lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Wed, 07 May 2014 16:15:11 -0400 (EDT)
From:	David Miller <>
Subject: Re: Questions on sk_no_check implemenation

From: Tom Herbert <>
Date: Mon, 5 May 2014 19:34:40 -0700

> Hi, I'm looking at sk_no_check implementation and am hoping to get
> clarification on a couple of use cases.
> 1) In l2tp_core.c, if sk_no_check is set it looks like this will
> completely bypass UDP checksum verification on RX even for packets
> with nonzero checksums.
> d2cf33616 (Benjamin LaHaise 2012-04-27 08:24:18 +0000 505) if
> (sk->sk_no_check || skb_csum_unnecessary(skb))
> I don't believe this is standards compliant and seems pretty risky
> otherwise. What is the requirement here? Is this still needed?

I think this is simply a thinko and the code should be checking non-zero

> 2) The constant UDP_CSUM_NORCV was introduced for sunrpc and in fact
> this looks like the only code that sets it. AFAICT the only effect
> this would have would be to disable receive checksum verification in
> L2TP as described above. What was the intent of UDP_CSUM_NORCV and why
> was using this specific to sunrpc?

I have no idea about this case.
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists