malhuda/msm-4.14
1
0
Fork 0
mirror of https://github.com/rd-stuffs/msm-4.14.git synced 2025-02-20 11:45:48 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
msm-4.14/net
History
Eric Dumazet 113ab386c7 ip_gre: dont increase dev->needed_headroom on a live device 
It seems ip_gre is able to change dev->needed_headroom on the fly.

Its is not legal unfortunately and triggers a BUG in raw_sendmsg()

skb = sock_alloc_send_skb(sk, ... + LL_ALLOCATED_SPACE(rt->dst.dev)

< another cpu change dev->needed_headromm (making it bigger)

...
skb_reserve(skb, LL_RESERVED_SPACE(rt->dst.dev));

We end with LL_RESERVED_SPACE() being bigger than LL_ALLOCATED_SPACE()
-> we crash later because skb head is exhausted.

Bug introduced in commit 243aad83 in 2.6.34 (ip_gre: include route
header_len in max_headroom calculation)

Reported-by: Elmar Vonlanthen <evonlanthen@gmail.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
CC: Timo Teräs <timo.teras@iki.fi>
CC: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-10-20 16:20:30 -04:00
..
9p
net/9p: Fix kernel crash with msize 512K
2011-09-06 08:17:15 -05:00
802
snap: remove one synchronize_net()
2011-05-23 16:29:24 -04:00
8021q
vlan: reset headers on accel emulation path
2011-08-18 21:29:27 -07:00
appletalk
appletalk: Reduce switch/case indent
2011-07-01 16:11:15 -07:00
atm
atm: br2684: Fix oops due to skb->dev being NULL
2011-08-20 14:13:05 -07:00
ax25
batman-adv
batman-adv: do_bcast has to be true for broadcast packets only
2011-09-22 20:27:10 +02:00
bluetooth
bluetooth: Properly clone LSM attributes to newly created child connections
2011-10-18 23:36:43 -04:00
bridge
bridge: fix hang on removal of bridge via netlink
2011-10-18 23:24:16 -04:00
caif
caif: fix a potential NULL dereference
2011-09-16 17:40:34 -04:00
can
can bcm: fix incomplete tx_setup fix
2011-09-29 15:33:47 -04:00
ceph
Merge branch 'for-linus' of git://github.com/NewDreamNetwork/ceph-client
2011-09-29 19:58:58 -07:00
core
fib_rules: fix unresolved_rules counting
2011-10-19 19:17:41 -04:00
dcb
dcbnl: unlock on an error path in dcbnl_cee_fill()
2011-07-08 09:01:14 -07:00
dccp
net: Compute protocol sequence numbers and fragment IDs using MD5.
2011-08-06 18:33:19 -07:00
decnet
atomic: use <linux/atomic.h>
2011-07-26 16:49:47 -07:00
dns_resolver
dsa
DSA: Enable cascading in multi-chip 6131 configuration
2011-06-29 05:53:49 -07:00
econet
af_econet: Use current logging styles and neatening
2011-07-03 20:05:16 -07:00
ethernet
net: don't clear IFF_XMIT_DST_RELEASE in ether_setup
2011-09-15 14:49:44 -04:00
ieee802154
ieee802154: free skb buffer if dev isn't running
2011-06-30 16:18:09 +04:00
ipv4
ip_gre: dont increase dev->needed_headroom on a live device
2011-10-20 16:20:30 -04:00
ipv6
gro: refetch inet6_protos[] after pulling ext headers
2011-10-10 14:26:16 -04:00
ipx
irda
IRDA: Fix global type conflicts in net/irda/irsysctl.c v2
2011-09-16 19:17:09 -04:00
iucv
atomic: use <linux/atomic.h>
2011-07-26 16:49:47 -07:00
key
net: Remove casts of void *
2011-06-16 23:19:27 -04:00
l2tp
l2tp: fix a potential skb leak in l2tp_xmit_skb()
2011-10-18 23:32:00 -04:00
lapb
lapb: Reduce switch/case indent
2011-07-01 16:11:16 -07:00
llc
mac80211
mac80211: fix missing sta_lock in __sta_info_destroy
2011-09-13 14:18:38 -04:00
netfilter
Merge branch 'nf' of git://1984.lsi.us.es/net
2011-10-17 19:38:03 -04:00
netlabel
net/netlabel/netlabel_kapi.c: add missing cleanup code
2011-08-11 05:52:57 -07:00
netlink
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem
2011-06-24 15:25:51 -04:00
netrom
netrom: Reduce switch/case indent
2011-07-01 16:11:16 -07:00
nfc
NFC: add the NFC socket raw protocol
2011-07-05 15:26:58 -04:00
packet
make PACKET_STATISTICS getsockopt report consistently between ring and non-ring
2011-10-03 14:18:26 -04:00
phonet
rtnetlink: Compute and store minimum ifinfo dump size
2011-06-09 20:38:07 -07:00
rds
RDSRDMA: Fix cleanup of rds_iw_mr_pool
2011-09-29 14:57:19 -04:00
rfkill
net: rfkill: add generic gpio rfkill driver
2011-05-19 13:53:54 -04:00
rose
rose: Delete commented out references to ancient firewalling code.
2011-07-07 02:41:59 -07:00
rxrpc
rxrpc: Fix set but unused variable 'usage' in rxrpc_get_transport()
2011-05-19 18:51:50 -04:00
sched
pkt_sched: cls_rsvp.h was outdated
2011-09-15 14:49:43 -04:00
sctp
sctp: deal with multiple COOKIE_ECHO chunks
2011-09-16 17:17:22 -04:00
sunrpc
net: fix new sunrpc kernel-doc warning
2011-07-28 18:20:21 -07:00
tipc
atomic: use <linux/atomic.h>
2011-07-26 16:49:47 -07:00
unix
new helpers: kern_path_create/user_path_create
2011-07-20 01:44:05 -04:00
wanrouter
wimax
wireless
cfg80211: Fix validation of AKM suites
2011-09-21 15:58:24 -04:00
x25
x25: Prevent skb overreads when checking call user data
2011-10-17 19:31:40 -04:00
xfrm
net: check return value for dst_alloc
2011-09-27 15:32:06 -04:00
compat.c
Kconfig
NFC: add nfc subsystem core
2011-07-05 15:26:57 -04:00
Makefile
NFC: add nfc subsystem core
2011-07-05 15:26:57 -04:00
nonet.c
socket.c
sendmmsg/sendmsg: fix unsafe user pointer access
2011-08-24 19:45:03 -07:00
sysctl_net.c