summaryrefslogtreecommitdiffstats
path: root/src/vnet/ip
diff options
context:
space:
mode:
authorKlement Sekera <ksekera@cisco.com>2020-01-15 10:30:48 +0000
committerOle Trøan <otroan@employees.org>2020-01-15 21:37:55 +0000
commit8ad070e10246536fc1c514cbf16f2c51030cbee0 (patch)
treeab56829a26064495f7083c66a74fa9e7f3018863 /src/vnet/ip
parente5060b33bd680aef7fb0ba80a5123532f07e6300 (diff)
ip: align reass.save_rewrite_lengthv20.05-rc0
By aligning vnet_buffer_opaque.ip.save_rewrite_length and vnet_buffer_opaque.ip.reass.save_rewrite_length we prevent shallow virtual reassembly code from overwrite save_rewrite_length, allowing other features down the pipe to rely on this value. A static assert is added to guard this alignment. Type: fix Fixes: f126e746fc01c75bc99329d10ce9127b26b23814 Change-Id: Ie7c7f3abc2a221bbcf2830c0f006a4368088b342 Signed-off-by: Klement Sekera <ksekera@cisco.com>
Diffstat (limited to 'src/vnet/ip')
-rw-r--r--src/vnet/ip/reass/ip4_sv_reass.c7
-rw-r--r--src/vnet/ip/reass/ip6_sv_reass.c9
2 files changed, 0 insertions, 16 deletions
diff --git a/src/vnet/ip/reass/ip4_sv_reass.c b/src/vnet/ip/reass/ip4_sv_reass.c
index b94e9b28cea..c50cf6d6728 100644
--- a/src/vnet/ip/reass/ip4_sv_reass.c
+++ b/src/vnet/ip/reass/ip4_sv_reass.c
@@ -466,8 +466,6 @@ ip4_sv_reass_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
{
next0 = IP4_SV_REASSEMBLY_NEXT_INPUT;
}
- vnet_buffer (b0)->ip.reass.save_rewrite_length =
- vnet_buffer (b0)->ip.save_rewrite_length;
vnet_buffer (b0)->ip.reass.is_non_first_fragment = 0;
vnet_buffer (b0)->ip.reass.ip_proto = ip0->protocol;
if (IP_PROTOCOL_TCP == ip0->protocol)
@@ -547,8 +545,6 @@ ip4_sv_reass_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
{
next0 = IP4_SV_REASSEMBLY_NEXT_INPUT;
}
- vnet_buffer (b0)->ip.reass.save_rewrite_length =
- vnet_buffer (b0)->ip.save_rewrite_length;
vnet_buffer (b0)->ip.reass.is_non_first_fragment =
! !fragment_first;
vnet_buffer (b0)->ip.reass.ip_proto = reass->ip_proto;
@@ -620,9 +616,6 @@ ip4_sv_reass_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
to_next[0] = bi0;
to_next += 1;
n_left_to_next -= 1;
- ASSERT (vnet_buffer (b0)->ip.save_rewrite_length < (2 << 14));
- vnet_buffer (b0)->ip.reass.save_rewrite_length =
- vnet_buffer (b0)->ip.save_rewrite_length;
vnet_buffer (b0)->ip.reass.is_non_first_fragment =
! !ip4_get_fragment_offset (vlib_buffer_get_current (b0));
vnet_buffer (b0)->ip.reass.ip_proto = reass->ip_proto;
diff --git a/src/vnet/ip/reass/ip6_sv_reass.c b/src/vnet/ip/reass/ip6_sv_reass.c
index 442617703a1..5f46966b19b 100644
--- a/src/vnet/ip/reass/ip6_sv_reass.c
+++ b/src/vnet/ip/reass/ip6_sv_reass.c
@@ -559,9 +559,6 @@ ip6_sv_reassembly_inline (vlib_main_t * vm,
next0 = IP6_SV_REASSEMBLY_NEXT_DROP;
goto packet_enqueue;
}
- ASSERT (vnet_buffer (b0)->ip.save_rewrite_length < (2 << 14));
- vnet_buffer (b0)->ip.reass.save_rewrite_length =
- vnet_buffer (b0)->ip.save_rewrite_length;
vnet_buffer (b0)->ip.reass.is_non_first_fragment = 0;
next0 = IP6_SV_REASSEMBLY_NEXT_INPUT;
if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
@@ -631,9 +628,6 @@ ip6_sv_reassembly_inline (vlib_main_t * vm,
if (reass->is_complete)
{
- ASSERT (vnet_buffer (b0)->ip.save_rewrite_length < (2 << 14));
- vnet_buffer (b0)->ip.reass.save_rewrite_length =
- vnet_buffer (b0)->ip.save_rewrite_length;
vnet_buffer (b0)->ip.reass.is_non_first_fragment =
! !ip6_frag_hdr_offset (frag_hdr);
vnet_buffer (b0)->ip.reass.ip_proto = reass->ip_proto;
@@ -712,9 +706,6 @@ ip6_sv_reassembly_inline (vlib_main_t * vm,
frag_hdr =
vlib_buffer_get_current (b0) +
vnet_buffer (b0)->ip.reass.ip6_frag_hdr_offset;
- ASSERT (vnet_buffer (b0)->ip.save_rewrite_length < (2 << 14));
- vnet_buffer (b0)->ip.reass.save_rewrite_length =
- vnet_buffer (b0)->ip.save_rewrite_length;
vnet_buffer (b0)->ip.reass.is_non_first_fragment =
! !ip6_frag_hdr_offset (frag_hdr);
vnet_buffer (b0)->ip.reass.ip_proto = reass->ip_proto;