github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 23:23:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
7e6932300a
linux/net/ipv4
History
Eric Dumazet 3c353df4ca ip_tunnel: fix kernel panic with icmp_dest_unreach 
[ Upstream commit a622260254 ]

Daniel Petre reported crashes in icmp_dst_unreach() with following call
graph:

Daniel found a similar problem mentioned in
 http://lkml.indiana.edu/hypermail/linux/kernel/1007.0/00961.html

And indeed this is the root cause : skb->cb[] contains data fooling IP
stack.

We must clear IPCB in ip_tunnel_xmit() sooner in case dst_link_failure()
is called. Or else skb->cb[] might contain garbage from GSO segmentation
layer.

A similar fix was tested on linux-3.9, but gre code was refactored in
linux-3.10. I'll send patches for stable kernels as well.

Many thanks to Daniel for providing reports, patches and testing !

Reported-by: Daniel Petre <daniel.petre@rcs-rds.ro>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-06-27 11:27:32 -07:00
..
netfilter netfilter: nf_nat: don't check for port change on ICMP tuples 2012-11-26 11:37:48 -08:00
af_inet.c ipv6: use a stronger hash for tcp 2013-02-28 06:59:06 -08:00
ah4.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
arp.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
cipso_ipv4.c cipso: don't follow a NULL pointer when setsockopt() is called 2012-08-09 08:31:42 -07:00
datagram.c ipv4: Lock socket and use cork flow in ip4_datagram_connect(). 2011-05-08 13:48:57 -07:00
devinet.c Disintegrate and delete asm/system.h 2012-03-28 15:58:21 -07:00
esp4.c esp4: fix error return code in esp_output() 2013-05-01 09:41:07 -07:00
fib_frontend.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
fib_lookup.h ipv4: Fix nexthop caching wrt. scoping. 2011-03-24 18:06:47 -07:00
fib_rules.c net: ipv4: export fib_lookup and fib_table_lookup 2011-12-04 22:43:33 +01:00
fib_semantics.c ipv4: fix the rcu race between free_fib_info and ip_route_output_slow 2012-06-10 00:36:14 +09:00
fib_trie.c ipv4: Do not use dead fib_info entries. 2012-05-10 22:16:32 -04:00
gre.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
icmp.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
igmp.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
inet_connection_sock.c inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and dccp_v4/6_request_recv_sock 2013-01-11 09:07:14 -08:00
inet_diag.c inet_diag: validate port comparison byte code to prevent unsafe reads 2013-01-11 09:06:29 -08:00
inet_fragment.c inet: limit length of fragment queue hash table bucket lists 2013-03-28 12:11:54 -07:00
inet_hashtables.c net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
inet_lro.c net: add skb frag size accessors 2011-10-19 03:10:46 -04:00
inet_timewait_sock.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
inetpeer.c inetpeer: fix a race in inetpeer_gc_worker() 2012-07-16 09:03:45 -07:00
ip_forward.c ipv4: Save nexthop address of LSRR/SSRR option to IPCB. 2011-11-23 19:19:32 -05:00
ip_fragment.c net: drop dst before queueing fragments 2013-05-01 09:41:20 -07:00
ip_gre.c ip_tunnel: fix kernel panic with icmp_dest_unreach 2013-06-27 11:27:32 -07:00
ip_input.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ip_options.c net/ipv4: Ensure that location of timestamp option is stored 2013-03-28 12:11:52 -07:00
ip_output.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ip_sockglue.c net: prevent setting ttl=0 via IP_TTL 2013-02-14 10:48:54 -08:00
ipcomp.c net: Convert printks to pr_<level> 2012-03-11 23:42:51 -07:00
ipconfig.c net: Convert printks to pr_<level> 2012-03-11 23:42:51 -07:00
ipip.c ip_tunnel: fix kernel panic with icmp_dest_unreach 2013-06-27 11:27:32 -07:00
ipmr.c net: ipv4: ipmr_expire_timer causes crash when removing net namespace 2012-10-02 10:29:50 -07:00
Kconfig net: Fix build regression when INET_UDP_DIAG=y and IPV6=m 2012-02-07 13:35:28 -05:00
Makefile tcp memory pressure controls 2011-12-12 19:04:10 -05:00
netfilter.c netfilter: possible unaligned packet header in ip_route_me_harder 2011-11-21 18:46:18 +01:00
ping.c ipv4: fix a bug in ping_err(). 2013-02-28 06:59:06 -08:00
proc.c tcp: implement RFC 5961 4.2 2013-01-11 09:07:15 -08:00
protocol.c net: add __rcu annotations to protocol 2010-10-27 11:37:31 -07:00
raw.c ipv4: raw: fix icmp_filter() 2012-10-13 05:38:44 +09:00
route.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-02 17:53:39 -07:00
syncookies.c tcp: incoming connections might use wrong route under synflood 2013-05-01 09:41:07 -07:00
sysctl_net_ipv4.c tcp: implement RFC 5961 3.2 2013-01-11 09:07:14 -08:00
tcp_bic.c tcp: fix undo after RTO for BIC 2012-01-20 14:17:26 -05:00
tcp_cong.c tcp: Apply device TSO segment limit earlier 2012-10-02 10:29:34 -07:00
tcp_cubic.c tcp: fix undo after RTO for CUBIC 2012-01-20 14:17:26 -05:00
tcp_diag.c inet_diag: Rename inet_diag_req into inet_diag_req_v2 2012-01-11 12:56:06 -08:00
tcp_highspeed.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_htcp.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_hybla.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_illinois.c net: fix divide by zero in tcp algorithm illinois 2012-11-17 13:16:17 -08:00
tcp_input.c tcp: bug fix in proportional rate reduction. 2013-06-27 11:27:31 -07:00
tcp_ipv4.c inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and dccp_v4/6_request_recv_sock 2013-01-11 09:07:14 -08:00
tcp_lp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
tcp_memcontrol.c Merge branch 'for-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup 2012-03-20 18:11:21 -07:00
tcp_minisocks.c tcp: md5: rcu conversion 2012-01-31 12:14:00 -05:00
tcp_output.c tcp: xps: fix reordering issues 2013-06-27 11:27:32 -07:00
tcp_probe.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
tcp_scalable.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_timer.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
tcp_vegas.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_vegas.h
tcp_veno.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_westwood.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_yeah.c Fix common misspellings 2011-03-31 11:26:23 -03:00
tcp.c tcp: fix tcp_md5_hash_skb_data() 2013-06-27 11:27:30 -07:00
tunnel4.c net: Convert printks to pr_<level> 2012-03-11 23:42:51 -07:00
udp_diag.c udp_diag: implement idiag_get_info for udp/udplite to get queue information 2012-04-25 20:43:01 -04:00
udp_impl.h net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
udp.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
udplite.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
xfrm4_input.c net/ipv4: EXPORT_SYMBOL cleanups 2010-07-12 12:57:54 -07:00
xfrm4_mode_beet.c ipsec: be careful of non existing mac headers 2012-02-23 16:50:45 -05:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c ipsec: be careful of non existing mac headers 2012-02-23 16:50:45 -05:00
xfrm4_output.c xfrm4: Don't call icmp_send on local error 2011-07-01 17:33:19 -07:00
xfrm4_policy.c ipv4: fix ipsec forward performance regression 2011-10-24 03:01:22 -04:00
xfrm4_state.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
xfrm4_tunnel.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00