From patchwork Wed Jan 2 15:24:40 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ulrich Weber X-Patchwork-Id: 209060 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 0DB312C0087 for ; Thu, 3 Jan 2013 02:31:59 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752778Ab3ABPb5 (ORCPT ); Wed, 2 Jan 2013 10:31:57 -0500 Received: from mx2.sophos.com ([145.253.124.138]:40978 "EHLO mx2.sophos.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752755Ab3ABPb5 (ORCPT ); Wed, 2 Jan 2013 10:31:57 -0500 X-Greylist: delayed 430 seconds by postgrey-1.27 at vger.kernel.org; Wed, 02 Jan 2013 10:31:56 EST Received: from mx2.sophos.com (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 5EA9018830F; Wed, 2 Jan 2013 15:24:45 +0000 (GMT) Received: from de-wie-exch3b.green.sophos (de-wie-exch3b.green.sophos [10.60.70.62]) by mx2.sophos.com (Postfix) with ESMTPS id 30D33188007; Wed, 2 Jan 2013 15:24:45 +0000 (GMT) Received: from uweber-WS (10.128.129.40) by de-wie-exch3b.green.sophos (10.60.70.65) with Microsoft SMTP Server (TLS) id 14.2.247.3; Wed, 2 Jan 2013 16:24:44 +0100 Date: Wed, 2 Jan 2013 16:24:40 +0100 From: Ulrich Weber To: CC: Subject: [PATCH] netfilter: fix IPv6 NTP checksum calculation Message-ID: <20130102152440.GA3760@uweber-WS> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-Originating-IP: [10.128.129.40] DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sophos.com; h=date:from:to:cc:subject:message-id:mime-version:content-type; s=global; bh=zMjXLjjVbIAfBqmCVKTD7QvGF24RVr6k3v9lJfOem/E=; b=i0Fcha4oOASy/dKYr2e1bN7XIgFgS+JcuYPpkjiwmPoUzJal3AHGi7QDwaO9rANnT+jhsg0DrJp3gdnVwX+p8y5KaNRvZY8n335DXkaENlHo4R0OEz9kq8rzAD5seLS1vV1iiW677dZat2zycW/r4f1QAg5Q89I9CmtIVOhi5lc= Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org csum16_add() has a broken carry detection, should be: sum += sum < (__force u16)b; Instead of fixing csum16_add, remove the custom checksum functions and use the generic csum_add/csum_sub ones. Signed-off-by: Ulrich Weber Acked-by: Patrick McHardy --- net/ipv6/netfilter/ip6t_NPT.c | 33 +++++++-------------------------- 1 file changed, 7 insertions(+), 26 deletions(-) diff --git a/net/ipv6/netfilter/ip6t_NPT.c b/net/ipv6/netfilter/ip6t_NPT.c index e948691..7302b0b 100644 --- a/net/ipv6/netfilter/ip6t_NPT.c +++ b/net/ipv6/netfilter/ip6t_NPT.c @@ -14,42 +14,23 @@ #include #include -static __sum16 csum16_complement(__sum16 a) -{ - return (__force __sum16)(0xffff - (__force u16)a); -} - -static __sum16 csum16_add(__sum16 a, __sum16 b) -{ - u16 sum; - - sum = (__force u16)a + (__force u16)b; - sum += (__force u16)a < (__force u16)b; - return (__force __sum16)sum; -} - -static __sum16 csum16_sub(__sum16 a, __sum16 b) -{ - return csum16_add(a, csum16_complement(b)); -} - static int ip6t_npt_checkentry(const struct xt_tgchk_param *par) { struct ip6t_npt_tginfo *npt = par->targinfo; - __sum16 src_sum = 0, dst_sum = 0; + __wsum src_sum = 0, dst_sum = 0; unsigned int i; if (npt->src_pfx_len > 64 || npt->dst_pfx_len > 64) return -EINVAL; for (i = 0; i < ARRAY_SIZE(npt->src_pfx.in6.s6_addr16); i++) { - src_sum = csum16_add(src_sum, - (__force __sum16)npt->src_pfx.in6.s6_addr16[i]); - dst_sum = csum16_add(dst_sum, - (__force __sum16)npt->dst_pfx.in6.s6_addr16[i]); + src_sum = csum_add(src_sum, + (__force __wsum)npt->src_pfx.in6.s6_addr16[i]); + dst_sum = csum_add(dst_sum, + (__force __wsum)npt->dst_pfx.in6.s6_addr16[i]); } - npt->adjustment = csum16_sub(src_sum, dst_sum); + npt->adjustment = (__force __sum16) csum_sub(src_sum, dst_sum); return 0; } @@ -85,7 +66,7 @@ static bool ip6t_npt_map_pfx(const struct ip6t_npt_tginfo *npt, return false; } - sum = csum16_add((__force __sum16)addr->s6_addr16[idx], + sum = (__force __sum16) csum_add((__force __wsum)addr->s6_addr16[idx], npt->adjustment); if (sum == CSUM_MANGLED_0) sum = 0;