Date: Fri, 18 Sep 2020 02:21:15 +0000 (UTC) From: Navdeep Parhar <np@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r365869 - in head/sys: netinet netinet6 Message-ID: <202009180221.08I2LFop096309@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: np Date: Fri Sep 18 02:21:15 2020 New Revision: 365869 URL: https://svnweb.freebsd.org/changeset/base/365869 Log: Add a knob to allow zero UDP checksums for UDP/IPv6 traffic on the given UDP port. This will be used by some upcoming changes to if_vxlan(4). RFC 7348 (VXLAN) says that the UDP checksum "SHOULD be transmitted as zero. When a packet is received with a UDP checksum of zero, it MUST be accepted for decapsulation." But the original IPv6 RFCs did not allow zero UDP checksum. RFC 6935 attempts to resolve this. Reviewed by: kib@ Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D25873 Modified: head/sys/netinet/udp_var.h head/sys/netinet6/udp6_usrreq.c Modified: head/sys/netinet/udp_var.h ============================================================================== --- head/sys/netinet/udp_var.h Fri Sep 18 02:10:28 2020 (r365868) +++ head/sys/netinet/udp_var.h Fri Sep 18 02:21:15 2020 (r365869) @@ -154,6 +154,9 @@ VNET_DECLARE(int, udp_log_in_vain); #define V_udp_blackhole VNET(udp_blackhole) #define V_udp_log_in_vain VNET(udp_log_in_vain) +VNET_DECLARE(int, zero_checksum_port); +#define V_zero_checksum_port VNET(zero_checksum_port) + static __inline struct inpcbinfo * udp_get_inpcbinfo(int protocol) { Modified: head/sys/netinet6/udp6_usrreq.c ============================================================================== --- head/sys/netinet6/udp6_usrreq.c Fri Sep 18 02:10:28 2020 (r365868) +++ head/sys/netinet6/udp6_usrreq.c Fri Sep 18 02:21:15 2020 (r365869) @@ -124,6 +124,11 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> +VNET_DEFINE(int, zero_checksum_port) = 0; +#define V_zero_checksum_port VNET(zero_checksum_port) +SYSCTL_INT(_net_inet6_udp6, OID_AUTO, rfc6935_port, CTLFLAG_VNET | CTLFLAG_RW, + &VNET_NAME(zero_checksum_port), 0, + "Zero UDP checksum allowed for traffic to/from this port."); /* * UDP protocol implementation. * Per RFC 768, August, 1980. @@ -267,7 +272,14 @@ udp6_input(struct mbuf **mp, int *offp, int proto) } if (uh->uh_sum == 0) { UDPSTAT_INC(udps_nosum); - goto badunlocked; + /* + * dport 0 was rejected earlier so this is OK even if + * zero_checksum_port is 0 (which is its default value). + */ + if (ntohs(uh->uh_dport) == V_zero_checksum_port) + goto skip_checksum; + else + goto badunlocked; } } @@ -287,6 +299,7 @@ udp6_input(struct mbuf **mp, int *offp, int proto) goto badunlocked; } +skip_checksum: /* * Construct sockaddr format source address. */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202009180221.08I2LFop096309>