malhuda/msm-4.14
1
0
Fork 0
mirror of https://github.com/rd-stuffs/msm-4.14.git synced 2025-02-20 11:45:48 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
msm-4.14/net/ipv4
History
Willem de Bruijn 75664d8037 ip: on queued skb use skb_header_pointer instead of pskb_may_pull 
[ Upstream commit 4a06fa67c4da20148803525151845276cdb995c1 ]

Commit 2efd4fca703a ("ip: in cmsg IP(V6)_ORIGDSTADDR call
pskb_may_pull") avoided a read beyond the end of the skb linear
segment by calling pskb_may_pull.

That function can trigger a BUG_ON in pskb_expand_head if the skb is
shared, which it is when when peeking. It can also return ENOMEM.

Avoid both by switching to safer skb_header_pointer.

Fixes: 2efd4fca703a ("ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull")
Reported-by: syzbot <syzkaller@googlegroups.com>
Suggested-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-01-23 08:09:47 +01:00
..
netfilter
netfilter: x_tables: set module owner for icmp(6) matches
2018-08-24 13:09:13 +02:00
af_inet.c
gso_segment: Reset skb->mac_len after modifying network header
2018-09-29 03:06:00 -07:00
ah4.c
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
2017-06-23 14:17:31 -04:00
arp.c
arp: fix arp_filter on l3slave devices
2018-04-12 12:32:22 +02:00
cipso_ipv4.c
net/ipv4: defensive cipso option parsing
2018-11-13 11:15:04 -08:00
datagram.c
devinet.c
ipv4: igmp: guard against silly MTU values
2018-01-02 20:31:06 +01:00
esp4_offload.c
esp: Fix GRO when the headers not fully in the linear part of the skb.
2018-02-25 11:07:46 +01:00
esp4.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2017-09-01 17:42:05 -07:00
fib_frontend.c
net: ipv4: update fnhe_pmtu when first hop's MTU changes
2018-10-18 09:16:17 +02:00
fib_lookup.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fib_notifier.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fib_rules.c
net: fib_rules: Implement notification logic in core
2017-08-03 15:35:59 -07:00
fib_semantics.c
net: ipv4: update fnhe_pmtu when first hop's MTU changes
2018-10-18 09:16:17 +02:00
fib_trie.c
ipv4: do metrics match when looking up and deleting a route
2017-08-23 20:37:10 -07:00
fou.c
net: fix use-after-free in GRO with ESP
2018-07-22 14:28:44 +02:00
gre_demux.c
gre_offload.c
net: fix use-after-free in GRO with ESP
2018-07-22 14:28:44 +02:00
icmp.c
icmp: don't fail on fragment reassembly time exceeded
2017-12-20 10:10:37 +01:00
igmp.c
multicast: do not restore deleted record source filter mode to new one
2018-07-28 07:55:42 +02:00
inet_connection_sock.c
inet: make sure to grab rcu_read_lock before using ireq->ireq_opt
2018-10-18 09:16:21 +02:00
inet_diag.c
tcp: fix a race in inet_diag_dump_icsk()
2019-01-09 17:14:44 +01:00
inet_fragment.c
inet: frags: better deal with smp races
2018-11-23 08:19:27 +01:00
inet_hashtables.c
net/tcp: Fix socket lookups with SO_BINDTODEVICE
2018-07-22 14:28:46 +02:00
inet_timewait_sock.c
soreuseport: initialise timewait reuseport field
2018-05-16 10:10:24 +02:00
inetpeer.c
inetpeer: fix uninit-value in inet_getpeer
2018-05-16 10:10:24 +02:00
ip_forward.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
ip_fragment.c
net: ipv4: do not handle duplicate fragments as overlapping
2019-01-09 17:14:43 +01:00
ip_gre.c
erspan: return PACKET_REJECT when the appropriate tunnel is not found
2018-09-26 08:37:58 +02:00
ip_input.c
IPv4: early demux can return an error code
2017-10-01 03:55:47 +01:00
ip_options.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
ip_output.c
ip: hash fragments consistently
2018-07-28 07:55:41 +02:00
ip_sockglue.c
ip: on queued skb use skb_header_pointer instead of pskb_may_pull
2019-01-23 08:09:47 +01:00
ip_tunnel_core.c
ip_tunnel: don't force DF when MTU is locked
2018-11-23 08:19:25 +01:00
ip_tunnel.c
ip_tunnel: Fix name string concatenate in __ip_tunnel_create()
2018-12-08 13:03:35 +01:00
ip_vti.c
Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
2018-05-30 22:32:31 +02:00
ipcomp.c
ipconfig.c
ipconfig: Correctly initialise ic_nameservers
2018-08-03 07:50:39 +02:00
ipip.c
ipip: only increase err_count for some certain type icmp in ipip_err
2017-10-27 23:43:31 +09:00
ipmr.c
ipv4: Fix potential Spectre v1 vulnerability
2019-01-09 17:14:42 +01:00
Kconfig
ip: update policy routing config help
2017-10-12 22:57:11 -07:00
Makefile
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
netfilter.c
netfilter: use skb_to_full_sk in ip_route_me_harder
2017-02-28 12:49:36 +01:00
ping.c
ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
2018-05-19 10:20:23 +02:00
proc.c
ip: discard IPv4 datagrams with overlapping segments.
2018-09-19 22:43:47 +02:00
protocol.c
net: Add sysctl to toggle early demux for tcp and udp
2017-03-24 13:17:07 -07:00
raw_diag.c
net: ipv6: add second dif to raw socket lookups
2017-08-07 11:39:22 -07:00
raw.c
net: ipv4: fix for a race condition in raw_sendmsg
2018-01-02 20:31:08 +01:00
route.c
ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu
2018-05-30 07:52:14 +02:00
syncookies.c
tcp/dccp: fix ireq->opt races
2017-10-21 01:33:19 +01:00
sysctl_net_ipv4.c
ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
2018-07-25 11:25:09 +02:00
tcp_bbr.c
tcp_bbr: fix bw probing to raise in-flight data for very small BDPs
2018-08-03 07:50:44 +02:00
tcp_bic.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_cdg.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_cong.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2017-09-01 17:42:05 -07:00
tcp_cubic.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_dctcp.c
tcp: remove DELAYED ACK events in DCTCP
2018-08-24 13:09:17 +02:00
tcp_diag.c
tcp_diag: report TCP MD5 signing keys and addresses
2017-09-01 18:38:09 -07:00
tcp_fastopen.c
net: add rb_to_skb() and other rb tree helpers
2018-09-19 22:43:47 +02:00
tcp_highspeed.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_htcp.c
tcp: fix cwnd undo in Reno and HTCP congestion controls
2017-08-06 21:25:10 -07:00
tcp_hybla.c
tcp_illinois.c
net/tcp/illinois: replace broken algorithm reference link
2018-05-30 07:52:06 +02:00
tcp_input.c
tcp/dccp: fix lockdep issue when SYN is backlogged
2018-10-18 09:16:20 +02:00
tcp_ipv4.c
inet: make sure to grab rcu_read_lock before using ireq->ireq_opt
2018-10-18 09:16:21 +02:00
tcp_lp.c
tcp: switch TCP TS option (RFC 7323) to 1ms clock
2017-05-17 16:06:01 -04:00
tcp_metrics.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
tcp_minisocks.c
tcp: do not restart timewait timer on rst reception
2018-09-15 09:45:25 +02:00
tcp_nv.c
tcp_nv: fix potential integer overflow in tcpnv_acked
2018-04-26 11:02:13 +02:00
tcp_offload.c
gso: validate gso_type in GSO handlers
2018-01-31 14:03:47 +01:00
tcp_output.c
tcp: lack of available data can also cause TSO defer
2018-12-17 09:28:55 +01:00
tcp_probe.c
tcp: remove redundant argument from tcp_rcv_established()
2017-07-24 17:28:12 -07:00
tcp_rate.c
tcp: invalidate rate samples during SACK reneging
2018-01-02 20:31:09 +01:00
tcp_recovery.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
tcp_scalable.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_timer.c
tcp: purge write queue upon aborting the connection
2018-03-31 18:10:38 +02:00
tcp_ulp.c
tcp, ulp: add alias for all ulp modules
2018-09-15 09:45:29 +02:00
tcp_vegas.c
tcp: fix under-evaluated ssthresh in TCP Vegas
2017-12-25 14:26:30 +01:00
tcp_vegas.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
tcp_veno.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_westwood.c
tcp: Revert "tcp: remove CA_ACK_SLOWPATH"
2017-08-30 11:20:08 -07:00
tcp_yeah.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp.c
tcp: do not release socket ownership in tcp_close()
2018-12-01 09:42:51 +01:00
tunnel4.c
udp_diag.c
udp: fix rx queue len reported by diag and proc interface
2018-06-26 08:06:28 +08:00
udp_impl.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
udp_offload.c
net: fix use-after-free in GRO with ESP
2018-07-22 14:28:44 +02:00
udp_tunnel.c
net: add infrastructure to un-offload UDP tunnel port
2017-07-24 13:52:59 -07:00
udp.c
net: udp: fix handling of CHECKSUM_COMPLETE packets
2018-11-04 14:52:49 +01:00
udplite.c
xfrm4_input.c
xfrm: reset transport header back to network header after all input transforms ahave been applied
2018-11-04 14:52:37 +01:00
xfrm4_mode_beet.c
networking: make skb_pull & friends return void pointers
2017-06-16 11:48:39 -04:00
xfrm4_mode_transport.c
xfrm: reset transport header back to network header after all input transforms ahave been applied
2018-11-04 14:52:37 +01:00
xfrm4_mode_tunnel.c
xfrm: Add encapsulation header offsets while SKB is not encrypted
2017-04-14 10:07:39 +02:00
xfrm4_output.c
xfrm: Add an IPsec hardware offloading API
2017-04-14 10:06:10 +02:00
xfrm4_policy.c
ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu
2018-05-30 07:52:14 +02:00
xfrm4_protocol.c
xfrm: input: constify xfrm_input_afinfo
2017-02-09 10:22:17 +01:00
xfrm4_state.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
xfrm4_tunnel.c