| Message ID | 20240513000953.1458015-2-aojea@google.com |
|---|---|
| State | Changes Requested, archived |
| Headers | show |
| Series | netfilter: nfqueue: incorrect sctp checksum | expand |
Antonio Ojea <aojea@google.com> wrote: > when packet is enqueued with nfqueue and GSO is enabled, checksum > calculation has to take into account the protocol, as SCTP uses a > 32 bits CRC checksum. > > Signed-off-by: Antonio Ojea <aojea@google.com> > --- > V1 -> V2: add a helper function to process the checksum > > net/netfilter/nfnetlink_queue.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c > index 00f4bd21c59b..accf4942d9ff 100644 > --- a/net/netfilter/nfnetlink_queue.c > +++ b/net/netfilter/nfnetlink_queue.c > @@ -538,6 +538,14 @@ static int nfqnl_put_bridge(struct nf_queue_entry *entry, struct sk_buff *skb) > return -1; > } > > +static int nf_queue_checksum_help(struct sk_buff *entskb) > +{ > + if (skb_csum_is_sctp(entskb)) > + return skb_crc32c_csum_help(entskb); This should be tabs, please run your patch through checkpatch.pl.
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 00f4bd21c59b..accf4942d9ff 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -538,6 +538,14 @@ static int nfqnl_put_bridge(struct nf_queue_entry *entry, struct sk_buff *skb) return -1; } +static int nf_queue_checksum_help(struct sk_buff *entskb) +{ + if (skb_csum_is_sctp(entskb)) + return skb_crc32c_csum_help(entskb); + + return skb_checksum_help(entskb); +} + static struct sk_buff * nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, struct nf_queue_entry *entry, @@ -600,7 +608,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, case NFQNL_COPY_PACKET: if (!(queue->flags & NFQA_CFG_F_GSO) && entskb->ip_summed == CHECKSUM_PARTIAL && - skb_checksum_help(entskb)) + nf_queue_checksum_help(entskb)) return NULL; data_len = READ_ONCE(queue->copy_range);
when packet is enqueued with nfqueue and GSO is enabled, checksum calculation has to take into account the protocol, as SCTP uses a 32 bits CRC checksum. Signed-off-by: Antonio Ojea <aojea@google.com> --- V1 -> V2: add a helper function to process the checksum net/netfilter/nfnetlink_queue.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-)