[PATCH net-next 1/4] ipv6: Resolve comment that EH processing order is being violated

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Tom Herbert <tom@herbertland.com>
To: davem@davemloft.net, netdev@vger.kernel.org
Cc: Tom Herbert <tom@quantonium.net>
Subject: [PATCH net-next 1/4] ipv6: Resolve comment that EH processing order is being violated
Date: Sun, 26 May 2019 14:15:03 -0700	[thread overview]
Message-ID: <1558905306-2968-2-git-send-email-tom@quantonium.net> (raw)
In-Reply-To: <1558905306-2968-1-git-send-email-tom@quantonium.net>

ipv6_skip_exthdr is preambled with a comment indicating that the
function necessarily violates the extension header processing order
requirements of RFC2460 in order to fulfill requirements of ICMPv6
processing. This patch revises the comment to indicate that the
function is conformant with RFC8200 (which obsoletes RFC2460) on
the basis that later headers are only being parsed and not actually
processed.

Signed-off-by: Tom Herbert <tom@quantonium.net>
---
 net/ipv6/exthdrs_core.c | 23 +++++++----------------
 1 file changed, 7 insertions(+), 16 deletions(-)

diff --git a/net/ipv6/exthdrs_core.c b/net/ipv6/exthdrs_core.c
index 11a43ee..aa025e5 100644
--- a/net/ipv6/exthdrs_core.c
+++ b/net/ipv6/exthdrs_core.c
@@ -27,22 +27,13 @@ EXPORT_SYMBOL(ipv6_ext_hdr);
 /*
  * Skip any extension headers. This is used by the ICMP module.
  *
- * Note that strictly speaking this conflicts with RFC 2460 4.0:
- * ...The contents and semantics of each extension header determine whether
- * or not to proceed to the next header.  Therefore, extension headers must
- * be processed strictly in the order they appear in the packet; a
- * receiver must not, for example, scan through a packet looking for a
- * particular kind of extension header and process that header prior to
- * processing all preceding ones.
- *
- * We do exactly this. This is a protocol bug. We can't decide after a
- * seeing an unknown discard-with-error flavour TLV option if it's a
- * ICMP error message or not (errors should never be send in reply to
- * ICMP error messages).
- *
- * But I see no other way to do this. This might need to be reexamined
- * when Linux implements ESP (and maybe AUTH) headers.
- * --AK
+ * Note that Section 4, RFC8200 specifies "extension headers must be processed
+ * strictly in the order they appear in the packet". This function does skip
+ * over extension headers, however it is only for the purpose of extracting
+ * information about deeper header layers in the packet. Specified protocol
+ * processing is not being doing for scanned headers, hence extension headers
+ * are only being parsed but not processed out of order. Therefore, this
+ * function is conformant with RFC8200.
  *
  * This function parses (probably truncated) exthdr set "hdr".
  * "nexthdrp" initially points to some place,
-- 
2.7.4

next prev parent reply	other threads:[~2019-05-26 21:15 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-26 21:15 [PATCH net-next 0/4] ipv6: Update RFC references and implement ICMP errors for limits Tom Herbert
2019-05-26 21:15 ` Tom Herbert [this message]
2019-05-26 21:15 ` [PATCH net-next 2/4] ipv6: Update references from RFC2460 to RFC8200 Tom Herbert
2019-05-26 21:15 ` [PATCH net-next 3/4] ipv6: Reference RFC8504 for limits in padding and EH Tom Herbert
2019-05-26 21:15 ` [PATCH net-next 4/4] ipv6: Send ICMP errors for exceeding extension header limits Tom Herbert
2019-05-28 17:54 ` [PATCH net-next 0/4] ipv6: Update RFC references and implement ICMP errors for limits David Miller

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:11a43ee dfblob:aa025e5 )
 OR (
bs:"[PATCH net-next 1/4] ipv6: Resolve comment that EH processing order is being violated" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1558905306-2968-2-git-send-email-tom@quantonium.net \
    --to=tom@herbertland.com \
    --cc=davem@davemloft.net \
    --cc=netdev@vger.kernel.org \
    --cc=tom@quantonium.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).