Kernel/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-13 16:50:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux/net/ipv4
History
Willem de Bruijn 4a06fa67c4 ip: on queued skb use skb_header_pointer instead of pskb_may_pull 
Commit 2efd4fca703a ("ip: in cmsg IP(V6)_ORIGDSTADDR call
pskb_may_pull") avoided a read beyond the end of the skb linear
segment by calling pskb_may_pull.

That function can trigger a BUG_ON in pskb_expand_head if the skb is
shared, which it is when when peeking. It can also return ENOMEM.

Avoid both by switching to safer skb_header_pointer.

Fixes: 2efd4fca703a ("ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull")
Reported-by: syzbot <syzkaller@googlegroups.com>
Suggested-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-01-10 09:27:20 -05:00
..
bpfilter
bpfilter: remove trailing newline
2018-07-24 14:10:42 -07:00
netfilter
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next
2018-12-20 18:20:26 -08:00
af_inet.c
net: use indirect call wrappers at GRO transport layer
2018-12-15 13:23:02 -08:00
ah4.c
net-ipv4: remove 2 always zero parameters from ipv4_redirect()
2018-09-26 20:30:55 -07:00
arp.c
net: Evict neighbor entries on carrier down
2018-10-12 09:47:39 -07:00
cipso_ipv4.c
net/ipv4: defensive cipso option parsing
2018-09-17 19:37:46 -07:00
datagram.c
ipv4: Allow sending multicast packets on specific i/f using VRF socket
2018-10-02 22:28:17 -07:00
devinet.c
netlink: fixup regression in RTM_GETADDR
2019-01-04 12:47:06 -08:00
esp4_offload.c
net: use skb_sec_path helper in more places
2018-12-19 11:21:37 -08:00
esp4.c
net: use skb_sec_path helper in more places
2018-12-19 11:21:37 -08:00
fib_frontend.c
net: Don't return invalid table id error when dumping all families
2018-10-24 14:06:25 -07:00
fib_lookup.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fib_notifier.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fib_rules.c
ipv4: fib_rules: Fix possible infinite loop in fib_empty_table
2018-12-30 12:57:04 -08:00
fib_semantics.c
net: Add extack argument to ip_fib_metrics_init
2018-11-06 15:00:45 -08:00
fib_trie.c
net/ipv4: Plumb support for filtering route dumps
2018-10-16 00:13:12 -07:00
fou.c
fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
2019-01-04 13:06:07 -08:00
gre_demux.c
net: Convert protocol error handlers from void to int
2018-11-08 17:13:08 -08:00
gre_offload.c
Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net
2018-07-03 10:29:26 +09:00
icmp.c
net: Convert protocol error handlers from void to int
2018-11-08 17:13:08 -08:00
igmp.c
ipv4/igmp: fix v1/v2 switchback timeout based on rfc3376, 8.12
2018-10-29 20:26:06 -07:00
inet_connection_sock.c
inet: minor optimization for backlog setting in listen(2)
2018-11-07 22:31:07 -08:00
inet_diag.c
tcp: fix a race in inet_diag_dump_icsk()
2018-12-20 19:23:22 -08:00
inet_fragment.c
inet: frags: better deal with smp races
2018-11-08 18:40:30 -08:00
inet_hashtables.c
net: dccp: fix kernel crash on module load
2018-12-24 15:27:56 -08:00
inet_timewait_sock.c
soreuseport: initialise timewait reuseport field
2018-04-07 22:32:32 -04:00
inetpeer.c
inetpeer: fix uninit-value in inet_getpeer
2018-04-09 10:57:35 -04:00
ip_forward.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-12-20 11:53:36 -08:00
ip_fragment.c
net: ipv4: do not handle duplicate fragments as overlapping
