From: Thomas Gleixner <tglx@linutronix.de>
To: Eric Dumazet <edumazet@google.com>,
gus Gusenleitner Klaus <gus@keba.com>,
Noah Goldstein <goldstein.w.n@gmail.com>
Cc: lkml <linux-kernel@vger.kernel.org>,
Ingo Molnar <mingo@redhat.com>, "bp@alien8.de" <bp@alien8.de>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"x86@kernel.org" <x86@kernel.org>,
"hpa@zytor.com" <hpa@zytor.com>,
"David S. Miller" <davem@davemloft.net>,
"dsahern@kernel.org" <dsahern@kernel.org>,
"kuba@kernel.org" <kuba@kernel.org>,
Paolo Abeni <pabeni@redhat.com>,
Al Viro <viro@zeniv.linux.org.uk>
Subject: Re: [PATCH] amd64: Fix csum_partial_copy_generic()
Date: Wed, 18 Oct 2023 17:12:57 +0200 [thread overview]
Message-ID: <87h6mo3qx2.ffs@tglx> (raw)
In-Reply-To: <CANn89iLSKJroojadGD2hvec8EyeUA5TPMKd=PmBzCJ7h2HF0zA@mail.gmail.com>
On Wed, Oct 18 2023 at 09:36, Eric Dumazet wrote:
> On Wed, Oct 18, 2023 at 8:18 AM gus Gusenleitner Klaus <gus@keba.com> wrote:
>>
>> The checksum calculation is wrong in case of an source buffer
>> containing zero bytes only. The expected return value is 0, the
>> actual return value is 0xfffffff.
>>
>> This problem occurs when a ICMP echo reply is sent that has set
>> zero identifier, sequence number and data.
>>
>> Signed-off-by: Klaus Gusenleitner <gus@keba.com>
>> ---
>> arch/x86/lib/csum-copy_64.S | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/x86/lib/csum-copy_64.S b/arch/x86/lib/csum-copy_64.S
>> index d9e16a2cf285..c8391b4f3dea 100644
>> --- a/arch/x86/lib/csum-copy_64.S
>> +++ b/arch/x86/lib/csum-copy_64.S
>> @@ -44,7 +44,7 @@ SYM_FUNC_START()
>> movq %r13, 3*8(%rsp)
>> movq %r15, 4*8(%rsp)
>>
>> - movl $-1, %eax
>> + movl $0, %eax
I don't think this is correct. See below.
>> xorl %r9d, %r9d
>> movl %edx, %ecx
>> cmpl $8, %ecx
>> --
>> 2.30.2
>>
>
> Lets CC Noah Goldstein <goldstein.w.n@gmail.com> (I thought Noah wrote
> some kunit tests, maybe I am wrong)
>
> When was this bug added ?
AFAICT, this was introduced with:
daf52375c19f ("amd64: switch csum_partial_copy_generic() to new calling conventions")
> A Fixes: tag is very much needed, and would be a needed step to CC the
> original author.
Cc'ed Al.
So the change in question is:
- movl %ecx, %eax // Original code stores ECX in EAX
+ movl $-1, %eax // EAX is preset with -1
ECX (RCX) was the 4th parameter of the original ASM function call:
extern __visible __wsum csum_partial_copy_generic(const void *src, const void *dst,
int len, __wsum sum,
int *src_err_ptr, int *dst_err_ptr);
I.e. it handed @sum into the function which means a caller provided
seed.
With the above patch the ASM function call was changed to
extern __visible __wsum csum_partial_copy_generic(const void *src, void *dst, int len);
I.e. the seed parameter was removed. AFAICT, all callers back then initialized
the seed parameter to 0 via the various wrapper interfaces which end up there.
Al?
