Re: [PATCH bpf-next 3/5] net: ice: Add xmo_rx_checksum callback

Tue, 10 Feb 2026 09:55:33 -0800 

> diff --git a/drivers/net/ethernet/intel/ice/ice_txrx_lib.c 
> b/drivers/net/ethernet/intel/ice/ice_txrx_lib.c
> --- a/drivers/net/ethernet/intel/ice/ice_txrx_lib.c
> +++ b/drivers/net/ethernet/intel/ice/ice_txrx_lib.c

[ ... ]

> @@ -168,16 +144,49 @@
>        * we are indicating we validated the inner checksum.
>        */
>       if (decoded.tunnel_type >= LIBETH_RX_PT_TUNNEL_IP_GRENAT)
> -             skb->csum_level = 1;
> +             *cksum_meta = 1;
>
> -     skb->ip_summed = CHECKSUM_UNNECESSARY;
> +     *ip_summed = XDP_CHECKSUM_UNNECESSARY;
>       return;

For non-tunneled packets that reach this return, is cksum_meta left
uninitialized? The tunnel_type check only sets *cksum_meta = 1 for
tunneled packets, but there's no else clause setting it to 0.

The caller ice_rx_csum() declares cksum_meta without initialization:

> +static void
> +ice_rx_csum(struct ice_rx_ring *ring, struct sk_buff *skb,
> +         union ice_32b_rx_flex_desc *rx_desc, u16 ptype)
> +{
> +     enum xdp_checksum ip_summed;
> +     u32 cksum_meta;
> +
> +     ice_get_rx_csum(rx_desc, ptype, ring, &ip_summed, &cksum_meta);
> +     switch (ip_summed) {
> +     case XDP_CHECKSUM_UNNECESSARY:
> +             skb->csum_level = cksum_meta;

When ip_summed is XDP_CHECKSUM_UNNECESSARY and the packet is not tunneled,
this assigns an uninitialized value to skb->csum_level.

The original code relied on skb fields being pre-initialized to 0, but now
the refactored ice_get_rx_csum() needs to explicitly set *cksum_meta = 0
for the non-tunneled CHECKSUM_UNNECESSARY case, similar to how
checksum_none does.

> +             break;
> +     case XDP_CHECKSUM_COMPLETE:
> +             skb->csum = cksum_meta;
> +             break;
> +     default:
> +             break;
> +     }
> +     skb->ip_summed = ip_summed;
> +}

[ ... ]


---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

CI run summary: https://github.com/kernel-patches/bpf/actions/runs/21875603263

AI-authorship-score: low
AI-authorship-explanation: The commit shows typical human characteristics 
including a subtle uninitialized variable bug and minor grammatical 
imperfections in the commit message, both of which are patterns AI tools tend 
to avoid.
issues-found: 1
issue-severity-score: medium
issue-severity-explanation: Uninitialized variable causes skb->csum_level to 
receive garbage values for non-tunneled packets with valid checksums, 
potentially affecting network stack checksum handling.

Reply via email to