> On 3 Nov 2024, at 14:20, Alexander Bluhm <bluhm@openbsd.org> wrote:
> 
> Hi,
> 
> Some network interfaces, like lo(4) or vio(4), set the M_UDP_CSUM_OUT
> flag on incoming packets.  For optimization they produce packets
> with M_UDP_CSUM_IN_OK, but the actual checksum field in the packet
> is wrong.  If such a packet is forwared, the checksum must be
> calculated.  So they also set M_UDP_CSUM_OUT.
> 
> For protocols tunneled in UDP, udp_input() removes the header, but
> the mbuf flag stayed.  This means later processing of the packet
> may insert an UDP checksum, althoug it is not UDP anymore.
> 
> I have seen this when forwarding ping packets between two vxlan(4)
> interfaces.  Then an UDP checksum was inserted into the ICMP packet.
> This packet was later dropped due to wrong checksum.
> 
> Fix is easy.  Clear the M_UDP_CSUM_OUT flag when the UDP header is
> stripped.
> 
> ok?
> 

ok mvs

> bluhm
> 
> Index: netinet/udp_usrreq.c
> ===================================================================
> RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/udp_usrreq.c,v
> diff -u -p -r1.324 udp_usrreq.c
> --- netinet/udp_usrreq.c	6 Aug 2024 20:15:53 -0000	1.324
> +++ netinet/udp_usrreq.c	3 Nov 2024 11:08:10 -0000
> @@ -298,6 +298,7 @@ udp_input(struct mbuf **mp, int *offp, i
> 			}
> 		}
> 	}
> +	CLR(m->m_pkthdr.csum_flags, M_UDP_CSUM_OUT);
> 
> #ifdef IPSEC
> 	if (udpencap_enable && udpencap_port && esp_enable &&
>