[PATCH 3.10 260/319] net: mangle zero checksum in skb_checksum_help()
From: Willy Tarreau
Date: Sun Feb 05 2017 - 14:28:31 EST
From: Eric Dumazet <edumazet@xxxxxxxxxx>
commit 4f2e4ad56a65f3b7d64c258e373cb71e8d2499f4 upstream.
Sending zero checksum is ok for TCP, but not for UDP.
UDPv6 receiver should by default drop a frame with a 0 checksum,
and UDPv4 would not verify the checksum and might accept a corrupted
packet.
Simply replace such checksum by 0xffff, regardless of transport.
This error was caught on SIT tunnels, but seems generic.
Signed-off-by: Eric Dumazet <edumazet@xxxxxxxxxx>
Cc: Maciej Żenczykowski <maze@xxxxxxxxxx>
Cc: Willem de Bruijn <willemb@xxxxxxxxxx>
Acked-by: Maciej Żenczykowski <maze@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Willy Tarreau <w@xxxxxx>
---
net/core/dev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/core/dev.c b/net/core/dev.c
index 408f6ee..6494918 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2234,7 +2234,7 @@ int skb_checksum_help(struct sk_buff *skb)
goto out;
}
- *(__sum16 *)(skb->data + offset) = csum_fold(csum);
+ *(__sum16 *)(skb->data + offset) = csum_fold(csum) ?: CSUM_MANGLED_0;
out_set_summed:
skb->ip_summed = CHECKSUM_NONE;
out:
--
2.8.0.rc2.1.gbe9624a