[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/53479: NPF: wrong checksum alignment
>Synopsis: NPF: wrong checksum alignment
>Arrival-Date: Sun Jul 29 14:30:00 +0000 2018
>Originator: Maxime Villard
>Release: -current, -8, -7 (probably)
amd64, i386, whatever
As explained here:
There is a bug when computing the TCP checksum of a received packet when
max-mss clamping was active.
The problem is that NPF expects the MSS option to be on a 16bit boundary,
while the spec (RFC793) specifies that "An option may begin on any octet
The call path is: npf_normalize() -> npf_fixup16_cksum().
Such packets are probably not seen a lot in the wild, however.
I had tested by hand-crafting the packets.
When the MSS is not on a 16bit boundary, we need to call npf_fixup16_cksum
twice on two consecutive 16bit areas, the MSS being exactly in the middle.
0 8 16 24 32
| data | MSS (low) | MSS(high) | data |
first call second call
And merge the results.
But given how NPF is written it looks like it is a headache to do just
Main Index |
Thread Index |