diff options
| author | Darrell Ball <dlu998@gmail.com> | 2019-02-22 17:17:42 -0800 |
|---|---|---|
| committer | Ben Pfaff <blp@ovn.org> | 2019-02-22 17:55:45 -0800 |
| commit | 76d85771f0eec3d26d772382e4e9864c8fcda8c0 (patch) | |
| tree | 577e4380222436db409bf1c6cf176d7b3965b6e2 /lib/conntrack.c | |
| parent | 5be00cf9cb62f9f25d8486e1df42c716f2272a43 (diff) | |
| download | openvswitch-76d85771f0eec3d26d772382e4e9864c8fcda8c0.tar.gz | |
conntrack: Fix L4 csum for V6 extension hdr pkts.
It is a day one issue that got copied to subsequent code.
Fixes: a489b16854b5 ("conntrack: New userspace connection tracker.")
Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.")
CC: Daniele Di Proietto <diproiettod@ovn.org>
Signed-off-by: Darrell Ball <dlu998@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'lib/conntrack.c')
| -rw-r--r-- | lib/conntrack.c | 28 |
1 files changed, 10 insertions, 18 deletions
diff --git a/lib/conntrack.c b/lib/conntrack.c index 4d7655252..4028ba9a0 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -686,10 +686,9 @@ reverse_nat_packet(struct dp_packet *pkt, const struct conn *conn) &conn->key.dst.addr.ipv6, true); } reverse_pat_packet(pkt, conn); - uint32_t icmp6_csum = packet_csum_pseudoheader6(nh6); icmp6->icmp6_base.icmp6_cksum = 0; - icmp6->icmp6_base.icmp6_cksum = csum_finish( - csum_continue(icmp6_csum, icmp6, tail - (char *) icmp6 - pad)); + icmp6->icmp6_base.icmp6_cksum = packet_csum_upperlayer6(nh6, icmp6, + IPPROTO_ICMPV6, tail - (char *) icmp6 - pad); } pkt->l3_ofs = orig_l3_ofs; pkt->l4_ofs = orig_l4_ofs; @@ -1591,19 +1590,14 @@ static inline bool checksum_valid(const struct conn_key *key, const void *data, size_t size, const void *l3) { - uint32_t csum = 0; - if (key->dl_type == htons(ETH_TYPE_IP)) { - csum = packet_csum_pseudoheader(l3); + uint32_t csum = packet_csum_pseudoheader(l3); + return csum_finish(csum_continue(csum, data, size)) == 0; } else if (key->dl_type == htons(ETH_TYPE_IPV6)) { - csum = packet_csum_pseudoheader6(l3); + return packet_csum_upperlayer6(l3, data, key->nw_proto, size) == 0; } else { return false; } - - csum = csum_continue(csum, data, size); - - return csum_finish(csum) == 0; } static inline bool @@ -3261,16 +3255,14 @@ handle_ftp_ctl(struct conntrack *ct, const struct conn_lookup_ctx *ctx, } th->tcp_csum = 0; - uint32_t tcp_csum; if (ctx->key.dl_type == htons(ETH_TYPE_IPV6)) { - tcp_csum = packet_csum_pseudoheader6(nh6); + th->tcp_csum = packet_csum_upperlayer6(nh6, th, ctx->key.nw_proto, + dp_packet_l4_size(pkt)); } else { - tcp_csum = packet_csum_pseudoheader(l3_hdr); + uint32_t tcp_csum = packet_csum_pseudoheader(l3_hdr); + th->tcp_csum = csum_finish( + csum_continue(tcp_csum, th, dp_packet_l4_size(pkt))); } - const char *tail = dp_packet_tail(pkt); - uint8_t pad = dp_packet_l2_pad_size(pkt); - th->tcp_csum = csum_finish( - csum_continue(tcp_csum, th, tail - (char *) th - pad)); if (seq_skew) { conn_seq_skew_set(ct, &ec->key, now, seq_skew + ec->seq_skew, |