asgardius/android_kernel_motorola_sm6225
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_motorola_sm6225/net/ipv4
History
Shigeru Yoshida 1fbcc80489 ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() 
[ Upstream commit 80d875cfc9d3711a029f234ef7d680db79e8fa4b ]

In ipgre_xmit(), skb_pull() may fail even if pskb_inet_may_pull() returns
true. For example, applications can use PF_PACKET to create a malformed
packet with no IP header. This type of packet causes a problem such as
uninit-value access.

This patch ensures that skb_pull() can pull the required size by checking
the skb with pskb_network_may_pull() before skb_pull().

Fixes: c544193214 ("GRE: Refactor GRE tunneling code.")
Signed-off-by: Shigeru Yoshida <syoshida@redhat.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Suman Ghosh <sumang@marvell.com>
Link: https://lore.kernel.org/r/20231202161441.221135-1-syoshida@redhat.com
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-12-13 17:42:16 +01:00
..
bpfilter
netfilter treewide: Remove uninitialized_var() usage 2023-08-11 11:45:01 +02:00
af_inet.c tcp: deny tcp_disconnect() when threads are waiting 2023-06-09 10:23:55 +02:00
ah4.c
arp.c ipv4: Invalidate neighbour for broadcast address upon address addition 2022-04-15 14:15:01 +02:00
cipso_ipv4.c cipso: Fix data-races around sysctl. 2022-07-21 21:09:28 +02:00
datagram.c inet: stop leaking jiffies on the wire 2019-11-10 11:27:37 +01:00
devinet.c net: return correct error code 2021-12-08 08:50:11 +01:00
esp4.c net: ipv4: fix return value check in esp_remove_trailer 2023-10-25 11:16:44 +02:00
esp4_offload.c xfrm: Linearize the skb after offloading if needed. 2023-06-28 10:15:29 +02:00
fib_frontend.c ipv4: Fix incorrect table ID in IOCTL path 2023-03-22 13:27:10 +01:00
fib_lookup.h
fib_notifier.c
fib_rules.c
fib_semantics.c net: Fix the arp error in some cases 2020-06-30 23:17:06 -04:00
fib_trie.c ipv4: Silence suspicious RCU usage warning 2020-08-11 15:32:34 +02:00
fou.c net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv 2019-04-27 09:36:31 +02:00
gre_demux.c erspan: fix version 1 check in gre_parse_header() 2021-01-12 20:10:19 +01:00
gre_offload.c net: gre: recompute gre csum for sctp over gre tunnels 2020-08-11 15:32:34 +02:00
icmp.c icmp: guard against too small mtu 2023-04-20 12:04:38 +02:00
igmp.c ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet 2023-12-08 08:43:25 +01:00
inet_connection_sock.c tcp: deny tcp_disconnect() when threads are waiting 2023-06-09 10:23:55 +02:00
inet_diag.c inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() 2020-11-24 13:27:16 +01:00
inet_fragment.c net: IP defrag: encapsulate rbtree defrag code into callable functions 2019-04-27 09:36:33 +02:00
inet_hashtables.c Revert "tcp: avoid the lookup process failing to get sk in ehash table" 2023-08-11 11:45:26 +02:00
inet_timewait_sock.c Revert "tcp: avoid the lookup process failing to get sk in ehash table" 2023-08-11 11:45:26 +02:00
inetpeer.c inetpeer: Fix data-races around sysctl. 2022-07-21 21:09:27 +02:00
ip_forward.c net: clear skb->tstamp in forwarding paths 2019-01-09 17:38:31 +01:00
ip_fragment.c net: IP defrag: encapsulate rbtree defrag code into callable functions 2019-04-27 09:36:33 +02:00
ip_gre.c ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() 2023-12-13 17:42:16 +01:00
ip_input.c tcp/udp: Make early_demux back namespacified. 2022-11-10 17:46:54 +01:00
ip_options.c vrf: check accept_source_route on the original netdevice 2019-04-17 08:38:42 +02:00
ip_output.c lwt: Check LWTUNNEL_XMIT_CONTINUE strictly 2023-09-23 10:48:01 +02:00
ip_sockglue.c ipv{4,6}/raw: fix output xfrm lookup wrt protocol 2023-06-09 10:23:54 +02:00
ip_tunnel.c net: tunnels: annotate lockless accesses to dev->needed_headroom 2023-03-22 13:27:09 +01:00
ip_tunnel_core.c ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL 2019-08-04 09:30:57 +02:00
