| Message ID | 20240210191556.3761064-1-linux@roeck-us.net (mailing list archive) |
|---|---|
| State | Accepted, archived |
| Headers | show |
| Series | parisc: Fix csum_ipv6_magic on 32-bit systems | expand |
From: Guenter Roeck > Sent: 10 February 2024 19:16 > > Calculating the IPv6 checksum on 32-bit systems missed overflows when > adding the proto+len fields into the checksum. This results in the > following unit test failure. > > # test_csum_ipv6_magic: ASSERTION FAILED at lib/checksum_kunit.c:506 > Expected ( u64)csum_result == ( u64)expected, but > ( u64)csum_result == 46722 (0xb682) > ( u64)expected == 46721 (0xb681) > not ok 5 test_csum_ipv6_magic > > This is probably rarely seen in the real world because proto+len are > usually small values which will rarely result in overflows when calculating > the checksum. However, the unit test code uses large values for the length > field, causing the test to fail. Isn't length limited by the protocol encoding? So this is really a bug in the unit tests for using a length that it too large for the function? David > > Fix the problem by adding the missing carry into the final checksum. > > Cc: Charlie Jenkins <charlie@rivosinc.com> > Cc: Palmer Dabbelt <palmer@rivosinc.com> > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") > Signed-off-by: Guenter Roeck <linux@roeck-us.net> > --- > arch/parisc/include/asm/checksum.h | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/parisc/include/asm/checksum.h b/arch/parisc/include/asm/checksum.h > index f705e5dd1074..e619e67440db 100644 > --- a/arch/parisc/include/asm/checksum.h > +++ b/arch/parisc/include/asm/checksum.h > @@ -163,7 +163,8 @@ static __inline__ __sum16 csum_ipv6_magic(const struct in6_addr *saddr, > " ldw,ma 4(%2), %7\n" /* 4th daddr */ > " addc %6, %0, %0\n" > " addc %7, %0, %0\n" > -" addc %3, %0, %0\n" /* fold in proto+len, catch carry */ > +" addc %3, %0, %0\n" /* fold in proto+len */ > +" addc 0, %0, %0\n" /* add carry */ > > #endif > : "=r" (sum), "=r" (saddr), "=r" (daddr), "=r" (len), > -- > 2.39.2 > - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
On 2/11/24 05:57, David Laight wrote: > From: Guenter Roeck >> Sent: 10 February 2024 19:16 >> >> Calculating the IPv6 checksum on 32-bit systems missed overflows when >> adding the proto+len fields into the checksum. This results in the >> following unit test failure. >> >> # test_csum_ipv6_magic: ASSERTION FAILED at lib/checksum_kunit.c:506 >> Expected ( u64)csum_result == ( u64)expected, but >> ( u64)csum_result == 46722 (0xb682) >> ( u64)expected == 46721 (0xb681) >> not ok 5 test_csum_ipv6_magic >> >> This is probably rarely seen in the real world because proto+len are >> usually small values which will rarely result in overflows when calculating >> the checksum. However, the unit test code uses large values for the length >> field, causing the test to fail. > > Isn't length limited by the protocol encoding? > So this is really a bug in the unit tests for using a length that > it too large for the function? > Arguable. While the length value passed to the function is not a valid packet length, it exposes a weakness in the implementation of csum_ipv6_magic() - after all, folding proto+len into the checksum _may_ overflow even for small(er) values of proto and length. It is just much less likely to happen if the length is limited to 16 bit. Guenter
On Sat, Feb 10, 2024 at 11:15:56AM -0800, Guenter Roeck wrote: > Calculating the IPv6 checksum on 32-bit systems missed overflows when > adding the proto+len fields into the checksum. This results in the > following unit test failure. > > # test_csum_ipv6_magic: ASSERTION FAILED at lib/checksum_kunit.c:506 > Expected ( u64)csum_result == ( u64)expected, but > ( u64)csum_result == 46722 (0xb682) > ( u64)expected == 46721 (0xb681) > not ok 5 test_csum_ipv6_magic > > This is probably rarely seen in the real world because proto+len are > usually small values which will rarely result in overflows when calculating > the checksum. However, the unit test code uses large values for the length > field, causing the test to fail. > > Fix the problem by adding the missing carry into the final checksum. > > Cc: Charlie Jenkins <charlie@rivosinc.com> > Cc: Palmer Dabbelt <palmer@rivosinc.com> > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") > Signed-off-by: Guenter Roeck <linux@roeck-us.net> > --- > arch/parisc/include/asm/checksum.h | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/parisc/include/asm/checksum.h b/arch/parisc/include/asm/checksum.h > index f705e5dd1074..e619e67440db 100644 > --- a/arch/parisc/include/asm/checksum.h > +++ b/arch/parisc/include/asm/checksum.h > @@ -163,7 +163,8 @@ static __inline__ __sum16 csum_ipv6_magic(const struct in6_addr *saddr, > " ldw,ma 4(%2), %7\n" /* 4th daddr */ > " addc %6, %0, %0\n" > " addc %7, %0, %0\n" > -" addc %3, %0, %0\n" /* fold in proto+len, catch carry */ > +" addc %3, %0, %0\n" /* fold in proto+len */ > +" addc 0, %0, %0\n" /* add carry */ > > #endif > : "=r" (sum), "=r" (saddr), "=r" (daddr), "=r" (len), > -- > 2.39.2 > Looks good! Tested-by: Charlie Jenkins <charlie@rivosinc.com> Reviewed-by: Charlie Jenkins <charlie@rivosinc.com>
diff --git a/arch/parisc/include/asm/checksum.h b/arch/parisc/include/asm/checksum.h index f705e5dd1074..e619e67440db 100644 --- a/arch/parisc/include/asm/checksum.h +++ b/arch/parisc/include/asm/checksum.h @@ -163,7 +163,8 @@ static __inline__ __sum16 csum_ipv6_magic(const struct in6_addr *saddr, " ldw,ma 4(%2), %7\n" /* 4th daddr */ " addc %6, %0, %0\n" " addc %7, %0, %0\n" -" addc %3, %0, %0\n" /* fold in proto+len, catch carry */ +" addc %3, %0, %0\n" /* fold in proto+len */ +" addc 0, %0, %0\n" /* add carry */ #endif : "=r" (sum), "=r" (saddr), "=r" (daddr), "=r" (len),
Calculating the IPv6 checksum on 32-bit systems missed overflows when adding the proto+len fields into the checksum. This results in the following unit test failure. # test_csum_ipv6_magic: ASSERTION FAILED at lib/checksum_kunit.c:506 Expected ( u64)csum_result == ( u64)expected, but ( u64)csum_result == 46722 (0xb682) ( u64)expected == 46721 (0xb681) not ok 5 test_csum_ipv6_magic This is probably rarely seen in the real world because proto+len are usually small values which will rarely result in overflows when calculating the checksum. However, the unit test code uses large values for the length field, causing the test to fail. Fix the problem by adding the missing carry into the final checksum. Cc: Charlie Jenkins <charlie@rivosinc.com> Cc: Palmer Dabbelt <palmer@rivosinc.com> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Guenter Roeck <linux@roeck-us.net> --- arch/parisc/include/asm/checksum.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)