linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 06:08:07 +00:00

No description

Find a file

Ricardo Dias b01b700e0c tcp: fix race condition when creating child sockets from syncookies [ Upstream commit `01770a1661` ] When the TCP stack is in SYN flood mode, the server child socket is created from the SYN cookie received in a TCP packet with the ACK flag set. The child socket is created when the server receives the first TCP packet with a valid SYN cookie from the client. Usually, this packet corresponds to the final step of the TCP 3-way handshake, the ACK packet. But is also possible to receive a valid SYN cookie from the first TCP data packet sent by the client, and thus create a child socket from that SYN cookie. Since a client socket is ready to send data as soon as it receives the SYN+ACK packet from the server, the client can send the ACK packet (sent by the TCP stack code), and the first data packet (sent by the userspace program) almost at the same time, and thus the server will equally receive the two TCP packets with valid SYN cookies almost at the same instant. When such event happens, the TCP stack code has a race condition that occurs between the momement a lookup is done to the established connections hashtable to check for the existence of a connection for the same client, and the moment that the child socket is added to the established connections hashtable. As a consequence, this race condition can lead to a situation where we add two child sockets to the established connections hashtable and deliver two sockets to the userspace program to the same client. This patch fixes the race condition by checking if an existing child socket exists for the same client when we are adding the second child socket to the established connections socket. If an existing child socket exists, we drop the packet and discard the second child socket to the same client. Signed-off-by: Ricardo Dias <rdias@singlestore.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Link: https://lore.kernel.org/r/20201120111133.GA67501@rdias-suse-pc.lan Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org>		2022-04-27 13:50:45 +02:00
arch	ARM: davinci: da850-evm: Avoid NULL pointer dereference	2022-04-20 09:19:39 +02:00
block	Revert "Revert "block, bfq: honor already-setup queue merges""	2022-04-15 14:18:23 +02:00
certs	certs: Trigger creation of RSA module signing key if it's not an RSA key	2021-09-15 09:47:29 +02:00
crypto	crypto: authenc - Fix sleep in atomic context in decrypt_tail	2022-04-15 14:18:04 +02:00
Documentation	dt-bindings: spi: mxic: The interrupt property is not mandatory	2022-04-15 14:18:30 +02:00
drivers	can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path	2022-04-27 13:50:45 +02:00
fs	gfs2: assign rgrp glock before compute_bitstructs	2022-04-27 13:50:45 +02:00
include	tcp: fix race condition when creating child sockets from syncookies	2022-04-27 13:50:45 +02:00
init	init/main.c: return 1 from handled __setup() functions	2022-04-15 14:18:35 +02:00
ipc	shm: extend forced shm destroy to support objects from several IPC nses	2021-12-01 09:23:35 +01:00
kernel	tracing: Dump stacktrace trigger to the corresponding instance	2022-04-27 13:50:45 +02:00
lib	lz4: fix LZ4_decompress_safe_partial read out of bound	2022-04-15 14:18:39 +02:00
LICENSES	LICENSES: Rename other to deprecated	2019-05-03 06:34:32 -06:00
mm	mm: page_alloc: fix building error on -Werror=array-compare	2022-04-27 13:50:45 +02:00
net	tcp: fix race condition when creating child sockets from syncookies	2022-04-27 13:50:45 +02:00
samples	samples/kretprobes: Fix return value if register_kretprobe() failed	2021-11-17 09:48:39 +01:00
scripts	gcc-plugins: latent_entropy: use /dev/urandom	2022-04-20 09:19:38 +02:00
security	Fix incorrect type in assignment of ipv6 port for audit	2022-04-15 14:18:22 +02:00
sound	ALSA: pcm: Test for "silence" field in struct "pcm_format_data"	2022-04-20 09:19:38 +02:00
tools	testing/selftests/mqueue: Fix mq_perf_tests to free the allocated cpu set	2022-04-20 09:19:35 +02:00
usr	initramfs: restore default compression behavior	2020-04-08 09:08:38 +02:00
virt	KVM: Prevent module exit until all VMs are freed	2022-04-15 14:18:27 +02:00
.clang-format	clang-format: Update with the latest for_each macro list	2019-08-31 10:00:51 +02:00
.cocciconfig
.get_maintainer.ignore	Opt out of scripts/get_maintainer.pl	2019-05-16 10:53:40 -07:00
.gitattributes
.gitignore	Modules updates for v5.4	2019-09-22 10:34:46 -07:00
.mailmap	ARM: SoC fixes	2019-11-10 13:41:59 -08:00
COPYING	COPYING: use the new text with points to the license files	2018-03-23 12:41:45 -06:00
CREDITS	MAINTAINERS: Remove Simon as Renesas SoC Co-Maintainer	2019-10-10 08:12:51 -07:00
Kbuild	kbuild: do not descend to ./Kbuild when cleaning	2019-08-21 21:03:58 +09:00
Kconfig	docs: kbuild: convert docs to ReST and rename to *.rst	2019-06-14 14:21:21 -06:00
MAINTAINERS	Documentation/llvm: add documentation on building w/ Clang/LLVM	2020-08-26 10:40:46 +02:00
Makefile	Linux 5.4.190	2022-04-20 09:19:40 +02:00
README	Drop all 00-INDEX files from Documentation/	2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.