renegade-project/linux-next
2
0
Fork 0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-21 11:44:01 +08:00
Code
d3f3e6acb2
linux-next/include
History
Willem de Bruijn 9274124f02 net: stricter validation of untrusted gso packets 
Syzkaller again found a path to a kernel crash through bad gso input:
a packet with transport header extending beyond skb_headlen(skb).

Tighten validation at kernel entry:

- Verify that the transport header lies within the linear section.

    To avoid pulling linux/tcp.h, verify just sizeof tcphdr.
    tcp_gso_segment will call pskb_may_pull (th->doff * 4) before use.

- Match the gso_type against the ip_proto found by the flow dissector.

Fixes: bfd5f4a3d6 ("packet: Add GSO/csum offload support.")
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-05-06 17:23:06 -07:00
..
acpi Additional ACPI updates for 5.7-rc1 2020-04-06 10:35:06 -07:00
asm-generic arch: split MODULE_ARCH_VERMAGIC definitions out to <asm/vermagic.h> 2020-04-23 10:50:26 +09:00
clocksource pwm: omap-dmtimer: Drop unused header file 2020-03-30 18:03:06 +02:00
crypto crypto: curve25519 - do not pollute dispatcher based on assembler 2020-04-09 00:01:59 +09:00
drm drm/bridge: analogix_dp: Split bind() into probe() and real bind() 2020-04-09 10:29:35 +02:00
dt-bindings RISC-V Patches for the 5.7 Merge Window, Part 1 2020-04-09 10:51:30 -07:00
keys KEYS: Don't write out to userspace while holding key semaphore 2020-03-29 12:40:41 +01:00
kunit kunit: subtests should be indented 4 spaces according to TAP 2020-03-26 14:08:41 -06:00
kvm
linux net: stricter validation of untrusted gso packets 2020-05-06 17:23:06 -07:00
math-emu
media
misc
net net_sched: fix tcm_parent in tc filter dump 2020-05-04 11:53:33 -07:00
pcmcia
ras
rdma IB/mlx5: Expose UAR object and its alloc/destroy commands 2020-03-27 12:59:04 -03:00
scsi SCSI misc on 20200402 2020-04-02 17:03:53 -07:00
soc net: dsa: ocelot: the MAC table on Felix is twice as large 2020-05-06 17:15:24 -07:00
sound ASoC: Fixes for v5.7 2020-04-21 21:41:36 +02:00
target scsi: target: fix hang when multiple threads try to destroy the same iscsi session 2020-03-26 21:47:47 -04:00
trace block-5.7-2020-04-24 2020-04-24 12:44:19 -07:00
uapi Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-04-24 19:17:30 -07:00
vdso vdso/datapage: Use correct clock mode name in comment 2020-04-20 19:19:52 +02:00
video
xen xen: Use evtchn_type_t as a type for event channels 2020-04-07 12:12:54 +02:00