openvswitch/conntrack-Fix-reverse_nat_packet-variable-datatype.patch

From e6aebc90210baa35d252486d998074e2365a4b26 Mon Sep 17 00:00:00 2001
From: Darrell Ball <dlu998@gmail.com>
Date: Fri, 30 Aug 2019 09:13:19 -0700
Subject: conntrack: Fix 'reverse_nat_packet()' variable datatype.

The datatype 'pad' in the function 'reverse_nat_packet()' was incorrectly
declared as 'char' instead of 'uint8_t'. This can affect reverse natting
of icmpX packets with padding > 127 bytes.  At the same time, add some
comments regarding 'extract_l3_ipvX' usage in this function.  Found by
inspection.

Fixes: edd1bef468c0 ("dpdk: Add more ICMP Related NAT support.")
Signed-off-by: Darrell Ball <dlu998@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
---
 lib/conntrack.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/conntrack.c b/lib/conntrack.c
index 0c917543c..b56ef06ac 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -688,7 +688,7 @@ static void
 reverse_nat_packet(struct dp_packet *pkt, const struct conn *conn)
 {
     char *tail = dp_packet_tail(pkt);
-    char pad = dp_packet_l2_pad_size(pkt);
+    uint8_t pad = dp_packet_l2_pad_size(pkt);
     struct conn_key inner_key;
     const char *inner_l4 = NULL;
     uint16_t orig_l3_ofs = pkt->l3_ofs;
@@ -698,6 +698,8 @@ reverse_nat_packet(struct dp_packet *pkt, const struct conn *conn)
         struct ip_header *nh = dp_packet_l3(pkt);
         struct icmp_header *icmp = dp_packet_l4(pkt);
         struct ip_header *inner_l3 = (struct ip_header *) (icmp + 1);
+        /* This call is already verified to succeed during the code path from
+         * 'conn_key_extract()' which calls 'extract_l4_icmp()'. */
         extract_l3_ipv4(&inner_key, inner_l3, tail - ((char *)inner_l3) - pad,
                         &inner_l4, false);
         pkt->l3_ofs += (char *) inner_l3 - (char *) nh;
@@ -719,6 +721,8 @@ reverse_nat_packet(struct dp_packet *pkt, const struct conn *conn)
         struct icmp6_error_header *icmp6 = dp_packet_l4(pkt);
         struct ovs_16aligned_ip6_hdr *inner_l3_6 =
             (struct ovs_16aligned_ip6_hdr *) (icmp6 + 1);
+        /* This call is already verified to succeed during the code path from
+         * 'conn_key_extract()' which calls 'extract_l4_icmp6()'. */
         extract_l3_ipv6(&inner_key, inner_l3_6,
                         tail - ((char *)inner_l3_6) - pad,
                         &inner_l4);
-- 
2.14.1
Add openvswitch-kmod package 2020-09-01 18:09:31 +08:00			`From e6aebc90210baa35d252486d998074e2365a4b26 Mon Sep 17 00:00:00 2001`
			`From: Darrell Ball <dlu998@gmail.com>`
			`Date: Fri, 30 Aug 2019 09:13:19 -0700`
			`Subject: conntrack: Fix 'reverse_nat_packet()' variable datatype.`

			`The datatype 'pad' in the function 'reverse_nat_packet()' was incorrectly`
			`declared as 'char' instead of 'uint8_t'. This can affect reverse natting`
			`of icmpX packets with padding > 127 bytes. At the same time, add some`
			`comments regarding 'extract_l3_ipvX' usage in this function. Found by`
			`inspection.`

			`Fixes: edd1bef468c0 ("dpdk: Add more ICMP Related NAT support.")`
			`Signed-off-by: Darrell Ball <dlu998@gmail.com>`
			`Signed-off-by: Ben Pfaff <blp@ovn.org>`
			`---`
			`lib/conntrack.c \| 6 +++++-`
			`1 file changed, 5 insertions(+), 1 deletion(-)`

			`diff --git a/lib/conntrack.c b/lib/conntrack.c`
			`index 0c917543c..b56ef06ac 100644`
			`--- a/lib/conntrack.c`
			`+++ b/lib/conntrack.c`
			`@@ -688,7 +688,7 @@ static void`
			`reverse_nat_packet(struct dp_packet pkt, const struct conn conn)`
			`{`
			`char *tail = dp_packet_tail(pkt);`
			`- char pad = dp_packet_l2_pad_size(pkt);`
			`+ uint8_t pad = dp_packet_l2_pad_size(pkt);`
			`struct conn_key inner_key;`
			`const char *inner_l4 = NULL;`
			`uint16_t orig_l3_ofs = pkt->l3_ofs;`
			`@@ -698,6 +698,8 @@ reverse_nat_packet(struct dp_packet pkt, const struct conn conn)`
			`struct ip_header *nh = dp_packet_l3(pkt);`
			`struct icmp_header *icmp = dp_packet_l4(pkt);`
			`struct ip_header inner_l3 = (struct ip_header ) (icmp + 1);`
			`+ /* This call is already verified to succeed during the code path from`
			`+ * 'conn_key_extract()' which calls 'extract_l4_icmp()'. */`
			`extract_l3_ipv4(&inner_key, inner_l3, tail - ((char *)inner_l3) - pad,`
			`&inner_l4, false);`
			`pkt->l3_ofs += (char ) inner_l3 - (char ) nh;`
			`@@ -719,6 +721,8 @@ reverse_nat_packet(struct dp_packet pkt, const struct conn conn)`
			`struct icmp6_error_header *icmp6 = dp_packet_l4(pkt);`
			`struct ovs_16aligned_ip6_hdr *inner_l3_6 =`
			`(struct ovs_16aligned_ip6_hdr *) (icmp6 + 1);`
			`+ /* This call is already verified to succeed during the code path from`
			`+ * 'conn_key_extract()' which calls 'extract_l4_icmp6()'. */`
			`extract_l3_ipv6(&inner_key, inner_l3_6,`
			`tail - ((char *)inner_l3_6) - pad,`
			`&inner_l4);`
			`--`
			`2.14.1`