lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20130711.011411.251674726351429354.davem@davemloft.net>
Date:	Thu, 11 Jul 2013 01:14:11 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	pshelar@...ira.com
Cc:	eric.dumazet@...il.com, alexander.h.duyck@...el.com,
	netdev@...r.kernel.org, stephen@...workplumber.org,
	joseph.gasparakis@...el.com, jesse@...ira.com
Subject: Re: [PATCH net v2] gso: Update tunnel segmentation to support Tx
 checksum offload

From: Pravin Shelar <pshelar@...ira.com>
Date: Thu, 11 Jul 2013 00:45:19 -0700

> I did some digging and found following commit causing problem with GRE
> TSO on bnx setup.
> 
> c957d09ffda417f6c8e3d1f10e2b05228607d6d7 is the first bad commit
> commit c957d09ffda417f6c8e3d1f10e2b05228607d6d7
> Author: Yuval Mintz <yuvalmin@...adcom.com>
> Date:   Tue Jun 25 08:50:11 2013 +0300
> 
>     bnx2x: Remove sparse and coccinelle warnings

Yeah it's this change:

@@ -3543,9 +3543,12 @@ static void bnx2x_update_pbds_gso_enc(struct sk_buff *skb,
 	/* outer IP header info */
 	if (xmit_type & XMIT_CSUM_V4) {
 		struct iphdr *iph = ip_hdr(skb);
+		u16 csum = (__force u16)(~iph->check) -
+			   (__force u16)iph->tot_len -
+			   (__force u16)iph->frag_off;
+
 		pbd2->fw_ip_csum_wo_len_flags_frag =
-			bswab16(csum_fold((~iph->check) -
-					  iph->tot_len - iph->frag_off));
+			bswab16(csum_fold((__force __wsum)csum));

Way too aggressive with the u16 casting.  These two expressions are
not equivalent:

	csum_fold((~iph->check) - iph->tot_len - iph->frag_off)

	csum_fold((__wsum) ((u16)(~iph->check) - (u16)iph->tot_len - (u16)iph->frag_off))

In the first case, the entire expression is computed as 32-bit, in
the second the ~iph->check is truncated to 16-bits before tot_len
and frag_off are subtracted from it.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