>
err = mbuf_pullup(mbufPtr, 12); //get the first part of the ip header in
one place
ipheaderPtr = mbuf_data(mbufPtr);
NTOHS(ipheaderPtr->ip_len);
NTOHS(ipheaderPtr->ip_id);
NTOHS(ipheaderPtr->ip_off);
mbuf_outbound_finalize(mbufPtr, AF_INET, 0);
err = mbuf_pullup(mbufPtr, 12);
ipheaderPtr = mbuf_data(mbufPtr);
HTONS(ipheaderPtr->ip_len);
HTONS(ipheaderPtr->ip_id);
HTONS(ipheaderPtr->ip_off);
HTONS(ipheaderPtr->ip_sum);
That is, put the 2-byte items in host order for mbuf_outbound_finalize
and then back in network order for transmission.
What Ron said about the checksum calculation is correct, but all the 2-
byte items, including the checksum, must agree about the order they are
in. You can't have some host and some network.
That makes sense, but I'm not sure it applies here. The IP header
checksum is computed by calling in_cksum(m, len) immediately after
ip_id, ip_len, and ip_off are converted back to network byte order
(ip_output(), Stevens TCP/IP Vol 2 page 233). IP header checksum
computation is not deferred, and the checksum code itself expects
network byte order. [If IP header checksum computation can be deferred,
we'd be in more trouble because we'd have to correct for the ip_len
field and any others that are in host byte order].
The only checksum computations that are typically deferred (on Macs) are
the TCP and UDP data sum16 (CSUM_DELAY_DATA) and these don't include the
16-bit fields in the IP header. [If I'm wrong about this, I'd like to know.]
The place where the current implementation gets in trouble is that
mbuf_outbound_finalize() computes the checksum with this call:
in_delayed_cksum_offset(mbuf, protocol_offset);
which includes an implicit "length" parameter (ip->ip_len) in the IP
header itself that is expected to be in host byte order but has already
been converted to network byte order when checksum computation is
deferred to an NKE (ip_output.c):
ip = mtod(m, struct ip*);
offset = IP_VHL_HL(ip->ip_vhl) << 2 ;
// csum = in_cksum_skip(m, ip->ip_len, offset);
csum = in_cksum_skip(m, ntohs(ip->ip_len), offset); // suggested
correction
and again:
//if (offset > ip->ip_len) /* bogus offset */
if (offset > ntohs(ip->ip_len)) /* bogus offset */ // suggested
correction
The remaining question is how and when should Apple release a fix.
Should they deprecate mbuf_outbound_finalize() with a newer version? I
suspect we're still in the first wave of converting NKEs to run on
Intel. The proof is in getting a bunch of NKEs that actually work on
the platform.
Kind Regards,
- Peter
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden