OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/sched
History
Davide Caratti 8f92330b08 net/sched: act_mpls: ensure LSE is pullable before reading it 
[ Upstream commit 9608fa6530 ]

when 'act_mpls' is used to mangle the LSE, the current value is read from
the packet dereferencing 4 bytes at mpls_hdr(): ensure that the label is
contained in the skb "linear" area.

Found by code inspection.

v2:
 - use MPLS_HLEN instead of sizeof(new_lse), thanks to Jakub Kicinski

Fixes: 2a2ea50870 ("net: sched: add mpls manipulation actions to TC")
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Acked-by: Guillaume Nault <gnault@redhat.com>
Link: https://lore.kernel.org/r/3243506cba43d14858f3bd21ee0994160e44d64a.1606987058.git.dcaratti@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-12-08 10:40:27 +01:00
..
Kconfig
Makefile
act_api.c net_sched: remove a redundant goto chain check 2020-10-29 09:57:24 +01:00
act_bpf.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_connmark.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_csum.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_ct.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_ctinfo.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_gact.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_ife.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_ipt.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_meta_mark.c
act_meta_skbprio.c
act_meta_skbtcindex.c
act_mirred.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_mpls.c net/sched: act_mpls: ensure LSE is pullable before reading it 2020-12-08 10:40:27 +01:00
act_nat.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_pedit.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_police.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_sample.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_simple.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_skbedit.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_skbmod.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
act_tunnel_key.c net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels 2020-10-29 09:57:26 +01:00
act_vlan.c net_sched: defer tcf_idr_insert() in tcf_action_init_1() 2020-10-14 10:33:06 +02:00
cls_api.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
cls_basic.c
cls_bpf.c
cls_cgroup.c
cls_flow.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
cls_flower.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
cls_fw.c
cls_matchall.c
cls_route.c
cls_rsvp.c
cls_rsvp.h
cls_rsvp6.c
cls_tcindex.c
cls_u32.c
em_canid.c
em_cmp.c
em_ipset.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
em_ipt.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
em_meta.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
em_nbyte.c
em_text.c
em_u32.c
ematch.c
sch_api.c
sch_atm.c net_sched: fix a memory leak in atm_tc_init() 2020-07-22 09:32:48 +02:00
sch_blackhole.c
sch_cake.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
sch_cbq.c
sch_cbs.c
sch_choke.c
sch_codel.c
sch_drr.c
sch_dsmark.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
sch_etf.c
sch_fifo.c
sch_fq.c
sch_fq_codel.c
sch_generic.c net: sch_generic: fix the missing new qdisc assignment bug 2020-11-18 19:20:33 +01:00
sch_gred.c
sch_hfsc.c
sch_hhf.c
sch_htb.c
sch_ingress.c
sch_mq.c
sch_mqprio.c
sch_multiq.c
sch_netem.c netem: fix zero division in tabledist 2020-11-01 12:01:03 +01:00
sch_pie.c
sch_plug.c
sch_prio.c
sch_qfq.c
sch_red.c
sch_sfb.c
sch_sfq.c
sch_skbprio.c
sch_taprio.c taprio: Fix allowing too small intervals 2020-09-26 18:03:13 +02:00
sch_tbf.c
sch_teql.c sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00