linux/net/ipv4
Michal Kubeček acf8dd0a9d udp: only allow UFO for packets from SOCK_DGRAM sockets
If an over-MTU UDP datagram is sent through a SOCK_RAW socket to a
UFO-capable device, ip_ufo_append_data() sets skb->ip_summed to
CHECKSUM_PARTIAL unconditionally as all GSO code assumes transport layer
checksum is to be computed on segmentation. However, in this case,
skb->csum_start and skb->csum_offset are never set as raw socket
transmit path bypasses udp_send_skb() where they are usually set. As a
result, driver may access invalid memory when trying to calculate the
checksum and store the result (as observed in virtio_net driver).

Moreover, the very idea of modifying the userspace provided UDP header
is IMHO against raw socket semantics (I wasn't able to find a document
clearly stating this or the opposite, though). And while allowing
CHECKSUM_NONE in the UFO case would be more efficient, it would be a bit
too intrusive change just to handle a corner case like this. Therefore
disallowing UFO for packets from SOCK_DGRAM seems to be the best option.

Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-03-02 22:19:29 -05:00
..
netfilter netfilter: nf_tables: fix port natting in little endian archs 2014-12-23 15:34:28 +01:00
af_inet.c net: rfs: add hash collision detection 2015-02-08 16:53:57 -08:00
ah4.c ipsec: Remove obsolete MAX_AH_AUTH_LEN 2014-09-18 10:54:36 +02:00
arp.c neigh: remove dynamic neigh table registration support 2014-11-11 15:23:54 -05:00
cipso_ipv4.c cipso: don't use IPCB() to locate the CIPSO IP option 2015-02-11 14:46:37 -05:00
datagram.c net: Save TX flow hash in sock and set in skbuf on xmit 2014-07-07 21:14:21 -07:00
devinet.c net: spelling fixes 2015-02-14 20:36:08 -08:00
esp4.c net: esp: Convert NETDEBUG to pr_info 2014-11-06 15:11:10 -05:00
fib_frontend.c fib_trie: Push rcu_read_lock/unlock to callers 2014-12-31 18:25:54 -05:00
fib_lookup.h fib_trie: Move fib_find_alias to file where it is used 2015-01-25 14:47:16 -08:00
fib_rules.c fib_trie: Push rcu_read_lock/unlock to callers 2014-12-31 18:25:54 -05:00
fib_semantics.c fib_trie: Move fib_find_alias to file where it is used 2015-01-25 14:47:16 -08:00
fib_trie.c fib_trie: Various clean-ups for handling slen 2015-01-25 14:47:16 -08:00
fou.c gue: Use checksum partial with remote checksum offload 2015-02-11 15:12:13 -08:00
geneve.c openvswitch: Add support for checksums on UDP tunnels. 2015-01-28 23:04:15 -08:00
gre_demux.c net: Fix GRE RX to use skb_transport_header for GRE header offset 2014-09-08 15:23:05 -07:00
gre_offload.c gre: Set inner mac header in gro complete 2014-12-05 21:18:34 -08:00
icmp.c ipv4: icmp: use percpu allocation 2015-01-31 17:48:18 -08:00
igmp.c ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs 2014-11-16 16:55:06 -05:00
inet_connection_sock.c ipv4: make ip_local_reserved_ports per netns 2014-05-14 15:31:45 -04:00
inet_diag.c netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
inet_fragment.c net: Convert LIMIT_NETDEBUG to net_dbg_ratelimited 2014-11-11 14:10:31 -05:00
inet_hashtables.c net: use reciprocal_scale() helper 2014-08-23 12:21:21 -07:00
inet_lro.c lro: remove dead code 2013-12-29 16:34:25 -05:00
inet_timewait_sock.c tcp/dccp: remove twchain 2013-10-08 23:19:24 -04:00
inetpeer.c inet: remove dead inetpeer sequence code 2014-09-08 16:42:42 -07:00
ip_forward.c ipv4: try to cache dst_entries which would cause a redirect 2015-01-26 17:28:27 -08:00
ip_fragment.c ipv4: ip_check_defrag should correctly check return value of skb_copy_bits 2015-02-20 15:22:38 -05:00
ip_gre.c gre/ipip: use be16 variants of netlink functions 2015-02-08 16:28:06 -08:00
ip_input.c net: Fix memory leak if TPROXY used with TCP early demux 2014-01-27 16:22:11 -08:00
ip_options.c ipv4: rename ip_options_echo to __ip_options_echo() 2014-09-28 16:35:42 -04:00
ip_output.c udp: only allow UFO for packets from SOCK_DGRAM sockets 2015-03-02 22:19:29 -05:00
ip_sockglue.c net-timestamp: no-payload option 2015-02-02 18:46:51 -08:00
ip_tunnel_core.c ipv4: fix a potential use after free in ip_tunnel_core.c 2014-10-17 23:45:26 -04:00
ip_tunnel.c tunnels: advertise link netns via netlink 2015-01-19 14:32:03 -05:00
ip_vti.c tunnels: advertise link netns via netlink 2015-01-19 14:32:03 -05:00
ipcomp.c ipcomp4: Use the IPsec protocol multiplexer API 2014-02-25 07:04:17 +01:00
ipconfig.c net: ipv4: handle DSA enabled master network devices 2015-01-19 15:45:10 -05:00
ipip.c gre/ipip: use be16 variants of netlink functions 2015-02-08 16:28:06 -08:00
ipmr.c netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
Kconfig net: Move fou_build_header into fou.c and refactor 2014-11-05 16:30:02 -05:00
Makefile net: Add Geneve tunneling protocol driver 2014-10-06 00:32:20 -04:00
netfilter.c netfilter: remove double colon 2014-02-19 11:41:25 +01:00
ping.c net: switch memcpy_fromiovec()/memcpy_fromiovecend() users to copy_from_iter() 2015-02-04 01:34:15 -05:00
proc.c tcp: helpers to mitigate ACK loops by rate-limiting out-of-window dupacks 2015-02-08 01:03:12 -08:00
protocol.c net: Export inet_offloads and inet6_offloads 2014-09-19 17:15:31 -04:00
raw.c net: switch memcpy_fromiovec()/memcpy_fromiovecend() users to copy_from_iter() 2015-02-04 01:34:15 -05:00
route.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-02-05 14:33:28 -08:00
syncookies.c net: allow setting ecn via routing table 2014-11-04 16:06:09 -05:00
sysctl_net_ipv4.c ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
tcp_bic.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_cong.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-02-05 14:33:28 -08:00
tcp_cubic.c tcp: fix timing issue in CUBIC slope calculation 2015-01-28 22:18:38 -08:00
tcp_dctcp.c net: tcp: add DCTCP congestion control algorithm 2014-09-29 00:13:10 -04:00
tcp_diag.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_fastopen.c tcp: make sure skb is not shared before using skb_get() 2015-02-13 07:11:40 -08:00
tcp_highspeed.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_htcp.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_hybla.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_illinois.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_input.c tcp: fix tcp_should_expand_sndbuf() to use tcp_packets_in_flight() 2015-02-22 23:07:11 -05:00
tcp_ipv4.c ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
tcp_lp.c tcp: remove in_flight parameter from cong_avoid() methods 2014-05-03 19:23:07 -04:00
tcp_memcontrol.c memcg: cleanup static keys decrement 2015-02-12 18:54:10 -08:00
tcp_metrics.c netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
tcp_minisocks.c tcp: mitigate ACK loops for connections as tcp_timewait_sock 2015-02-08 01:03:13 -08:00
tcp_offload.c net: Remove MPLS GSO feature. 2014-11-05 23:52:33 -08:00
tcp_output.c ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
tcp_probe.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_scalable.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_timer.c ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
tcp_vegas.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_vegas.h net: ipv4/ipv6: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
tcp_veno.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_westwood.c net: tcp: split ack slow/fast events from cwnd_event 2014-09-29 00:13:10 -04:00
tcp_yeah.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp.c ip: convert tcp_sendmsg() to iov_iter primitives 2015-02-04 01:34:14 -05:00
tunnel4.c
udp_diag.c udp_diag: Fix socket skipping within chain 2015-01-27 00:02:41 -08:00
udp_impl.h net: ipv4/ipv6: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
udp_offload.c udp: Set SKB_GSO_UDP_TUNNEL* in UDP GRO path 2015-02-11 15:12:10 -08:00
udp_tunnel.c udp: Do not require sock in udp_tunnel_xmit_skb 2015-01-24 23:15:40 -08:00
udp.c ip: Add offset parameter to ip_cmsg_recv 2015-01-05 22:44:46 -05:00
udplite.c net: Eliminate no_check from protosw 2014-05-23 16:28:53 -04:00
xfrm4_input.c xfrm4: Add IPsec protocol multiplexer 2014-02-25 07:04:16 +01:00
xfrm4_mode_beet.c ipv4: ERROR: code indent should use tabs where possible 2013-12-26 13:43:21 -05:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c inetpeer: get rid of ip_id_count 2014-06-02 11:00:41 -07:00
xfrm4_output.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-05-24 00:32:30 -04:00
xfrm4_policy.c xfrm: Introduce xfrm_input_afinfo to access the the callbacks properly 2014-03-14 07:28:07 +01:00
xfrm4_protocol.c xfrm4: Remove duplicate semicolon 2014-06-30 07:49:47 +02:00
xfrm4_state.c inet: make no_pmtu_disc per namespace and kill ipv4_config 2013-12-18 16:58:20 -05:00
xfrm4_tunnel.c