On 05-Nov-18 12:18 PM, Konstantin Ananyev wrote:
Right now reassembly code relies on src_dst[] being all zeroes to determine is it free/occupied entry in the fragments table. This is suboptimal and error prone - user can crash DPDK ip_reassembly app by something like the following scapy script: x=Ether(src=...,dst=...)/IP(dst='0.0.0.0',src='0.0.0.0',id=0)/('X'*1000) frags=fragment(x, fragsize=500) sendp(frags, iface=...) To overcome that issue and reduce overhead of 'key invalidate' and 'key is empty' operations - add key_len into keys comparision procedure.Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Cc: sta...@dpdk.org Reported-by: Ryan E Hall <ryan.e.h...@intel.com> Reported-by: Alexander V Gutkin <alexander.v.gut...@intel.com> Signed-off-by: Konstantin Ananyev <konstantin.anan...@intel.com> ---
@@ -44,9 +44,17 @@ struct ip_frag {/** @internal <src addr, dst_addr, id> to uniquely identify fragmented datagram. */struct ip_frag_key { - uint64_t src_dst[4]; /**< src address, first 8 bytes used for IPv4 */ - uint32_t id; /**< dst address */ - uint32_t key_len; /**< src/dst key length */ + uint64_t src_dst[4]; + /**< src and dst address, only first 8 bytes used for IPv4 */ + RTE_STD_C11 + union { + uint64_t id_key_len; /**< combined for easy fetch */ + __extension__ + struct { + uint32_t id; /**< packet id */ + uint32_t key_len; /**< src/dst key length */ + }; + }; };
Would that break ABI?
/**
-- Thanks, Anatoly
