nf_reject.h - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt

nf_reject.h (925B)

      1/* SPDX-License-Identifier: GPL-2.0 */
      2#ifndef _NF_REJECT_H
      3#define _NF_REJECT_H
      4
      5#include <linux/types.h>
      6#include <uapi/linux/in.h>
      7
      8static inline bool nf_reject_verify_csum(struct sk_buff *skb, int dataoff,
      9					  __u8 proto)
     10{
     11	/* Skip protocols that don't use 16-bit one's complement checksum
     12	 * of the entire payload.
     13	 */
     14	switch (proto) {
     15		/* Protocols with optional checksums. */
     16		case IPPROTO_UDP: {
     17			const struct udphdr *udp_hdr;
     18			struct udphdr _udp_hdr;
     19
     20			udp_hdr = skb_header_pointer(skb, dataoff,
     21						     sizeof(_udp_hdr),
     22						     &_udp_hdr);
     23			if (!udp_hdr || udp_hdr->check)
     24				return true;
     25
     26			return false;
     27		}
     28		case IPPROTO_GRE:
     29
     30		/* Protocols with other integrity checks. */
     31		case IPPROTO_AH:
     32		case IPPROTO_ESP:
     33		case IPPROTO_SCTP:
     34
     35		/* Protocols with partial checksums. */
     36		case IPPROTO_UDPLITE:
     37		case IPPROTO_DCCP:
     38			return false;
     39	}
     40	return true;
     41}
     42
     43#endif /* _NF_REJECT_H */