Andrea Righi ec0e32da41 openvswitch: fix flow actions reallocation ... [ Upstream commit f28cd2af22 ] The flow action buffer can be resized if it's not big enough to contain all the requested flow actions. However, this resize doesn't take into account the new requested size, the buffer is only increased by a factor of 2x. This might be not enough to contain the new data, causing a buffer overflow, for example: [ 42.044472] ============================================================================= [ 42.045608] BUG kmalloc-96 (Not tainted): Redzone overwritten [ 42.046415] ----------------------------------------------------------------------------- [ 42.047715] Disabling lock debugging due to kernel taint [ 42.047716] INFO: 0x8bf2c4a5-0x720c0928. First byte 0x0 instead of 0xcc [ 42.048677] INFO: Slab 0xbc6d2040 objects=29 used=18 fp=0xdc07dec4 flags=0x2808101 [ 42.049743] INFO: Object 0xd53a3464 @offset=2528 fp=0xccdcdebb [ 42.050747] Redzone 76f1b237: cc cc cc cc cc cc cc cc ........ [ 42.051839] Object d53a3464: 6b 6b 6b 6b 6b 6b 6b 6b 0c 00 00 00 6c 00 00 00 kkkkkkkk....l... [ 42.053015] Object f49a30cc: 6c 00 0c 00 00 00 00 00 00 00 00 03 78 a3 15 f6 l...........x... [ 42.054203] Object acfe4220: 20 00 02 00 ff ff ff ff 00 00 00 00 00 00 00 00 ............... [ 42.055370] Object 21024e91: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 42.056541] Object 070e04c3: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 42.057797] Object 948a777a: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 42.059061] Redzone 8bf2c4a5: 00 00 00 00 .... [ 42.060189] Padding a681b46e: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ Fix by making sure the new buffer is properly resized to contain all the requested data. BugLink: https://bugs.launchpad.net/bugs/1813244 Signed-off-by: Andrea Righi <andrea.righi@canonical.com> Acked-by: Pravin B Shelar <pshelar@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <sashal@kernel.org>		2019-04-17 08:38:41 +02:00
..
actions.c	openvswitch: kernel datapath clone action	2018-07-08 11:13:25 +09:00
conntrack.c	openvswitch: load NAT helper	2018-10-04 21:45:16 -07:00
conntrack.h	openvswitch: Support conntrack zone limit	2018-05-25 16:45:19 -04:00
datapath.c	treewide: kmalloc() -> kmalloc_array()	2018-06-12 16:19:22 -07:00
datapath.h	openvswitch: Support conntrack zone limit	2018-05-25 16:45:19 -04:00
dp_notify.c	openvswitch: reliable interface indentification in port dumps	2017-11-05 21:49:17 +09:00
flow.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2017-12-22 11:16:31 -05:00
flow.h	openvswitch: enable NSH support	2017-11-08 16:12:33 +09:00
flow_netlink.c	openvswitch: fix flow actions reallocation	2019-04-17 08:38:41 +02:00
flow_netlink.h	openvswitch: enable NSH support	2017-11-08 16:12:33 +09:00
flow_table.c	openvswitch: Optimize operations for OvS flow_stats.	2017-07-19 13:49:39 -07:00
flow_table.h	openvswitch: Zero flows on allocation.	2015-09-22 17:33:41 -07:00
Kconfig	openvswitch: Support conntrack zone limit	2018-05-25 16:45:19 -04:00
Makefile	openvswitch: Add meter infrastructure	2017-11-13 10:37:07 +09:00
meter.c	openvswitch: meter: Fix setting meter id for new entries	2018-07-29 13:20:54 -07:00
meter.h	openvswitch: Add meter infrastructure	2017-11-13 10:37:07 +09:00
vport-geneve.c	openvswitch: do not ignore netdev errors when creating tunnel vports	2016-08-10 23:13:23 -07:00
vport-gre.c	openvswitch: do not ignore netdev errors when creating tunnel vports	2016-08-10 23:13:23 -07:00
vport-internal_dev.c	net: ovs: remove unused hardirq.h	2018-01-08 20:59:25 -05:00
vport-internal_dev.h
vport-netdev.c	net: Add extack to upper device linking	2017-10-04 21:39:33 -07:00
vport-netdev.h	openvswitch: Use dev_queue_xmit for vport send.	2015-10-22 06:46:16 -07:00
vport-vxlan.c	vxlan: get rid of redundant vxlan_dev.flags	2017-06-20 13:37:02 -04:00
vport.c	treewide: kzalloc() -> kcalloc()	2018-06-12 16:19:22 -07:00
vport.h	openvswitch: pass mac_proto to ovs_vport_send	2016-11-13 00:51:02 -05:00