lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87y0ota32b.fsf@alyssa.is>
Date: Wed, 29 Oct 2025 21:03:08 +0100
From: Alyssa Ross <hi@...ssa.is>
To: Paolo Abeni <pabeni@...hat.com>, "Michael S. Tsirkin" <mst@...hat.com>,
 Jason Wang <jasowang@...hat.com>
Cc: netdev@...r.kernel.org, virtualization@...ts.linux.dev,
 regressions@...ts.linux.dev
Subject: [REGRESSION][BISECTED] virtio_net CSUM broken with Cloud Hypervisor

Since 56a06bd40fab ("virtio_net: enable gso over UDP tunnel support."),
networking in Cloud Hypervisor is no longer working for me.

I've narrowed down the problem to here:

> @@ -2555,14 +2567,21 @@ static void virtnet_receive_done(struct virtnet_info *vi, struct receive_queue *
>  	if (dev->features & NETIF_F_RXHASH && vi->has_rss_hash_report)
>  		virtio_skb_set_hash(&hdr->hash_v1_hdr, skb);
>  
> -	if (flags & VIRTIO_NET_HDR_F_DATA_VALID)
> -		skb->ip_summed = CHECKSUM_UNNECESSARY;
> +	hdr->hdr.flags = flags;

It looks like this was added because virtio_net_handle_csum_offload()
looks at the flags from the hdr it's given, rather than having it passed
separately, but it appears something later on relies on the previous
value of hdr->hdr.flags.

From my tracing, hdr->hdr.flags is set to either 0 or
VIRTIO_NET_HDR_F_NEEDS_CSUM before this assignment, and flags is always
0, so in some cases VIRTIO_NET_HDR_F_NEEDS_CSUM now ends up being unset.

> +	if (virtio_net_handle_csum_offload(skb, &hdr->hdr, vi->rx_tnl_csum)) {
> +		net_warn_ratelimited("%s: bad csum: flags: %x, gso_type: %x rx_tnl_csum %d\n",
> +				     dev->name, hdr->hdr.flags,
> +				     hdr->hdr.gso_type, vi->rx_tnl_csum);
> +		goto frame_err;
> +	}

If I change it to save the previous value of hdr->hdr.flags, and restore
it again here, everything works again.

Disabling offload_csum in Cloud Hypervisor is a usable workaround,
because then hdr->hdr.flags is always 0 to begin with anyway.

#regzbot introduced: 56a06bd40fab

Download attachment "signature.asc" of type "application/pgp-signature" (228 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