Date: Tue, 28 Jan 2020 17:05:18 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 243675] IPv6 checksum is wrong in output packets with extension headers Message-ID: <bug-243675-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D243675 Bug ID: 243675 Summary: IPv6 checksum is wrong in output packets with extension headers Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: fdupont@isc.org Created attachment 211135 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D211135&action= =3Dedit fix sys/netinet6/ip6_output.c ip6_output() lines ~1000 'sw_csum &=3D ~CSUM_DELAY_DATA_IPV6;' does not make sense as the 'sw_csum' variable is not used after. Obviously it should be replaced by 'm->m_pkthdr.csum_flags'. 'in6_delayed_cksum(m, plen, sizeof(struct ip6_hdr));' plen includes the extension headers so it should be 'plen - option', the start point should be 'sizeof(struct ip6_hdr) + option' i.e. the in6_delayed_cksum() call should = be: 'in6_delayed_cksum(m, plen - optlen, sizeof(struct ip6_hdr) + optlen);' I suspect a similar issue with SCTP code lines ~1018 I left line 1029: `m->m_pkthdr.csum_flags &=3D ifp->if_hwassist;` which seems to have no effect (nor sense). The in6_delayed_cksum() call line 1119 should be fixed the same way (and SC= TP code just after too). I am attaching a diff and a small program triggering the bug (it makes chec= ksum errors on the target and/or tcpdump on outgoing traffic). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-243675-227>