mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-19 17:11:03 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Willem de Bruijn ec6af094ea net/packet: rx_owner_map depends on pg_vec 
Packet sockets may switch ring versions. Avoid misinterpreting state
between versions, whose fields share a union. rx_owner_map is only
allocated with a packet ring (pg_vec) and both are swapped together.
If pg_vec is NULL, meaning no packet ring was allocated, then neither
was rx_owner_map. And the field may be old state from a tpacket_v3.

Fixes: 61fad6816f ("net/packet: tpacket_rcv: avoid a producer race condition")
Reported-by: Syzbot <syzbot+1ac0994a0a0c55151121@syzkaller.appspotmail.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://lore.kernel.org/r/20211215143937.106178-1-willemdebruijn.kernel@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-12-15 17:49:36 -08:00
..
6lowpan
9p 9p: fix a bunch of checkpatch warnings 2021-11-04 21:04:25 +09:00
802 llc/snap: constify dev_addr passing 2021-10-13 09:40:46 -07:00
8021q net: vlan: fix underflow for the real_dev refcnt 2021-11-26 11:20:46 -08:00
appletalk
atm net: atm: use address setting helpers 2021-10-24 13:59:45 +01:00
ax25 ax25: constify dev_addr passing 2021-10-13 09:40:45 -07:00
batman-adv Merge branch 'exit-cleanups-for-v5.16' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2021-11-10 16:15:54 -08:00
bluetooth bluetooth: use dev_addr_set() 2021-10-25 11:01:29 -07:00
bpf bpf: Add dummy BPF STRUCT_OPS for test purpose 2021-11-01 14:10:00 -07:00
bpfilter
bridge Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-11-01 20:05:14 -07:00
caif net: caif: get ready for const netdev->dev_addr 2021-10-24 13:59:45 +01:00
can can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM 2021-11-06 17:29:32 +01:00
ceph libceph, ceph: move ceph_osdc_copy_from() into cephfs code 2021-11-08 03:29:52 +01:00
core net, neigh: clear whole pneigh_entry at alloc time 2021-12-08 17:41:44 -08:00
dcb
dccp tcp: switch orphan_count to bare per-cpu counters 2021-10-15 11:28:34 +01:00
decnet net: Remove redundant if statements 2021-08-05 13:27:50 +01:00
dns_resolver
dsa net: dsa: felix: fix broken VLAN-tagged PTP under VLAN-aware bridge 2021-11-03 14:22:00 +00:00
ethernet eth: platform: add a helper for loading netdev->dev_addr 2021-10-08 14:54:33 +01:00
ethtool ethtool: do not perform operations on net devices being unregistered 2021-12-06 16:53:32 -08:00
hsr net: hsr: Add support for redbox supervision frames 2021-10-26 14:52:17 +01:00
ieee802154 mac802154: use dev_addr_set() - manual 2021-10-20 14:27:40 +01:00
ife
ipv4 inet_diag: fix kernel-infoleak for UDP sockets 2021-12-10 21:14:49 -08:00
ipv6 seg6: fix the iif in the IPv6 socket control block 2021-12-09 07:55:42 -08:00
iucv net/iucv: Replace deprecated CPU-hotplug functions. 2021-08-09 10:13:32 +01:00
kcm
key
l2tp net/l2tp: Fix reference count leak in l2tp_udp_recv_core 2021-09-09 11:00:20 +01:00
l3mdev
lapb
llc llc/snap: constify dev_addr passing 2021-10-13 09:40:46 -07:00
mac80211 mac80211: do drv_reconfig_complete() before restarting all 2021-12-14 11:22:20 +01:00
mac802154 mac802154: use dev_addr_set() - manual 2021-10-20 14:27:40 +01:00
mctp mctp: Don't let RTM_DELROUTE delete local routes 2021-12-02 12:15:25 +00:00
mpls net: mpls: Remove rcu protection from nh_dev 2021-11-29 12:39:42 +00:00
mptcp mptcp: fix deadlock in __mptcp_push_pending() 2021-12-14 18:49:40 -08:00
ncsi net/ncsi : Add payload to be 32-bit aligned to fix dropped packets 2021-11-24 11:53:17 +00:00
netfilter netfilter: conntrack: annotate data-races around ct->timeout 2021-12-08 01:29:15 +01:00
netlabel net: fix NULL pointer reference in cipso_v4_doi_free 2021-08-30 12:23:18 +01:00
netlink net: netlink: af_netlink: Prevent empty skb by adding a check on len. 2021-11-30 17:45:01 -08:00
netrom ax25: constify dev_addr passing 2021-10-13 09:40:45 -07:00
nfc nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done 2021-12-09 07:50:32 -08:00
nsh
openvswitch include/linux/mm.h: move nr_free_buffer_pages from swap.h to mm.h 2021-11-06 13:30:43 -07:00
packet net/packet: rx_owner_map depends on pg_vec 2021-12-15 17:49:36 -08:00
phonet phonet: refcount leak in pep_sock_accep 2021-12-10 19:53:52 -08:00
psample
qrtr net: qrtr: combine nameservice into main module 2021-09-28 17:36:43 -07:00
rds rds: memory leak in __rds_conn_create() 2021-12-14 12:51:52 +00:00
rfkill
rose rose: constify dev_addr passing 2021-10-13 09:40:45 -07:00
rxrpc rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() 2021-11-29 15:40:02 +00:00
sched flow_offload: return EOPNOTSUPP for the unsupported mpls action type 2021-12-14 12:33:19 +00:00
sctp net,lsm,selinux: revert the security_sctp_assoc_established() hook 2021-11-14 12:21:53 +00:00
smc net/smc: Keep smc_close_final rc during active close 2021-12-02 12:14:36 +00:00
strparser bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding 2021-11-09 01:05:28 +01:00
sunrpc NFS client bugfixes for Linux 5.16 2021-11-27 10:33:55 -08:00
switchdev net: switchdev: merge switchdev_handle_fdb_{add,del}_to_device 2021-10-27 14:54:02 +01:00
tipc tipc: check for null after calling kmemdup 2021-11-17 20:04:52 -08:00
tls net/tls: Fix authentication failure in CCM mode 2021-11-29 12:48:28 +00:00
unix af_unix: fix regression in read after shutdown 2021-11-20 15:10:30 +00:00
vmw_vsock vsock/virtio: suppress used length validation 2021-11-22 14:49:03 +00:00
wireless cfg80211: Acquire wiphy mutex on regulatory work 2021-12-14 11:20:11 +01:00
x25
xdp xsk: Fix crash on double free in buffer pool 2021-11-12 15:55:27 +01:00
xfrm Core: 2021-11-02 06:20:58 -07:00
compat.c
devres.c
Kconfig net/core: disable NET_RX_BUSY_POLL on PREEMPT_RT 2021-10-01 15:45:10 -07:00
Makefile
socket.c Core: 2021-08-31 16:43:06 -07:00
sysctl_net.c sections: move and rename core_kernel_data() to is_kernel_core_data() 2021-11-09 10:02:50 -08:00