0

I modified a packet in tc-ingress ebpf program and then the packet is routed to leave the host machine. More specifically, I add a customized TCP option using bpf_skb_adjust_room/ctx_adjust_hroom to expand the packet.

static inline void __skb_reset_checksum_unnecessary(struct sk_buff *skb)
{
    if (skb->ip_summed == CHECKSUM_UNNECESSARY) {
        skb->ip_summed = CHECKSUM_NONE;
        skb->csum_level = 0;
    }
}

This function above is called inside bpf_skb_adjust_room/ctx_adjust_hroom.

I noticed that even if I set TCP checksum field to 0 (random value), the Linux kernel would update the checksum to a correct value in a later stage.

To provide some more detail: I am using bpf_lxc in Cilium K8S CNI.

Therefore, my questions are:

What's relationship between skb->csum and checksum field of TCP header? Where would Linux kernel modify tcp checksum field? Does ip_summed = CHECKSUM_NONE involved in this process?

Thanks in advance!

yeyushengfan
  • 3
  • 2
  • TCP _requires_ a checksum. I can be optional for UDP with IPv4, but it is required for IPv6. – Ron Maupin Jun 20 '23 at 20:18
  • "even if I set TCP checksum field to 0 (random value)" Did you set it to 0 or to a random value? – pchaigno Jun 22 '23 at 11:01
  • "the Linux kernel would update the checksum to a correct value in a later stage." How did you check this? Could it be your NIC that is computed the checksum? – pchaigno Jun 22 '23 at 11:01
  • I was using Cilium and Kind. It doesn't matter if I set it to 0 or random value. I check this by looking at debug info, wireshark capture of backend host. And the packet didn't get dropped, so I assume that means the Checksum is correct – yeyushengfan Jun 23 '23 at 12:20
  • It most likely just means that your NIC computed the checksum before sending the packets on the wire. If you want to test that, you may be able to disable it via `ethtool -K`. – pchaigno Jun 23 '23 at 13:51
  • you are correct, skb->csum is used to calculate final checksum. Checksum field in the packet is not used and therefore can be random value. Thanks! – yeyushengfan Jul 02 '23 at 20:32

0 Answers0