github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 14:04:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
c075c3ea03
linux/include/net
History
Sabrina Dubroca c075c3ea03 esp: limit skb_page_frag_refill use to a single page 
[ Upstream commit 5bd8baab08 ]

Commit ebe48d368e ("esp: Fix possible buffer overflow in ESP
transformation") tried to fix skb_page_frag_refill usage in ESP by
capping allocsize to 32k, but that doesn't completely solve the issue,
as skb_page_frag_refill may return a single page. If that happens, we
will write out of bounds, despite the check introduced in the previous
patch.

This patch forces COW in cases where we would end up calling
skb_page_frag_refill with a size larger than a page (first in
esp_output_head with tailen, then in esp_output_tail with
skb->data_len).

Fixes: cac2661c53 ("esp4: Avoid skb_cow_data whenever possible")
Fixes: 03e2a30f6a ("esp6: Avoid skb_cow_data whenever possible")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-04-27 13:53:48 +02:00
..
9p net: 9p: drop duplicate word in comment 2020-07-15 20:34:11 -07:00
bluetooth Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg} 2022-04-13 21:00:59 +02:00
caif net: caif: add proper error handling 2021-06-10 13:39:24 +02:00
iucv net/af_iucv: clean up function prototypes 2020-05-19 12:50:14 -07:00
netfilter netfilter: nf_queue: fix possible use-after-free 2022-03-08 19:09:33 +01:00
netns ipv6: per-netns exclusive flowlabel checks 2022-02-23 12:01:01 +01:00
nfc NFC: add NCI_UNREG flag to eliminate the race 2021-11-26 10:39:18 +01:00
phonet treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 336 2019-06-05 17:37:07 +02:00
sctp sctp: use call_rcu to free endpoint 2022-01-05 12:40:30 +01:00
tc_act net/sched: act_vlan: Fix modify to allow 0 2021-07-14 16:56:19 +02:00
6lowpan.h 6lowpan: Replace zero-length array with flexible-array member 2020-02-28 14:51:30 +01:00
act_api.h net: sched: fix err handler in tcf_action_init() 2021-04-14 08:42:05 +02:00
addrconf.h Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values" 2022-02-01 17:25:47 +01:00
af_ieee802154.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
af_rxrpc.h rxrpc: Make rxrpc_kernel_get_srtt() indicate validity 2020-08-20 18:21:28 +01:00
af_unix.h unix: uses an atomic type for scm files accounting 2020-02-28 12:12:53 -08:00
af_vsock.h vsock: each transport cycles only on its own sockets 2022-03-23 09:13:27 +01:00
ah.h
arp.h ipv4: Invalidate neighbour for broadcast address upon address addition 2022-04-13 21:00:57 +02:00
atmclip.h
ax25.h ax25: fix reference count leaks of ax25_dev 2022-04-20 09:23:31 +02:00
ax88796.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
bareudp.h bareudp: Reverted support to enable & disable rx metadata collection 2020-07-21 18:30:47 -07:00
bond_3ad.h bonding: fix data-races around agg_select_timer 2022-02-23 12:01:02 +01:00
bond_alb.h bonding: make tx_rebalance_counter an atomic 2021-12-14 11:32:36 +01:00
bond_options.h bonding: add an option to specify a delay between peer notifications 2019-07-04 12:30:48 -07:00
bonding.h bonding: Add struct bond_ipesc to manage SA 2021-07-28 14:35:33 +02:00
bpf_sk_storage.h bpf: Change bpf_sk_storage_*() to accept ARG_PTR_TO_BTF_ID_SOCK_COMMON 2020-09-25 13:58:01 -07:00
busy_poll.h net: annotate data race around sk_ll_usec 2021-07-31 08:16:11 +02:00
calipso.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
cfg80211-wext.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
cfg80211.h cfg80211: fix management registrations locking 2021-11-02 19:48:20 +01:00
cfg802154.h cfg802154: Replace zero-length array with flexible-array member 2020-02-29 14:39:08 +01:00
checksum.h net: Force inlining of checksum functions in net/checksum.h 2022-03-02 11:42:50 +01:00
