Re: [PATCH] net/sched: act_csum: skip malformed IPv4 headers

Next message: David Hildenbrand (Arm): "Re: [PATCH 2/2] fs/proc/task_mmu: read proc/pid/smaps_rollup under per-vma lock"
Previous message: Andy Shevchenko: "Re: [PATCH v2 00/14] list: Prepare entry iterators to cache cursor state"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jakub Kicinski

Date: Wed Jun 10 2026 - 11:09:29 EST

On Fri, 5 Jun 2026 15:29:15 +0000 Samuel Moelius wrote:
> act_csum trusts the IPv4 IHL field before using it to locate transport
> header fields. Packets with an invalid short IHL can make the action
> write checksum data into the IPv4 header instead of the intended L4
> header.
>
> The action should not repair or modify packets whose IPv4 header length
> is invalid. Treat those packets as not eligible for checksum repair and
> leave the configured action result unchanged.

I could be wrong but I think we were trying to prevent such packets
from getting in rather than fix all the places that call ip_hdr()?
Someone please correct me if I'm wrong, or ack this, otherwise I'll
toss this patch..
--
pw-bot: reject