else
{
pool_get (rt->pool, reass);
- memset (reass, 0, sizeof (*reass));
+ clib_memset (reass, 0, sizeof (*reass));
reass->id =
((u64) os_get_thread_index () * 1000000000) + rt->id_counter;
++rt->id_counter;
ip->flags_and_fragment_offset = 0;
ip->length = clib_host_to_net_u16 (first_b->current_length + total_length);
ip->checksum = ip4_header_checksum (ip);
+ u32 before = vec_len (*vec_drop_compress);
vlib_buffer_chain_compress (vm, first_b, vec_drop_compress);
+ rt->buffers_n += vec_len (*vec_drop_compress) - before;
+
if (PREDICT_FALSE (first_b->flags & VLIB_BUFFER_IS_TRACED))
{
ip4_reass_add_trace (vm, node, rm, reass, reass->first_bi, FINALIZE, 0);
ASSERT (fb->current_length >= sizeof (*fip));
vnet_buffer_opaque_t *fvnb = vnet_buffer (fb);
reass->next_index = fvnb->ip.reass.next_index; // store next_index before it's overwritten
- u32 fragment_first = fvnb->ip.reass.fragment_first =
- ip4_get_fragment_offset_bytes (fip);
- u32 fragment_length =
+ const u32 fragment_first = ip4_get_fragment_offset_bytes (fip);
+ const u32 fragment_length =
clib_net_to_host_u16 (fip->length) - ip4_header_bytes (fip);
- u32 fragment_last = fvnb->ip.reass.fragment_last =
- fragment_first + fragment_length - 1;
+ const u32 fragment_last = fragment_first + fragment_length - 1;
+ fvnb->ip.reass.fragment_first = fragment_first;
+ fvnb->ip.reass.fragment_last = fragment_last;
int more_fragments = ip4_get_fragment_more (fip);
u32 candidate_range_bi = reass->first_bi;
u32 prev_range_bi = ~0;
}
else
{
- ip4_reass_key_t k;
- k.as_u64[0] =
- (u64) vnet_buffer (b0)->sw_if_index[VLIB_RX] << 32 | (u64)
- ip0->src_address.as_u32;
- k.as_u64[1] =
- (u64) ip0->dst_address.
- as_u32 << 32 | (u64) ip0->fragment_id << 16 | (u64) ip0->
- protocol << 8;
-
- ip4_reass_t *reass =
- ip4_reass_find_or_create (vm, rm, rt, &k, &vec_drop_timeout);
-
- if (reass)
+ const u32 fragment_first = ip4_get_fragment_offset_bytes (ip0);
+ const u32 fragment_length =
+ clib_net_to_host_u16 (ip0->length) - ip4_header_bytes (ip0);
+ const u32 fragment_last = fragment_first + fragment_length - 1;
+ if (fragment_first > fragment_last || fragment_first + fragment_length > UINT16_MAX - 20 || (fragment_length < 8 && ip4_get_fragment_more (ip0))) // 8 is minimum frag length per RFC 791
{
- ip4_reass_update (vm, node, rm, rt, reass, &bi0, &next0,
- &error0, &vec_drop_overlap,
- &vec_drop_compress, is_feature);
+ next0 = IP4_REASSEMBLY_NEXT_DROP;
+ error0 = IP4_ERROR_REASS_MALFORMED_PACKET;
}
else
{
- next0 = IP4_REASSEMBLY_NEXT_DROP;
- error0 = IP4_ERROR_REASS_LIMIT_REACHED;
+ ip4_reass_key_t k;
+ k.as_u64[0] =
+ (u64) vnet_buffer (b0)->sw_if_index[VLIB_RX] << 32 | (u64)
+ ip0->src_address.as_u32;
+ k.as_u64[1] =
+ (u64) ip0->dst_address.
+ as_u32 << 32 | (u64) ip0->fragment_id << 16 | (u64) ip0->
+ protocol << 8;
+
+ ip4_reass_t *reass =
+ ip4_reass_find_or_create (vm, rm, rt, &k,
+ &vec_drop_timeout);
+
+ if (reass)
+ {
+ ip4_reass_update (vm, node, rm, rt, reass, &bi0, &next0,
+ &error0, &vec_drop_overlap,
+ &vec_drop_compress, is_feature);
+ }
+ else
+ {
+ next0 = IP4_REASSEMBLY_NEXT_DROP;
+ error0 = IP4_ERROR_REASS_LIMIT_REACHED;
+ }
}
b0->error = node->errors[error0];
n_left_to_next -= 1;
if (is_feature && IP4_ERROR_NONE == error0)
{
+ b0 = vlib_get_buffer (vm, bi0);
vnet_feature_next (&next0, b0);
}
vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
if (ip4_reass_main.max_reass_n > 0 && new_nbuckets > old_nbuckets)
{
clib_bihash_16_8_t new_hash;
- memset (&new_hash, 0, sizeof (new_hash));
+ clib_memset (&new_hash, 0, sizeof (new_hash));
ip4_rehash_cb_ctx ctx;
ctx.failure = 0;
ctx.new_hash = &new_hash;
else
{
clib_bihash_free_16_8 (&ip4_reass_main.hash);
- clib_memcpy (&ip4_reass_main.hash, &new_hash,
- sizeof (ip4_reass_main.hash));
+ clib_memcpy_fast (&ip4_reass_main.hash, &new_hash,
+ sizeof (ip4_reass_main.hash));
}
}
return 0;
rm->vlib_main = vm;
rm->vnet_main = vnet_get_main ();
- vec_validate (rm->per_thread_data, vlib_num_workers () + 1);
+ vec_validate (rm->per_thread_data, vlib_num_workers ());
ip4_reass_per_thread_t *rt;
vec_foreach (rt, rm->per_thread_data)
{
uword thread_index = 0;
int index;
- const uword nthreads = os_get_nthreads ();
+ const uword nthreads = vlib_num_workers () + 1;
for (thread_index = 0; thread_index < nthreads; ++thread_index)
{
ip4_reass_per_thread_t *rt = &rm->per_thread_data[thread_index];
n_left_to_next -= 1;
IP4_REASS_DEBUG_BUFFER (bi, enqueue_drop_timeout_walk);
}
- f->flags |= (trace_frame * VLIB_FRAME_TRACE);
+ f->frame_flags |= (trace_frame * VLIB_FRAME_TRACE);
vlib_put_frame_to_node (vm, rm->ip4_drop_idx, f);
}
u64 sum_buffers_n = 0;
ip4_reass_t *reass;
uword thread_index;
- const uword nthreads = os_get_nthreads ();
+ const uword nthreads = vlib_num_workers () + 1;
for (thread_index = 0; thread_index < nthreads; ++thread_index)
{
ip4_reass_per_thread_t *rt = &rm->per_thread_data[thread_index];
Code Review / vpp.git / blobdiff