Skip to content

Commit

Permalink
openvswitch: Derive IP protocol number for IPv6 later frags
Browse files Browse the repository at this point in the history
Currently, OVS only parses the IP protocol number for the first
IPv6 fragment, but sets the IP protocol number for the later fragments
to be NEXTHDF_FRAGMENT.  This patch tries to derive the IP protocol
number for the IPV6 later frags so that we can match that.

Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Yi-Hung Wei authored and David S. Miller committed Sep 7, 2018
1 parent ddc4d23 commit fa642f0
Showing 1 changed file with 9 additions and 13 deletions.
22 changes: 9 additions & 13 deletions net/openvswitch/flow.c
Original file line number Diff line number Diff line change
Expand Up @@ -254,21 +254,18 @@ static bool icmphdr_ok(struct sk_buff *skb)

static int parse_ipv6hdr(struct sk_buff *skb, struct sw_flow_key *key)
{
unsigned short frag_off;
unsigned int payload_ofs = 0;
unsigned int nh_ofs = skb_network_offset(skb);
unsigned int nh_len;
int payload_ofs;
struct ipv6hdr *nh;
uint8_t nexthdr;
__be16 frag_off;
int err;
int err, nexthdr, flags = 0;

err = check_header(skb, nh_ofs + sizeof(*nh));
if (unlikely(err))
return err;

nh = ipv6_hdr(skb);
nexthdr = nh->nexthdr;
payload_ofs = (u8 *)(nh + 1) - skb->data;

key->ip.proto = NEXTHDR_NONE;
key->ip.tos = ipv6_get_dsfield(nh);
Expand All @@ -277,22 +274,21 @@ static int parse_ipv6hdr(struct sk_buff *skb, struct sw_flow_key *key)
key->ipv6.addr.src = nh->saddr;
key->ipv6.addr.dst = nh->daddr;

payload_ofs = ipv6_skip_exthdr(skb, payload_ofs, &nexthdr, &frag_off);

if (frag_off) {
if (frag_off & htons(~0x7))
nexthdr = ipv6_find_hdr(skb, &payload_ofs, -1, &frag_off, &flags);
if (flags & IP6_FH_F_FRAG) {
if (frag_off)
key->ip.frag = OVS_FRAG_TYPE_LATER;
else
key->ip.frag = OVS_FRAG_TYPE_FIRST;
} else {
key->ip.frag = OVS_FRAG_TYPE_NONE;
}

/* Delayed handling of error in ipv6_skip_exthdr() as it
* always sets frag_off to a valid value which may be
/* Delayed handling of error in ipv6_find_hdr() as it
* always sets flags and frag_off to a valid value which may be
* used to set key->ip.frag above.
*/
if (unlikely(payload_ofs < 0))
if (unlikely(nexthdr < 0))
return -EPROTO;

nh_len = payload_ofs - nh_ofs;
Expand Down

0 comments on commit fa642f0

Please sign in to comment.