summaryrefslogtreecommitdiff
path: root/examples
diff options
context:
space:
mode:
authorKonstantin Ananyev <konstantin.ananyev@intel.com>2019-06-26 00:16:46 +0100
committerAkhil Goyal <akhil.goyal@nxp.com>2019-07-05 15:28:14 +0200
commita135e050ad5b6d20fa18e6e18dcc86443be6cc30 (patch)
tree9ea377deb4aed3886d11475e62f75acb09337002 /examples
parentb1a3ac782d6020e6877e97a067613bbb2b8564b1 (diff)
downloaddpdk-a135e050ad5b6d20fa18e6e18dcc86443be6cc30.zip
dpdk-a135e050ad5b6d20fa18e6e18dcc86443be6cc30.tar.gz
dpdk-a135e050ad5b6d20fa18e6e18dcc86443be6cc30.tar.xz
examples/ipsec-secgw: fix packet length
for packets smaller then 64B some NICs reports pkt_len=64B. As ipsec-secgw (and librte_ipsec) relies on pkt_len value to determine payload length, that causes problems for small packets. To fix the issue, check that pkt_len matches values in IPv4/IPv6 header and re-adjust pkt_len if necessary. Fixes: 906257e965b7 ("examples/ipsec-secgw: support IPv6") Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application") Cc: stable@dpdk.org Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Diffstat (limited to 'examples')
-rw-r--r--examples/ipsec-secgw/ipsec-secgw.c57
1 files changed, 43 insertions, 14 deletions
diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index 3911e6a..33c4389 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -231,33 +231,64 @@ static struct rte_eth_conf port_conf = {
static struct socket_ctx socket_ctx[NB_SOCKETS];
static inline void
+adjust_ipv4_pktlen(struct rte_mbuf *m, const struct rte_ipv4_hdr *iph,
+ uint32_t l2_len)
+{
+ uint32_t plen, trim;
+
+ plen = rte_be_to_cpu_16(iph->total_length) + l2_len;
+ if (plen < m->pkt_len) {
+ trim = m->pkt_len - plen;
+ rte_pktmbuf_trim(m, trim);
+ }
+}
+
+static inline void
+adjust_ipv6_pktlen(struct rte_mbuf *m, const struct rte_ipv6_hdr *iph,
+ uint32_t l2_len)
+{
+ uint32_t plen, trim;
+
+ plen = rte_be_to_cpu_16(iph->payload_len) + sizeof(*iph) + l2_len;
+ if (plen < m->pkt_len) {
+ trim = m->pkt_len - plen;
+ rte_pktmbuf_trim(m, trim);
+ }
+}
+
+static inline void
prepare_one_packet(struct rte_mbuf *pkt, struct ipsec_traffic *t)
{
- uint8_t *nlp;
- struct rte_ether_hdr *eth;
+ const struct rte_ether_hdr *eth;
+ const struct rte_ipv4_hdr *iph4;
+ const struct rte_ipv6_hdr *iph6;
- eth = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *);
+ eth = rte_pktmbuf_mtod(pkt, const struct rte_ether_hdr *);
if (eth->ether_type == rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV4)) {
- nlp = (uint8_t *)rte_pktmbuf_adj(pkt, RTE_ETHER_HDR_LEN);
- nlp = RTE_PTR_ADD(nlp, offsetof(struct ip, ip_p));
- if (*nlp == IPPROTO_ESP)
+
+ iph4 = (const struct rte_ipv4_hdr *)rte_pktmbuf_adj(pkt,
+ RTE_ETHER_HDR_LEN);
+ adjust_ipv4_pktlen(pkt, iph4, 0);
+
+ if (iph4->next_proto_id == IPPROTO_ESP)
t->ipsec.pkts[(t->ipsec.num)++] = pkt;
else {
- t->ip4.data[t->ip4.num] = nlp;
+ t->ip4.data[t->ip4.num] = &iph4->next_proto_id;
t->ip4.pkts[(t->ip4.num)++] = pkt;
}
pkt->l2_len = 0;
- pkt->l3_len = sizeof(struct ip);
+ pkt->l3_len = sizeof(*iph4);
} else if (eth->ether_type == rte_cpu_to_be_16(RTE_ETHER_TYPE_IPV6)) {
int next_proto;
size_t l3len, ext_len;
- struct rte_ipv6_hdr *v6h;
uint8_t *p;
/* get protocol type */
- v6h = (struct rte_ipv6_hdr *)rte_pktmbuf_adj(pkt,
+ iph6 = (const struct rte_ipv6_hdr *)rte_pktmbuf_adj(pkt,
RTE_ETHER_HDR_LEN);
- next_proto = v6h->proto;
+ adjust_ipv6_pktlen(pkt, iph6, 0);
+
+ next_proto = iph6->proto;
/* determine l3 header size up to ESP extension */
l3len = sizeof(struct ip6_hdr);
@@ -276,9 +307,7 @@ prepare_one_packet(struct rte_mbuf *pkt, struct ipsec_traffic *t)
if (next_proto == IPPROTO_ESP)
t->ipsec.pkts[(t->ipsec.num)++] = pkt;
else {
- t->ip6.data[t->ip6.num] = rte_pktmbuf_mtod_offset(pkt,
- uint8_t *,
- offsetof(struct rte_ipv6_hdr, proto));
+ t->ip6.data[t->ip6.num] = &iph6->proto;
t->ip6.pkts[(t->ip6.num)++] = pkt;
}
pkt->l2_len = 0;