lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Sep 2016 14:12:42 +0300 From: Sergei Shtylyov <sergei.shtylyov@...entembedded.com> To: Douglas Caetano dos Santos <douglascs@...hos.com.br>, David Miller <davem@...emloft.net> Cc: kuznet@....inr.ac.ru, jmorris@...ei.org, yoshfuji@...ux-ipv6.org, kaber@...sh.net, netdev@...r.kernel.org Subject: Re: [PATCH v2] tcp: fix wrong checksum calculation on MTU probing Hello. On 9/21/2016 9:26 PM, Douglas Caetano dos Santos wrote: > With TCP MTU probing enabled and offload TX checksumming disabled, > tcp_mtu_probe() calculated the wrong checksum when a fragment being copied > into the probe's SKB had an odd length. This was caused by the direct use > of skb_copy_and_csum_bits() to calculate the checksum, as it pads the > fragment being copied, if needed. When this fragment was not the last, a > subsequent call used the previous checksum without considering this > padding. > > The effect was a stale connection in one way, as even retransmissions > wouldn't solve the problem, because the checksum was never recalculated for > the full SKB length. > > Signed-off-by: Douglas Caetano dos Santos <douglascs@...hos.com.br> > --- > net/ipv4/tcp_output.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c > index f53d0cc..767135e 100644 > --- a/net/ipv4/tcp_output.c > +++ b/net/ipv4/tcp_output.c > @@ -1968,10 +1968,12 @@ static int tcp_mtu_probe(struct sock *sk) > copy = min_t(int, skb->len, probe_size - len); > if (nskb->ip_summed) > skb_copy_bits(skb, 0, skb_put(nskb, copy), copy); > - else > - nskb->csum = skb_copy_and_csum_bits(skb, 0, > - skb_put(nskb, copy), > - copy, nskb->csum); > + else { CodingStyle: now the first branch needs {} too. [...] MBR, Sergei
Powered by blists - more mailing lists