr->dst_addr, 16);
key.id = frag_hdr->id;
key.key_len = IPV6_KEYLEN;
ip_ofs = FRAG_OFFSET(frag_hdr->frag_data) * 8;
/*
ip_frag: check fragment length of incoming packet Under some conditions ill-formed fragments might cause reassembly code to corrupt mbufs and/or crash. Let say the following fragments sequence: <ofs=0,len=100, flags=MF> <ofs=96,len=100, flags=MF> <ofs=200,len=0,flags=MF> <ofs=200,len=100,flags=0> can trigger the problem. To overcome such situation, added check that fragment length of incoming value is greater than zero. Fixes: 601e279df074 ("ip_frag: move fragmentation/reassembly headers into a library") Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Cc: stable@dpdk.org Reported-by: Ryan E Hall <ryan.e.hall@intel.com> Reported-by: Alexander V Gutkin <alexander.v.gutkin@intel.com> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-11-05 12:18:57 +00:00
* as per RFC2460, payload length contains all extension headers
* as well.
* since we don't support anything but frag headers,
* this is what we remove from the payload len.
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
*/
ip_len = rte_be_to_cpu_16(ip_hdr->payload_len) - sizeof(*frag_hdr);
ip_frag: remove padding length of fragment In some situations, we would get several ip fragments, which total data length is less than min_ip_len(64) and padding with zeros. We simulated intermediate fragments by modifying the MTU. To illustrate the problem, we simplify the packet format and ignore the impact of the packet header.In namespace2, a packet whose data length is 1520 is sent. When the packet passes tap2, the packet is divided into two fragments: fragment A and B, similar to (1520 = 1510 + 10). When the packet passes tap3, the larger fragment packet A is divided into two fragments A1 and A2, similar to (1510 = 1500 + 10). Finally, the bond interface receives three fragments: A1, A2, and B (1520 = 1500 + 10 + 10). One fragmented packet A2 is smaller than the minimum Ethernet frame length, so it needs to be padded. |---------------------------------------------------| | HOST | | |--------------| |----------------------------| | | | ns2 | | |--------------| | | | | |--------| | | |--------| |--------| | | | | | tap1 | | | | tap2 | ns1| tap3 | | | | | |mtu=1510| | | |mtu=1510| |mtu=1500| | | | |--|1.1.1.1 |--| |--|1.1.1.2 |----|2.1.1.1 |--| | | |--------| |--------| |--------| | | | | | | | |-----------------| | | | | | | |--------| | | | bond | | |--------------------------------------|mtu=1500|---| |--------| When processing the preceding packets above, DPDK would aggregate fragmented packets A2 and B. And error packets are generated, which padding(zero) is displayed in the middle of the packet. A2 + B: 0000 fa 16 3e 9f fb 82 fa 47 b2 57 dc 20 08 00 45 00 0010 00 33 b4 66 00 ba 3f 01 c1 a5 01 01 01 01 02 01 0020 01 02 c0 c1 c2 c3 c4 c5 c6 c7 00 00 00 00 00 00 0030 00 00 00 00 00 00 00 00 00 00 00 00 c8 c9 ca cb 0040 cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db 0050 dc dd de df e0 e1 e2 e3 e4 e5 e6 So, we would calculate the length of padding, and remove the padding in pkt_len and data_len before aggregation. And also we have the fix for both ipv4 and ipv6. Fixes: 7f0983ee331c ("ip_frag: check fragment length of incoming packet") Cc: stable@dpdk.org Signed-off-by: Yicai Lu <luyicai@huawei.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2020-12-16 13:36:30 +00:00
trim = mb->pkt_len - (ip_len + mb->l3_len + mb->l2_len);
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
IP_FRAG_LOG(DEBUG, "%s:%d:\n"
"mbuf: %p, tms: %" PRIu64
ip_frag: check fragment length of incoming packet Under some conditions ill-formed fragments might cause reassembly code to corrupt mbufs and/or crash. Let say the following fragments sequence: <ofs=0,len=100, flags=MF> <ofs=96,len=100, flags=MF> <ofs=200,len=0,flags=MF> <ofs=200,len=100,flags=0> can trigger the problem. To overcome such situation, added check that fragment length of incoming value is greater than zero. Fixes: 601e279df074 ("ip_frag: move fragmentation/reassembly headers into a library") Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Cc: stable@dpdk.org Reported-by: Ryan E Hall <ryan.e.hall@intel.com> Reported-by: Alexander V Gutkin <alexander.v.gutkin@intel.com> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-11-05 12:18:57 +00:00
", key: <" IPv6_KEY_BYTES_FMT ", %#x>, "
ip_frag: remove padding length of fragment In some situations, we would get several ip fragments, which total data length is less than min_ip_len(64) and padding with zeros. We simulated intermediate fragments by modifying the MTU. To illustrate the problem, we simplify the packet format and ignore the impact of the packet header.In namespace2, a packet whose data length is 1520 is sent. When the packet passes tap2, the packet is divided into two fragments: fragment A and B, similar to (1520 = 1510 + 10). When the packet passes tap3, the larger fragment packet A is divided into two fragments A1 and A2, similar to (1510 = 1500 + 10). Finally, the bond interface receives three fragments: A1, A2, and B (1520 = 1500 + 10 + 10). One fragmented packet A2 is smaller than the minimum Ethernet frame length, so it needs to be padded. |---------------------------------------------------| | HOST | | |--------------| |----------------------------| | | | ns2 | | |--------------| | | | | |--------| | | |--------| |--------| | | | | | tap1 | | | | tap2 | ns1| tap3 | | | | | |mtu=1510| | | |mtu=1510| |mtu=1500| | | | |--|1.1.1.1 |--| |--|1.1.1.2 |----|2.1.1.1 |--| | | |--------| |--------| |--------| | | | | | | | |-----------------| | | | | | | |--------| | | | bond | | |--------------------------------------|mtu=1500|---| |--------| When processing the preceding packets above, DPDK would aggregate fragmented packets A2 and B. And error packets are generated, which padding(zero) is displayed in the middle of the packet. A2 + B: 0000 fa 16 3e 9f fb 82 fa 47 b2 57 dc 20 08 00 45 00 0010 00 33 b4 66 00 ba 3f 01 c1 a5 01 01 01 01 02 01 0020 01 02 c0 c1 c2 c3 c4 c5 c6 c7 00 00 00 00 00 00 0030 00 00 00 00 00 00 00 00 00 00 00 00 c8 c9 ca cb 0040 cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db 0050 dc dd de df e0 e1 e2 e3 e4 e5 e6 So, we would calculate the length of padding, and remove the padding in pkt_len and data_len before aggregation. And also we have the fix for both ipv4 and ipv6. Fixes: 7f0983ee331c ("ip_frag: check fragment length of incoming packet") Cc: stable@dpdk.org Signed-off-by: Yicai Lu <luyicai@huawei.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2020-12-16 13:36:30 +00:00
"ofs: %u, len: %d, padding: %d, flags: %#x\n"
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
"tbl: %p, max_cycles: %" PRIu64 ", entry_mask: %#x, "
"max_entries: %u, use_entries: %u\n\n",
__func__, __LINE__,
ip_frag: fix bit-fields in ipv6 fragment extension Previous implementation won't work on every environment. The order of allocation of bit-fields within a unit (high-order to low-order or low-order to high-order) is implementation-defined. Solution: used bytes instead of bit fields. Signed-off-by: Piotr Azarewicz <piotrx.t.azarewicz@intel.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com> Acked-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2015-09-10 07:09:17 +00:00
mb, tms, IPv6_KEY_BYTES(key.src_dst), key.id, ip_ofs, ip_len,
ip_frag: remove padding length of fragment In some situations, we would get several ip fragments, which total data length is less than min_ip_len(64) and padding with zeros. We simulated intermediate fragments by modifying the MTU. To illustrate the problem, we simplify the packet format and ignore the impact of the packet header.In namespace2, a packet whose data length is 1520 is sent. When the packet passes tap2, the packet is divided into two fragments: fragment A and B, similar to (1520 = 1510 + 10). When the packet passes tap3, the larger fragment packet A is divided into two fragments A1 and A2, similar to (1510 = 1500 + 10). Finally, the bond interface receives three fragments: A1, A2, and B (1520 = 1500 + 10 + 10). One fragmented packet A2 is smaller than the minimum Ethernet frame length, so it needs to be padded. |---------------------------------------------------| | HOST | | |--------------| |----------------------------| | | | ns2 | | |--------------| | | | | |--------| | | |--------| |--------| | | | | | tap1 | | | | tap2 | ns1| tap3 | | | | | |mtu=1510| | | |mtu=1510| |mtu=1500| | | | |--|1.1.1.1 |--| |--|1.1.1.2 |----|2.1.1.1 |--| | | |--------| |--------| |--------| | | | | | | | |-----------------| | | | | | | |--------| | | | bond | | |--------------------------------------|mtu=1500|---| |--------| When processing the preceding packets above, DPDK would aggregate fragmented packets A2 and B. And error packets are generated, which padding(zero) is displayed in the middle of the packet. A2 + B: 0000 fa 16 3e 9f fb 82 fa 47 b2 57 dc 20 08 00 45 00 0010 00 33 b4 66 00 ba 3f 01 c1 a5 01 01 01 01 02 01 0020 01 02 c0 c1 c2 c3 c4 c5 c6 c7 00 00 00 00 00 00 0030 00 00 00 00 00 00 00 00 00 00 00 00 c8 c9 ca cb 0040 cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db 0050 dc dd de df e0 e1 e2 e3 e4 e5 e6 So, we would calculate the length of padding, and remove the padding in pkt_len and data_len before aggregation. And also we have the fix for both ipv4 and ipv6. Fixes: 7f0983ee331c ("ip_frag: check fragment length of incoming packet") Cc: stable@dpdk.org Signed-off-by: Yicai Lu <luyicai@huawei.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2020-12-16 13:36:30 +00:00
trim, RTE_IPV6_GET_MF(frag_hdr->frag_data),
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
tbl, tbl->max_cycles, tbl->entry_mask, tbl->max_entries,
tbl->use_entries);
ip_frag: check fragment length of incoming packet Under some conditions ill-formed fragments might cause reassembly code to corrupt mbufs and/or crash. Let say the following fragments sequence: <ofs=0,len=100, flags=MF> <ofs=96,len=100, flags=MF> <ofs=200,len=0,flags=MF> <ofs=200,len=100,flags=0> can trigger the problem. To overcome such situation, added check that fragment length of incoming value is greater than zero. Fixes: 601e279df074 ("ip_frag: move fragmentation/reassembly headers into a library") Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Cc: stable@dpdk.org Reported-by: Ryan E Hall <ryan.e.hall@intel.com> Reported-by: Alexander V Gutkin <alexander.v.gutkin@intel.com> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-11-05 12:18:57 +00:00
/* check that fragment length is greater then zero. */
if (ip_len <= 0) {
IP_FRAG_MBUF2DR(dr, mb);
return NULL;
}
