lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 12 Nov 2017 21:37:01 +0100
From:   Ahmed Abdelsalam <amsalam20@...il.com>
To:     davem@...emloft.net, david.lebrun@...ouvain.be
Cc:     amsalam20@...il.com, netdev@...r.kernel.org
Subject: [PATCH] ipv6: sr: update the struct ipv6_sr_hdr

The IPv6 Segment Routing Header (SRH) format has been updated srating 
from revision 6 of the SRH ietf draft. The update includes the following 
SRH fields

(1) The "First Segment" field changed to be "Last Entry" which contains 
the index, in the Segment List, of the last element of the Segment List.

(2) The 16 bit "reserved" field now is used as a "tag" which tags a packet
as part of a class or group of packets, e.g.,packets sharing the same
set of properties.

This patch updates the struct ipv6_sr_hdr, so it complies with the updated
SRH draft. It also update the different parts of the kernel that were 
using the old fields names.

Signed-off-by: Ahmed Abdelsalam <amsalam20@...il.com>
---
 This patch is tested by re-compiling the whole kernel after the changes.

 include/uapi/linux/seg6.h |  4 ++--
 net/ipv6/exthdrs.c        |  2 +-
 net/ipv6/seg6.c           |  4 ++--
 net/ipv6/seg6_hmac.c      | 14 +++++++-------
 net/ipv6/seg6_iptunnel.c  |  4 ++--
 5 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/include/uapi/linux/seg6.h b/include/uapi/linux/seg6.h
index 2f6fb0d..3f4b3ab 100644
--- a/include/uapi/linux/seg6.h
+++ b/include/uapi/linux/seg6.h
@@ -26,9 +26,9 @@ struct ipv6_sr_hdr {
 	__u8	hdrlen;
 	__u8	type;
 	__u8	segments_left;
-	__u8	first_segment;
+	__u8	last_entry;
 	__u8	flags;
-	__u16	reserved;
+	__u16	tag;
 
 	struct in6_addr segments[0];
 };
diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c
index 83bd757..d53af71 100644
--- a/net/ipv6/exthdrs.c
+++ b/net/ipv6/exthdrs.c
@@ -918,7 +918,7 @@ static void ipv6_push_rthdr4(struct sk_buff *skb, u8 *proto,
 	sr_phdr = skb_push(skb, plen);
 	memcpy(sr_phdr, sr_ihdr, sizeof(struct ipv6_sr_hdr));
 
-	hops = sr_ihdr->first_segment + 1;
+	hops = sr_ihdr->last_entry + 1;
 	memcpy(sr_phdr->segments + 1, sr_ihdr->segments + 1,
 	       (hops - 1) * sizeof(struct in6_addr));
 
diff --git a/net/ipv6/seg6.c b/net/ipv6/seg6.c
index c814077..3d5279d 100644
--- a/net/ipv6/seg6.c
+++ b/net/ipv6/seg6.c
@@ -40,10 +40,10 @@ bool seg6_validate_srh(struct ipv6_sr_hdr *srh, int len)
 	if (((srh->hdrlen + 1) << 3) != len)
 		return false;
 
-	if (srh->segments_left > srh->first_segment)
+	if (srh->segments_left > srh->last_entry)
 		return false;
 
-	tlv_offset = sizeof(*srh) + ((srh->first_segment + 1) << 4);
+	tlv_offset = sizeof(*srh) + ((srh->last_entry + 1) << 4);
 
 	trailing = len - tlv_offset;
 	if (trailing < 0)
diff --git a/net/ipv6/seg6_hmac.c b/net/ipv6/seg6_hmac.c
index 33fb35c..5107ebb 100644
--- a/net/ipv6/seg6_hmac.c
+++ b/net/ipv6/seg6_hmac.c
@@ -91,7 +91,7 @@ static struct sr6_tlv_hmac *seg6_get_tlv_hmac(struct ipv6_sr_hdr *srh)
 {
 	struct sr6_tlv_hmac *tlv;
 
-	if (srh->hdrlen < (srh->first_segment + 1) * 2 + 5)
+	if (srh->hdrlen < (srh->last_entry + 1) * 2 + 5)
 		return NULL;
 
 	if (!sr_has_hmac(srh))
@@ -175,8 +175,8 @@ int seg6_hmac_compute(struct seg6_hmac_info *hinfo, struct ipv6_sr_hdr *hdr,
 	 * hash function (RadioGatun) with up to 1216 bits
 	 */
 
-	/* saddr(16) + first_seg(1) + flags(1) + keyid(4) + seglist(16n) */
-	plen = 16 + 1 + 1 + 4 + (hdr->first_segment + 1) * 16;
+	/* saddr(16) + last_entry(1) + flags(1) + keyid(4) + seglist(16n) */
+	plen = 16 + 1 + 1 + 4 + (hdr->last_entry + 1) * 16;
 
 	/* this limit allows for 14 segments */
 	if (plen >= SEG6_HMAC_RING_SIZE)
@@ -186,7 +186,7 @@ int seg6_hmac_compute(struct seg6_hmac_info *hinfo, struct ipv6_sr_hdr *hdr,
 	 * as follows, in order:
 	 *
 	 * 1. Source IPv6 address (128 bits)
-	 * 2. first_segment value (8 bits)
+	 * 2. last_entry value (8 bits)
 	 * 3. Flags (8 bits)
 	 * 4. HMAC Key ID (32 bits)
 	 * 5. All segments in the segments list (n * 128 bits)
@@ -200,8 +200,8 @@ int seg6_hmac_compute(struct seg6_hmac_info *hinfo, struct ipv6_sr_hdr *hdr,
 	memcpy(off, saddr, 16);
 	off += 16;
 
-	/* first_segment value */
-	*off++ = hdr->first_segment;
+	/* last_entry value */
+	*off++ = hdr->last_entry;
 
 	/* flags */
 	*off++ = hdr->flags;
@@ -211,7 +211,7 @@ int seg6_hmac_compute(struct seg6_hmac_info *hinfo, struct ipv6_sr_hdr *hdr,
 	off += 4;
 
 	/* all segments in the list */
-	for (i = 0; i < hdr->first_segment + 1; i++) {
+	for (i = 0; i < hdr->last_entry + 1; i++) {
 		memcpy(off, hdr->segments + i, 16);
 		off += 16;
 	}
diff --git a/net/ipv6/seg6_iptunnel.c b/net/ipv6/seg6_iptunnel.c
index bd6cc68..fc9813e 100644
--- a/net/ipv6/seg6_iptunnel.c
+++ b/net/ipv6/seg6_iptunnel.c
@@ -133,7 +133,7 @@ int seg6_do_srh_encap(struct sk_buff *skb, struct ipv6_sr_hdr *osrh, int proto)
 
 	isrh->nexthdr = proto;
 
-	hdr->daddr = isrh->segments[isrh->first_segment];
+	hdr->daddr = isrh->segments[isrh->last_entry];
 	set_tun_src(net, skb->dev, &hdr->daddr, &hdr->saddr);
 
 #ifdef CONFIG_IPV6_SEG6_HMAC
@@ -184,7 +184,7 @@ int seg6_do_srh_inline(struct sk_buff *skb, struct ipv6_sr_hdr *osrh)
 	hdr->nexthdr = NEXTHDR_ROUTING;
 
 	isrh->segments[0] = hdr->daddr;
-	hdr->daddr = isrh->segments[isrh->first_segment];
+	hdr->daddr = isrh->segments[isrh->last_entry];
 
 #ifdef CONFIG_IPV6_SEG6_HMAC
 	if (sr_has_hmac(isrh)) {
-- 
2.1.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