[dpdk-stable] patch 'ip_frag: use key length for key comparison' has been queued to LTS release 16.11.9
Luca Boccassi
bluca at debian.org
Thu Nov 8 19:01:06 CET 2018
Hi,
FYI, your patch has been queued to LTS release 16.11.9
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 11/10/18. So please
shout if anyone has objections.
Also note that after the patch there's a diff of the upstream commit vs the patch applied
to the branch. If the code is different (ie: not only metadata diffs), due for example to
a change in context or macro names, please double check it.
Thanks.
Luca Boccassi
---
>From bbf8160d6cd6e37e3089a8e3b9aafe16aa93ec39 Mon Sep 17 00:00:00 2001
From: Konstantin Ananyev <konstantin.ananyev at intel.com>
Date: Mon, 5 Nov 2018 12:18:58 +0000
Subject: [PATCH] ip_frag: use key length for key comparison
[ upstream commit b8d5dfd4a5f006794d85f93fc97134460ffbdfdf ]
Right now reassembly code relies on src_dst[] being all zeroes to
determine is it free/occupied entry in the fragments table.
This is suboptimal and error prone - user can crash DPDK ip_reassembly
app by something like the following scapy script:
x=Ether(src=...,dst=...)/IP(dst='0.0.0.0',src='0.0.0.0',id=0)/('X'*1000)
frags=fragment(x, fragsize=500)
sendp(frags, iface=...)
To overcome that issue and reduce overhead of
'key invalidate' and 'key is empty' operations -
add key_len into keys comparision procedure.
Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly")
Reported-by: Ryan E Hall <ryan.e.hall at intel.com>
Reported-by: Alexander V Gutkin <alexander.v.gutkin at intel.com>
Signed-off-by: Konstantin Ananyev <konstantin.ananyev at intel.com>
---
lib/librte_ip_frag/ip_frag_common.h | 14 ++++----------
lib/librte_ip_frag/rte_ip_frag.h | 14 +++++++++++---
2 files changed, 15 insertions(+), 13 deletions(-)
diff --git a/lib/librte_ip_frag/ip_frag_common.h b/lib/librte_ip_frag/ip_frag_common.h
index ffba1b49b..5382a3e3f 100644
--- a/lib/librte_ip_frag/ip_frag_common.h
+++ b/lib/librte_ip_frag/ip_frag_common.h
@@ -81,20 +81,14 @@ struct rte_mbuf *ipv6_frag_reassemble(struct ip_frag_pkt *fp);
static inline int
ip_frag_key_is_empty(const struct ip_frag_key * key)
{
- uint32_t i;
- for (i = 0; i < RTE_MIN(key->key_len, RTE_DIM(key->src_dst)); i++)
- if (key->src_dst[i] != 0)
- return 0;
- return 1;
+ return (key->key_len == 0);
}
-/* empty the key */
+/* invalidate the key */
static inline void
ip_frag_key_invalidate(struct ip_frag_key * key)
{
- uint32_t i;
- for (i = 0; i < key->key_len; i++)
- key->src_dst[i] = 0;
+ key->key_len = 0;
}
/* compare two keys */
@@ -103,7 +97,7 @@ ip_frag_key_cmp(const struct ip_frag_key * k1, const struct ip_frag_key * k2)
{
uint32_t i;
uint64_t val;
- val = k1->id ^ k2->id;
+ val = k1->id_key_len ^ k2->id_key_len;
for (i = 0; i < k1->key_len; i++)
val |= k1->src_dst[i] ^ k2->src_dst[i];
return val;
diff --git a/lib/librte_ip_frag/rte_ip_frag.h b/lib/librte_ip_frag/rte_ip_frag.h
index 6708906d3..e13486ac7 100644
--- a/lib/librte_ip_frag/rte_ip_frag.h
+++ b/lib/librte_ip_frag/rte_ip_frag.h
@@ -72,9 +72,17 @@ struct ip_frag {