ip_frag: remove padding length of fragment In some situations, we would get several ip fragments, which total data length is less than min_ip_len(64) and padding with zeros. We simulated intermediate fragments by modifying the MTU. To illustrate the problem, we simplify the packet format and ignore the impact of the packet header.In namespace2, a packet whose data length is 1520 is sent. When the packet passes tap2, the packet is divided into two fragments: fragment A and B, similar to (1520 = 1510 + 10). When the packet passes tap3, the larger fragment packet A is divided into two fragments A1 and A2, similar to (1510 = 1500 + 10). Finally, the bond interface receives three fragments: A1, A2, and B (1520 = 1500 + 10 + 10). One fragmented packet A2 is smaller than the minimum Ethernet frame length, so it needs to be padded. |---------------------------------------------------| | HOST | | |--------------| |----------------------------| | | | ns2 | | |--------------| | | | | |--------| | | |--------| |--------| | | | | | tap1 | | | | tap2 | ns1| tap3 | | | | | |mtu=1510| | | |mtu=1510| |mtu=1500| | | | |--|1.1.1.1 |--| |--|1.1.1.2 |----|2.1.1.1 |--| | | |--------| |--------| |--------| | | | | | | | |-----------------| | | | | | | |--------| | | | bond | | |--------------------------------------|mtu=1500|---| |--------| When processing the preceding packets above, DPDK would aggregate fragmented packets A2 and B. And error packets are generated, which padding(zero) is displayed in the middle of the packet. A2 + B: 0000 fa 16 3e 9f fb 82 fa 47 b2 57 dc 20 08 00 45 00 0010 00 33 b4 66 00 ba 3f 01 c1 a5 01 01 01 01 02 01 0020 01 02 c0 c1 c2 c3 c4 c5 c6 c7 00 00 00 00 00 00 0030 00 00 00 00 00 00 00 00 00 00 00 00 c8 c9 ca cb 0040 cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db 0050 dc dd de df e0 e1 e2 e3 e4 e5 e6 So, we would calculate the length of padding, and remove the padding in pkt_len and data_len before aggregation. And also we have the fix for both ipv4 and ipv6. Fixes: 7f0983ee331c ("ip_frag: check fragment length of incoming packet") Cc: stable@dpdk.org Signed-off-by: Yicai Lu <luyicai@huawei.com> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2020-12-16 13:36:30 +00:00
if (unlikely(trim > 0))
rte_pktmbuf_trim(mb, trim);
ip_frag: add IPv6 reassembly Mostly a copy-paste of IPv4, with a few caveats. Only supported packets are those in which fragment extension header is just after the IPv6 header. Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com> Acked-by: Thomas Monjalon <thomas.monjalon@6wind.com>
2014-05-28 17:32:46 +00:00
/* try to find/add entry into the fragment's table. */
fp = ip_frag_find(tbl, dr, &key, tms);
if (fp == NULL) {
IP_FRAG_MBUF2DR(dr, mb);
return NULL;
}
IP_FRAG_LOG(DEBUG, "%s:%d:\n"
"tbl: %p, max_entries: %u, use_entries: %u\n"
"ipv6_frag_pkt: %p, key: <" IPv6_KEY_BYTES_FMT ", %#x>, start: %" PRIu64
", total_size: %u, frag_size: %u, last_idx: %u\n\n",
__func__, __LINE__,
tbl, tbl->max_entries, tbl->use_entries,
fp, IPv6_KEY_BYTES(fp->key.src_dst), fp->key.id, fp->start,
fp->total_size, fp->frag_size, fp->last_idx);
/* process the fragmented packet. */
mb = ip_frag_process(fp, dr, mb, ip_ofs, ip_len,
MORE_FRAGS(frag_hdr->frag_data));
ip_frag_inuse(tbl, fp);
IP_FRAG_LOG(DEBUG, "%s:%d:\n"
"mbuf: %p\n"
"tbl: %p, max_entries: %u, use_entries: %u\n"
"ipv6_frag_pkt: %p, key: <" IPv6_KEY_BYTES_FMT ", %#x>, start: %" PRIu64
", total_size: %u, frag_size: %u, last_idx: %u\n\n",
__func__, __LINE__, mb,
tbl, tbl->max_entries, tbl->use_entries,
fp, IPv6_KEY_BYTES(fp->key.src_dst), fp->key.id, fp->start,
fp->total_size, fp->frag_size, fp->last_idx);
return mb;
}
Reference in New Issue Copy Permalink