diff options
author | Jan Klemkow <jan@cvs.openbsd.org> | 2024-01-26 21:14:09 +0000 |
---|---|---|
committer | Jan Klemkow <jan@cvs.openbsd.org> | 2024-01-26 21:14:09 +0000 |
commit | 8fcca248b4dc1e30ca1dbbbe19825c7c48723f6e (patch) | |
tree | 9018f51b56ab7a422559d26708322c00559e8af1 | |
parent | 6992dff57c09fa64ae0eafb8d6217b8417eee397 (diff) |
Put checksum flags in bpf_hdr to use them in userland dhcpleased.
Thus, dhcpleased accept non-calculated checksums which were verified by
hardware/hypervisor.
With tweaks from dlg@
ok bluhm@
mkay tobhe@
-rw-r--r-- | sbin/dhcpleased/dhcpleased.h | 4 | ||||
-rw-r--r-- | sbin/dhcpleased/engine.c | 25 | ||||
-rw-r--r-- | sbin/dhcpleased/frontend.c | 3 | ||||
-rw-r--r-- | sys/net/bpf.c | 4 | ||||
-rw-r--r-- | sys/net/bpf.h | 3 |
5 files changed, 24 insertions, 15 deletions
diff --git a/sbin/dhcpleased/dhcpleased.h b/sbin/dhcpleased/dhcpleased.h index 80fe9dcf5fe..41749fc5031 100644 --- a/sbin/dhcpleased/dhcpleased.h +++ b/sbin/dhcpleased/dhcpleased.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dhcpleased.h,v 1.15 2023/11/25 12:00:39 florian Exp $ */ +/* $OpenBSD: dhcpleased.h,v 1.16 2024/01/26 21:14:08 jan Exp $ */ /* * Copyright (c) 2017, 2021 Florian Obser <florian@openbsd.org> @@ -287,7 +287,7 @@ struct imsg_propose_rdns { struct imsg_dhcp { uint32_t if_index; ssize_t len; - uint8_t ether_align[2]; + uint16_t csumflags; uint8_t packet[1500]; }; diff --git a/sbin/dhcpleased/engine.c b/sbin/dhcpleased/engine.c index cc6610f2d47..6d371a5a112 100644 --- a/sbin/dhcpleased/engine.c +++ b/sbin/dhcpleased/engine.c @@ -1,4 +1,4 @@ -/* $OpenBSD: engine.c,v 1.41 2023/12/14 09:58:37 claudio Exp $ */ +/* $OpenBSD: engine.c,v 1.42 2024/01/26 21:14:08 jan Exp $ */ /* * Copyright (c) 2017, 2021 Florian Obser <florian@openbsd.org> @@ -24,6 +24,7 @@ #include <sys/socket.h> #include <sys/syslog.h> #include <sys/uio.h> +#include <sys/mbuf.h> #include <net/if.h> #include <net/route.h> @@ -788,7 +789,8 @@ parse_dhcp(struct dhcpleased_iface *iface, struct imsg_dhcp *dhcp) if (rem < (size_t)ip->ip_hl << 2) goto too_short; - if (wrapsum(checksum((uint8_t *)ip, ip->ip_hl << 2, 0)) != 0) { + if ((dhcp->csumflags & M_IPV4_CSUM_IN_OK) == 0 && + wrapsum(checksum((uint8_t *)ip, ip->ip_hl << 2, 0)) != 0) { log_warnx("%s: bad IP checksum", __func__); return; } @@ -834,16 +836,19 @@ parse_dhcp(struct dhcpleased_iface *iface, struct imsg_dhcp *dhcp) p += sizeof(*udp); rem -= sizeof(*udp); - usum = udp->uh_sum; - udp->uh_sum = 0; + if ((dhcp->csumflags & M_UDP_CSUM_IN_OK) == 0) { + usum = udp->uh_sum; + udp->uh_sum = 0; - sum = wrapsum(checksum((uint8_t *)udp, sizeof(*udp), checksum(p, rem, - checksum((uint8_t *)&ip->ip_src, 2 * sizeof(ip->ip_src), - IPPROTO_UDP + ntohs(udp->uh_ulen))))); + sum = wrapsum(checksum((uint8_t *)udp, sizeof(*udp), + checksum(p, rem, + checksum((uint8_t *)&ip->ip_src, 2 * sizeof(ip->ip_src), + IPPROTO_UDP + ntohs(udp->uh_ulen))))); - if (usum != 0 && usum != sum) { - log_warnx("%s: bad UDP checksum", __func__); - return; + if (usum != 0 && usum != sum) { + log_warnx("%s: bad UDP checksum", __func__); + return; + } } if (log_getverbose() > 1) { diff --git a/sbin/dhcpleased/frontend.c b/sbin/dhcpleased/frontend.c index 74335b88e63..b80b8081e03 100644 --- a/sbin/dhcpleased/frontend.c +++ b/sbin/dhcpleased/frontend.c @@ -1,4 +1,4 @@ -/* $OpenBSD: frontend.c,v 1.32 2023/12/14 09:58:37 claudio Exp $ */ +/* $OpenBSD: frontend.c,v 1.33 2024/01/26 21:14:08 jan Exp $ */ /* * Copyright (c) 2017, 2021 Florian Obser <florian@openbsd.org> @@ -890,6 +890,7 @@ bpf_receive(int fd, short events, void *arg) } memcpy(&imsg_dhcp.packet, p + hdr->bh_hdrlen, hdr->bh_caplen); imsg_dhcp.len = hdr->bh_caplen; + imsg_dhcp.csumflags = hdr->bh_csumflags; frontend_imsg_compose_engine(IMSG_DHCP, 0, 0, &imsg_dhcp, sizeof(imsg_dhcp)); cont: diff --git a/sys/net/bpf.c b/sys/net/bpf.c index b05c5177f6e..51a1ed66ff4 100644 --- a/sys/net/bpf.c +++ b/sys/net/bpf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bpf.c,v 1.221 2023/03/09 05:56:58 dlg Exp $ */ +/* $OpenBSD: bpf.c,v 1.222 2024/01/26 21:14:08 jan Exp $ */ /* $NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $ */ /* @@ -1397,6 +1397,8 @@ _bpf_mtap(caddr_t arg, const struct mbuf *mp, const struct mbuf *m, if (ISSET(mp->m_pkthdr.csum_flags, M_FLOWID)) SET(tbh.bh_flags, BPF_F_FLOWID); + tbh.bh_csumflags = + mp->m_pkthdr.csum_flags; m_microtime(mp, &tv); } else diff --git a/sys/net/bpf.h b/sys/net/bpf.h index 9ce4dcd63a4..ab64061fb97 100644 --- a/sys/net/bpf.h +++ b/sys/net/bpf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bpf.h,v 1.71 2023/03/09 05:56:58 dlg Exp $ */ +/* $OpenBSD: bpf.h,v 1.72 2024/01/26 21:14:08 jan Exp $ */ /* $NetBSD: bpf.h,v 1.15 1996/12/13 07:57:33 mikel Exp $ */ /* @@ -161,6 +161,7 @@ struct bpf_hdr { #define BPF_F_DIR_IN (BPF_DIRECTION_IN << BPF_F_DIR_SHIFT) #define BPF_F_DIR_OUT (BPF_DIRECTION_OUT << BPF_F_DIR_SHIFT) u_int8_t bh_drops; + u_int16_t bh_csumflags; /* checksum flags */ }; #ifdef _KERNEL |