netfilter: xt_TCPMSS: handle CHECKSUM_COMPLETE in tcpmss_tg6()
In case MSS option is added in TCP options, skb length increases by 4. IPv6 needs to update skb->csum if skb has CHECKSUM_COMPLETE, otherwise kernel complains loudly in netdev_rx_csum_fault() with a stack dump. Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
efaea94aaf
commit
d6b3347bf1
@ -228,7 +228,7 @@ tcpmss_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
{
|
||||
struct ipv6hdr *ipv6h = ipv6_hdr(skb);
|
||||
u8 nexthdr;
|
||||
__be16 frag_off;
|
||||
__be16 frag_off, oldlen, newlen;
|
||||
int tcphoff;
|
||||
int ret;
|
||||
|
||||
@ -244,7 +244,12 @@ tcpmss_tg6(struct sk_buff *skb, const struct xt_action_param *par)
|
||||
return NF_DROP;
|
||||
if (ret > 0) {
|
||||
ipv6h = ipv6_hdr(skb);
|
||||
ipv6h->payload_len = htons(ntohs(ipv6h->payload_len) + ret);
|
||||
oldlen = ipv6h->payload_len;
|
||||
newlen = htons(ntohs(oldlen) + ret);
|
||||
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
||||
skb->csum = csum_add(csum_sub(skb->csum, oldlen),
|
||||
newlen);
|
||||
ipv6h->payload_len = newlen;
|
||||
}
|
||||
return XT_CONTINUE;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user