lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <53488811.2080602@alten.se>
Date:	Sat, 12 Apr 2014 02:25:53 +0200
From:	Arvid Brodin <arvid.brodin@...en.se>
To:	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: TCP checksum problem

Hi,

I'm trying to insert a 6-byte HSR header into a newly copied skb, between the ethernet header and the IP header. The skb comes from my virtual device's ndo_start_xmit() function and is to be sent on to a physical interface after modification. Essentially, this is what I'm doing:

	skb = skb_copy_expand(skb, skb_headroom(skb) + HSR_HLEN, 0, GFP_ATOMIC);

	/* Move ethernet header to make room for the HSR header */
	src = skb_mac_header(skb);
	WARN_ON_ONCE(src != skb->data);
	dst = skb_push(skb, HSR_HLEN);
	memmove(dst, src, ETH_HLEN);
	skb_reset_mac_header(skb);

	/* Fill in the 6-byte header */
	hsr_fill_tag(skb, frame, port);

	/* Point the skb to the physical interface */
	skb->dev = port->dev; 

	dev_queue_xmit(skb);

But something goes wrong with the TCP checksum on the way out. Arp, ping etc works fine, but anything using TCP is discarded by the receiver due to incorrect TCP checksums.

Using wireshark and some printks, I've managed to decide that the updated TCP checksum is written offset by -6 bytes from where it should be (into what wireshark calls the TCP header "acknowledgement number" field).

Any idea why this happens? I've spent a few days on this now and I'm running out of ideas...

This is run on the cadence/macb ethernet device. Before the call to skb_copy_expand(), skb->ip_summed is CHECKSUM_PARTIAL, skb->csum_start is 120, and skb->csum_offset is 16. The total frame length is 80 bytes (on the wire as reported by wireshark - I think this is excluding the FCS).


-- 
Arvid Brodin | Consultant (Linux)
ALTEN | Knarrarnäsgatan 7 | SE-164 40 Kista | Sweden
arvid.brodin@...en.se | www.alten.se/en/
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