Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-25 21:51:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
A mirror of the official Linux kernel repository just in case
1,073,809 Commits 7 Branches 862 Tags 6.4 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
224102de2f
Go to file
lena wang 224102de2f net: fix up skbs delta_truesize in UDP GRO frag_list 
The truesize for a UDP GRO packet is added by main skb and skbs in main
skb's frag_list:
skb_gro_receive_list
        p->truesize += skb->truesize;

The commit 53475c5dd8 ("net: fix use-after-free when UDP GRO with
shared fraglist") introduced a truesize increase for frag_list skbs.
When uncloning skb, it will call pskb_expand_head and trusesize for
frag_list skbs may increase. This can occur when allocators uses
__netdev_alloc_skb and not jump into __alloc_skb. This flow does not
use ksize(len) to calculate truesize while pskb_expand_head uses.
skb_segment_list
err = skb_unclone(nskb, GFP_ATOMIC);
pskb_expand_head
        if (!skb->sk || skb->destructor == sock_edemux)
                skb->truesize += size - osize;

If we uses increased truesize adding as delta_truesize, it will be
larger than before and even larger than previous total truesize value
if skbs in frag_list are abundant. The main skb truesize will become
smaller and even a minus value or a huge value for an unsigned int
parameter. Then the following memory check will drop this abnormal skb.

To avoid this error we should use the original truesize to segment the
main skb.

Fixes: 53475c5dd8 ("net: fix use-after-free when UDP GRO with shared fraglist")
Signed-off-by: lena wang <lena.wang@mediatek.com>
Acked-by: Paolo Abeni <pabeni@redhat.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://lore.kernel.org/r/1646133431-8948-1-git-send-email-lena.wang@mediatek.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-03-02 22:04:10 -08:00
arch parisc unaligned handler fixes 2022-02-23 12:06:23 -08:00
block block: clear iocb->private in blkdev_bio_end_io_async() 2022-02-22 06:59:49 -07:00
certs certs: Fix build error when CONFIG_MODULE_SIG_KEY is empty 2022-01-23 00:08:44 +09:00
crypto crypto: af_alg - get rid of alg_memory_allocated 2022-02-15 14:29:04 +00:00
Documentation Devicetree fixes for v5.17, take 2: 2022-02-23 17:25:22 -08:00
drivers iwlwifi: mvm: return value for request_ownership 2022-03-02 22:37:25 +01:00
fs io_uring-5.17-2022-02-23 2022-02-24 11:08:15 -08:00
include Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf 2022-03-01 15:13:47 -08:00
init lib/stackdepot: allow optional init and stack_table allocation by kvmalloc() 2022-01-22 08:33:37 +02:00
ipc ipc/sem: do not sleep with a spin lock held 2022-02-04 09:25:05 -08:00
kernel Networking fixes for 5.17-rc6, including fixes from bpf and netfilter. 2022-02-24 12:45:32 -08:00
lib Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2022-02-22 10:31:53 -08:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
mm mm: don't try to NUMA-migrate COW pages that have other uses 2022-02-17 08:57:47 -08:00
net net: fix up skbs delta_truesize in UDP GRO frag_list 2022-03-02 22:04:10 -08:00
samples samples/seccomp: Adjust sample to also provide kill option 2022-02-10 19:09:12 -08:00
scripts kconfig: fix failing to generate auto.conf 2022-02-12 23:24:19 +09:00
security selinux/stable-5.17 PR 20220223 2022-02-23 17:19:55 -08:00
sound ASoC: intel: skylake: Set max DMA segment size 2022-02-17 09:39:44 +01:00
tools Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf 2022-03-01 15:13:47 -08:00
usr kbuild: remove include/linux/cyclades.h from header file check 2022-01-27 08:51:08 +01:00
virt Two larger x86 series: 2022-01-28 19:00:26 +02:00
.clang-format genirq/msi: Make interrupt allocation less convoluted 2021-12-16 22:22:20 +01:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap mailmap: update Christian Brauner's email address 2022-02-01 11:21:31 -08:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Removing Ohad from remoteproc/rpmsg maintenance 2021-12-08 10:09:40 -07:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Networking fixes for 5.17-rc6, including fixes from bpf and netfilter. 2022-02-24 12:45:32 -08:00
Makefile Linux 5.17-rc5 2022-02-20 13:07:20 -08:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.