From patchwork Thu Apr 16 19:54:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: William Tu X-Patchwork-Id: 1271874 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=O3Q3e7aB; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49391v06g8z9sP7 for ; Fri, 17 Apr 2020 05:55:29 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 3570285F2F; Thu, 16 Apr 2020 19:55:27 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h-3rH6wahGbV; Thu, 16 Apr 2020 19:55:25 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by fraxinus.osuosl.org (Postfix) with ESMTP id 7A2AC85EEF; Thu, 16 Apr 2020 19:55:25 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 5D7A9C089E; Thu, 16 Apr 2020 19:55:25 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 0E83CC0172 for ; Thu, 16 Apr 2020 19:55:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 0383187E8A for ; Thu, 16 Apr 2020 19:55:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l-UYTqu1lRvp for ; Thu, 16 Apr 2020 19:55:23 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-pj1-f67.google.com (mail-pj1-f67.google.com [209.85.216.67]) by hemlock.osuosl.org (Postfix) with ESMTPS id 7978387E76 for ; Thu, 16 Apr 2020 19:55:23 +0000 (UTC) Received: by mail-pj1-f67.google.com with SMTP id ms17so17753pjb.0 for ; Thu, 16 Apr 2020 12:55:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=CPvf94m5qXC0WfkpBHyQIxLJ+WNcCaW8dQA8rj3nyD4=; b=O3Q3e7aBObzcF+QKKhvA2z6Qdt7Ge4Doy19N0yIsBdTHogZ/UPcmNYoMn2SntjE5YE duIZp+8sQ31OWhd/pZHIXDs2lMWm4CyRBefwamCOh+eH2Ht7UV+fXGd6Nh1cr/s6hVrS EooSG2GrTylzlhZR2SpoWAn4x415QjteaZSpONiX1GkWsw7wcED+9Cwp94hi2PDOcMIe R4phFy8SKdOX7yXGC/9DmmR6u0uYIj5s6XHT3KZTBgZ5CIsGAs0qnTFSSDKyW9v8ub8t NYcfhVghzNjFZwDlzJZnQ4aa6zAUpEaG+UJM3ZIL8UoiQH1jgH5GVXskslT0CVZ/Js5x 8n6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=CPvf94m5qXC0WfkpBHyQIxLJ+WNcCaW8dQA8rj3nyD4=; b=RQzkw5wv5Ul3dHRwDjk7Ez+mgmZZoz10UupGVG7PtlRiDzr5oMgSu+mb10W46ERlzQ /vzoqs0h3oNXBja5ZW2eXD6I5byou7ixEUJAqstjLo+c41fnQXOuviN4PVxtpGy2J8J7 pyWW7SaqjbuD3V9RX+J1YmbbCD890MLqxvtPE1yt1/+w83wmhznmfTfC2S7oAWwLf3C9 eessogYcWOlCTCsxq1yKqfGuhv7AjQoTUAV1Lc0iSBFQsqG4E0fGi9qnxZfvvXgKh88N RMQkRvR2gKCFTw/SlOuBSQjhSdIfwHQsTE1ogEKApZGOjLmDvRf9X4wHB4XQRmR6FFLw 675w== X-Gm-Message-State: AGi0PuYyKAOcDk32Ac7sXKdjphloT5aeKr2uY+Li7J8BSRv/P5amOaIb Bo3ZJgSYOD8tnAYjle0sTbnH7M8X X-Google-Smtp-Source: APiQypLAE5JrtOuNFCVwTDLbRUI9Nkx1FtvsLwGoBtuxTroVr/S3hXoL7MiODQkFu+FPsjRmVwflnA== X-Received: by 2002:a17:90a:5217:: with SMTP id v23mr6933715pjh.127.1587066922713; Thu, 16 Apr 2020 12:55:22 -0700 (PDT) Received: from sc9-mailhost3.vmware.com (c-76-21-95-192.hsd1.ca.comcast.net. [76.21.95.192]) by smtp.gmail.com with ESMTPSA id q145sm3111851pfq.105.2020.04.16.12.55.21 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 16 Apr 2020 12:55:21 -0700 (PDT) From: William Tu To: dev@openvswitch.org Date: Thu, 16 Apr 2020 12:54:53 -0700 Message-Id: <1587066893-108405-1-git-send-email-u9012063@gmail.com> X-Mailer: git-send-email 2.7.4 Subject: [ovs-dev] [PATCHv2] conntrack: Add coverage count for l4csum error. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Add a coverage counter when userspace conntrack receives a packet with invalid l4 checksum. When using veth for testing, users often forget to turn off the tx offload on the other side of the namespace, causing l4 checksum not calculated in packet header, and at conntrack, return invalid conntrack state. Suggested-by: Yi-Hung Wei Signed-off-by: William Tu Acked-by: Yi-Hung Wei --- v2: add also icmp csum error --- lib/conntrack.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/conntrack.c b/lib/conntrack.c index 0cbc8f6d2b25..95d48c5eecae 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -44,6 +44,7 @@ VLOG_DEFINE_THIS_MODULE(conntrack); COVERAGE_DEFINE(conntrack_full); COVERAGE_DEFINE(conntrack_long_cleanup); +COVERAGE_DEFINE(conntrack_l4csum_err); struct conn_lookup_ctx { struct conn_key key; @@ -1661,6 +1662,7 @@ checksum_valid(const struct conn_key *key, const void *data, size_t size, } else if (key->dl_type == htons(ETH_TYPE_IPV6)) { return packet_csum_upperlayer6(l3, data, key->nw_proto, size) == 0; } else { + COVERAGE_INC(conntrack_l4csum_err); return false; } } @@ -1704,7 +1706,12 @@ check_l4_udp(const struct conn_key *key, const void *data, size_t size, static inline bool check_l4_icmp(const void *data, size_t size, bool validate_checksum) { - return validate_checksum ? csum(data, size) == 0 : true; + if (validate_checksum && csum(data, size) != 0) { + COVERAGE_INC(conntrack_l4csum_err); + return false; + } else { + return true; + } } static inline bool