tcp: md5: dont write skb head in tcp_md5_hash_header()

tcp_md5_hash_header() writes into skb header a temporary zero value,
this might confuse other users of this area.

Since tcphdr is small (20 bytes), copy it in a temporary variable and
make the change in the copy.

Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 files changed, 8 insertions, 6 deletions

diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 704adad8f07f..eefc61e3d0e4 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -2994,17 +2994,19 @@ void tcp_put_md5sig_pool(void)
 EXPORT_SYMBOL(tcp_put_md5sig_pool);
 
 int tcp_md5_hash_header(struct tcp_md5sig_pool *hp,
-                        struct tcphdr *th)
+                        const struct tcphdr *th)
 {
         struct scatterlist sg;
+        struct tcphdr hdr;
         int err;
 
-        __sum16 old_checksum = th->check;
-        th->check = 0;
+        /* We are not allowed to change tcphdr, make a local copy */
+        memcpy(&hdr, th, sizeof(hdr));
+        hdr.check = 0;
+
         /* options aren't included in the hash */
-        sg_init_one(&sg, th, sizeof(struct tcphdr));
-        err = crypto_hash_update(&hp->md5_desc, &sg, sizeof(struct tcphdr));
-        th->check = old_checksum;
+        sg_init_one(&sg, &hdr, sizeof(hdr));
+        err = crypto_hash_update(&hp->md5_desc, &sg, sizeof(hdr));
         return err;
 }
 EXPORT_SYMBOL(tcp_md5_hash_header);