Eric Lee / smarc-fsl-linux-kernel

04 Nov, 2018

1 commit

  • 4fb0dc97d   net: udp: fix handling of CHECKSUM_COMPLETE packets ... Browse Code »

    [ Upstream commit db4f1be3ca9b0ef7330763d07bf4ace83ad6f913 ]

    Current handling of CHECKSUM_COMPLETE packets by the UDP stack is
    incorrect for any packet that has an incorrect checksum value.

    udp4/6_csum_init() will both make a call to
    __skb_checksum_validate_complete() to initialize/validate the csum
    field when receiving a CHECKSUM_COMPLETE packet. When this packet
    fails validation, skb->csum will be overwritten with the pseudoheader
    checksum so the packet can be fully validated by software, but the
    skb->ip_summed value will be left as CHECKSUM_COMPLETE so that way
    the stack can later warn the user about their hardware spewing bad
    checksums. Unfortunately, leaving the SKB in this state can cause
    problems later on in the checksum calculation.

    Since the the packet is still marked as CHECKSUM_COMPLETE,
    udp_csum_pull_header() will SUBTRACT the checksum of the UDP header
    from skb->csum instead of adding it, leaving us with a garbage value
    in that field. Once we try to copy the packet to userspace in the
    udp4/6_recvmsg(), we'll make a call to skb_copy_and_csum_datagram_msg()
    to checksum the packet data and add it in the garbage skb->csum value
    to perform our final validation check.

    Since the value we're validating is not the proper checksum, it's possible
    that the folded value could come out to 0, causing us not to drop the
    packet. Instead, we believe that the packet was checksummed incorrectly
    by hardware since skb->ip_summed is still CHECKSUM_COMPLETE, and we attempt
    to warn the user with netdev_rx_csum_fault(skb->dev);

    Unfortunately, since this is the UDP path, skb->dev has been overwritten
    by skb->dev_scratch and is no longer a valid pointer, so we end up
    reading invalid memory.

    This patch addresses this problem in two ways:
    1) Do not use the dev pointer when calling netdev_rx_csum_fault()
    from skb_copy_and_csum_datagram_msg(). Since this gets called
    from the UDP path where skb->dev has been overwritten, we have
    no way of knowing if the pointer is still valid. Also for the
    sake of consistency with the other uses of
    netdev_rx_csum_fault(), don't attempt to call it if the
    packet was checksummed by software.

    2) Add better CHECKSUM_COMPLETE handling to udp4/6_csum_init().
    If we receive a packet that's CHECKSUM_COMPLETE that fails
    verification (i.e. skb->csum_valid == 0), check who performed
    the calculation. It's possible that the checksum was done in
    software by the network stack earlier (such as Netfilter's
    CONNTRACK module), and if that says the checksum is bad,
    we can drop the packet immediately instead of waiting until
    we try and copy it to userspace. Otherwise, we need to
    mark the SKB as CHECKSUM_NONE, since the skb->csum field
    no longer contains the full packet checksum after the
    call to __skb_checksum_validate_complete().

    Fixes: e6afc8ace6dd ("udp: remove headers from UDP packets before queueing")
    Fixes: c84d949057ca ("udp: copy skb->truesize in the first cache line")
    Cc: Sam Kumar
    Cc: Eric Dumazet
    Signed-off-by: Sean Tranchetti
    Signed-off-by: David S. Miller
    Signed-off-by: Greg Kroah-Hartman

    Sean Tranchetti
     

17 Feb, 2018

1 commit

  • 15f35d49c   udplite: fix partial checksum initialization ... Browse Code »

    Since UDP-Lite is always using checksum, the following path is
    triggered when calculating pseudo header for it:

    udp4_csum_init() or udp6_csum_init()
    skb_checksum_init_zero_check()
    __skb_checksum_validate_complete()

    The problem can appear if skb->len is less than CHECKSUM_BREAK. In
    this particular case __skb_checksum_validate_complete() also invokes
    __skb_checksum_complete(skb). If UDP-Lite is using partial checksum
    that covers only part of a packet, the function will return bad
    checksum and the packet will be dropped.

    It can be fixed if we skip skb_checksum_init_zero_check() and only
    set the required pseudo header checksum for UDP-Lite with partial
    checksum before udp4_csum_init()/udp6_csum_init() functions return.

    Fixes: ed70fcfcee95 ("net: Call skb_checksum_init in IPv4")
    Fixes: e4f45b7f40bd ("net: Call skb_checksum_init in IPv6")
    Signed-off-by: Alexey Kodanev
    Signed-off-by: David S. Miller

    Alexey Kodanev
     

02 Nov, 2017

1 commit

  • b24413180   License cleanup: add SPDX GPL-2.0 license identifier to files with no license ... Browse Code »

    Many source files in the tree are missing licensing information, which
    makes it harder for compliance tools to determine the correct license.

    By default all files without license information are under the default
    license of the kernel, which is GPL version 2.

    Update the files which contain no license information with the 'GPL-2.0'
    SPDX license identifier. The SPDX identifier is a legally binding
    shorthand, which can be used instead of the full boiler plate text.

    This patch is based on work done by Thomas Gleixner and Kate Stewart and
    Philippe Ombredanne.

    How this work was done:

    Patches were generated and checked against linux-4.14-rc6 for a subset of
    the use cases:
    - file had no licensing information it it.
    - file was a */uapi/* one with no licensing information in it,
    - file was a */uapi/* one with existing licensing information,

    Further patches will be generated in subsequent months to fix up cases
    where non-standard license headers were used, and references to license
    had to be inferred by heuristics based on keywords.

    The analysis to determine which SPDX License Identifier to be applied to
    a file was done in a spreadsheet of side by side results from of the
    output of two independent scanners (ScanCode & Windriver) producing SPDX
    tag:value files created by Philippe Ombredanne. Philippe prepared the
    base worksheet, and did an initial spot review of a few 1000 files.

    The 4.13 kernel was the starting point of the analysis with 60,537 files
    assessed. Kate Stewart did a file by file comparison of the scanner
    results in the spreadsheet to determine which SPDX license identifier(s)
    to be applied to the file. She confirmed any determination that was not
    immediately clear with lawyers working with the Linux Foundation.

    Criteria used to select files for SPDX license identifier tagging was:
    - Files considered eligible had to be source code files.
    - Make and config files were included as candidates if they contained >5
    lines of source
    - File already had some variant of a license header in it (even if
    Reviewed-by: Philippe Ombredanne
    Reviewed-by: Thomas Gleixner
    Signed-off-by: Greg Kroah-Hartman

    Greg Kroah-Hartman
     

15 Jun, 2016

1 commit

14 Mar, 2016

1 commit

  • 1e9408296   ipv6: Pass proto to csum_ipv6_magic as __u8 instead of unsigned short ... Browse Code »

    This patch updates csum_ipv6_magic so that it correctly recognizes that
    protocol is a unsigned 8 bit value.

    This will allow us to better understand what limitations may or may not be
    present in how we handle the data. For example there are a number of
    places that call htonl on the protocol value. This is likely not necessary
    and can be replaced with a multiplication by ntohl(1) which will be
    converted to a shift by the compiler.

    Signed-off-by: Alexander Duyck
    Signed-off-by: David S. Miller

    Alexander Duyck
     

12 Feb, 2016

2 commits

  • d75f1306d   net: udp: always set up for CHECKSUM_PARTIAL offload ... Browse Code »

    If the dst device doesn't support it, it'll get fixed up later anyway
    by validate_xmit_skb(). Also, this allows us to take advantage of LCO
    to avoid summing the payload multiple times.

    Signed-off-by: Edward Cree
    Signed-off-by: David S. Miller

    Edward Cree
     
  • 179bc67f6   net: local checksum offload for encapsulation ... Browse Code »

    The arithmetic properties of the ones-complement checksum mean that a
    correctly checksummed inner packet, including its checksum, has a ones
    complement sum depending only on whatever value was used to initialise
    the checksum field before checksumming (in the case of TCP and UDP,
    this is the ones complement sum of the pseudo header, complemented).
    Consequently, if we are going to offload the inner checksum with
    CHECKSUM_PARTIAL, we can compute the outer checksum based only on the
    packed data not covered by the inner checksum, and the initial value of
    the inner checksum field.

    Signed-off-by: Edward Cree
    Signed-off-by: David S. Miller

    Edward Cree
     

05 Jun, 2014

1 commit

06 May, 2014

2 commits

  • 4068579e1   net: Implmement RFC 6936 (zero RX csums for UDP/IPv6) ... Browse Code »

    RFC 6936 relaxes the requirement of RFC 2460 that UDP/IPv6 packets which
    are received with a zero UDP checksum value must be dropped. RFC 6936
    allows zero checksums to support tunnels over UDP.

    When sk_no_check is set we allow on a socket we allow a zero IPv6
    UDP checksum. This is for both sending zero checksum and accepting
    a zero checksum on receive.

    Signed-off-by: Tom Herbert
    Signed-off-by: David S. Miller

    Tom Herbert
     
  • e4f45b7f4   net: Call skb_checksum_init in IPv6 ... Browse Code »

    Call skb_checksum_init instead of private functions.

    Signed-off-by: Tom Herbert
    Signed-off-by: David S. Miller

    Tom Herbert
     

27 Feb, 2014

1 commit

09 Jan, 2013

1 commit