packet: use bpf_csum_diff to patch ICMP/ICMPv6 checksum

Instead of a handmade solution to compute a new checksum, use the standard
bpf_csum_diff function. However, leave the handmade solution as a comment in
code, as it better illustrates how the checksum actually changes.

Signed-off-by: Anton Protopopov <a.s.protopopov@gmail.com>

Author: aspsk

packet-solutions/xdp_prog_kern.c

@@ -57,10 +57,27 @@ int xdp_vlan_swap_func(struct xdp_md *ctx)
         return XDP_PASS;
 }
 
-static __always_inline __u16 csum16_add(__u16 csum, __u16 addend)
+static __always_inline __u16 csum_fold_helper(__u32 csum)
 {
-	csum += addend;
-	return csum + (csum < addend);
+	return ~((csum & 0xffff) + (csum >> 16));
+}
+
+/*
+ * The icmp_checksum_diff function takes pointers to old and new structures and
+ * the old checksum and returns the new checksum.  It uses the bpf_csum_diff
+ * helper to compute the checksum difference. Note that the sizes passed to the
+ * bpf_csum_diff helper should be multiples of 4, as it operates on 32-bit
+ * words.
+ */
+static __always_inline __u16 icmp_checksum_diff(
+		__u16 seed,
+		struct icmphdr_common *icmphdr_new,
+		struct icmphdr_common *icmphdr_old)
+{
+	__u32 csum, size = sizeof(struct icmphdr_common);
+
+	csum = bpf_csum_diff(icmphdr_old, size, icmphdr_new, size, seed);
+	return csum_fold_helper(csum);
 }
 
 /* Solution to packet03/assignment-1 */
@@ -76,8 +93,9 @@ int xdp_icmp_echo_func(struct xdp_md *ctx)
 	int icmp_type;
 	struct iphdr *iphdr;
 	struct ipv6hdr *ipv6hdr;
-	__u16 echo_reply, m0, m1;
+	__u16 echo_reply, old_csum;
 	struct icmphdr_common *icmphdr;
+	struct icmphdr_common icmphdr_old;
 	__u32 action = XDP_PASS;
 
 	/* These keep track of the next header type and iterator pointer */
@@ -119,11 +137,34 @@ int xdp_icmp_echo_func(struct xdp_md *ctx)
 	/* Swap Ethernet source and destination */
 	swap_src_dst_mac(eth);
 
-	/* Patch the packet and update the checksum */
-	m0 = * (__u16 *) icmphdr;
+
+	/* Patch the packet and update the checksum.*/
+	old_csum = icmphdr->cksum;
+	icmphdr->cksum = 0;
+	icmphdr_old = *icmphdr;
 	icmphdr->type = echo_reply;
-	m1 = * (__u16 *) icmphdr;
-	icmphdr->checksum = ~(csum16_add(csum16_add(~icmphdr->checksum, ~m0), m1));
+	icmphdr->cksum = icmp_checksum_diff(~old_csum, icmphdr, &icmphdr_old);
+
+	/* Another, less generic, but a bit more efficient way to update the
+	 * checksum is listed below.  As only one 16-bit word changed, the sum
+	 * can be patched using this formula: sum' = ~(~sum + ~m0 + m1), where
+	 * sum' is a new sum, sum is an old sum, m0 and m1 are the old and new
+	 * 16-bit words, correspondingly. In the formula above the + operation
+	 * is defined as the following function:
+	 *
+	 *     static __always_inline __u16 csum16_add(__u16 csum, __u16 addend)
+	 *     {
+	 *         csum += addend;
+	 *         return csum + (csum < addend);
+	 *     }
+	 *
+	 * So an alternative code to update the checksum might look like this:
+	 *
+	 *     __u16 m0 = * (__u16 *) icmphdr;
+	 *     icmphdr->type = echo_reply;
+	 *     __u16 m1 = * (__u16 *) icmphdr;
+	 *     icmphdr->checksum = ~(csum16_add(csum16_add(~icmphdr->checksum, ~m0), m1));
+	 */
 
 	action = XDP_TX;
 

packet03-redirecting/README.org

@@ -81,10 +81,10 @@ Use the =XDP_TX= functionality to implement an ICMP/ICMPv6 echo server.
 Namely, swap destination and source MAC addresses, then swap IP/IPv6 addresses,
 and, finally, replace the ICMP/ICMPv6 =Type= field with an appropriate value.
 
-Note that changing the =Type= field will affect the ICMP checksum. However,
-as only a small part of the packet is changing, the Incremental Internet
-Checksum (RFC 1624) can be used. Hint: see the =csum_replace2= function inside
-the Linux kernel, or use the =bpf_csum_diff= kernel helper.
+Note that changing the =Type= field will affect the ICMP checksum. However, as
+only a small part of the packet is changing, the Incremental Internet Checksum
+(RFC 1624) can be used, so use the =bpf_csum_diff= helper to update the
+checksum.
 
 To test the echo server create a new environment with both address families
 supported and load the XDP program: