| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+mtBx_SK5LG8z_kTr5sHNhGQMBDgc+kpG49uyjgDM_eoK1hKg@mail.gmail.com> Date: Mon, 5 May 2014 19:34:40 -0700 From: Tom Herbert <therbert@...gle.com> To: Linux Netdev List <netdev@...r.kernel.org> Subject: Questions on sk_no_check implemenation Hi, I'm looking at sk_no_check implementation and am hoping to get clarification on a couple of use cases. 1) In l2tp_core.c, if sk_no_check is set it looks like this will completely bypass UDP checksum verification on RX even for packets with nonzero checksums. d2cf33616 (Benjamin LaHaise 2012-04-27 08:24:18 +0000 505) if (sk->sk_no_check || skb_csum_unnecessary(skb)) I don't believe this is standards compliant and seems pretty risky otherwise. What is the requirement here? Is this still needed? 2) The constant UDP_CSUM_NORCV was introduced for sunrpc and in fact this looks like the only code that sets it. AFAICT the only effect this would have would be to disable receive checksum verification in L2TP as described above. What was the intent of UDP_CSUM_NORCV and why was using this specific to sunrpc? Thanks for your help, Tom -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists