www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Guenter Roeck <linux@roeck-us.net>
	Tue, 13 Feb 2024 23:46:31 +0000 (15:46 -0800)
committer	Helge Deller <deller@gmx.de>
	Tue, 27 Feb 2024 21:51:45 +0000 (22:51 +0100)
commit	4b75b12d70506e31fc02356bbca60f8d5ca012d0
tree	ce17a76ef79c137fffcfcd3986a6ea3404c6b48a	tree
parent	4408ba75e4ba80c91fde7e10bccccf388f5c09be	commit \| diff

parisc: Fix csum_ipv6_magic on 64-bit systems

hppa 64-bit systems calculates the IPv6 checksum using 64-bit add
operations. The last add folds protocol and length fields into the 64-bit
result. While unlikely, this operation can overflow. The overflow can be
triggered with a code sequence such as the following.

/* try to trigger massive overflows */
memset(tmp_buf, 0xff, sizeof(struct in6_addr));
csum_result = csum_ipv6_magic((struct in6_addr *)tmp_buf,
(struct in6_addr *)tmp_buf,
0xffff, 0xff, 0xffffffff);

Fix the problem by adding any overflows from the final add operation into
the calculated checksum. Fortunately, we can do this without additional
cost by replacing the add operation used to fold the checksum into 32 bit
with "add,dc" to add in the missing carry.

Cc: Palmer Dabbelt <palmer@rivosinc.com>
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: stable@vger.kernel.org
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Charlie Jenkins <charlie@rivosinc.com>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Helge Deller <deller@gmx.de>