On Tue, Nov 08, 2016 at 06:23:30PM +1100, Michael Ellerman wrote: > Paul Mackerras <pau...@ozlabs.org> writes: > > > These functions compute an IP checksum by computing a 64-bit sum and > > folding it to 32 bits (the "nofold" in their names refers to folding > > down to 16 bits). However, doing (u32) (s + (s >> 32)) is not > > sufficient to fold a 64-bit sum to 32 bits correctly. The addition > > can produce a carry out from bit 31, which needs to be added in to > > the sum to produce the correct result. > > > > To fix this, we copy the from64to32() function from lib/checksum.c > > and use that. > > This seems to have been broken since ~forever. Do we just not hit that > case very often, or do we just incorrectly report checksum failures?
I think there would be about a 1 in a billion chance of hitting it by chance, though you could probably construct a test case that would hit it every time. If you did hit it in real life it would result in a packet being dropped and presumably retransmitted, and I expect that the IP header of the retransmitted packet would be sufficiently different (i.e. different id field or something) that it wouldn't hit the bug a second time. > Should it go to stable? Probably... though nobody has actually noticed a problem in real life and pinned it down to this. Paul.