Thanks,
tglx
next prev parent reply other threads:[~2023-10-18 15:13 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-18 6:18 [PATCH] amd64: Fix csum_partial_copy_generic() gus Gusenleitner Klaus
2023-10-18 7:36 ` Eric Dumazet
2023-10-18 15:12 ` Thomas Gleixner [this message]
2023-10-18 15:42 ` Al Viro
2023-10-18 17:37 ` Thomas Gleixner
2023-10-19 4:44 ` AW: " gus Gusenleitner Klaus
2023-10-19 5:02 ` Al Viro
2023-10-19 6:14 ` Al Viro
2023-10-19 6:39 ` Al Viro
2023-10-19 7:39 ` Eric Dumazet
2023-10-19 8:06 ` Al Viro
2023-10-20 8:32 ` Vincent Whitchurch
2023-10-20 8:32 ` Vincent Whitchurch
2023-10-20 20:27 ` David Laight
2023-10-21 7:15 ` Al Viro
2023-10-21 22:22 ` Al Viro
2023-10-22 11:03 ` David Laight
2023-10-22 11:11 ` Al Viro
2023-10-23 8:16 ` David Laight
2023-10-24 2:59 ` Al Viro
2023-10-22 19:40 ` [RFC][PATCH] fix csum_and_copy_..._user() idiocy. " Al Viro
2023-10-22 19:46 ` Al Viro
2023-10-23 10:37 ` Thomas Gleixner
2023-10-24 4:26 ` Al Viro
2023-10-24 12:31 ` Thomas Gleixner
2023-10-23 14:44 ` David Laight
2023-10-24 3:53 ` Al Viro
2023-12-05 2:21 ` [RFC][PATCHES v2] checksum stuff Al Viro
2023-12-05 2:23 ` [PATCH v2 01/18] make net/checksum.h self-contained Al Viro
2023-12-05 2:23 ` [PATCH v2 1/9] reiserfs: Avoid touching renamed directory if parent does not change Al Viro
2023-12-05 2:23 ` [PATCH v2 02/18] get rid of asm/checksum.h includes outside of include/net/checksum.h and arch Al Viro
2023-12-05 2:23 ` [PATCH v2 2/9] ocfs2: Avoid touching renamed directory if parent does not change Al Viro
2023-12-05 2:23 ` [PATCH v2 03/18] make net/checksum.h the sole user of asm/checksum.h Al Viro
2023-12-05 2:23 ` [PATCH v2 3/9] udf_rename(): only access the child content on cross-directory rename Al Viro
2023-12-05 2:23 ` [PATCH v2 4/9] ext2: Avoid reading renamed directory if parent does not change Al Viro
2023-12-05 2:23 ` [PATCH v2 04/18] Fix the csum_and_copy_..._user() idiocy Al Viro
2023-12-05 2:24 ` [PATCH v2 05/18] bits missing from csum_and_copy_{from,to}_user() unexporting Al Viro
2023-12-05 2:24 ` [PATCH v2 5/9] ext4: don't access the source subdirectory content on same-directory rename Al Viro
2023-12-05 2:24 ` [PATCH v2 06/18] consolidate csum_tcpudp_magic(), take default variant into net/checksum.h Al Viro
2023-12-05 2:24 ` [PATCH v2 6/9] f2fs: Avoid reading renamed directory if parent does not change Al Viro
2023-12-05 2:24 ` [PATCH v2 07/18] consolidate default ip_compute_csum() Al Viro
2023-12-05 2:24 ` [PATCH v2 7/9] rename(): fix the locking of subdirectories Al Viro
2023-12-05 2:24 ` [PATCH v2 08/18] alpha: pull asm-generic/checksum.h Al Viro
2023-12-05 2:24 ` [PATCH v2 8/9] kill lock_two_inodes() Al Viro
2023-12-05 2:24 ` [PATCH v2 09/18] mips: pull include of asm-generic/checksum.h out of #if Al Viro
2023-12-05 2:24 ` [PATCH v2 9/9] rename(): avoid a deadlock in the case of parents having no common ancestor Al Viro
2023-12-05 2:24 ` [PATCH v2 10/18] nios2: pull asm-generic/checksum.h Al Viro
2023-12-05 2:24 ` [PATCH v2 11/18] x86: merge csum_fold() for 32bit and 64bit Al Viro
2023-12-05 2:24 ` [PATCH v2 12/18] x86: merge ip_fast_csum() " Al Viro
2023-12-05 2:24 ` [PATCH v2 13/18] x86: merge csum_tcpudp_nofold() " Al Viro
2023-12-05 2:24 ` [PATCH v2 14/18] amd64: saner handling of odd address in csum_partial() Al Viro
2023-12-05 2:24 ` [PATCH v2 15/18] x86: optimized csum_add() is the same for 32bit and 64bit Al Viro
2023-12-05 2:24 ` [PATCH v2 16/18] x86: lift the extern for csum_partial() into checksum.h Al Viro
2023-12-05 2:24 ` [PATCH v2 17/18] x86_64: move csum_ipv6_magic() from csum-wrappers_64.c to csum-partial_64.c Al Viro
2023-12-05 2:24 ` [PATCH v2 18/18] uml/x86: use normal x86 checksum.h Al Viro
2024-01-03 22:02 ` Richard Weinberger
2023-12-05 2:27 ` [RFC][PATCHES v2] checksum stuff Al Viro
2023-12-06 11:10 ` David Laight
2023-12-06 22:43 ` Al Viro
2023-12-07 9:58 ` David Laight
2023-12-08 12:04 ` David Laight
2023-12-08 14:17 ` Al Viro
2023-12-08 15:29 ` Al Viro
2023-12-08 15:56 ` David Laight
2023-12-08 18:35 ` Al Viro
2023-10-19 11:45 ` AW: [PATCH] amd64: Fix csum_partial_copy_generic() Thomas Gleixner
2023-10-19 10:33 ` David Laight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h6mo3qx2.ffs@tglx \
--to=tglx@linutronix.de \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=goldstein.w.n@gmail.com \
--cc=gus@keba.com \
--cc=hpa@zytor.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pabeni@redhat.com \
--cc=viro@zeniv.linux.org.uk \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.