[ovs-dev] [PATCH ovn] IPv6 PD: time parameter checks

Numan Siddique numans at ovn.org
Mon Apr 27 10:33:13 UTC 2020 

On Thu, Apr 23, 2020 at 9:55 PM Lorenzo Bianconi
<lorenzo.bianconi at redhat.com> wrote:
>
> RFC3633 imposes the following constraints for IPv6 pd time parameters:
>
> Identity Association for Prefix Delegation Option:
> --------------------------------------------------
> t1 must not be greater than t2 if both of them are greater than 0
>
> IA_PD Prefix option:
> --------------------
> preferred lifetime must not be greater than valid lifetime
>
> Add checks for previous constraints in ovn implementation
>
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>

Thanks Lorenzo. I applied this patch to master.

Numan

> ---
>  controller/pinctrl.c | 19 ++++++++++++++++++-
>  1 file changed, 18 insertions(+), 1 deletion(-)
>
> diff --git a/controller/pinctrl.c b/controller/pinctrl.c
> index 8592d4e3f..7ac487f05 100644
> --- a/controller/pinctrl.c
> +++ b/controller/pinctrl.c
> @@ -653,6 +653,11 @@ pinctrl_parse_dhcpv6_advt(struct rconn *swconn, const struct flow *ip_flow,
>          case DHCPV6_OPT_IA_PD: {
>              struct dhcpv6_opt_ia_na *ia_na = (struct dhcpv6_opt_ia_na *)in_opt;
>              int orig_len = len, hdr_len = 0, size = sizeof *in_opt + 12;
> +            uint32_t t1 = ntohl(ia_na->t1), t2 = ntohl(ia_na->t2);
> +
> +            if (t1 > t2 && t2 > 0) {
> +                goto out;
> +            }
>
>              aid = ntohl(ia_na->iaid);
>              memcpy(&data[len], in_opt, size);
> @@ -667,6 +672,15 @@ pinctrl_parse_dhcpv6_advt(struct rconn *swconn, const struct flow *ip_flow,
>                  }
>
>                  if (ntohs(in_opt->code) == DHCPV6_OPT_IA_PREFIX) {
> +                    struct dhcpv6_opt_ia_prefix *ia_hdr =
> +                        (struct dhcpv6_opt_ia_prefix *)in_opt;
> +                    uint32_t plife_time = ntohl(ia_hdr->plife_time);
> +                    uint32_t vlife_time = ntohl(ia_hdr->vlife_time);
> +
> +                    if (plife_time > vlife_time) {
> +                        goto out;
> +                    }
> +
>                      memcpy(&data[len], in_opt, flen);
>                      hdr_len += flen;
>                      len += flen;
> @@ -831,9 +845,12 @@ pinctrl_parse_dhcpv6_reply(struct dp_packet *pkt_in,
>                      struct dhcpv6_opt_ia_prefix *ia_hdr =
>                          (struct dhcpv6_opt_ia_prefix *)(in_dhcpv6_data + size);
>
> -                    prefix_len = ia_hdr->plen;
>                      plife_time = ntohl(ia_hdr->plife_time);
>                      vlife_time = ntohl(ia_hdr->vlife_time);
> +                    if (plife_time > vlife_time) {
> +                        break;
> +                    }
> +                    prefix_len = ia_hdr->plen;
>                      memcpy(&ipv6, &ia_hdr->ipv6, sizeof (struct in6_addr));
>                  }
>                  if (ntohs(in_opt->code) == DHCPV6_OPT_STATUS_CODE) {
> --
> 2.25.3
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>

More information about the dev mailing list