| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 01 Dec 2014 04:09:36 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: Lino Sanfilippo <LinoSanfilippo@....de>
Cc: ralf@...ux-mips.org, linux-mips@...ux-mips.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ioc3: fix incorrect use of htons/ntohs
On Sun, 2014-11-30 at 11:40 +0100, Lino Sanfilippo wrote:
> The protocol type in the ip header struct is a single byte variable. So there
> is no need to swap bytes depending on host endianness.
>
> Signed-off-by: Lino Sanfilippo <LinoSanfilippo@....de>
> ---
>
> Please note that I could not test this, since I dont have access to the
> concerning hardware.
>
> drivers/net/ethernet/sgi/ioc3-eth.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/net/ethernet/sgi/ioc3-eth.c b/drivers/net/ethernet/sgi/ioc3-eth.c
> index 7a254da..0bb303d 100644
> --- a/drivers/net/ethernet/sgi/ioc3-eth.c
> +++ b/drivers/net/ethernet/sgi/ioc3-eth.c
> @@ -540,8 +540,7 @@ static void ioc3_tcpudp_checksum(struct sk_buff *skb, uint32_t hwsum, int len)
>
> /* Same as tx - compute csum of pseudo header */
> csum = hwsum +
> - (ih->tot_len - (ih->ihl << 2)) +
> - htons((uint16_t)ih->protocol) +
> + (ih->tot_len - (ih->ihl << 2)) + ih->protocol +
> (ih->saddr >> 16) + (ih->saddr & 0xffff) +
> (ih->daddr >> 16) + (ih->daddr & 0xffff);
>
The pseudo-header is specified as:
+--------+--------+--------+--------+
| Source Address |
+--------+--------+--------+--------+
| Destination Address |
+--------+--------+--------+--------+
| zero | PTCL | TCP Length |
+--------+--------+--------+--------+
The current code zero-extends the protocol number to produce the 5th
16-bit word of the pseudo-header, then uses htons() to put it in
big-endian order, consistent with the other fields. (Yes, it's doing
addition on big-endian words; this works even on little-endian machines
due to the way the checksum is specified.)
The driver should not be doing this at all, though. It should set
skb->csum = hwsum; skb->ip_summed = CHECKSUM_COMPLETE; and let the
network stack adjust the hardware checksum.
> @@ -1417,7 +1416,7 @@ static int ioc3_start_xmit(struct sk_buff *skb, struct net_device *dev)
> */
> if (skb->ip_summed == CHECKSUM_PARTIAL) {
> const struct iphdr *ih = ip_hdr(skb);
> - const int proto = ntohs(ih->protocol);
> + const int proto = ih->protocol;
> unsigned int csoff;
> uint32_t csum, ehsum;
> uint16_t *eh;
This should logically be __be16 proto = htons(ih->protocol), but the
current version should work in practice.
However, the driver should really use skb->csum_start and
skb->csum_offset to work out where the checksum belongs and which bytes
to cancel out.
Ben.
--
Ben Hutchings
The first rule of tautology club is the first rule of tautology club.
Download attachment "signature.asc" of type "application/pgp-signature" (812 bytes)
Powered by blists - more mailing lists