[ovs-dev] [PATCH] conntrack: increment coverage counter for all bad checksum cases

Paolo Valerio pvalerio at redhat.com
Sun Mar 7 23:24:40 UTC 2021


conntrack_l4csum_err gets incremented only when corrupted icmp
pass through conntrack.
Increase it for the remaining bad checksum cases including when
checksum is offloaded.

Signed-off-by: Paolo Valerio <pvalerio at redhat.com>
---
 lib/conntrack.c |   15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/lib/conntrack.c b/lib/conntrack.c
index 99198a601..30277f6fd 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -1669,15 +1669,22 @@ static inline bool
 checksum_valid(const struct conn_key *key, const void *data, size_t size,
                const void *l3)
 {
+    bool valid;
+
     if (key->dl_type == htons(ETH_TYPE_IP)) {
         uint32_t csum = packet_csum_pseudoheader(l3);
-        return csum_finish(csum_continue(csum, data, size)) == 0;
+        valid = (csum_finish(csum_continue(csum, data, size)) == 0);
     } else if (key->dl_type == htons(ETH_TYPE_IPV6)) {
-        return packet_csum_upperlayer6(l3, data, key->nw_proto, size) == 0;
+        valid = (packet_csum_upperlayer6(l3, data, key->nw_proto, size) == 0);
     } else {
+        valid = false;
+    }
+
+    if (!valid) {
         COVERAGE_INC(conntrack_l4csum_err);
-        return false;
     }
+
+    return valid;
 }
 
 static inline bool
@@ -2076,6 +2083,8 @@ conn_key_extract(struct conntrack *ct, struct dp_packet *pkt, ovs_be16 dl_type,
                 ctx->hash = conn_key_hash(&ctx->key, ct->hash_basis);
                 return true;
             }
+        } else {
+            COVERAGE_INC(conntrack_l4csum_err);
         }
     }
 



More information about the dev mailing list