From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by dpdk.org (Postfix) with ESMTP id D61DB1B3AC; Tue, 8 Jan 2019 07:08:55 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jan 2019 22:08:54 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,453,1539673200"; d="scan'208";a="309922711" Received: from dpdk15.sh.intel.com ([10.67.111.146]) by fmsmga005.fm.intel.com with ESMTP; 07 Jan 2019 22:08:53 -0800 From: Jiayu Hu To: dev@dpdk.org Cc: tiwei.bie@intel.com, bruce.richardson@intel.com, Jiayu Hu , stable@dpdk.org Date: Tue, 8 Jan 2019 14:08:45 +0800 Message-Id: <1546927725-68831-1-git-send-email-jiayu.hu@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1546567036-29444-1-git-send-email-jiayu.hu@intel.com> References: <1546567036-29444-1-git-send-email-jiayu.hu@intel.com> Subject: [dpdk-dev] [PATCH] gro: add missing invalid packet checks X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jan 2019 06:08:56 -0000 Currently, GRO library doesn't check if input packets have invalid headers. The packets with invalid headers will also be processed by GRO. However, GRO shouldn't process invalid packets. This patch adds missing invalid packet checks. Fixes: 0d2cbe59b719 ("lib/gro: support TCP/IPv4") Fixes: 9e0b9d2ec0f4 ("gro: support VxLAN GRO") Cc: stable@dpdk.org Signed-off-by: Jiayu Hu --- lib/librte_gro/gro_tcp4.c | 10 ++++++++++ lib/librte_gro/gro_tcp4.h | 4 ++++ lib/librte_gro/gro_vxlan_tcp4.c | 13 +++++++++++++ 3 files changed, 27 insertions(+) diff --git a/lib/librte_gro/gro_tcp4.c b/lib/librte_gro/gro_tcp4.c index 2fe9aab..0dc0de6 100644 --- a/lib/librte_gro/gro_tcp4.c +++ b/lib/librte_gro/gro_tcp4.c @@ -208,6 +208,16 @@ gro_tcp4_reassemble(struct rte_mbuf *pkt, int cmp; uint8_t find; + /* + * Don't process the packet whose Ethernet, IPv4 and TCP header + * lengths are invalid. In addition, if the IPv4 header contains + * Options, the packet shouldn't be processed. + */ + if (unlikely(ILLEGAL_ETHER_HDRLEN(pkt->l2_len) || + ILLEGAL_IPV4_HDRLEN(pkt->l3_len) || + ILLEGAL_TCP_HDRLEN(pkt->l4_len))) + return -1; + eth_hdr = rte_pktmbuf_mtod(pkt, struct ether_hdr *); ipv4_hdr = (struct ipv4_hdr *)((char *)eth_hdr + pkt->l2_len); tcp_hdr = (struct tcp_hdr *)((char *)ipv4_hdr + pkt->l3_len); diff --git a/lib/librte_gro/gro_tcp4.h b/lib/librte_gro/gro_tcp4.h index 6bb30cd..cab84fd 100644 --- a/lib/librte_gro/gro_tcp4.h +++ b/lib/librte_gro/gro_tcp4.h @@ -17,6 +17,10 @@ */ #define MAX_IPV4_PKT_LENGTH UINT16_MAX +#define ILLEGAL_ETHER_HDRLEN(len) ((len) < ETHER_HDR_LEN) +#define ILLEGAL_IPV4_HDRLEN(len) ((len) != 20) +#define ILLEGAL_TCP_HDRLEN(len) ((len) < 20 || (len) > 60) + /* Header fields representing a TCP/IPv4 flow */ struct tcp4_flow_key { struct ether_addr eth_saddr; diff --git a/lib/librte_gro/gro_vxlan_tcp4.c b/lib/librte_gro/gro_vxlan_tcp4.c index 955ae4b..c499c86 100644 --- a/lib/librte_gro/gro_vxlan_tcp4.c +++ b/lib/librte_gro/gro_vxlan_tcp4.c @@ -306,6 +306,19 @@ gro_vxlan_tcp4_reassemble(struct rte_mbuf *pkt, uint16_t hdr_len; uint8_t find; + /* + * Don't process the packet whose outer Ethernet, outer IPv4, + * inner Ethernet, inner IPv4 and inner TCP header lengths + * are invalid. In addition, if the outer or inner IPv4 header + * contains Options, the packet shouldn't be processed. + */ + if (unlikely(ILLEGAL_ETHER_HDRLEN(pkt->outer_l2_len) || + ILLEGAL_IPV4_HDRLEN(pkt->outer_l3_len) || + ILLEGAL_ETHER_HDRLEN(pkt->l2_len) || + ILLEGAL_IPV4_HDRLEN(pkt->l3_len) || + ILLEGAL_TCP_HDRLEN(pkt->l4_len))) + return -1; + outer_eth_hdr = rte_pktmbuf_mtod(pkt, struct ether_hdr *); outer_ipv4_hdr = (struct ipv4_hdr *)((char *)outer_eth_hdr + pkt->outer_l2_len); -- 2.7.4