mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-29 22:02:02 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/ipv4
History
Eric Dumazet 8721f36089 ipv4: frags: handle possible skb truesize change 
[ Upstream commit 4672694bd4 ]

ip_frag_queue() might call pskb_pull() on one skb that
is already in the fragment queue.

We need to take care of possible truesize change, or we
might have an imbalance of the netns frags memory usage.

IPv6 is immune to this bug, because RFC5722, Section 4,
amended by Errata ID 3089 states :

  When reassembling an IPv6 datagram, if
  one or more its constituent fragments is determined to be an
  overlapping fragment, the entire datagram (and any constituent
  fragments) MUST be silently discarded.

Fixes: 158f323b98 ("net: adjust skb->truesize in pskb_expand_head()")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-08-06 16:20:47 +02:00
..
netfilter netfilter: x_tables: initialise match/target check parameter struct 2018-07-17 11:39:32 +02:00
af_inet.c net: accept UFO datagrams from tuntap and packet 2017-12-17 15:07:58 +01:00
ah4.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2017-06-23 14:17:31 -04:00
arp.c arp: fix arp_filter on l3slave devices 2018-04-12 12:32:22 +02:00
cipso_ipv4.c tcp/dccp: fix ireq->opt races 2017-10-21 01:33:19 +01:00
datagram.c
devinet.c ipv4: igmp: guard against silly MTU values 2018-01-02 20:31:06 +01:00
esp4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
esp4_offload.c esp: Fix GRO when the headers not fully in the linear part of the skb. 2018-02-25 11:07:46 +01:00
fib_frontend.c ipv4: remove BUG_ON() from fib_compute_spec_dst 2018-08-03 07:50:44 +02:00
fib_lookup.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fib_notifier.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fib_rules.c net: fib_rules: Implement notification logic in core 2017-08-03 15:35:59 -07:00
fib_semantics.c net: metrics: add proper netlink validation 2018-06-11 22:49:19 +02:00
fib_trie.c ipv4: do metrics match when looking up and deleting a route 2017-08-23 20:37:10 -07:00
fou.c net: fix use-after-free in GRO with ESP 2018-07-22 14:28:44 +02:00
gre_demux.c
gre_offload.c net: fix use-after-free in GRO with ESP 2018-07-22 14:28:44 +02:00
icmp.c icmp: don't fail on fragment reassembly time exceeded 2017-12-20 10:10:37 +01:00
igmp.c multicast: do not restore deleted record source filter mode to new one 2018-07-28 07:55:42 +02:00
inet_connection_sock.c Revert "defer call to mem_cgroup_sk_alloc()" 2018-02-13 10:19:48 +01:00
inet_diag.c inet_diag: allow protocols to provide additional data 2017-09-01 18:38:09 -07:00
inet_fragment.c inet: frag: enforce memory limits earlier 2018-08-06 16:20:47 +02:00
inet_hashtables.c net/tcp: Fix socket lookups with SO_BINDTODEVICE 2018-07-22 14:28:46 +02:00
inet_timewait_sock.c soreuseport: initialise timewait reuseport field 2018-05-16 10:10:24 +02:00
inetpeer.c inetpeer: fix uninit-value in inet_getpeer 2018-05-16 10:10:24 +02:00
ip_forward.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip_fragment.c ipv4: frags: handle possible skb truesize change 2018-08-06 16:20:47 +02:00
ip_gre.c ip_gre: fix IFLA_MTU ignored on NEWLINK 2018-05-30 07:52:05 +02:00
ip_input.c IPv4: early demux can return an error code 2017-10-01 03:55:47 +01:00
ip_options.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip_output.c ip: hash fragments consistently 2018-07-28 07:55:41 +02:00
ip_sockglue.c ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull 2018-07-28 07:55:41 +02:00
ip_tunnel.c ip_tunnel: Clamp MTU to bounds on new link 2018-05-30 07:52:16 +02:00
ip_tunnel_core.c net: store port/representator id in metadata_dst 2017-06-25 11:42:01 -04:00
ip_vti.c Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU" 2018-05-30 22:32:31 +02:00
ipcomp.c
ipconfig.c ipconfig: Correctly initialise ic_nameservers 2018-08-03 07:50:39 +02:00
ipip.c ipip: only increase err_count for some certain type icmp in ipip_err 2017-10-27 23:43:31 +09:00
ipmr.c ipmr: properly check rhltable_init() return value 2018-06-11 22:49:19 +02:00
