summaryrefslogtreecommitdiffhomepage
path: root/pkg/tcpip/transport
diff options
context:
space:
mode:
authorgVisor bot <gvisor-bot@google.com>2021-04-20 07:33:08 +0000
committergVisor bot <gvisor-bot@google.com>2021-04-20 07:33:08 +0000
commit908e108fd49d40e9a90170156bf10a855b6414c4 (patch)
tree70d479c539876498bd70f3b6f8d538357c577e02 /pkg/tcpip/transport
parent7ddef127f6992abee8be2e28bd857b59a1a1a3c5 (diff)
parent2c8379d95738bb2bc10d2cc7cead6889379e244c (diff)
Merge release-20210412.0-36-g2c8379d95 (automated)
Diffstat (limited to 'pkg/tcpip/transport')
-rw-r--r--pkg/tcpip/transport/tcp/segment.go14
-rw-r--r--pkg/tcpip/transport/udp/endpoint.go34
2 files changed, 25 insertions, 23 deletions
diff --git a/pkg/tcpip/transport/tcp/segment.go b/pkg/tcpip/transport/tcp/segment.go
index 8edd6775b..c28641be3 100644
--- a/pkg/tcpip/transport/tcp/segment.go
+++ b/pkg/tcpip/transport/tcp/segment.go
@@ -236,20 +236,14 @@ func (s *segment) parse(skipChecksumValidation bool) bool {
s.options = []byte(s.hdr[header.TCPMinimumSize:])
s.parsedOptions = header.ParseTCPOptions(s.options)
-
- verifyChecksum := true
if skipChecksumValidation {
s.csumValid = true
- verifyChecksum = false
- }
- if verifyChecksum {
+ } else {
s.csum = s.hdr.Checksum()
- xsum := header.PseudoHeaderChecksum(ProtocolNumber, s.srcAddr, s.dstAddr, uint16(s.data.Size()+len(s.hdr)))
- xsum = s.hdr.CalculateChecksum(xsum)
- xsum = header.ChecksumVV(s.data, xsum)
- s.csumValid = xsum == 0xffff
+ payloadChecksum := header.ChecksumVV(s.data, 0)
+ payloadLength := uint16(s.data.Size())
+ s.csumValid = s.hdr.IsChecksumValid(s.srcAddr, s.dstAddr, payloadChecksum, payloadLength)
}
-
s.sequenceNumber = seqnum.Value(s.hdr.SequenceNumber())
s.ackNumber = seqnum.Value(s.hdr.AckNumber())
s.flags = s.hdr.Flags()
diff --git a/pkg/tcpip/transport/udp/endpoint.go b/pkg/tcpip/transport/udp/endpoint.go
index 956da0e0c..f26c7ca10 100644
--- a/pkg/tcpip/transport/udp/endpoint.go
+++ b/pkg/tcpip/transport/udp/endpoint.go
@@ -1255,20 +1255,29 @@ func (e *endpoint) Readiness(mask waiter.EventMask) waiter.EventMask {
}
// verifyChecksum verifies the checksum unless RX checksum offload is enabled.
-// On IPv4, UDP checksum is optional, and a zero value means the transmitter
-// omitted the checksum generation (RFC768).
-// On IPv6, UDP checksum is not optional (RFC2460 Section 8.1).
func verifyChecksum(hdr header.UDP, pkt *stack.PacketBuffer) bool {
- if !pkt.RXTransportChecksumValidated &&
- (hdr.Checksum() != 0 || pkt.NetworkProtocolNumber == header.IPv6ProtocolNumber) {
- netHdr := pkt.Network()
- xsum := header.PseudoHeaderChecksum(ProtocolNumber, netHdr.DestinationAddress(), netHdr.SourceAddress(), hdr.Length())
- for _, v := range pkt.Data().Views() {
- xsum = header.Checksum(v, xsum)
- }
- return hdr.CalculateChecksum(xsum) == 0xffff
+ if pkt.RXTransportChecksumValidated {
+ return true
+ }
+
+ // On IPv4, UDP checksum is optional, and a zero value means the transmitter
+ // omitted the checksum generation, as per RFC 768:
+ //
+ // An all zero transmitted checksum value means that the transmitter
+ // generated no checksum (for debugging or for higher level protocols that
+ // don't care).
+ //
+ // On IPv6, UDP checksum is not optional, as per RFC 2460 Section 8.1:
+ //
+ // Unlike IPv4, when UDP packets are originated by an IPv6 node, the UDP
+ // checksum is not optional.
+ if pkt.NetworkProtocolNumber == header.IPv4ProtocolNumber && hdr.Checksum() == 0 {
+ return true
}
- return true
+
+ netHdr := pkt.Network()
+ payloadChecksum := pkt.Data().AsRange().Checksum()
+ return hdr.IsChecksumValid(netHdr.SourceAddress(), netHdr.DestinationAddress(), payloadChecksum)
}
// HandlePacket is called by the stack when new packets arrive to this transport
@@ -1284,7 +1293,6 @@ func (e *endpoint) HandlePacket(id stack.TransportEndpointID, pkt *stack.PacketB
}
if !verifyChecksum(hdr, pkt) {
- // Checksum Error.
e.stack.Stats().UDP.ChecksumErrors.Increment()
e.stats.ReceiveErrors.ChecksumErrors.Increment()
return