Process Hop-by-Hop header when forwarding IPv6 packets

Currently, we process IPv6 extension headers when receiving packets but not when forwarding them. This is fine for the most part, with with one exception: RFC 8200 requires that we process the Hop-by-Hop headers even while forwarding packets. This CL adds that support by invoking the Hop-by-hop logic performed when receiving packets during forwarding as well. PiperOrigin-RevId: 373145478
author: Nick Brown <nickbrow@google.com> 2021-05-11 07:23:25 -0700
committer: gVisor bot <gvisor-bot@google.com> 2021-05-11 07:25:56 -0700
commit: 1daabac237ffb2b7d5711d87bfadc531dc457d08 (patch)
tree: e08e1983c4bdfc65276e07dab7922598e7e1f382 /pkg/sentry/socket/netstack/netstack.go
parent: 1699d702cbfcf6f34bd14327b644738f996feb3b (diff)
1 files changed, 6 insertions, 5 deletions
diff --git a/pkg/sentry/socket/netstack/netstack.go b/pkg/sentry/socket/netstack/netstack.go
index 60ef33360..455a92e53 100644
--- a/pkg/sentry/socket/netstack/netstack.go
+++ b/pkg/sentry/socket/netstack/netstack.go
@@ -200,11 +200,12 @@ var Metrics = tcpip.Stats{
 		OptionRouterAlertReceived:           mustCreateMetric("/netstack/ip/options/router_alert_received", "Number of router alert options found in received IP packets."),
 		OptionUnknownReceived:               mustCreateMetric("/netstack/ip/options/unknown_received", "Number of unknown options found in received IP packets."),
 		Forwarding: tcpip.IPForwardingStats{
-			Unrouteable:          mustCreateMetric("/netstack/ip/forwarding/unrouteable", "Number of IP packets received which couldn't be routed and thus were not forwarded."),
-			ExhaustedTTL:         mustCreateMetric("/netstack/ip/forwarding/exhausted_ttl", "Number of IP packets received which could not be forwarded due to an exhausted TTL."),
-			LinkLocalSource:      mustCreateMetric("/netstack/ip/forwarding/link_local_source_address", "Number of IP packets received which could not be forwarded due to a link-local source address."),
-			LinkLocalDestination: mustCreateMetric("/netstack/ip/forwarding/link_local_destination_address", "Number of IP packets received which could not be forwarded due to a link-local destination address."),
-			Errors:               mustCreateMetric("/netstack/ip/forwarding/errors", "Number of IP packets which couldn't be forwarded."),
+			Unrouteable:            mustCreateMetric("/netstack/ip/forwarding/unrouteable", "Number of IP packets received which couldn't be routed and thus were not forwarded."),
+			ExhaustedTTL:           mustCreateMetric("/netstack/ip/forwarding/exhausted_ttl", "Number of IP packets received which could not be forwarded due to an exhausted TTL."),
+			LinkLocalSource:        mustCreateMetric("/netstack/ip/forwarding/link_local_source_address", "Number of IP packets received which could not be forwarded due to a link-local source address."),
+			LinkLocalDestination:   mustCreateMetric("/netstack/ip/forwarding/link_local_destination_address", "Number of IP packets received which could not be forwarded due to a link-local destination address."),
+			ExtensionHeaderProblem: mustCreateMetric("/netstack/ip/forwarding/extension_header_problem", "Number of IP packets received which could not be forwarded due to a problem processing their IPv6 extension headers."),
+			Errors:                 mustCreateMetric("/netstack/ip/forwarding/errors", "Number of IP packets which couldn't be forwarded."),
 		},
 	},
 	ARP: tcpip.ARPStats{
author	Nick Brown <nickbrow@google.com>	2021-05-11 07:23:25 -0700
committer	gVisor bot <gvisor-bot@google.com>	2021-05-11 07:25:56 -0700
commit	1daabac237ffb2b7d5711d87bfadc531dc457d08 (patch)
tree	e08e1983c4bdfc65276e07dab7922598e7e1f382 /pkg/sentry/socket/netstack/netstack.go
parent	1699d702cbfcf6f34bd14327b644738f996feb3b (diff)