OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/include
History
Willem de Bruijn d5be7f632b net: validate untrusted gso packets without csum offload 
Syzkaller again found a path to a kernel crash through bad gso input.
By building an excessively large packet to cause an skb field to wrap.

If VIRTIO_NET_HDR_F_NEEDS_CSUM was set this would have been dropped in
skb_partial_csum_set.

GSO packets that do not set checksum offload are suspicious and rare.
Most callers of virtio_net_hdr_to_skb already pass them to
skb_probe_transport_header.

Move that test forward, change it to detect parse failure and drop
packets on failure as those cleary are not one of the legitimate
VIRTIO_NET_HDR_GSO types.

Fixes: bfd5f4a3d6 ("packet: Add GSO/csum offload support.")
Fixes: f43798c276 ("tun: Allow GSO using virtio_net_hdr")
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2019-02-15 20:30:37 -08:00
..
acpi
asm-generic Rename include/{uapi => }/asm-generic/shmparam.h really 2019-02-12 16:33:18 -08:00
clocksource
crypto
drm
dt-bindings ARM: SoC fixes for linux-5.0 2019-02-08 16:23:41 -08:00
keys
kvm
linux net: validate untrusted gso packets without csum offload 2019-02-15 20:30:37 -08:00
math-emu
media
memory
misc
net net: fix possible overflow in __sk_mem_raise_allocated() 2019-02-13 21:05:18 -08:00
pcmcia
ras
rdma RDMA/device: Expose ib_device_try_get(() 2019-01-21 14:33:08 -07:00
scsi
soc
sound ALSA: compress: Fix stop handling on compressed capture streams 2019-02-05 22:01:41 +01:00
target
trace afs: Fix race in async call refcounting 2019-01-17 15:17:28 +00:00
uapi Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-02-15 08:00:11 -08:00
video
xen arm64/xen: fix xen-swiotlb cache flushing 2019-01-23 22:14:56 +01:00