Revert "netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY"

This reverts commit 5bed9f3f63f8f9d2b1758c24640cbf77b5377511. Gal Presman says: this patch broke geneve tunnels, or possibly all udp tunnels? A simple test that creates two geneve tunnels and runs tcp iperf fails and results in checksum errors (TcpInCsumErrors). Original commit wanted to fix nf_reject with zero checksum, so it appears better to change nf reject infra instead. Fixes: 5bed9f3f63f8f ("netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY") Reported-by: Gal Pressman <gal@nvidia.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Florian Westphal <fw@strlen.de> 2022-02-16 20:22:26 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2022-03-03 13:35:22 +0100
commit: bbfbf7a5e77e4c899982c7df4cf3197cb6f99be4 (patch)
tree: 53ae2fb40e8731dca179faf0829f7ef4c380da2f /net/netfilter
parent: ef132dc40a28e07ba10b707b505781ffca46b97f (diff)
1 files changed, 1 insertions, 3 deletions
diff --git a/net/netfilter/nf_conntrack_proto_udp.c b/net/netfilter/nf_conntrack_proto_udp.c
index 12f793d8fe0c..3b516cffc779 100644
--- a/net/netfilter/nf_conntrack_proto_udp.c
+++ b/net/netfilter/nf_conntrack_proto_udp.c
@@ -63,10 +63,8 @@ static bool udp_error(struct sk_buff *skb,
 	}
 
 	/* Packet with no checksum */
-	if (!hdr->check) {
-		skb->ip_summed = CHECKSUM_UNNECESSARY;
+	if (!hdr->check)
 		return false;
-	}
 
 	/* Checksum invalid? Ignore.
 	 * We skip checking packets on the outgoing path
author	Florian Westphal <fw@strlen.de>	2022-02-16 20:22:26 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2022-03-03 13:35:22 +0100
commit	bbfbf7a5e77e4c899982c7df4cf3197cb6f99be4 (patch)
tree	53ae2fb40e8731dca179faf0829f7ef4c380da2f /net/netfilter
parent	ef132dc40a28e07ba10b707b505781ffca46b97f (diff)