From nobody Tue Apr 30 08:46:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; dkim=fail spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1492739653713256.8271512742516; Thu, 20 Apr 2017 18:54:13 -0700 (PDT) Received: from localhost ([::1]:56676 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d1Nlz-0000EA-SR for importer@patchew.org; Thu, 20 Apr 2017 21:54:11 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44048) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d1Ig9-0007Ij-Bm for qemu-devel@nongnu.org; Thu, 20 Apr 2017 16:27:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d1Ig8-0001Yt-F8 for qemu-devel@nongnu.org; Thu, 20 Apr 2017 16:27:49 -0400 Received: from mail-io0-x241.google.com ([2607:f8b0:4001:c06::241]:36611) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d1Ig8-0001Yb-AB for qemu-devel@nongnu.org; Thu, 20 Apr 2017 16:27:48 -0400 Received: by mail-io0-x241.google.com with SMTP id x86so20441621ioe.3 for ; Thu, 20 Apr 2017 13:27:48 -0700 (PDT) Received: from paxos.mtv.corp.google.com ([2620:0:1000:2800:a833:933e:3902:8950]) by smtp.gmail.com with ESMTPSA id h42sm3151801ioi.16.2017.04.20.13.27.46 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 20 Apr 2017 13:27:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=2Ao6KIeU6mVusxzlkAyvtHQ5QwyB+E69/Jca5Inb4v4=; b=UnoT/1Y/28jTm9J8rmqnx6hnx3VA7pxlmZ91/VYmpUM7idj8y8UxWIWww18MyJv2jL xhVHqDdt5RJjID4GPx7TbJfRi/xyqjW/BbNDA2qx3NHMdoC+7kMThgN6WRGA4O8CqoMA 57FMvfEfOYBWCqosK9b09MNXd6jgAjxWGQnfD3ilxI2GxlX02cIAgiVn/2Wy45fRKbxG q3/j3ro3cp1+Ewc8B7BOJRZfqHE2pZzl4dMZqwevOEKURzfvw8oxG2iayGVyOhRaPUDD p6seljeGWODlWpRT6cMumVuyUFEuO32ilsezcgN9nrnZ6C1J8AFtEhbw9dnexvdOTHDX 5NlA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=2Ao6KIeU6mVusxzlkAyvtHQ5QwyB+E69/Jca5Inb4v4=; b=g0UcHF+oOy6jw1p48BYoQ4cBUkPnmMQNyMhzJd6xdWeneap/qXFofbHUWDG6lwnKsx B08zp8nthwlfZ6CMO+sgv6XuUexQX206CAB/+4YQhte2acqDjC3KfIZvjMVoeM74ss3U ixGF7gNYzTETZ8SdXwlQgKeR4+jGP2rc+fTNZyYoyq4Z1KKHq1BM1T4dwBlxPpFHY3WY Knz8yVMscm2GJ05mSthp7M9DllCzWVrrqJurgHEt4DvqAfkYLSEs9xRhkUkZ4RIQAdcl tlGC30krawHlbchcRE7j9sI9Oy5+8ci5yiezwwCvPWauaoj/iAoy8Bpy2bcKFki5bx8z ZyDQ== X-Gm-Message-State: AN3rC/7SxJ8ay6Pdi0/fIKb/HM2geXUERY+SzoPplZv6CyRCiMb+NxEj lotTiT39FAzrHg== X-Received: by 10.36.40.9 with SMTP id h9mr5797245ith.13.1492720067448; Thu, 20 Apr 2017 13:27:47 -0700 (PDT) From: Tao Wu X-Google-Original-From: Tao Wu To: qemu-devel@nongnu.org Date: Thu, 20 Apr 2017 13:27:45 -0700 Message-Id: <20170420202745.149601-1-lepton@google.com> X-Mailer: git-send-email 2.12.2.816.g2cccc81164-goog X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4001:c06::241 X-Mailman-Approved-At: Thu, 20 Apr 2017 21:52:38 -0400 Subject: [Qemu-devel] [PATCH] Fix wrong length in IP header in tcp_respond. X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Tao Wu Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This bug was introduced by https://github.com/qemu/qemu/commit/98c6305 And then we 'fix' it in https://github.com/qemu/qemu/commit/27d92e Actually I believe the root cause was that we sent out a RST packet with wrong length and then get ignored by OS. Signed-off-by: Tao Wu --- slirp/tcp_subr.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/slirp/tcp_subr.c b/slirp/tcp_subr.c index ed16e1807f..dc8b4bbb50 100644 --- a/slirp/tcp_subr.c +++ b/slirp/tcp_subr.c @@ -204,7 +204,7 @@ tcp_respond(struct tcpcb *tp, struct tcpiphdr *ti, stru= ct mbuf *m, m->m_len -=3D sizeof(struct tcpiphdr) - sizeof(struct tcphdr) - sizeof(struct ip); ip =3D mtod(m, struct ip *); - ip->ip_len =3D tlen; + ip->ip_len =3D m->m_len; ip->ip_dst =3D tcpiph_save.ti_dst; ip->ip_src =3D tcpiph_save.ti_src; ip->ip_p =3D tcpiph_save.ti_pr; @@ -224,7 +224,7 @@ tcp_respond(struct tcpcb *tp, struct tcpiphdr *ti, stru= ct mbuf *m, m->m_len -=3D sizeof(struct tcpiphdr) - sizeof(struct tcphdr) - sizeof(struct ip6); ip6 =3D mtod(m, struct ip6 *); - ip6->ip_pl =3D tlen; + ip6->ip_pl =3D tcpiph_save.ti_len; ip6->ip_dst =3D tcpiph_save.ti_dst6; ip6->ip_src =3D tcpiph_save.ti_src6; ip6->ip_nh =3D tcpiph_save.ti_nh6; --=20 2.12.2.816.g2cccc81164-goog