lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 22 Sep 2016 14:12:42 +0300
From:   Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
To:     Douglas Caetano dos Santos <douglascs@...hos.com.br>,
        David Miller <davem@...emloft.net>
Cc:     kuznet@....inr.ac.ru, jmorris@...ei.org, yoshfuji@...ux-ipv6.org,
        kaber@...sh.net, netdev@...r.kernel.org
Subject: Re: [PATCH v2] tcp: fix wrong checksum calculation on MTU probing

Hello.

On 9/21/2016 9:26 PM, Douglas Caetano dos Santos wrote:

> With TCP MTU probing enabled and offload TX checksumming disabled,
> tcp_mtu_probe() calculated the wrong checksum when a fragment being copied
> into the probe's SKB had an odd length. This was caused by the direct use
> of skb_copy_and_csum_bits() to calculate the checksum, as it pads the
> fragment being copied, if needed. When this fragment was not the last, a
> subsequent call used the previous checksum without considering this
> padding.
>
> The effect was a stale connection in one way, as even retransmissions
> wouldn't solve the problem, because the checksum was never recalculated for
> the full SKB length.
>
> Signed-off-by: Douglas Caetano dos Santos <douglascs@...hos.com.br>
> ---
>  net/ipv4/tcp_output.c | 10 ++++++----
>  1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
> index f53d0cc..767135e 100644
> --- a/net/ipv4/tcp_output.c
> +++ b/net/ipv4/tcp_output.c
> @@ -1968,10 +1968,12 @@ static int tcp_mtu_probe(struct sock *sk)
>  		copy = min_t(int, skb->len, probe_size - len);
>  		if (nskb->ip_summed)
>  			skb_copy_bits(skb, 0, skb_put(nskb, copy), copy);
> -		else
> -			nskb->csum = skb_copy_and_csum_bits(skb, 0,
> -							    skb_put(nskb, copy),
> -							    copy, nskb->csum);
> +		else {

    CodingStyle: now the first branch needs {} too.

[...]

MBR, Sergei

Powered by blists - more mailing lists