cipso_ipv4.h cipso: Remove unused inline functions 2020-07-15 07:45:24 -07:00
cls_cgroup.h bpf: Allow to retrieve cgroup v1 classid from v2 hooks 2020-03-27 19:40:38 -07:00
codel_impl.h
codel_qdisc.h
codel.h
compat.h net: simplify cBPF setsockopt compat handling 2020-07-19 18:16:40 -07:00
datalink.h
dcbevent.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 2019-05-30 11:29:52 -07:00
dcbnl.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 2019-05-30 11:29:52 -07:00
devlink.h devlink: Add enable_remote_dev_reset generic parameter 2020-10-09 12:06:53 -07:00
dn_dev.h
dn_fib.h net: dn_fib: Replace zero-length array with flexible-array member 2020-02-29 21:52:20 -08:00
dn_neigh.h
dn_nsp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 24 2019-05-21 11:52:39 +02:00
dn_route.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 24 2019-05-21 11:52:39 +02:00
dn.h
dsa.h net: dsa: propagate switchdev vlan_filtering prepare phase to drivers 2020-10-05 05:56:48 -07:00
dsfield.h ipv6: Annotate bitwise IPv6 dsfield pointer cast 2019-12-16 16:09:44 -08:00
dst_cache.h wireguard: device: reset peer src endpoint when netns exits 2021-12-08 09:03:22 +01:00
dst_metadata.h net: fix a memleak when uncloning an skb dst and its metadata 2022-02-16 12:54:26 +01:00
dst_ops.h net/dst: use a smaller percpu_counter batch for dst entries accounting 2020-05-08 21:33:33 -07:00
dst.h net: Consolidate common blackhole dst ops 2021-03-30 14:32:05 +02:00
erspan.h erspan: Add type I version 0 support. 2020-05-05 13:23:29 -07:00
esp.h esp: limit skb_page_frag_refill use to a single page 2022-04-27 13:53:48 +02:00
espintcp.h xfrm: espintcp: save and call old ->sk_destruct 2020-04-20 07:34:16 +02:00
ethoc.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
failover.h
fib_notifier.h ipv6: Remove old route notifications and convert listeners 2019-12-24 22:37:30 -08:00
fib_rules.h ipv6: fix memory leak in fib6_rule_suppress 2021-12-08 09:03:21 +01:00
firewire.h
flow_dissector.h net/sched: flower: fix parsing of ethertype following VLAN header 2022-04-20 09:23:11 +02:00
flow_offload.h net: Fix offloading indirect devices dependency on qdisc order creation 2021-09-18 13:40:30 +02:00
flow.h ipv4: Initialize flowi4_multipath_hash in data path 2020-09-14 14:54:56 -07:00
fou.h
fq_impl.h net/fq_impl: use skb_get_hash instead of skb_get_hash_perturb 2020-07-31 09:24:24 +02:00
fq.h net/fq_impl: use skb_get_hash instead of skb_get_hash_perturb 2020-07-31 09:24:24 +02:00
garp.h treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
gen_stats.h net_sched: extend packet counter to 64bit 2019-11-05 18:20:55 -08:00
genetlink.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-10-05 18:40:01 -07:00
geneve.h
gre.h
gro_cells.h
gtp.h
gue.h GUE: Fix a typo 2020-06-22 21:12:44 -07:00
hwbm.h net: hwbm: if CONFIG_NET_HWBM unset, make stub functions static 2019-10-25 16:24:32 -07:00
icmp.h net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending 2021-03-04 11:38:46 +01:00
ieee80211_radiotap.h mac80211: add radiotap flag to prevent sequence number overwrite 2020-07-31 09:27:00 +02:00
ieee802154_netdev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
if_inet6.h ipv6: Replace zero-length array with flexible-array 2020-05-11 13:18:54 -07:00
ife.h net: ife: drop include of module.h from net/ife.h 2019-04-22 21:50:53 -07:00
ila.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet_common.h bpf: Allow any port in bpf_bind helper 2020-05-09 00:48:20 +02:00
inet_connection_sock.h tcp: switch orphan_count to bare per-cpu counters 2021-11-18 14:04:08 +01:00
inet_ecn.h inet_ecn: Fix endianness of checksum update when setting ECT(1) 2020-12-01 17:16:54 -08:00
inet_frag.h inet: frags: annotate races around fqdir->dead and fqdir->high_thresh 2022-01-27 10:54:33 +01:00
inet_hashtables.h tcp: fix race condition when creating child sockets from syncookies 2020-11-23 16:32:33 -08:00
