Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Connectivity / 2aaa7b6c678b9bcc25cedf6033a479b46f86e907^! / . / bpf_progs / clatd.c
commit2aaa7b6c678b9bcc25cedf6033a479b46f86e907[log] [tgz]
authorMaciej Żenczykowski <maze@google.com>Tue Jan 03 11:25:07 2023 +0000
committerMaciej Żenczykowski <maze@google.com>Tue Jan 03 11:30:54 2023 +0000
tree2193ab9fbde5365d2643e201e2b937f32f34d9b4
parentb97fbbf5e0f3fba605ec1002f562b96a4eeb0b93 [diff] [blame]
Revert "clatd - ipv6 fragment to ipv4 translation support"

This reverts commit be9685c35cd7c2f5adf5f6f90b1309cdd2c6c10a.

Reason for revert:
  fails on 4.9 due to bpf_skb_adjust_room requiring a later kernel,
  will need an alternative approach

Bug: 261818177
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I26535a96de80febc2fd54dcb564cde4f9ed7b3c9

diff --git a/bpf_progs/clatd.c b/bpf_progs/clatd.c
index 14cddf6..563ca5e 100644
--- a/bpf_progs/clatd.c
+++ b/bpf_progs/clatd.c

@@ -103,28 +103,6 @@
     __u8 proto = ip6->nexthdr;
     __be16 ip_id = 0;
     __be16 frag_off = htons(IP_DF);
-    __u16 tot_len = ntohs(ip6->payload_len) + sizeof(struct iphdr);  // cannot overflow, see above
-
-    if (proto == IPPROTO_FRAGMENT) {
-        // Must have (ethernet and) ipv6 header and ipv6 fragment extension header
-        if (data + l2_header_size + sizeof(*ip6) + sizeof(struct frag_hdr) > data_end)
-            return TC_ACT_PIPE;
-        const struct frag_hdr *frag = (const struct frag_hdr *)(ip6 + 1);
-        proto = frag->nexthdr;
-        // RFC6145: use bottom 16-bits of network endian 32-bit IPv6 ID field for 16-bit IPv4 field.
-        // this is equivalent to: ip_id = htons(ntohl(frag->identification));
-        ip_id = frag->identification >> 16;
-        // Conversion of 16-bit IPv6 frag offset to 16-bit IPv4 frag offset field.
-        // IPv6 is '13 bits of offset in multiples of 8' + 2 zero bits + more fragment bit
-        // IPv4 is zero bit + don't frag bit + more frag bit + '13 bits of offset in multiples of 8'
-        frag_off = ntohs(frag->frag_off);
-        frag_off = ((frag_off & 1) << 13) | (frag_off >> 3);
-        frag_off = htons(frag_off);
-        // Note that by construction tot_len is guaranteed to not underflow here
-        tot_len -= sizeof(struct frag_hdr);
-        // This is a badly formed IPv6 packet with less payload than the size of an IPv6 Frag EH
-        if (tot_len < sizeof(struct iphdr)) return TC_ACT_PIPE;
-    }
 
     switch (proto) {
         case IPPROTO_TCP:  // For TCP & UDP the checksum neutrality of the chosen IPv6
@@ -151,7 +129,7 @@
             .version = 4,                                                      // u4
             .ihl = sizeof(struct iphdr) / sizeof(__u32),                       // u4
             .tos = (ip6->priority << 4) + (ip6->flow_lbl[0] >> 4),             // u8
-            .tot_len = htons(tot_len),                                         // be16
+            .tot_len = htons(ntohs(ip6->payload_len) + sizeof(struct iphdr)),  // be16
             .id = ip_id,                                                       // be16
             .frag_off = frag_off,                                              // be16
             .ttl = ip6->hop_limit,                                             // u8
@@ -208,13 +186,6 @@
     //   return -ENOTSUPP;
     bpf_csum_update(skb, sum6);
 
-    if (frag_off != htons(IP_DF)) {
-        // If we're converting an IPv6 Fragment, we need to trim off 8 more bytes
-        // We're beyond recovery on error here... but hard to imagine how this could fail.
-        if (bpf_skb_adjust_room(skb, -(__s32)sizeof(struct frag_hdr), BPF_ADJ_ROOM_NET, /*flags*/0))
-            return TC_ACT_SHOT;
-    }
-
     // bpf_skb_change_proto() invalidates all pointers - reload them.
     data = (void*)(long)skb->data;
     data_end = (void*)(long)skb->data_end;