mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net
History
Alexey Kodanev 4ad19de877 net: tcp6: fix double call of tcp_v6_fill_cb() 
tcp_v6_fill_cb() will be called twice if socket's state changes from
TCP_TIME_WAIT to TCP_LISTEN. That can result in control buffer data
corruption because in the second tcp_v6_fill_cb() call it's not copying
IP6CB(skb) anymore, but 'seq', 'end_seq', etc., so we can get weird and
unpredictable results. Performance loss of up to 1200% has been observed
in LTP/vxlan03 test.

This can be fixed by copying inet6_skb_parm to the beginning of 'cb'
only if xfrm6_policy_check() and tcp_v6_fill_cb() are going to be
called again.

Fixes: 2dc49d1680 ("tcp6: don't move IP6CB before xfrm6_policy_check()")

Signed-off-by: Alexey Kodanev <alexey.kodanev@oracle.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2015-03-29 13:36:05 -07:00
..
6lowpan net/6lowpan: Remove FSF address from GPL statement. 2014-12-05 12:43:04 +01:00
9p 9p/trans_virtio: fix hot-unplug 2015-03-13 15:55:41 +10:30
802
8021q vlan: advertise link netns via netlink 2015-01-23 17:51:15 -08:00
appletalk
atm put iov_iter into msghdr 2014-12-09 16:29:03 -05:00
ax25
batman-adv batman-adv: Kconfig, Add missing DEBUG_FS dependency 2015-01-07 22:17:11 +01:00
bluetooth Bluetooth: Fix potential NULL dereference 2015-02-03 09:02:12 +01:00
bridge bridge: reset bridge mtu after deleting an interface 2015-03-14 19:12:38 -04:00
caif caif: fix MSG_OOB test in caif_seqpkt_recvmsg() 2015-03-15 22:19:17 -04:00
can can: add missing initialisations in CAN related skbuffs 2015-03-09 10:22:24 +01:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2015-02-19 14:14:42 -08:00
core netns: don't clear nsid too early on removal 2015-03-29 12:58:21 -07:00
dcb
dccp net: introduce helper macro for_each_cmsghdr 2014-12-10 22:41:55 -05:00
decnet decnet: Fix obvious o/0 typo 2015-02-23 15:28:50 -05:00
dns_resolver
dsa net: dsa: Set valid phy interface type 2015-02-17 10:37:39 -08:00
ethernet net: Add Transparent Ethernet Bridging GRO support. 2015-01-02 15:46:41 -05:00
hsr net/hsr: Fix NULL pointer dereference and refcnt bugs when deleting a HSR interface. 2015-03-01 13:40:23 -05:00
ieee802154 netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
ipv4 ipmr,ip6mr: call ip6mr_free_table() on failure path 2015-03-29 12:13:54 -07:00
ipv6 net: tcp6: fix double call of tcp_v6_fill_cb() 2015-03-29 13:36:05 -07:00
ipx
irda TTY/Serial fixes for 4.0-rc3 2015-03-08 12:25:40 -07:00
iucv net: introduce helper macro for_each_cmsghdr 2014-12-10 22:41:55 -05:00
key
l2tp netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
lapb
llc net: llc: use correct size for sysctl timeout entries 2015-01-25 00:23:21 -08:00
mac80211 mac80211: ignore CSA to same channel 2015-03-16 09:36:12 +01:00
mac802154 mac802154: fix kbuild test robot warning 2015-01-03 01:51:51 +01:00
mpls net: mark some potential candidates __read_mostly 2015-01-30 17:58:39 -08:00
netfilter netfilter: nft_compat: set IP6T_F_PROTO flag if protocol is set 2015-03-22 19:32:05 +01:00
netlabel Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2015-02-11 20:25:11 -08:00
netlink rhashtable: remove indirection for grow/shrink decision functions 2015-02-27 16:06:02 -05:00
netrom
nfc NFC: nci: Move NFCEE discovery logic 2015-02-04 09:15:18 +01:00
openvswitch openvswitch: Fix serialization of non-masked set actions. 2015-03-03 14:38:57 -05:00
packet net: delete stale packet_mclist entries 2015-03-09 16:17:43 -04:00
phonet phonet netlink: allow multiple messages per skb in route dump 2015-01-19 16:20:17 -05:00
rds rds: avoid potential stack overflow 2015-03-12 00:28:01 -04:00
rfkill Last round of updates for net-next: 2015-02-04 14:57:45 -08:00
rose
rxrpc rxrpc: bogus MSG_PEEK test in rxrpc_recvmsg() 2015-03-15 22:20:09 -04:00
sched act_bpf: allow non-default TC_ACT opcodes as BPF exec outcome 2015-03-17 22:15:06 -04:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-02-05 14:33:28 -08:00
sunrpc sunrpc: fix braino in ->poll() 2015-03-08 12:53:46 -07:00
switchdev Merge branch 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild 2015-02-19 10:36:45 -08:00
tipc tipc: fix bug in link failover handling 2015-03-09 16:20:41 -04:00
unix net: remove sock_iocb 2015-01-28 23:15:07 -08:00
vmw_vsock vmci: propagate msghdr all way down to __qp_memcpy_to_queue() 2015-02-04 01:34:14 -05:00
wimax
wireless nl80211: ignore HT/VHT capabilities without QoS/WMM 2015-03-16 09:36:11 +01:00
x25
xfrm Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 2015-03-16 16:16:49 -04:00
Kconfig kconfig: use bool instead of boolean for type definition attributes 2015-01-07 13:08:04 +01:00
Makefile Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2014-12-16 15:53:03 -08:00
compat.c net: compat: Update get_compat_msghdr() to match copy_msghdr_from_user() behaviour 2015-03-20 16:31:09 -04:00
socket.c net: validate the range we feed to iov_iter_init() in sys_sendto/sys_recvfrom 2015-03-20 16:38:06 -04:00
sysctl_net.c