| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Feb 2017 13:04:34 -0800 From: Tom Herbert <tom@...bertland.com> To: Linux Kernel Network Developers <netdev@...r.kernel.org> Subject: CHECKSUM_UNNECESSARY semantics with driver modified.created packets Alexei and I were looking at the mlx5 LRO code this morning. One discrepancy I noticed with GRO is that CHECKSUM_UNNECESSARY is set for the assembled packet whereas in GRO we use CHECKSUM_PARTIAL. The effect of using checksum-unnecessary is that the actual TCP checksum in the packet is not correct for the packet. Since gso_type set this probably is okay when packet is forwarding (checksums recomputed), but this seems to make some assumptions about the meaning of checksum-unnecessary. Looking if the rules of checksum in skbuff.h we're no explicit in saying whether the checksum actually in the packet must be correct. I think there's some possible ways to address this: 1) Allow actual checksum to be incorrect in packet when the packet is gso. On TX checksum must always be computed then. 2) Change the instances where driving is modifying a packet or creating a new one as in LRO case to use CHECKSUM_PARTIAL. 3) Modify the checksum in the packet so that it is correct. We do this in nearly all other cases where we modify the packet (e.g. NAT). Would be hard to do in LRO though. In any case, I think we need to update sk_buff.h to clarify what the semantics are. Tom
Powered by blists - more mailing lists