lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 15 Nov 2018 15:16:02 -0800
From:   Cong Wang <xiyou.wangcong@...il.com>
To:     netdev@...r.kernel.org
Cc:     Cong Wang <xiyou.wangcong@...il.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        Tom Herbert <tom@...bertland.com>,
        Eric Dumazet <edumazet@...gle.com>
Subject: [Patch net] net: invert the check of detecting hardware RX checksum fault

The following evidences indicate this check is likely wrong:

1. In the assignment "skb->csum_valid = !sum", sum==0 indicates a valid checksum.

2. __skb_checksum_complete() always returns sum, and TCP packets are dropped
   only when it returns non-zero. So non-zero indicates a failure.

3. In __skb_checksum_validate_complete(), we have a nearly same check, where
   zero is considered as success.

4. csum_fold() already does the one’s complement, this indicates 0 should
   be considered as a successful validation.

5. We have triggered this fault for many times, but InCsumErrors field in
   /proc/net/snmp remains 0.

Base on the above, non-zero should be used as a checksum mismatch.

I tested this with mlx5 driver, no warning or InCsumErrors after 1 hour.

Fixes: fb286bb2990a ("[NET]: Detect hardware rx checksum faults correctly")
Cc: Herbert Xu <herbert@...dor.apana.org.au>
Cc: Tom Herbert <tom@...bertland.com>
Cc: Eric Dumazet <edumazet@...gle.com>
Signed-off-by: Cong Wang <xiyou.wangcong@...il.com>
---
 net/core/datagram.c | 4 ++--
 net/core/dev.c      | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/net/core/datagram.c b/net/core/datagram.c
index 57f3a6fcfc1e..e542a9a212a7 100644
--- a/net/core/datagram.c
+++ b/net/core/datagram.c
@@ -733,7 +733,7 @@ __sum16 __skb_checksum_complete_head(struct sk_buff *skb, int len)
 	__sum16 sum;
 
 	sum = csum_fold(skb_checksum(skb, 0, len, skb->csum));
-	if (likely(!sum)) {
+	if (unlikely(sum)) {
 		if (unlikely(skb->ip_summed == CHECKSUM_COMPLETE) &&
 		    !skb->csum_complete_sw)
 			netdev_rx_csum_fault(skb->dev);
@@ -753,7 +753,7 @@ __sum16 __skb_checksum_complete(struct sk_buff *skb)
 
 	/* skb->csum holds pseudo checksum */
 	sum = csum_fold(csum_add(skb->csum, csum));
-	if (likely(!sum)) {
+	if (unlikely(sum)) {
 		if (unlikely(skb->ip_summed == CHECKSUM_COMPLETE) &&
 		    !skb->csum_complete_sw)
 			netdev_rx_csum_fault(skb->dev);
diff --git a/net/core/dev.c b/net/core/dev.c
index 0ffcbdd55fa9..c76dee329844 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -5776,7 +5776,7 @@ __sum16 __skb_gro_checksum_complete(struct sk_buff *skb)
 
 	/* NAPI_GRO_CB(skb)->csum holds pseudo checksum */
 	sum = csum_fold(csum_add(NAPI_GRO_CB(skb)->csum, wsum));
-	if (likely(!sum)) {
+	if (unlikely(sum)) {
 		if (unlikely(skb->ip_summed == CHECKSUM_COMPLETE) &&
 		    !skb->csum_complete_sw)
 			netdev_rx_csum_fault(skb->dev);
-- 
2.19.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