diff options
| author | Ghanan Gowripalan <ghanan@google.com> | 2020-07-30 14:19:38 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-07-30 14:25:53 -0700 |
| commit | 9960a816a9ad65a4a6620eee5a66e5cc071b60cb (patch) | |
| tree | a11f84b9a16e60d3038e77ca8bb215cd54841653 /pkg/tcpip/network/ipv4/ipv4.go | |
| parent | 3c70b4c986a2a6bb9b26f96e88f7fee878f29326 (diff) | |
Enforce fragment block size and validate args
Allow configuring fragmentation.Fragmentation with a fragment
block size which will be enforced when processing fragments. Also
validate arguments when processing fragments.
Test:
- fragmentation.TestErrors
- ipv6_test.TestReceiveIPv6Fragments
- ipv4_test.TestReceiveIPv6Fragments
PiperOrigin-RevId: 324081521
Diffstat (limited to 'pkg/tcpip/network/ipv4/ipv4.go')
| -rw-r--r-- | pkg/tcpip/network/ipv4/ipv4.go | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/pkg/tcpip/network/ipv4/ipv4.go b/pkg/tcpip/network/ipv4/ipv4.go index b1776e5ee..0b5a35cce 100644 --- a/pkg/tcpip/network/ipv4/ipv4.go +++ b/pkg/tcpip/network/ipv4/ipv4.go @@ -45,6 +45,10 @@ const ( // buckets is the number of identifier buckets. buckets = 2048 + + // The size of a fragment block, in bytes, as per RFC 791 section 3.1, + // page 14. + fragmentblockSize = 8 ) type endpoint struct { @@ -66,7 +70,7 @@ func (p *protocol) NewEndpoint(nicID tcpip.NICID, addrWithPrefix tcpip.AddressWi prefixLen: addrWithPrefix.PrefixLen, linkEP: linkEP, dispatcher: dispatcher, - fragmentation: fragmentation.NewFragmentation(fragmentation.HighFragThreshold, fragmentation.LowFragThreshold, fragmentation.DefaultReassembleTimeout), + fragmentation: fragmentation.NewFragmentation(fragmentblockSize, fragmentation.HighFragThreshold, fragmentation.LowFragThreshold, fragmentation.DefaultReassembleTimeout), protocol: p, stack: st, } |