2018-12-15 11:50:40 -08:00
ip_gre.c
ip: validate header length on virtual device xmit
2019-01-01 12:05:02 -08:00
ip_input.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-12-09 21:43:31 -08:00
ip_options.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
ip_output.c
sk_buff: add skb extension infrastructure
2018-12-19 11:21:37 -08:00
ip_sockglue.c
ip: on queued skb use skb_header_pointer instead of pskb_may_pull
2019-01-10 09:27:20 -05:00
ip_tunnel_core.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-12-24 16:19:56 -08:00
ip_tunnel.c
ip: validate header length on virtual device xmit
2019-01-01 12:05:02 -08:00
ip_vti.c
ip: validate header length on virtual device xmit
2019-01-01 12:05:02 -08:00
ipcomp.c
net-ipv4: remove 2 always zero parameters from ipv4_redirect()
2018-09-26 20:30:55 -07:00
ipconfig.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-12-20 11:53:36 -08:00
ipip.c
net: Convert protocol error handlers from void to int
2018-11-08 17:13:08 -08:00
ipmr_base.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-10-19 11:03:06 -07:00
ipmr.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-12-20 11:53:36 -08:00
Kconfig
net: remove blank lines at end of file
2018-07-24 14:10:43 -07:00
Makefile
bpf, sockmap: convert to generic sk_msg interface
2018-10-15 12:23:19 -07:00
metrics.c
net: Add extack argument to ip_fib_metrics_init
2018-11-06 15:00:45 -08:00
netfilter.c
netfilter: utils: move nf_ip_checksum* from ipv4 to utils
2018-07-16 17:51:48 +02:00
netlink.c
ipv4: support sport, dport and ip_proto in RTM_GETROUTE
2018-05-23 15:14:12 -04:00
ping.c
ipv4: Allow sending multicast packets on specific i/f using VRF socket
2018-10-02 22:28:17 -07:00
proc.c
tcp: implement coalescing on backlog queue
2018-11-30 13:26:54 -08:00
protocol.c
fou, fou6: ICMP error handlers for FoU and GUE
2018-11-08 17:13:08 -08:00
raw_diag.c
net: ipv6: add second dif to raw socket lookups
2017-08-07 11:39:22 -07:00
raw.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-12-20 11:53:36 -08:00
route.c
net: ipv4: Set skb->dev for output route resolution
2018-12-20 16:42:39 -08:00
syncookies.c
tcp: provide earliest departure time in skb->tstamp
2018-09-21 19:37:59 -07:00
sysctl_net_ipv4.c
net: provide a sysctl raw_l3mdev_accept for raw socket lookup with VRFs
2018-11-07 16:12:38 -08:00
tcp_bbr.c
tcp_bbr: update comments to reflect pacing_margin_percent
2018-11-08 20:46:17 -08:00
tcp_bic.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_bpf.c
bpf: sk_msg, sock{map|hash} redirect through ULP
2018-12-20 23:47:09 +01:00
tcp_cdg.c
tcp: cdg: use tcp high resolution clock cache
2018-10-15 22:56:42 -07:00
tcp_cong.c
tcp: Namespace-ify sysctl_tcp_default_congestion_control
2017-11-15 14:09:52 +09:00
tcp_cubic.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_dctcp.c
tcp: refactor DCTCP ECN ACK handling
2018-10-10 22:26:00 -07:00
tcp_dctcp.h
tcp: refactor DCTCP ECN ACK handling
2018-10-10 22:26:00 -07:00
tcp_diag.c
net: sock: replace sk_state_load with inet_sk_state_load and remove sk_state_store
2017-12-20 14:00:25 -05:00
tcp_fastopen.c
tcp: pause Fast Open globally after third consecutive timeout
2017-12-13 15:51:12 -05:00
tcp_highspeed.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_htcp.c
tcp: fix cwnd undo in Reno and HTCP congestion controls
2017-08-06 21:25:10 -07:00