/** @internal <src addr, dst_addr, id> to uniquely indetify fragmented datagram. */
struct ip_frag_key {
- uint64_t src_dst[4]; /**< src address, first 8 bytes used for IPv4 */
- uint32_t id; /**< dst address */
- uint32_t key_len; /**< src/dst key length */
+ uint64_t src_dst[4];
+ /**< src and dst address, only first 8 bytes used for IPv4 */
+ RTE_STD_C11
+ union {
+ uint64_t id_key_len; /**< combined for easy fetch */
+ __extension__
+ struct {
+ uint32_t id; /**< packet id */
+ uint32_t key_len; /**< src/dst key length */
+ };
+ };
};
/**
--
2.19.1
---
Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- - 2018-11-08 17:59:30.250110095 +0000
+++ 0010-ip_frag-use-key-length-for-key-comparison.patch 2018-11-08 17:59:30.056751011 +0000
@@ -1,8 +1,10 @@
-From b8d5dfd4a5f006794d85f93fc97134460ffbdfdf Mon Sep 17 00:00:00 2001
+From bbf8160d6cd6e37e3089a8e3b9aafe16aa93ec39 Mon Sep 17 00:00:00 2001
From: Konstantin Ananyev <konstantin.ananyev at intel.com>
Date: Mon, 5 Nov 2018 12:18:58 +0000
Subject: [PATCH] ip_frag: use key length for key comparison
+[ upstream commit b8d5dfd4a5f006794d85f93fc97134460ffbdfdf ]
+
Right now reassembly code relies on src_dst[] being all zeroes to
determine is it free/occupied entry in the fragments table.
This is suboptimal and error prone - user can crash DPDK ip_reassembly
@@ -15,7 +17,6 @@
add key_len into keys comparision procedure.
Fixes: 4f1a8f633862 ("ip_frag: add IPv6 reassembly")
-Cc: stable at dpdk.org
Reported-by: Ryan E Hall <ryan.e.hall at intel.com>
Reported-by: Alexander V Gutkin <alexander.v.gutkin at intel.com>
@@ -26,10 +27,10 @@
2 files changed, 15 insertions(+), 13 deletions(-)
diff --git a/lib/librte_ip_frag/ip_frag_common.h b/lib/librte_ip_frag/ip_frag_common.h
-index 0f62e2e16..a17a74076 100644
+index ffba1b49b..5382a3e3f 100644
--- a/lib/librte_ip_frag/ip_frag_common.h
+++ b/lib/librte_ip_frag/ip_frag_common.h
-@@ -58,20 +58,14 @@ struct rte_mbuf *ipv6_frag_reassemble(struct ip_frag_pkt *fp);
+@@ -81,20 +81,14 @@ struct rte_mbuf *ipv6_frag_reassemble(struct ip_frag_pkt *fp);
static inline int
ip_frag_key_is_empty(const struct ip_frag_key * key)
{
@@ -53,7 +54,7 @@
}
/* compare two keys */
-@@ -80,7 +74,7 @@ ip_frag_key_cmp(const struct ip_frag_key * k1, const struct ip_frag_key * k2)
+@@ -103,7 +97,7 @@ ip_frag_key_cmp(const struct ip_frag_key * k1, const struct ip_frag_key * k2)
{
uint32_t i;
uint64_t val;
@@ -63,12 +64,12 @@
val |= k1->src_dst[i] ^ k2->src_dst[i];
return val;
diff --git a/lib/librte_ip_frag/rte_ip_frag.h b/lib/librte_ip_frag/rte_ip_frag.h
-index 7f425f610..a4ccaf9d1 100644
+index 6708906d3..e13486ac7 100644
--- a/lib/librte_ip_frag/rte_ip_frag.h
+++ b/lib/librte_ip_frag/rte_ip_frag.h
-@@ -44,9 +44,17 @@ struct ip_frag {
+@@ -72,9 +72,17 @@ struct ip_frag {
- /** @internal <src addr, dst_addr, id> to uniquely identify fragmented datagram. */
+ /** @internal <src addr, dst_addr, id> to uniquely indetify fragmented datagram. */
struct ip_frag_key {
- uint64_t src_dst[4]; /**< src address, first 8 bytes used for IPv4 */
- uint32_t id; /**< dst address */
More information about the stable
mailing list