Kconfig ip: update policy routing config help 2017-10-12 22:57:11 -07:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netfilter.c
ping.c ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg 2018-05-19 10:20:23 +02:00
proc.c tcp: Revert "tcp: remove header prediction" 2017-08-30 11:20:09 -07:00
protocol.c
raw.c net: ipv4: fix for a race condition in raw_sendmsg 2018-01-02 20:31:08 +01:00
raw_diag.c net: ipv6: add second dif to raw socket lookups 2017-08-07 11:39:22 -07:00
route.c ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu 2018-05-30 07:52:14 +02:00
syncookies.c tcp/dccp: fix ireq->opt races 2017-10-21 01:33:19 +01:00
sysctl_net_ipv4.c ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns 2018-07-25 11:25:09 +02:00
tcp.c net: diag: Don't double-free TCP_NEW_SYN_RECV sockets in tcp_abort 2018-07-25 11:25:09 +02:00
tcp_bbr.c tcp_bbr: fix bw probing to raise in-flight data for very small BDPs 2018-08-03 07:50:44 +02:00
tcp_bic.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_cdg.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_cong.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-09-01 17:42:05 -07:00
tcp_cubic.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_dctcp.c tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode 2018-08-03 07:50:45 +02:00
tcp_diag.c tcp_diag: report TCP MD5 signing keys and addresses 2017-09-01 18:38:09 -07:00
tcp_fastopen.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tcp_highspeed.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_htcp.c tcp: fix cwnd undo in Reno and HTCP congestion controls 2017-08-06 21:25:10 -07:00
tcp_hybla.c
tcp_illinois.c net/tcp/illinois: replace broken algorithm reference link 2018-05-30 07:52:06 +02:00
tcp_input.c tcp: add one more quick ack after after ECN events 2018-08-03 07:50:45 +02:00
tcp_ipv4.c tcp: verify the checksum of the first data segment in a new connection 2018-06-26 08:06:28 +08:00
tcp_lp.c
tcp_metrics.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tcp_minisocks.c tcp/dccp: block bh before arming time_wait timer 2017-12-17 15:07:57 +01:00
tcp_nv.c tcp_nv: fix potential integer overflow in tcpnv_acked 2018-04-26 11:02:13 +02:00
tcp_offload.c gso: validate gso_type in GSO handlers 2018-01-31 14:03:47 +01:00
tcp_output.c tcp: do not cancel delay-AcK on DCTCP special ACK 2018-07-28 07:55:43 +02:00
tcp_probe.c tcp: remove redundant argument from tcp_rcv_established() 2017-07-24 17:28:12 -07:00
tcp_rate.c tcp: invalidate rate samples during SACK reneging 2018-01-02 20:31:09 +01:00
tcp_recovery.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tcp_scalable.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_timer.c tcp: purge write queue upon aborting the connection 2018-03-31 18:10:38 +02:00
tcp_ulp.c tcp: ulp: avoid module refcnt leak in tcp_set_ulp 2017-08-14 22:17:05 -07:00
tcp_vegas.c tcp: fix under-evaluated ssthresh in TCP Vegas 2017-12-25 14:26:30 +01:00
tcp_vegas.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tcp_veno.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_westwood.c tcp: Revert "tcp: remove CA_ACK_SLOWPATH" 2017-08-30 11:20:08 -07:00
tcp_yeah.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tunnel4.c
udp.c udp: fix rx queue len reported by diag and proc interface 2018-06-26 08:06:28 +08:00
udp_diag.c udp: fix rx queue len reported by diag and proc interface 2018-06-26 08:06:28 +08:00
udp_impl.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
udp_offload.c net: fix use-after-free in GRO with ESP 2018-07-22 14:28:44 +02:00
udp_tunnel.c net: add infrastructure to un-offload UDP tunnel port 2017-07-24 13:52:59 -07:00
udplite.c
xfrm4_input.c xfrm: Reinject transport-mode packets through tasklet 2018-03-03 10:24:25 +01:00
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c
xfrm4_policy.c ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu 2018-05-30 07:52:14 +02:00
xfrm4_protocol.c
xfrm4_state.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm4_tunnel.c