tcp_hybla.c
tcp: make undo_cwnd mandatory for congestion modules
2016-11-21 13:20:17 -05:00
tcp_illinois.c
net/tcp/illinois: replace broken algorithm reference link
2018-02-28 12:03:47 -05:00
tcp_input.c
tcp: take care of compressed acks in tcp_add_reno_sack()
2018-11-30 13:26:53 -08:00
tcp_ipv4.c
tcp: md5: add tcp_md5_needed jump label
2018-11-30 13:28:03 -08:00
tcp_lp.c
tcp: switch TCP TS option (RFC 7323) to 1ms clock
2017-05-17 16:06:01 -04:00
tcp_metrics.c
mm: convert totalram_pages and totalhigh_pages variables to atomic
2018-12-28 12:11:47 -08:00
tcp_minisocks.c
tcp: do not restart timewait timer on rst reception
2018-08-31 23:10:35 -07:00
tcp_nv.c
tcp_nv: fix potential integer overflow in tcpnv_acked
2018-01-31 10:26:30 -05:00
tcp_offload.c
net: use indirect call wrappers at GRO transport layer
2018-12-15 13:23:02 -08:00
tcp_output.c
tcp: handle EOR and FIN conditions the same in tcp_tso_should_defer()
2018-12-10 12:09:15 -08:00
tcp_rate.c
tcp: introduce tcp_skb_timestamp_us() helper
2018-09-21 19:37:59 -07:00
tcp_recovery.c
tcp: introduce tcp_skb_timestamp_us() helper
2018-09-21 19:37:59 -07:00
tcp_scalable.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_timer.c
tcp: fix SNMP TCP timeout under-estimation
2018-11-30 17:22:41 -08:00
tcp_ulp.c
tcp, ulp: remove socket lock assertion on ULP cleanup
2018-10-16 12:38:41 -07:00
tcp_vegas.c
tcp: fix under-evaluated ssthresh in TCP Vegas
2017-09-29 06:07:00 +01:00
tcp_vegas.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
tcp_veno.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_westwood.c
tcp: Revert "tcp: remove CA_ACK_SLOWPATH"
2017-08-30 11:20:08 -07:00
tcp_yeah.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp.c
tcp: fix code style in tcp_recvmsg()
2018-12-06 12:19:47 -08:00
tunnel4.c
net: Convert protocol error handlers from void to int
2018-11-08 17:13:08 -08:00
udp_diag.c
net: diag: document swapped src/dst in udp_dump_one.
2018-10-28 19:27:21 -07:00
udp_impl.h
net: Convert protocol error handlers from void to int
2018-11-08 17:13:08 -08:00
udp_offload.c
udp: use indirect call wrappers for GRO socket lookup
2018-12-15 13:23:02 -08:00
udp_tunnel.c
udp_tunnel: add config option to bind to a device
2018-12-03 14:15:26 -08:00
udp.c
net: udp: prefer listeners bound to an address
2018-12-14 15:55:20 -08:00
udplite.c
net: Convert protocol error handlers from void to int
2018-11-08 17:13:08 -08:00
xfrm4_input.c
xfrm: reset transport header back to network header after all input transforms ahave been applied
2018-09-04 10:26:30 +02:00
xfrm4_mode_beet.c
networking: make skb_pull & friends return void pointers
2017-06-16 11:48:39 -04:00
xfrm4_mode_transport.c
xfrm: reset transport header back to network header after all input transforms ahave been applied
2018-09-04 10:26:30 +02:00
xfrm4_mode_tunnel.c
xfrm: Verify MAC header exists before overwriting eth_hdr(skb)->h_proto
2018-03-07 10:54:29 +01:00
xfrm4_output.c
net: xfrm: use skb_gso_validate_network_len() to check gso sizes
2018-03-04 17:49:17 -05:00
xfrm4_policy.c
net: Drop pernet_operations::async
2018-03-27 13:18:09 -04:00
xfrm4_protocol.c
net: Convert protocol error handlers from void to int
2018-11-08 17:13:08 -08:00
xfrm4_state.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
xfrm4_tunnel.c
sit: add IPv4 over IPv4 support
2013-05-31 17:19:05 -07:00