From 2d16946bac152e251156258ac314a74f1984d421 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Wed, 1 May 2024 18:31:07 +1000 Subject: [PATCH] udp: Explicitly set checksum in guest-bound UDP headers For IPv4, UDP checksums are optional and can just be set to 0. udp_update_hdr4() ignores the checksum field entirely. Since these are set to 0 during startup, this works as intended for now. However, we'd like to share payload and UDP header buffers betweem IPv4 and IPv6, which does calculate UDP checksums. Therefore, for robustness, we should explicitly set the checksum field to 0 for guest-bound UDP packets. In the tap_udp4_send() slow path, however, we do allow IPv4 UDP checksums to be calculated as a compile time option. For consistency, use the same thing in the udp_update_hdr4() path, which will typically initialize to 0, but calculate a real checksum if configured to do so. Signed-off-by: David Gibson Signed-off-by: Stefano Brivio --- udp.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/udp.c b/udp.c index bb7d161..cc938bb 100644 --- a/udp.c +++ b/udp.c @@ -592,6 +592,7 @@ static size_t udp_update_hdr4(const struct ctx *c, struct udp4_l2_buf_t *b, in_port_t dstport, size_t dlen, const struct timespec *now) { + const struct in_addr dst = c->ip4.addr_seen; size_t l4len = dlen + sizeof(b->uh); size_t l3len = l4len + sizeof(b->iph); in_port_t srcport = ntohs(b->s_in.sin_port); @@ -617,14 +618,14 @@ static size_t udp_update_hdr4(const struct ctx *c, struct udp4_l2_buf_t *b, } b->iph.tot_len = htons(l3len); - b->iph.daddr = c->ip4.addr_seen.s_addr; + b->iph.daddr = dst.s_addr; b->iph.saddr = src.s_addr; - b->iph.check = csum_ip4_header(l3len, IPPROTO_UDP, - src, c->ip4.addr_seen); + b->iph.check = csum_ip4_header(l3len, IPPROTO_UDP, src, dst); b->uh.source = b->s_in.sin_port; b->uh.dest = htons(dstport); b->uh.len = htons(l4len); + csum_udp4(&b->uh, src, dst, b->data, dlen); tap_hdr_update(&b->taph, l3len + sizeof(b->eh)); return l4len;