[ovs-dev] [PATCH 7/7] datapath: Add support for Geneve tunneling.

Pravin Shelar pshelar at nicira.com
Thu Jun 19 23:53:21 UTC 2014


On Thu, Jun 19, 2014 at 4:47 PM, Jesse Gross <jesse at nicira.com> wrote:
> On Thu, Jun 19, 2014 at 4:30 PM, Pravin Shelar <pshelar at nicira.com> wrote:
>> On Thu, Jun 19, 2014 at 4:07 PM, Jesse Gross <jesse at nicira.com> wrote:
>>> On Thu, Jun 19, 2014 at 1:33 PM, Pravin Shelar <pshelar at nicira.com> wrote:
>>>>> diff --git a/datapath/flow.c b/datapath/flow.c
>>>>> index f1bb95d..7b108ed 100644
>>>>> --- a/datapath/flow.c
>>>>> +++ b/datapath/flow.c
>>>>> @@ -455,6 +455,13 @@ int ovs_flow_extract(struct sk_buff *skb, u16 in_port, struct sw_flow_key *key)
>>>>>                 struct ovs_tunnel_info *tun_info = OVS_CB(skb)->tun_info;
>>>>>                 memcpy(&key->tun_key, &tun_info->tunnel,
>>>>>                         sizeof(key->tun_key));
>>>>> +               if (tun_info->options) {
>>>>> +                       memcpy(GENEVE_OPTS(key, tun_info->options_len),
>>>>> +                               tun_info->options, tun_info->options_len);
>>>> Need to check options_len before copying data from packet.
>>>
>>> I think we should be OK here since we already checked it in
>>> geneve_rcv() when we populated tun_info. Is there anything else that
>>> we need to check?
>>>
>> I am not sure where is opts_len checked if it is less than key->tun_opts[] size.
>
> Oh, I see you meant the destination instead of the source.
>
> It's implicitly limited by the fact that the length is a u8 and the
> array size is 255. We could add a length check in anyways as a sanity
> check or maybe do a build assert.

right, I think it is fine as it is.



More information about the dev mailing list