Re: [PATCH nf-next] netfilter: xt_CHECKSUM: avoid bad offload warnings on GSO packets

From: Florian Westphal
Date: Thu Aug 24 2017 - 09:24:10 EST

Next message: Frederic Weisbecker: "Re: [RFC PATCH 12/12] housekeeping: Reimplement isolcpus on housekeeping"
Previous message: Aviad Krawczyk: "[PATCH net-next] net-next/hinic: Fix MTU limitation"
In reply to: Davide Caratti: "Re: [PATCH nf-next] netfilter: xt_CHECKSUM: avoid bad offload warnings on GSO packets"
Next in thread: Michal Kubecek: "Re: [PATCH nf-next] netfilter: xt_CHECKSUM: avoid bad offload warnings on GSO packets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Davide Caratti <dcaratti@xxxxxxxxxx> wrote:
> Small nit: may I suggest you to call skb_csum_hwoffload_help() instead of
> skb_checksum_help(), so that we avoid corrupting SCTP packets in case they
> hit xt_CHECKSUM target?

Alternatively we could restrict the target to udp only.

AFAIU the only reason this thing exists is to fix up udp checksum
for old dhcp clients that use AF_PACKET without evaluating the extra
metadata that indicates when a 'bad' checksum is in fact ok because it
is supposed to be filled in by hardware later.

This can happen in virtual environemnt when such skb is directly passed
to vm.

Next message: Frederic Weisbecker: "Re: [RFC PATCH 12/12] housekeeping: Reimplement isolcpus on housekeeping"
Previous message: Aviad Krawczyk: "[PATCH net-next] net-next/hinic: Fix MTU limitation"
In reply to: Davide Caratti: "Re: [PATCH nf-next] netfilter: xt_CHECKSUM: avoid bad offload warnings on GSO packets"
Next in thread: Michal Kubecek: "Re: [PATCH nf-next] netfilter: xt_CHECKSUM: avoid bad offload warnings on GSO packets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]