[ovs-dev] ipf.c: Fix userspace datapath crash caused by IP fragments
王亮 Liang Wang
wangliangrt at didiglobal.com
Mon Apr 12 10:32:00 UTC 2021
From d5c454bc9c68a6b2b40a2301a21f7337d6086d4c Mon Sep 17 00:00:00 2001
From: Wang Liang <wangliangrt at didiglobal.com>
Date: Mon, 12 Apr 2021 18:24:21 +0800
Subject: [PATCH] Fix userspace datapath crash caused by IP fragments
The ovs userspace datapath will crash on openflow packet-out message
with IP packet largger than MTU. This patch will fix the problem.
When pre-processing IP fragments, clone the packet if it has 'dnsteal' flag set.
Signed-off-by: Wang Liang <wangliangrt at didiglobal.com>
---
lib/ipf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/ipf.c b/lib/ipf.c
index c20bcc0b3..43f81706c 100644
--- a/lib/ipf.c
+++ b/lib/ipf.c
@@ -811,7 +811,7 @@ ipf_process_frag(struct ipf *ipf, struct ipf_list *ipf_list,
* recommend not setting the mempool number of buffers too low
* and also clamp the number of fragments. */
struct ipf_frag *frag = &ipf_list->frag_list[last_inuse_idx + 1];
- frag->pkt = pkt;
+ frag->pkt = dnsteal ? dp_packet_clone(pkt) : pkt;
frag->start_data_byte = start_data_byte;
frag->end_data_byte = end_data_byte;
frag->dnsteal = dnsteal;
--
2.27.0
More information about the dev
mailing list