Begin forwarded message:
Date: Thu, 21 Jul 2005 11:39:44 -0700 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Bugme-new] [Bug 4922] New: Bug in netfilter.c when drivers do hardware checksum generation. http://bugzilla.kernel.org/show_bug.cgi?id=4922 Summary: Bug in netfilter.c when drivers do hardware checksum generation. Kernel Version: 2.6.12.2 Status: NEW Severity: normal Owner: [EMAIL PROTECTED] Submitter: [EMAIL PROTECTED] Distribution: Has been reproduced in Fedora Core 2, Fedora Core 3, YDL 4.0. with 2.6.8, 2.6.8.1 2.6.9, 2.6.10, 2.6.12.2 Hardware Environment: x86 (tigon3 driver for BMC5705 tg3.c and ppc systems (mac mini) having ethernet drivers that do hardware IP checksums. Software Environment: See kernel revs above. Standard distributions. Problem Description: There is a bug in the Linux kernel from 2.6.7 through 2.6.12.2. The problem occurs when packets are being diverted to user space through ipq/netlink sockets on systems that have ethernet drivers with hardware IP checksum capability. It has been reproduced when user code is mangling the packet headers. Where hardware has set ip_summed field in the skb and falsely indicates that the checksum does not need to be re-generated after IP headers are mangled. This bug was originally introduced with a change to net/core/netfilter.c in the 2.6.8 distribution. Steps to reproduce: To reproduce the bug, divert packets through netlink ipq and change IP header information. The following patch fixes the problem on 2.6.12.2: --- linux-2.6.12.2/net/core/netfilter.c.orig 2005-06-29 19:00:53.000000000 -0400 +++ linux-2.6.12.2/net/core/netfilter.c 2005-07-19 19:07:18.000000000 -0400 @@ -485,6 +485,14 @@ unsigned int verdict; int ret = 0; + if ((*pskb)->ip_summed == CHECKSUM_HW) { + if (outdev == NULL) { + (*pskb)->ip_summed = CHECKSUM_NONE; + } else { + skb_checksum_help(*pskb, 0); + } + } + /* We may already have this, but read-locks nest anyway */ rcu_read_lock(); The following patch fixes the problem on 2.6.6 - 2.6.11 --- linux-2.6.7/net/core/netfilter.c 2005-07-19 13:02:11.000000000 -0400 +++ linux-2.6.7-netfilter/net/core/netfilter.c 2005-07-19 15:56:51.000000000 -0400 @@ -504,6 +504,14 @@ unsigned int verdict; int ret = 0; + if (skb->ip_summed == CHECKSUM_HW) { + if (outdev == NULL) { + skb->ip_summed = CHECKSUM_NONE; + } else { + skb_checksum_help(&skb, 0); + } + } + /* We may already have this, but read-locks nest anyway */ rcu_read_lock(); Thanks in advance for your consideration of this bug, --Tom Herbert [EMAIL PROTECTED] [EMAIL PROTECTED] ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
