github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-20 12:57:52 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
5bd8baab08
linux/include
History
Sabrina Dubroca 5bd8baab08 esp: limit skb_page_frag_refill use to a single page 
Commit ebe48d368e ("esp: Fix possible buffer overflow in ESP
transformation") tried to fix skb_page_frag_refill usage in ESP by
capping allocsize to 32k, but that doesn't completely solve the issue,
as skb_page_frag_refill may return a single page. If that happens, we
will write out of bounds, despite the check introduced in the previous
patch.

This patch forces COW in cases where we would end up calling
skb_page_frag_refill with a size larger than a page (first in
esp_output_head with tailen, then in esp_output_tail with
skb->data_len).

Fixes: cac2661c53 ("esp4: Avoid skb_cow_data whenever possible")
Fixes: 03e2a30f6a ("esp6: Avoid skb_cow_data whenever possible")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2022-04-13 10:16:11 +02:00
..
acpi Merge branches 'acpi-soc', 'acpi-video' and 'acpi-apei' 2022-03-18 17:48:55 +01:00
asm-generic ptrace: Cleanups for v5.18 2022-03-28 17:29:53 -07:00
clocksource clocksource/drivers/arm_arch_timer: Use event stream scaling when available 2022-03-07 18:27:22 +01:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2022-03-21 16:02:36 -07:00
drm drm-misc-next for v5.18: 2022-03-04 13:41:57 +10:00
dt-bindings There's one large change in the core clk framework here. We change how 2022-03-30 10:11:04 -07:00
keys KEYS: Introduce link restriction for machine keys 2022-03-08 13:55:52 +02:00
kunit
kvm
linux Networking fixes for 5.18-rc1 and rethook patches. 2022-03-31 11:23:31 -07:00
math-emu
media media: m5mols: Convert to use GPIO descriptors 2022-03-04 09:36:26 +02:00
memory
misc
net esp: limit skb_page_frag_refill use to a single page 2022-04-13 10:16:11 +02:00
pcmcia
ras mm/memory-failure.c: fix race with changing page compound again 2022-03-22 15:57:07 -07:00
rdma
scsi SCSI misc on 20220324 2022-03-24 19:37:53 -07:00
soc drm for 5.18-rc1 2022-03-24 16:19:43 -07:00
sound flexible-array transformations for 5.18-rc1 2022-03-24 11:39:32 -07:00
target scsi: target: Add iscsi/cpus_allowed_list in configfs 2022-03-14 23:40:36 -04:00
trace Networking fixes for 5.18-rc1 and rethook patches. 2022-03-31 11:23:31 -07:00
uapi rpmsg updates for v5.18 2022-03-30 10:43:19 -07:00
vdso
video drm/exynos: fimd: add BGR support for exynos4/5 2022-03-04 17:13:52 +09:00
xen xen/grant-table: remove readonly parameter from functions 2022-03-15 20:34:40 -05:00