ip_vti.c ip_vti: fix potential slab-use-after-free in decode_session6 2023-08-30 16:31:48 +02:00
ipcomp.c
ipconfig.c net: ipconfig: Don't override command-line hostnames or domains 2021-06-30 08:48:13 -04:00
ipip.c net: ipip: fix wrong address family in init error path 2020-06-03 08:19:10 +02:00
ipmr.c ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path 2022-02-16 12:51:45 +01:00
ipmr_base.c
Kconfig tcp: configurable source port perturb table size 2022-12-08 11:18:31 +01:00
Makefile
metrics.c ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() 2023-02-06 07:49:43 +01:00
netfilter.c netfilter: use actual socket sk rather than skb sk when routing harder 2020-11-18 19:18:44 +01:00
netlink.c ipv4: Add ICMPv6 support when parse route ipproto 2019-03-10 07:17:17 +01:00
ping.c ping: fix address binding wrt vrf 2022-05-18 09:42:50 +02:00
proc.c tcp: tcp_fragment() should apply sane memory limits 2019-06-17 19:51:56 +02:00
protocol.c
raw.c ipv{4,6}/raw: fix output xfrm lookup wrt protocol 2023-06-09 10:23:54 +02:00
raw_diag.c inet_diag: return classid for all socket types 2020-03-18 07:14:11 +01:00
route.c ipv4: Correct/silence an endian warning in __ip_do_redirect 2023-12-08 08:43:23 +01:00
syncookies.c tcp: make sure treq->af_specific is initialized 2022-05-12 12:20:25 +02:00
sysctl_net_ipv4.c tcp/udp: Make early_demux back namespacified. 2022-11-10 17:46:54 +01:00
tcp.c tcp: annotate data-races around fastopenq.max_qlen 2023-08-11 11:45:27 +02:00
tcp_bbr.c tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets 2021-08-26 08:36:39 -04:00
tcp_bic.c
tcp_cdg.c tcp: cdg: allow tcp_cdg_release() to be called multiple times 2022-11-25 17:40:28 +01:00
tcp_cong.c net: Only allow init netns to set default tcp cong to a restricted algo 2021-05-22 10:59:39 +02:00
tcp_cubic.c tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows 2021-12-01 09:27:43 +01:00
tcp_dctcp.c tcp: Ensure DCTCP reacts to losses 2019-04-17 08:38:41 +02:00
tcp_diag.c tcp: annotate tp->write_seq lockless reads 2021-03-17 16:43:43 +01:00
tcp_fastopen.c tcp: annotate data-races around fastopenq.max_qlen 2023-08-11 11:45:27 +02:00
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c
tcp_illinois.c
tcp_input.c tcp: fix delayed ACKs for MSS boundary condition 2023-10-10 21:45:01 +02:00
tcp_ipv4.c dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). 2022-12-08 11:18:30 +01:00
tcp_lp.c
tcp_metrics.c tcp_metrics: do not create an entry from tcp_init_metrics() 2023-11-20 10:29:16 +01:00
tcp_minisocks.c tcp: tcp_check_req() can be called from process context 2023-03-11 16:31:59 +01:00
tcp_nv.c
tcp_offload.c
tcp_output.c net: annotate data-races around sk->sk_dst_pending_confirm 2023-11-28 16:46:31 +00:00
tcp_rate.c
tcp_recovery.c tcp: fix excessive TLP and RACK timeouts from HZ rounding 2023-10-25 11:16:46 +02:00
tcp_scalable.c
tcp_timer.c net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled 2023-08-30 16:31:50 +02:00
tcp_ulp.c
tcp_vegas.c
tcp_vegas.h
tcp_veno.c
tcp_westwood.c
tcp_yeah.c
tunnel4.c
udp.c tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). 2023-04-26 11:21:52 +02:00
udp_diag.c inet_diag: return classid for all socket types 2020-03-18 07:14:11 +01:00
udp_impl.h
udp_offload.c net: Fix gro aggregation for udp encaps with zero csum 2021-03-17 16:43:42 +01:00
udp_tunnel.c net/tunnel: wait until all sk_user_data reader finish before releasing the sock 2023-01-18 11:30:18 +01:00
udplite.c udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). 2023-05-30 12:42:14 +01:00
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish 2020-04-29 16:31:23 +02:00
xfrm4_policy.c xfrm: Don't accidentally set RTO_ONLINK in decode_session4() 2022-02-23 11:58:39 +01:00
xfrm4_protocol.c net: xfrm: unexport __init-annotated xfrm4_protocol_init() 2022-06-14 16:59:35 +02:00
xfrm4_state.c
xfrm4_tunnel.c