From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by dpdk.org (Postfix) with ESMTP id 822854C74 for ; Thu, 8 Nov 2018 19:01:42 +0100 (CET) Received: by mail-wm1-f43.google.com with SMTP id b203-v6so2064388wme.5 for ; Thu, 08 Nov 2018 10:01:42 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=W8fHanCkRtBMVgThez9XSsHrOKH1lenQu2KKYib3Cmg=; b=I4Lfsla+lbAs2jQd0Tkc4wWeJxjSlDjGkPVRe28F9AFc9lbRQmy38aWRla4IDFISBs EF2QmQOMHu7c6xBhEUc4tBMDPYUHTp+K+jxIBisbbjPXetg3gv5PYd0SB6xEuyaXvI6g gc5qLPBQ9ILtPOg46g+2wMpr+uroR67X90ZpDY1+8WmQtyb6RMeIekAFtGStJKmG6HXB RHYcKlzauFZgihf8KtvBdvWfgP74A629aIPJLl45rSJg4CxfCMeYhy8ARDpXaRpKfbPB U1aOXx+5LOXSMRNqY+KWVQK4gWAoH2mZhtegTI+0mlVjcmqCQCc3cjclwTsdZm88Gnbw VmjA== X-Gm-Message-State: AGRZ1gIvH/7FthHDrU5gX5Z+4TBwOFivF8UjtYx5JhpaBe0833NWIdRT LlKGhKilKhD/SfVjvTS/1rnR0oMI X-Google-Smtp-Source: AJdET5em9i+egq8777LusF2O6Mt8y2pjZ0G6VmVw+Sy4FWBDEDwY8699S6/393VDTjRleDe9YbprlQ== X-Received: by 2002:a1c:61d6:: with SMTP id v205-v6mr2181976wmb.10.1541700102041; Thu, 08 Nov 2018 10:01:42 -0800 (PST) Received: from localhost ([2a01:4b00:f419:6f00:8361:8946:ba2b:d556]) by smtp.gmail.com with ESMTPSA id k4sm6596854wrx.91.2018.11.08.10.01.40 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 08 Nov 2018 10:01:41 -0800 (PST) From: Luca Boccassi To: Konstantin Ananyev Cc: Ryan E Hall , Alexander V Gutkin , dpdk stable Date: Thu, 8 Nov 2018 18:01:06 +0000 Message-Id: <20181108180111.25873-10-bluca@debian.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181108180111.25873-1-bluca@debian.org> References: <20181029125329.17729-20-bluca@debian.org> <20181108180111.25873-1-bluca@debian.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-stable] patch 'ip_frag: use key length for key comparison' has been queued to LTS release 16.11.9 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Nov 2018 18:01:43 -0000 Hi, FYI, your patch has been queued to LTS release 16.11.9 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 11/10/18. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. If the code is different (ie: not only metadata diffs), due for example to a change in context or macro names, please double check it. Thanks. Luca Boccassi --- >>From bbf8160d6cd6e37e3089a8e3b9aafe16aa93ec39 Mon Sep 17 00:00:00 2001 From: Konstantin Ananyev Date: Mon, 5 Nov 2018 12:18:58 +0000 Subject: [PATCH] ip_frag: use key length for key comparison [ upstream commit b8d5dfd4a5f006794d85f93fc97134460ffbdfdf ] Right now reassembly code relies on src_dst[] being all zeroes to determine is it free/occupied entry in the fragments table. This is suboptimal and error prone - user can crash DPDK ip_reassembly app by something like the following scapy script: x=Ether(src=...,dst=...)/IP(dst='0.0.0.0',src='0.0.0.0',id=0)/('X'*1000) frags=fragment(x, fragsize=500) sendp(frags, iface=...) To overcome that issue and reduce overhead of 'key invalidate' and 'key is empty' operations - add key_len into keys comparision procedure. Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") Reported-by: Ryan E Hall Reported-by: Alexander V Gutkin Signed-off-by: Konstantin Ananyev --- lib/librte_ip_frag/ip_frag_common.h | 14 ++++---------- lib/librte_ip_frag/rte_ip_frag.h | 14 +++++++++++--- 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/lib/librte_ip_frag/ip_frag_common.h b/lib/librte_ip_frag/ip_frag_common.h index ffba1b49b..5382a3e3f 100644 --- a/lib/librte_ip_frag/ip_frag_common.h +++ b/lib/librte_ip_frag/ip_frag_common.h @@ -81,20 +81,14 @@ struct rte_mbuf *ipv6_frag_reassemble(struct ip_frag_pkt *fp); static inline int ip_frag_key_is_empty(const struct ip_frag_key * key) { - uint32_t i; - for (i = 0; i < RTE_MIN(key->key_len, RTE_DIM(key->src_dst)); i++) - if (key->src_dst[i] != 0) - return 0; - return 1; + return (key->key_len == 0); } -/* empty the key */ +/* invalidate the key */ static inline void ip_frag_key_invalidate(struct ip_frag_key * key) { - uint32_t i; - for (i = 0; i < key->key_len; i++) - key->src_dst[i] = 0; + key->key_len = 0; } /* compare two keys */ @@ -103,7 +97,7 @@ ip_frag_key_cmp(const struct ip_frag_key * k1, const struct ip_frag_key * k2) { uint32_t i; uint64_t val; - val = k1->id ^ k2->id; + val = k1->id_key_len ^ k2->id_key_len; for (i = 0; i < k1->key_len; i++) val |= k1->src_dst[i] ^ k2->src_dst[i]; return val; diff --git a/lib/librte_ip_frag/rte_ip_frag.h b/lib/librte_ip_frag/rte_ip_frag.h index 6708906d3..e13486ac7 100644 --- a/lib/librte_ip_frag/rte_ip_frag.h +++ b/lib/librte_ip_frag/rte_ip_frag.h @@ -72,9 +72,17 @@ struct ip_frag { /** @internal to uniquely indetify fragmented datagram. */ struct ip_frag_key { - uint64_t src_dst[4]; /**< src address, first 8 bytes used for IPv4 */ - uint32_t id; /**< dst address */ - uint32_t key_len; /**< src/dst key length */ + uint64_t src_dst[4]; + /**< src and dst address, only first 8 bytes used for IPv4 */ + RTE_STD_C11 + union { + uint64_t id_key_len; /**< combined for easy fetch */ + __extension__ + struct { + uint32_t id; /**< packet id */ + uint32_t key_len; /**< src/dst key length */ + }; + }; }; /** -- 2.19.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2018-11-08 17:59:30.250110095 +0000 +++ 0010-ip_frag-use-key-length-for-key-comparison.patch 2018-11-08 17:59:30.056751011 +0000 @@ -1,8 +1,10 @@ -From b8d5dfd4a5f006794d85f93fc97134460ffbdfdf Mon Sep 17 00:00:00 2001 +From bbf8160d6cd6e37e3089a8e3b9aafe16aa93ec39 Mon Sep 17 00:00:00 2001 From: Konstantin Ananyev Date: Mon, 5 Nov 2018 12:18:58 +0000 Subject: [PATCH] ip_frag: use key length for key comparison +[ upstream commit b8d5dfd4a5f006794d85f93fc97134460ffbdfdf ] + Right now reassembly code relies on src_dst[] being all zeroes to determine is it free/occupied entry in the fragments table. This is suboptimal and error prone - user can crash DPDK ip_reassembly @@ -15,7 +17,6 @@ add key_len into keys comparision procedure. Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly") -Cc: stable@dpdk.org Reported-by: Ryan E Hall Reported-by: Alexander V Gutkin @@ -26,10 +27,10 @@ 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/lib/librte_ip_frag/ip_frag_common.h b/lib/librte_ip_frag/ip_frag_common.h -index 0f62e2e16..a17a74076 100644 +index ffba1b49b..5382a3e3f 100644 --- a/lib/librte_ip_frag/ip_frag_common.h +++ b/lib/librte_ip_frag/ip_frag_common.h -@@ -58,20 +58,14 @@ struct rte_mbuf *ipv6_frag_reassemble(struct ip_frag_pkt *fp); +@@ -81,20 +81,14 @@ struct rte_mbuf *ipv6_frag_reassemble(struct ip_frag_pkt *fp); static inline int ip_frag_key_is_empty(const struct ip_frag_key * key) { @@ -53,7 +54,7 @@ } /* compare two keys */ -@@ -80,7 +74,7 @@ ip_frag_key_cmp(const struct ip_frag_key * k1, const struct ip_frag_key * k2) +@@ -103,7 +97,7 @@ ip_frag_key_cmp(const struct ip_frag_key * k1, const struct ip_frag_key * k2) { uint32_t i; uint64_t val; @@ -63,12 +64,12 @@ val |= k1->src_dst[i] ^ k2->src_dst[i]; return val; diff --git a/lib/librte_ip_frag/rte_ip_frag.h b/lib/librte_ip_frag/rte_ip_frag.h -index 7f425f610..a4ccaf9d1 100644 +index 6708906d3..e13486ac7 100644 --- a/lib/librte_ip_frag/rte_ip_frag.h +++ b/lib/librte_ip_frag/rte_ip_frag.h -@@ -44,9 +44,17 @@ struct ip_frag { +@@ -72,9 +72,17 @@ struct ip_frag { - /** @internal to uniquely identify fragmented datagram. */ + /** @internal to uniquely indetify fragmented datagram. */ struct ip_frag_key { - uint64_t src_dst[4]; /**< src address, first 8 bytes used for IPv4 */ - uint32_t id; /**< dst address */