|
Hello!
I am a software engineer Bingsoft. I found a serious bug on the openvswitch datapath. If I modify icmpv6 packet's source address flowtables, will lead icmpv6 checksum error. According to RFC standards, icmpv6 the checksum need to join the ipv6 address operation. And I found that you modify the source code inside the ipv6 address in the future, and did not re-calculation icmpv6 the checksum. Here is what I modify the source code patches. --- ~/datapath/actions.c 2014-11-06 17:43:52.986322421 +0800 +++ ~/datapath/actions.c" 2014-08-15 04:18:58.000000000 +0800 @@ -190,11 +190,7 @@ uh->check = CSUM_MANGLED_0; } } - } else if (l4_proto == IPPROTO_ICMPV6) { - if (likely(transport_len >= sizeof(struct icmpv6hdr))) { - inet_proto_csum_replace16(icmpv6_hdr(skb)->check, skb, addr, new_addr, 1); - } - } + } } static void set_ipv6_addr(struct sk_buff *skb, u8 l4_proto, I hope you fix this bug as soon as possible. Thank you! Dong Yi Lin, software engineer Guangzhou City for BingoSoft Development Co. [email protected] |
_______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
