Ilya Maximets <[email protected]> writes: > NSH header length is a 6-bit field that encodes the total length of > the header in 4-byte words. So the maximum length is 0b111111 * 4, > which is 252 and not 256. The maximum context length is the same > number minus the length of the base header (8), so 244. > > These macros are used to validate push_nsh() action in openvswitch. > Miscalculation here doesn't cause any real issues. In the worst case > the oversized context is truncated while building the header, so we'll > construct and send a broken packet, which is not a big problem, as any > receiver should validate the fields. No invalid memory accesses will > happen during the header push. But we should fix the macros to reject > the incorrect actions in the first place. > > Using previously defined values and calculating the length instead > of defining numbers directly, so it's easier to understand where they > come from and harder to make a mistake. > > Fixes: 1f0b7744c505 ("net: add NSH header structures and helpers") > Signed-off-by: Ilya Maximets <[email protected]> > ---
Thanks Ilya! Reviewed-by: Aaron Conole <[email protected]> _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
