Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Connectivity / 57d480d2b425ef20d8b6f84abd4e9e3209fa9422^! / . / ipv4.c
commit57d480d2b425ef20d8b6f84abd4e9e3209fa9422[log] [tgz]
authorLorenzo Colitti <lorenzo@google.com>Sun Feb 09 10:35:38 2014 +0900
committerLorenzo Colitti <lorenzo@google.com>Sat Feb 22 12:46:06 2014 +0900
tree1d4d53278970b0681042e4f10ef44c1c5334bc5f
parent07f0265830fcae2632159e9993b93a161d7ea23b [diff] [blame]
Support translating fragmented packets.

Bug: 11542311
Change-Id: I14a20b9ac669cdb5927f6ac26147bb0109099497

diff --git a/ipv4.c b/ipv4.c
index e2636b4..84dccd5 100644
--- a/ipv4.c
+++ b/ipv4.c

@@ -57,7 +57,8 @@
 int ipv4_packet(clat_packet out, int pos, const char *packet, size_t len) {
   const struct iphdr *header = (struct iphdr *) packet;
   struct ip6_hdr *ip6_targ = (struct ip6_hdr *) out[pos].iov_base;
-  uint16_t frag_flags;
+  struct ip6_frag *frag_hdr;
+  size_t frag_hdr_len;
   uint8_t nxthdr;
   const char *next_header;
   size_t len_left;
@@ -69,12 +70,6 @@
     return 0;
   }
 
-  frag_flags = ntohs(header->frag_off);
-  if(frag_flags & IP_MF) { // this could theoretically be supported, but isn't
-    logmsg_dbg(ANDROID_LOG_ERROR, "ip_packet/more fragments set, dropping");
-    return 0;
-  }
-
   if(header->ihl < 5) {
     logmsg_dbg(ANDROID_LOG_ERROR, "ip_packet/ip header length set to less than 5: %x", header->ihl);
     return 0;
@@ -111,20 +106,32 @@
   fill_ip6_header(ip6_targ, 0, nxthdr, header);
   out[pos].iov_len = sizeof(struct ip6_hdr);
 
-  // Calculate the pseudo-header checksum.
+  /* Calculate the pseudo-header checksum.
+   * Technically, the length that is used in the pseudo-header checksum is the transport layer
+   * length, which is not the same as len_left in the case of fragmented packets. But since
+   * translation does not change the transport layer length, the checksum is unaffected.
+   */
   old_sum = ipv4_pseudo_header_checksum(header, len_left);
   new_sum = ipv6_pseudo_header_checksum(ip6_targ, len_left, nxthdr);
 
-  if (nxthdr == IPPROTO_ICMPV6) {
-    iov_len = icmp_packet(out, pos + 1, (const struct icmphdr *) next_header, new_sum, len_left);
+  // If the IPv4 packet is fragmented, add a Fragment header.
+  frag_hdr = (struct ip6_frag *) out[pos + 1].iov_base;
+  frag_hdr_len = maybe_fill_frag_header(frag_hdr, ip6_targ, header);
+  out[pos + 1].iov_len = frag_hdr_len;
+
+  if (frag_hdr_len && frag_hdr->ip6f_offlg & IP6F_OFF_MASK) {
+    // Non-first fragment. Copy the rest of the packet as is.
+    iov_len = generic_packet(out, pos + 2, next_header, len_left);
+  } else if (nxthdr == IPPROTO_ICMPV6) {
+    iov_len = icmp_packet(out, pos + 2, (const struct icmphdr *) next_header, new_sum, len_left);
   } else if (nxthdr == IPPROTO_TCP) {
-    iov_len = tcp_packet(out, pos + 1, (const struct tcphdr *) next_header, old_sum, new_sum,
+    iov_len = tcp_packet(out, pos + 2, (const struct tcphdr *) next_header, old_sum, new_sum,
                          len_left);
   } else if (nxthdr == IPPROTO_UDP) {
-    iov_len = udp_packet(out, pos + 1, (const struct udphdr *) next_header, old_sum, new_sum,
+    iov_len = udp_packet(out, pos + 2, (const struct udphdr *) next_header, old_sum, new_sum,
                          len_left);
   } else if (nxthdr == IPPROTO_GRE) {
-    iov_len = generic_packet(out, pos + 1, next_header, len_left);
+    iov_len = generic_packet(out, pos + 2, next_header, len_left);
   } else {
 #if CLAT_DEBUG
     logmsg_dbg(ANDROID_LOG_ERROR, "ip_packet/unknown protocol: %x",header->protocol);