diff options
author | Julian Elischer <jrelis@google.com> | 2021-01-25 20:48:20 -0800 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-01-25 20:50:02 -0800 |
commit | 3731ebb3fe69dc2d7fb6d6602845a378c530379b (patch) | |
tree | 10390371e4dc7825ed9d7aac9b0e2482a0c49a7a /pkg/tcpip/network/ipv6/icmp.go | |
parent | 39db3b93554ea74611602ad4c20dfa5c08e748f2 (diff) |
Adjust included data size on icmp errors
The RFC for icmpv6 specifies that an errant packet should be included
in the returned ICMP packet, and that it should include up to the amount
needed to fill the minimum MTU (1280 bytes) if possible. The current code
included the Link header in that calculation but the RFC is referring
to the IP MTU not the link MTU. Some conformance tests check this and
report an error agains the stack for this.
The full header length shoudl however continue to be used when allocating
header space.
Make the same change for IPv4 for consistency.
Add a test for icmp payload sizing.
Test that the included data in an ICMP error packet conforms to the
requirements of RFC 972, RFC 4443 section 2.4 and RFC 1812 Section 4.3.2.3.
Fixes #5311
PiperOrigin-RevId: 353790203
Diffstat (limited to 'pkg/tcpip/network/ipv6/icmp.go')
-rw-r--r-- | pkg/tcpip/network/ipv6/icmp.go | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/pkg/tcpip/network/ipv6/icmp.go b/pkg/tcpip/network/ipv6/icmp.go index ae5179d93..750aa4022 100644 --- a/pkg/tcpip/network/ipv6/icmp.go +++ b/pkg/tcpip/network/ipv6/icmp.go @@ -1,4 +1,4 @@ -// Copyright 2018 The gVisor Authors. +// Copyright 2021 The gVisor Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -910,11 +910,11 @@ func (p *protocol) returnError(reason icmpReason, pkt *stack.PacketBuffer) *tcpi // the error message packet exceed the minimum IPv6 MTU // [IPv6]. mtu := int(route.MTU()) - if mtu > header.IPv6MinimumMTU { - mtu = header.IPv6MinimumMTU + const maxIPv6Data = header.IPv6MinimumMTU - header.IPv6FixedHeaderSize + if mtu > maxIPv6Data { + mtu = maxIPv6Data } - headerLen := int(route.MaxHeaderLength()) + header.ICMPv6ErrorHeaderSize - available := int(mtu) - headerLen + available := mtu - header.ICMPv6ErrorHeaderSize if available < header.IPv6MinimumSize { return nil } @@ -928,7 +928,7 @@ func (p *protocol) returnError(reason icmpReason, pkt *stack.PacketBuffer) *tcpi payload.CapLength(payloadLen) newPkt := stack.NewPacketBuffer(stack.PacketBufferOptions{ - ReserveHeaderBytes: headerLen, + ReserveHeaderBytes: int(route.MaxHeaderLength()) + header.ICMPv6ErrorHeaderSize, Data: payload, }) newPkt.TransportProtocolNumber = header.ICMPv6ProtocolNumber |