Hi,
I was always wondering, why we calculate the protocol checksum in
the IP input path. henning@ introduced it with this commit.
----------------------------
revision 1.213
date: 2013/06/26 09:12:40; author: henning; state: Exp; lines: +4 -1;
put the cksum diff back, of course with the bug fixed where we could
under some circumstances repair broken checksums on the way.
ok ryan naddy mikeb
.
redo most of the protocol (tcp/udp/...) checksum handling
-assume we have hardware checksum offloading. stop mucking with the
checksum in most of the stack
-stop checksum mucking in pf, just set a "needs checksumming" flag if needed
-in all output pathes, very late, if we figure out the outbound interface
doesn't have hw cksum offloading, do the cksum in software. this especially
makes the bridge path behave like a regular output path
-little special casing for bridge still required until the broadcast path
loses its disgusting shortcut hacks, but at least it's in one place now
and not all over the stack
in6_proto_cksum_out mostly written by krw@
started at k2k11 in iceland more than 1.5 years ago - yes it took that
long, this stuff is everything but easy.
this happens to fix the infamous pf rdr bug that made us turn off proto
cksum offloading on almost all interface drivers.
----------------------------
Since procter@ fixed pf checksum update later, I think it is no
longer necessary. We can remove that chunk.
----------------------------
revision 1.980
date: 2016/08/17 03:24:11; author: procter; state: Exp; lines: +514 -293;
commitid: NB7EODatRadIbwDM;
Reintroduce 5.3-style checksum modification to preserve end-to-end checksums
when fiddling with packets but without the mess that motivated Henning to
remove it. Affects only this one aspect of Henning's checksum work. Also tweak
the basic algorithm and supply a correctness argument.
OK dlg@ deraadt@ sthen@; no objection henning@
----------------------------
I could not find any broken test case. Please test, especially
with and without network interfaces doing checksum offloading. Also
unsual bridge and pf setup would help for testing.
Note that this diff is part of my UDP in parallel diff I sent out
earlier. So testing there also helps here.
ok?
bluhm
Index: netinet/ip_input.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.380
diff -u -p -r1.380 ip_input.c
--- netinet/ip_input.c 21 Aug 2022 14:15:55 -0000 1.380
+++ netinet/ip_input.c 22 Aug 2022 12:42:46 -0000
@@ -683,18 +683,6 @@ ip_deliver(struct mbuf **mp, int *offp,
NET_ASSERT_LOCKED_EXCLUSIVE();
- /* pf might have modified stuff, might have to chksum */
- switch (af) {
- case AF_INET:
- in_proto_cksum_out(*mp, NULL);
- break;
-#ifdef INET6
- case AF_INET6:
- in6_proto_cksum_out(*mp, NULL);
- break;
-#endif /* INET6 */
- }
-
/*
* Tell launch routine the next header
*/