inet_sock.h inet: remove inet_sk_copy_descendant() 2020-08-26 07:33:19 -07:00
inet_timewait_sock.h tcp: honor SO_PRIORITY in TIME_WAIT state 2019-09-27 12:05:02 +02:00
inet6_connection_sock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet6_hashtables.h net: Track socket refcounts in skb_steal_sock() 2020-03-30 13:45:04 -07:00
inetpeer.h
ip_fib.h ipv4: convert fib_num_tclassid_users to atomic_t 2021-12-08 09:03:26 +01:00
ip_tunnels.h ip_tunnels: Set tunnel option flag when tunnel metadata is present 2020-11-13 16:58:10 -08:00
ip_vs.h ipvs: remove dependency on ip6_tables 2020-08-31 23:06:51 +02:00
ip.h ipv4: avoid using shared IP generator for connected sockets 2022-02-01 17:25:44 +01:00
ip6_checksum.h tcp: remove indirect calls for icsk->icsk_af_ops->send_check 2020-06-20 17:47:53 -07:00
ip6_fib.h ipv6: annotate accesses to fn->fn_sernum 2022-02-01 17:25:44 +01:00
ip6_route.h net: ipv6: fix returned variable type in ip6_skb_dst_mtu 2021-08-12 13:22:07 +02:00
ip6_tunnel.h ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL 2019-06-18 20:48:45 -04:00
ipcomp.h
ipconfig.h
ipv6_frag.h inet: frags: annotate races around fqdir->dead and fqdir->high_thresh 2022-01-27 10:54:33 +01:00
ipv6_stubs.h net: ipv6: add fib6_nh_release_dsts stub 2021-12-01 09:19:05 +01:00
ipv6.h ipv6: per-netns exclusive flowlabel checks 2022-02-23 12:01:01 +01:00
ipx.h bonding/alb: properly access headers in bond_alb_xmit() 2020-02-05 14:28:09 +01:00
iw_handler.h
kcm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
l3mdev.h l3mdev: add infrastructure for table to VRF mapping 2020-06-20 17:22:22 -07:00
lag.h
lapb.h
lib80211.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h llc: fix sk_buff leak in llc_conn_service() 2019-10-08 13:23:05 -07:00
llc_if.h
llc_pdu.h net: llc: fix skb_over_panic 2021-08-04 12:46:43 +02:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h llc: fix out-of-bound array index in llc_sk_dev_hash() 2021-11-18 14:04:27 +01:00
lwtunnel.h net: add net available in build_state 2020-03-29 22:30:57 -07:00
mac80211.h mac80211: Fix NULL ptr deref for injected rate info 2021-06-23 14:42:52 +02:00
mac802154.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
macsec.h net: macsec: fix the length used to copy the key for offloading 2021-07-14 16:56:28 +02:00
mip6.h net: mip6: Replace zero-length array with flexible-array member 2020-03-02 11:16:27 -08:00
mld.h net: ipv6: mld: Replace zero-length array with flexible-array member 2020-02-29 21:52:20 -08:00
mpls_iptunnel.h net: mpls: Replace zero-length array with flexible-array member 2020-02-28 12:08:37 -08:00
mpls.h net: Make mpls_entry_encode() available for generic users 2020-05-29 21:20:20 -07:00
mptcp.h net: tcp: drop unused function argument from mptcp_incoming_options 2020-09-24 20:17:01 -07:00
mrp.h treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
ncsi.h
ndisc.h ipv6: ndisc: adjust ndisc_ifinfo_sysctl_change prototype 2020-08-24 06:40:07 -07:00
neighbour.h net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE 2021-11-18 14:04:29 +01:00
net_failover.h
net_namespace.h net: make get_net_ns return error if NET_NS is disabled 2021-06-23 14:42:44 +02:00
net_ratelimit.h
netevent.h
netlabel.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
netlink.h netlink: export policy in extended ACK 2020-10-09 20:22:32 -07:00
netprio_cgroup.h netprio: use css ID instead of cgroup ID 2019-11-12 08:18:03 -08:00
netrom.h net: netrom: Fix error cleanup path of nr_proto_init 2019-04-11 13:59:49 -07:00
nexthop.h net: ipv4: Fix rtnexthop len when RTA_FLOW is present 2021-10-06 15:55:53 +02:00
nl802154.h net: ieee802154: handle iftypes as u32 2021-12-01 09:19:03 +01:00
nsh.h
p8022.h
page_pool.h mm: fix struct page layout on 32-bit systems 2021-05-19 10:13:17 +02:00
pie.h pie: realign comment 2020-03-04 13:25:55 -08:00
ping.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pkt_cls.h net: zero-initialize tc skb extension on allocation 2021-06-03 09:00:51 +02:00
pkt_sched.h net: prevent user from passing illegal stab size 2021-10-17 10:43:33 +02:00
pptp.h
protocol.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
psample.h psample: Add a fwd declaration for skbuff 2021-08-18 08:59:11 +02:00
psnap.h
raw.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
rawv6.h
red.h sch_red: fix off-by-one checks in red_check_params() 2021-04-14 08:42:07 +02:00
regulatory.h net/wireless: regulatory.h: drop duplicate word in comment 2020-07-31 09:24:23 +02:00
request_sock.h tcp: bpf: Optionally store mac header in TCP_SAVE_SYN 2020-08-24 14:35:00 -07:00
rose.h
route.h ipv4: remove sparse error in ip_neigh_gw4() 2022-02-01 17:25:48 +01:00
rpl.h net: ipv6: Use struct_size() helper and kcalloc() 2020-06-23 20:27:09 -07:00
rsi_91x.h
rtnetlink.h can: dev: Move device back to init netns on owning netns delete 2021-03-30 14:32:08 +02:00
rtnh.h net: Rename net/nexthop.h net/rtnh.h 2019-04-22 21:47:25 -07:00
sch_generic.h net_sched: restore "mpu xxx" handling 2022-01-27 10:54:35 +01:00
scm.h fs: Move __scm_install_fd() to __receive_fd() 2020-07-13 11:03:44 -07:00
secure_seq.h
seg6_hmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
seg6_local.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
seg6.h seg6: fix seg6_validate_srh() to avoid slab-out-of-bounds 2020-06-04 15:39:32 -07:00
slhc_vj.h
smc.h net/smc: introduce CHID callback for ISM devices 2020-09-28 15:19:03 -07:00
snmp.h net/tls: add skeleton of MIB statistics 2019-10-05 16:29:00 -07:00
sock_reuseport.h net: sock_reuseport: Replace zero-length array with flexible-array member 2020-02-29 21:52:19 -08:00
sock.h esp: Fix possible buffer overflow in ESP transformation 2022-03-23 09:13:29 +01:00
Space.h
stp.h
strparser.h bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding 2021-11-18 14:04:27 +01:00
switchdev.h switchdev: mrp: Remove SWITCHDEV_ATTR_ID_MRP_PORT_STAT 2021-02-17 11:02:29 +01:00
tcp_states.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tcp.h tcp: switch orphan_count to bare per-cpu counters 2021-11-18 14:04:08 +01:00
timewait_sock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tipc.h
tls_toe.h net/tls: rename tls_hw_* functions tls_toe_* 2019-10-04 14:07:07 -07:00
tls.h net/tls: Fix flipped sign in tls_err_abort() calls 2021-11-02 19:48:19 +01:00
transp_v6.h tcp: move ipv4_specific to tcp include file 2020-06-23 20:10:15 -07:00
tso.h net: tso: cache transport header length 2020-06-18 20:46:23 -07:00
tun_proto.h
udp_tunnel.h udp: call udp_encap_enable for v6 sockets when enabling encap 2022-04-08 14:39:54 +02:00
udp.h udp: call udp_encap_enable for v6 sockets when enabling encap 2022-04-08 14:39:54 +02:00
udplite.h
vsock_addr.h vsock: remove include/linux/vm_sockets.h file 2019-11-14 18:12:17 -08:00
vxlan.h net: sched: only keep the available bits when setting vxlan md->gbp 2020-09-14 16:49:39 -07:00
wext.h
wimax.h net: wimax: fix duplicate words in comments 2020-07-15 20:34:02 -07:00
x25.h net/x25: add new state X25_STATE_5 2019-12-09 10:28:43 -08:00
x25device.h
xdp_priv.h page_pool: do not release pool until inflight == 0. 2019-11-16 12:39:10 -08:00
xdp_sock_drv.h xsk: i40e: ice: ixgbe: mlx5: Test for dma_need_sync earlier for better performance 2020-08-31 21:15:04 +02:00
xdp_sock.h xsk: Fix race in SKB mode transmit with shared cq 2021-01-17 14:17:05 +01:00
xdp.h xdp: Remove the xdp_attachment_flags_ok() callback 2020-12-09 16:27:42 +01:00
xfrm.h xfrm: Check if_id in xfrm_migrate 2022-03-19 13:44:43 +01:00
xsk_buff_pool.h xsk: Fix missing validation for skb and unaligned mode 2021-07-14 16:56:23 +02:00