[PATCH 0/1] Fix broken inner checksums for non TCP/UDP protocols

Jason A. Donenfeld Jason at zx2c4.com
Sun Aug 12 10:13:06 CEST 2018


Hey Andrejs,

Thanks a lot for this patch and for the nice write-up. I'm still not
sure, though, that I totally understand the checksumming semantics
properly. I see that this basic pattern is used in tap.c and in a few
other random drivers, but different places seem to do it differently
from that too.

Your paranoid proposal at the end of your description would be
something like this?

> if (skb->ip_summed == CHECKSUM_PARTIAL || !skb_checksum_setup(skb, true)) {
>    if (skb_checksum_help(skb))
>        return false;
> }

And the bug you're pointing out is that skb_checksum_setup returns
-EPROTO in the case of GRE and such, because a child function,
skb_checksum_setup_ip, only works for UDP/TCP?

Do you know why there exist these two separate functions in the first
place, and what the preferred use cases are for each one? Also, do you
know about the relative performance of them and how your patch or the
paranoid variant above would impact that?

Thanks,
Jason


More information about the WireGuard mailing list