[PATCH] net: fix checksum verification

[Uwe Kleine-König]

On Fri, Aug 09, 2013 at 09:32:37AM +0200, Sascha Hauer wrote:
> On Fri, Aug 09, 2013 at 07:01:24AM +0300, Baruch Siach wrote:
> > Checksum verification on data including its own checksum (as is the case with
> > IP headers) should give zero. Current code works well for the correct checksum
> > case, but fails to identify (most) errors.
> > 
> > Signed-off-by: Baruch Siach <baruch at tkos.co.il>
> > ---
> > 
> > Untested. From code inspection only.
> > 
> >  net/net.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/net/net.c b/net/net.c
> > index 0bd9084..bd7a578 100644
> > --- a/net/net.c
> > +++ b/net/net.c
> > @@ -41,7 +41,7 @@ static unsigned int net_ip_id;
> >  
> >  int net_checksum_ok(unsigned char *ptr, int len)
> >  {
> > -	return net_checksum(ptr, len) + 1;
> > +	return net_checksum(ptr, len) == 0;
> 
> D'oh. There's a bug indeed. For a good packet net_checksum returns
> 0xffff (all ones in an u16). So the check should be:
> 
> 	return net_checksum(ptr, len) == 0xffff;
with

	return net_checksum(ptr, len) + 1

net_checksum_ok returns always something >0 (i.e. success) because both
summands are converted to unsigned, and so never catches an error[1],
does it?

> U-Boot has this instead:
> 
> 	return !((net_checksum(ptr, len) + 1) & 0xfffe);
> 
> From what I see both above should be equivalent so I wonder why U-Boot
> has such a complicated code here. Some compiler optimization or is this
> something I don't see?
This isn't equivalent. The U-Boot code returns 1 iff net_checksum
returns 0 or 0xffff; 0 otherwise.

Best regards
Uwe

[1] well unless unsigned is only 16 bits wide which shouldn't be the case on
all platforms barebox is running on.

-- 
Pengutronix e.K.                           | Uwe Kleine-König            |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |