From: Jason Wang <jasowang@redhat.com>
To: peter.maydell@linaro.org
Cc: Thomas Jansen <mithi@mithi.net>, Jason Wang <jasowang@redhat.com>,
qemu-devel@nongnu.org
Subject: [PULL 8/8] net/eth: Don't consider ESP to be an IPv6 option header
Date: Mon, 14 Feb 2022 11:59:57 +0800 [thread overview]
Message-ID: <20220214035957.71339-9-jasowang@redhat.com> (raw)
In-Reply-To: <20220214035957.71339-1-jasowang@redhat.com>
From: Thomas Jansen <mithi@mithi.net>
The IPv6 option headers all have in common that they start with some
common fields, in particular the type of the next header followed by the
extention header length. This is used to traverse the list of the
options. The ESP header does not follow that format, which can break the
IPv6 option header traversal code in eth_parse_ipv6_hdr().
The effect of that is that network interfaces such as vmxnet3 that use
the following call chain
eth_is_ip6_extension_header_type
eth_parse_ipv6_hdr
net_tx_pkt_parse_headers
net_tx_pkt_parse
vmxnet3_process_tx_queue
to send packets from the VM out to the host will drop packets of the
following structure:
Ethernet-Header(IPv6-Header(ESP(encrypted data)))
Note that not all types of network interfaces use the net_tx_pkt_parse
function though, leading to inconsistent behavior regarding sending
those packets. The e1000 network interface for example does not suffer
from this limitation.
By not considering ESP to be an IPv6 header we can allow sending those
packets out to the host on all types of network interfaces.
Fixes: 75020a702151 ("Common definitions for VMWARE devices")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/149
Buglink: https://bugs.launchpad.net/qemu/+bug/1758091
Signed-off-by: Thomas Jansen <mithi@mithi.net>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
net/eth.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/net/eth.c b/net/eth.c
index fe876d1..f074b2f 100644
--- a/net/eth.c
+++ b/net/eth.c
@@ -389,7 +389,6 @@ eth_is_ip6_extension_header_type(uint8_t hdr_type)
case IP6_HOP_BY_HOP:
case IP6_ROUTING:
case IP6_FRAGMENT:
- case IP6_ESP:
case IP6_AUTHENTICATION:
case IP6_DESTINATON:
case IP6_MOBILITY:
--
2.7.4
next prev parent reply other threads:[~2022-02-14 4:06 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-14 3:59 [PULL 0/8] Net patches Jason Wang
2022-02-14 3:59 ` [PULL 1/8] hw/net/vmxnet3: Log guest-triggerable errors using LOG_GUEST_ERROR Jason Wang
2022-02-14 3:59 ` [PULL 2/8] net/tap: Set return code on failure Jason Wang
2022-02-14 3:59 ` [PULL 3/8] net: Fix uninitialized data usage Jason Wang
2022-02-14 3:59 ` [PULL 4/8] net/colo-compare.c: Optimize compare order for performance Jason Wang
2022-02-14 3:59 ` [PULL 5/8] net/colo-compare.c: Update the default value comments Jason Wang
2022-02-14 3:59 ` [PULL 6/8] net/filter: Optimize filter_send to coroutine Jason Wang
2022-02-14 3:59 ` [PULL 7/8] hw/net: e1000e: Clear ICR on read when using non MSI-X interrupts Jason Wang
2022-02-14 3:59 ` Jason Wang [this message]
2022-02-15 13:51 ` [PULL 0/8] Net patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220214035957.71339-9-jasowang@redhat.com \
--to=jasowang@redhat.com \
--cc=mithi@mithi.net \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).