[v1] gro: bug fix in identifying 0 length tcp packets

  As the minimum Ethernet frame size is 64 bytes, a 0 length
tcp payload without tcp options would be 54 bytes and hence
there would be padding. So it would be incorrect to use the
packet length to determine the tcp data length.

Fixes: 1e4cf4d6d4fb ("gro: cleanup")
Cc: stable@dpdk.org

Signed-off-by: Kumara Parameshwaran <kparameshwar@vmware.com>
---
v1:
	Do not use packet length to determine the tcp data length as 
	the packet length could have padded bytes. This would lead 
	to addition of 0 length tcp packets into the GRO layer when 
	there ethernet fram is padded.
 lib/gro/gro_tcp4.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)
  

> From: Kumara Parameshwaran [mailto:kumaraparamesh92@gmail.com]
> Sent: Sunday, 3 April 2022 13.51
> 
> As the minimum Ethernet frame size is 64 bytes, a 0 length
> tcp payload without tcp options would be 54 bytes and hence
> there would be padding. So it would be incorrect to use the
> packet length to determine the tcp data length.
> 
> Fixes: 1e4cf4d6d4fb ("gro: cleanup")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Kumara Parameshwaran <kparameshwar@vmware.com>
> ---
> v1:
> 	Do not use packet length to determine the tcp data length as
> 	the packet length could have padded bytes. This would lead
> 	to addition of 0 length tcp packets into the GRO layer when
> 	there ethernet fram is padded.
>  lib/gro/gro_tcp4.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/lib/gro/gro_tcp4.c b/lib/gro/gro_tcp4.c
> index 7498c66..45e3f48 100644
> --- a/lib/gro/gro_tcp4.c
> +++ b/lib/gro/gro_tcp4.c
> @@ -198,7 +198,7 @@ gro_tcp4_reassemble(struct rte_mbuf *pkt,
>  	struct rte_tcp_hdr *tcp_hdr;
>  	uint32_t sent_seq;
>  	int32_t tcp_dl;
> -	uint16_t ip_id, hdr_len, frag_off;
> +	uint16_t ip_id, frag_off;
>  	uint8_t is_atomic;
> 
>  	struct tcp4_flow_key key;
> @@ -217,7 +217,6 @@ gro_tcp4_reassemble(struct rte_mbuf *pkt,
>  	eth_hdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *);
>  	ipv4_hdr = (struct rte_ipv4_hdr *)((char *)eth_hdr + pkt-
> >l2_len);
>  	tcp_hdr = (struct rte_tcp_hdr *)((char *)ipv4_hdr + pkt->l3_len);
> -	hdr_len = pkt->l2_len + pkt->l3_len + pkt->l4_len;
> 
>  	/*
>  	 * Don't process the packet which has FIN, SYN, RST, PSH, URG,
> ECE
> @@ -229,7 +228,7 @@ gro_tcp4_reassemble(struct rte_mbuf *pkt,
>  	 * Don't process the packet whose payload length is less than or
>  	 * equal to 0.
>  	 */
> -	tcp_dl = pkt->pkt_len - hdr_len;
> +	tcp_dl = rte_be_to_cpu_16(ipv4_hdr->total_length) - (pkt->l3_len
> + pkt->l4_len);
>  	if (tcp_dl <= 0)
>  		return -1;
> 
> --
> 2.7.4
> 

Please confirm that this does not introduce a buffer overrun regarding malformed packets, e.g. a small packet with ipv4_hdr->total_length set to 65000.

I haven't looked at the patch in context, so my concern may be irrelevant.

-Morten
  

Hi Jiayu,
Can you please  suggest if the patch can be used ? When timestamps are
disabled we would unnecessarily indulge pure TCP ack packets in the GRO
layer. Or can we have a fix where if the TCP timestamp option is not
present in the packet, do not process the packet, return immediately ?

Thanks,
Param

On Mon, Apr 25, 2022 at 11:36 PM kumaraparameshwaran rathinavel <
kumaraparamesh92@gmail.com> wrote:

> Hi,
>
> I would like you to review this patch and let me know what you think of
> it.
>
> Thanks,
> Kumara.
>
> ---------- Forwarded message ---------
> From: Kumara Parameshwaran <kumaraparamesh92@gmail.com>
> Date: Sun, Apr 3, 2022 at 5:20 PM
> Subject: [PATCH v1] gro: bug fix in identifying 0 length tcp packets
> To: <jiayu.hu@intel.com>
> Cc: <dev@dpdk.org>, Kumara Parameshwaran <kumaraparamesh92@gmail.com>, <
> stable@dpdk.org>, Kumara Parameshwaran <kparameshwar@vmware.com>
>
>
> As the minimum Ethernet frame size is 64 bytes, a 0 length
> tcp payload without tcp options would be 54 bytes and hence
> there would be padding. So it would be incorrect to use the
> packet length to determine the tcp data length.
>
> Fixes: 1e4cf4d6d4fb ("gro: cleanup")
> Cc: stable@dpdk.org
>
> Signed-off-by: Kumara Parameshwaran <kparameshwar@vmware.com>
> ---
> v1:
>         Do not use packet length to determine the tcp data length as
>         the packet length could have padded bytes. This would lead
>         to addition of 0 length tcp packets into the GRO layer when
>         there ethernet fram is padded.
>  lib/gro/gro_tcp4.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/lib/gro/gro_tcp4.c b/lib/gro/gro_tcp4.c
> index 7498c66..45e3f48 100644
> --- a/lib/gro/gro_tcp4.c
> +++ b/lib/gro/gro_tcp4.c
> @@ -198,7 +198,7 @@ gro_tcp4_reassemble(struct rte_mbuf *pkt,
>         struct rte_tcp_hdr *tcp_hdr;
>         uint32_t sent_seq;
>         int32_t tcp_dl;
> -       uint16_t ip_id, hdr_len, frag_off;
> +       uint16_t ip_id, frag_off;
>         uint8_t is_atomic;
>
>         struct tcp4_flow_key key;
> @@ -217,7 +217,6 @@ gro_tcp4_reassemble(struct rte_mbuf *pkt,
>         eth_hdr = rte_pktmbuf_mtod(pkt, struct rte_ether_hdr *);
>         ipv4_hdr = (struct rte_ipv4_hdr *)((char *)eth_hdr + pkt->l2_len);
>         tcp_hdr = (struct rte_tcp_hdr *)((char *)ipv4_hdr + pkt->l3_len);
> -       hdr_len = pkt->l2_len + pkt->l3_len + pkt->l4_len;
>
>         /*
>          * Don't process the packet which has FIN, SYN, RST, PSH, URG, ECE
> @@ -229,7 +228,7 @@ gro_tcp4_reassemble(struct rte_mbuf *pkt,
>          * Don't process the packet whose payload length is less than or
>          * equal to 0.
>          */
> -       tcp_dl = pkt->pkt_len - hdr_len;
> +       tcp_dl = rte_be_to_cpu_16(ipv4_hdr->total_length) - (pkt->l3_len +
> pkt->l4_len);
>         if (tcp_dl <= 0)
>                 return -1;
>
> --
> 2.7.4
>
>