summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Klemkow <jan@cvs.openbsd.org>2024-01-26 21:14:09 +0000
committerJan Klemkow <jan@cvs.openbsd.org>2024-01-26 21:14:09 +0000
commit8fcca248b4dc1e30ca1dbbbe19825c7c48723f6e (patch)
tree9018f51b56ab7a422559d26708322c00559e8af1
parent6992dff57c09fa64ae0eafb8d6217b8417eee397 (diff)
Put checksum flags in bpf_hdr to use them in userland dhcpleased.
Thus, dhcpleased accept non-calculated checksums which were verified by hardware/hypervisor. With tweaks from dlg@ ok bluhm@ mkay tobhe@
-rw-r--r--sbin/dhcpleased/dhcpleased.h4
-rw-r--r--sbin/dhcpleased/engine.c25
-rw-r--r--sbin/dhcpleased/frontend.c3
-rw-r--r--sys/net/bpf.c4
-rw-r--r--sys/net/bpf.h3
5 files changed, 24 insertions, 15 deletions
diff --git a/sbin/dhcpleased/dhcpleased.h b/sbin/dhcpleased/dhcpleased.h
index 80fe9dcf5fe..41749fc5031 100644
--- a/sbin/dhcpleased/dhcpleased.h
+++ b/sbin/dhcpleased/dhcpleased.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dhcpleased.h,v 1.15 2023/11/25 12:00:39 florian Exp $ */
+/* $OpenBSD: dhcpleased.h,v 1.16 2024/01/26 21:14:08 jan Exp $ */
/*
* Copyright (c) 2017, 2021 Florian Obser <florian@openbsd.org>
@@ -287,7 +287,7 @@ struct imsg_propose_rdns {
struct imsg_dhcp {
uint32_t if_index;
ssize_t len;
- uint8_t ether_align[2];
+ uint16_t csumflags;
uint8_t packet[1500];
};
diff --git a/sbin/dhcpleased/engine.c b/sbin/dhcpleased/engine.c
index cc6610f2d47..6d371a5a112 100644
--- a/sbin/dhcpleased/engine.c
+++ b/sbin/dhcpleased/engine.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: engine.c,v 1.41 2023/12/14 09:58:37 claudio Exp $ */
+/* $OpenBSD: engine.c,v 1.42 2024/01/26 21:14:08 jan Exp $ */
/*
* Copyright (c) 2017, 2021 Florian Obser <florian@openbsd.org>
@@ -24,6 +24,7 @@
#include <sys/socket.h>
#include <sys/syslog.h>
#include <sys/uio.h>
+#include <sys/mbuf.h>
#include <net/if.h>
#include <net/route.h>
@@ -788,7 +789,8 @@ parse_dhcp(struct dhcpleased_iface *iface, struct imsg_dhcp *dhcp)
if (rem < (size_t)ip->ip_hl << 2)
goto too_short;
- if (wrapsum(checksum((uint8_t *)ip, ip->ip_hl << 2, 0)) != 0) {
+ if ((dhcp->csumflags & M_IPV4_CSUM_IN_OK) == 0 &&
+ wrapsum(checksum((uint8_t *)ip, ip->ip_hl << 2, 0)) != 0) {
log_warnx("%s: bad IP checksum", __func__);
return;
}
@@ -834,16 +836,19 @@ parse_dhcp(struct dhcpleased_iface *iface, struct imsg_dhcp *dhcp)
p += sizeof(*udp);
rem -= sizeof(*udp);
- usum = udp->uh_sum;
- udp->uh_sum = 0;
+ if ((dhcp->csumflags & M_UDP_CSUM_IN_OK) == 0) {
+ usum = udp->uh_sum;
+ udp->uh_sum = 0;
- sum = wrapsum(checksum((uint8_t *)udp, sizeof(*udp), checksum(p, rem,
- checksum((uint8_t *)&ip->ip_src, 2 * sizeof(ip->ip_src),
- IPPROTO_UDP + ntohs(udp->uh_ulen)))));
+ sum = wrapsum(checksum((uint8_t *)udp, sizeof(*udp),
+ checksum(p, rem,
+ checksum((uint8_t *)&ip->ip_src, 2 * sizeof(ip->ip_src),
+ IPPROTO_UDP + ntohs(udp->uh_ulen)))));
- if (usum != 0 && usum != sum) {
- log_warnx("%s: bad UDP checksum", __func__);
- return;
+ if (usum != 0 && usum != sum) {
+ log_warnx("%s: bad UDP checksum", __func__);
+ return;
+ }
}
if (log_getverbose() > 1) {
diff --git a/sbin/dhcpleased/frontend.c b/sbin/dhcpleased/frontend.c
index 74335b88e63..b80b8081e03 100644
--- a/sbin/dhcpleased/frontend.c
+++ b/sbin/dhcpleased/frontend.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: frontend.c,v 1.32 2023/12/14 09:58:37 claudio Exp $ */
+/* $OpenBSD: frontend.c,v 1.33 2024/01/26 21:14:08 jan Exp $ */
/*
* Copyright (c) 2017, 2021 Florian Obser <florian@openbsd.org>
@@ -890,6 +890,7 @@ bpf_receive(int fd, short events, void *arg)
}
memcpy(&imsg_dhcp.packet, p + hdr->bh_hdrlen, hdr->bh_caplen);
imsg_dhcp.len = hdr->bh_caplen;
+ imsg_dhcp.csumflags = hdr->bh_csumflags;
frontend_imsg_compose_engine(IMSG_DHCP, 0, 0, &imsg_dhcp,
sizeof(imsg_dhcp));
cont:
diff --git a/sys/net/bpf.c b/sys/net/bpf.c
index b05c5177f6e..51a1ed66ff4 100644
--- a/sys/net/bpf.c
+++ b/sys/net/bpf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bpf.c,v 1.221 2023/03/09 05:56:58 dlg Exp $ */
+/* $OpenBSD: bpf.c,v 1.222 2024/01/26 21:14:08 jan Exp $ */
/* $NetBSD: bpf.c,v 1.33 1997/02/21 23:59:35 thorpej Exp $ */
/*
@@ -1397,6 +1397,8 @@ _bpf_mtap(caddr_t arg, const struct mbuf *mp, const struct mbuf *m,
if (ISSET(mp->m_pkthdr.csum_flags,
M_FLOWID))
SET(tbh.bh_flags, BPF_F_FLOWID);
+ tbh.bh_csumflags =
+ mp->m_pkthdr.csum_flags;
m_microtime(mp, &tv);
} else
diff --git a/sys/net/bpf.h b/sys/net/bpf.h
index 9ce4dcd63a4..ab64061fb97 100644
--- a/sys/net/bpf.h
+++ b/sys/net/bpf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bpf.h,v 1.71 2023/03/09 05:56:58 dlg Exp $ */
+/* $OpenBSD: bpf.h,v 1.72 2024/01/26 21:14:08 jan Exp $ */
/* $NetBSD: bpf.h,v 1.15 1996/12/13 07:57:33 mikel Exp $ */
/*
@@ -161,6 +161,7 @@ struct bpf_hdr {
#define BPF_F_DIR_IN (BPF_DIRECTION_IN << BPF_F_DIR_SHIFT)
#define BPF_F_DIR_OUT (BPF_DIRECTION_OUT << BPF_F_DIR_SHIFT)
u_int8_t bh_drops;
+ u_int16_t bh_csumflags; /* checksum flags */
};
#ifdef _KERNEL