shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-09 12:17:12 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
4.9.113-8
linux/net/ipv4
History
Hanjie Lin 8663100e9d RAVENPLAT-2379:OSS vulnerability found in [boot.img]:[linux_kernel] (CVE-2018-5390) Risk:[] [1/1] 
PD#OTT-5669

[Problem]
Linux kernel versions 4.9+ can be forced to make very expensive calls
to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming
packet which can lead to a denial of service.

[Solution]
Juha-Matti Tilli reported that malicious peers could inject tiny
packets in out_of_order_queue, forcing very expensive calls
to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for
every incoming packet.
With tcp_rmem[2] default of 6MB, the ooo queue could
contain ~7000 nodes.
This patch series makes sure we cut cpu cycles enough to
render the attack not critical.
We might in the future go further, like disconnecting
or black-holing proven malicious flows.

[Test]

Change-Id: I09c72cd11a38516f3b6e293deb21c5dd0faa3d9e
Signed-off-by: Hanjie Lin <hanjie.lin@amlogic.com>
2019-09-17 23:17:53 -07:00
..
netfilter
netfilter: x_tables: initialise match/target check parameter struct
2018-07-17 11:37:54 +02:00
af_inet.c
BACKPORT: net/tcp-fastopen: Add new API support
2017-11-13 15:18:49 +08:00
ah4.c
ipsec: check return value of skb_to_sgvec always
2018-04-13 19:48:31 +02:00
arp.c
arp: fix arp_filter on l3slave devices
2018-04-13 19:48:32 +02:00
cipso_ipv4.c
tcp/dccp: fix ireq->opt races
2017-11-18 11:22:22 +01:00
datagram.c
devinet.c
ipv4: igmp: guard against silly MTU values
2018-01-02 20:35:10 +01:00
esp4.c
ipsec: check return value of skb_to_sgvec always
2018-04-13 19:48:31 +02:00
fib_frontend.c
Merge 4.9.74 into android-4.9
2018-01-02 20:45:15 +01:00
fib_lookup.h
fib_rules.c
switchdev: remove FIB offload infrastructure
2016-09-28 04:48:00 -04:00
fib_semantics.c
ipv4: Fix error return value in fib_convert_metrics()
2018-07-11 16:26:42 +02:00
fib_trie.c
net: Improve handling of failures on link and route dumps
2017-06-07 12:07:44 +02:00
fou.c
net: add recursion limit to GRO
2016-10-20 14:32:22 -04:00
gre_demux.c
gre_offload.c
gso: fix payload length when gso_size is zero
2017-11-18 11:22:20 +01:00
icmp.c
Merge 4.9.71 into android-4.9
2017-12-20 10:51:15 +01:00
igmp.c
net: igmp: add a missing rcu locking section
2018-02-13 12:35:56 +01:00
inet_connection_sock.c
Merge 4.9.63 into android-4.9
2017-11-18 17:25:57 +01:00
inet_diag.c
net: inet: diag: expose the socket mark to privileged processes.
2016-09-08 16:13:09 -07:00
inet_fragment.c
net: merge CVE-2018-5391 patch
2018-09-04 19:03:37 -07:00
inet_hashtables.c
soreuseport: fix initialization race
2017-11-18 11:22:22 +01:00
inet_timewait_sock.c
soreuseport: initialise timewait reuseport field
2018-05-16 10:08:41 +02:00
inetpeer.c
ip_forward.c
ipv4: allow local fragmentation in ip_finish_output_gso()
2016-11-03 16:10:26 -04:00
ip_fragment.c
net: merge CVE-2018-5391 patch
2018-09-03 03:57:50 -07:00
ip_gre.c
net/ip_tunnels: Introduce tunnel_id_to_key32() and key32_to_tunnel_id()
2016-09-10 20:53:55 -07:00
ip_input.c
net: VRF: Pass original iif to ip_route_input()
2016-09-16 04:24:07 -04:00
ip_options.c
ip_output.c
Merge 4.9.103 into android-4.9
2018-05-25 17:06:35 +02:00
ip_sockglue.c
ipv4: remove warning in ip_recv_error
2018-06-13 16:16:42 +02:00
ip_tunnel_core.c
net: Specify the owning module for lwtunnel ops
2017-02-04 09:47:11 +01:00
ip_tunnel.c
ip_tunnel: better validate user provided tunnel names
2018-04-13 19:48:34 +02:00
ip_vti.c
Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
2018-05-30 22:25:17 +02:00
ipcomp.c
ipconfig.c
net: ipconfig: fix ic_close_devs() use-after-free
2017-12-25 14:23:42 +01:00
ipip.c
ipip: only increase err_count for some certain type icmp in ipip_err
2017-11-18 11:22:23 +01:00
ipmr.c
ipmr: vrf: Find VIFs using the actual device
2018-04-13 19:47:59 +02:00
Kconfig
tcp: Set DEFAULT_TCP_CONG to bbr if DEFAULT_BBR is set
2016-11-28 12:15:00 -05:00
Makefile
ANDROID: sysfs_net_ipv4: Add sysfs-based knobs for controlling TCP window size
2017-01-19 13:32:01 -08:00
netfilter.c
netfilter: use skb_to_full_sk in ip_route_me_harder
2017-07-05 14:40:28 +02:00
ping.c
Merge 4.9.101 into android-4.9
2018-05-19 14:06:17 +02:00
proc.c
net: Suppress the "Comparison to NULL could be written" warnings
2016-09-30 01:50:45 -04:00
protocol.c
raw.c
Merge 4.9.74 into android-4.9
2018-01-02 20:45:15 +01:00
route.c
Merge 4.9.104 into android-4.9
2018-05-30 13:19:56 +02:00
syncookies.c
Merge 4.9.63 into android-4.9
2017-11-18 17:25:57 +01:00
sysctl_net_ipv4.c
wifi: add tcp delay ack support [1/1]
2019-07-29 04:09:18 -07:00
sysfs_net_ipv4.c
ANDROID: sysfs_net_ipv4: Add sysfs-based knobs for controlling TCP window size
2017-01-19 13:32:01 -08:00
tcp_bbr.c
tcp_bbr: fix to zero idle_restart only upon S/ACKed data
2018-05-19 10:26:59 +02:00
tcp_bic.c
tcp_cdg.c
tcp: cdg: rename struct minmax in tcp_cdg.c to avoid a naming conflict
2016-09-21 00:22:59 -04:00
tcp_cong.c
tcp: disallow cwnd undo when switching congestion control
2017-06-14 15:05:52 +02:00
tcp_cubic.c
tcp_dctcp.c
dctcp: avoid bogus doubling of cwnd after loss
2016-10-31 15:16:28 -04:00
tcp_diag.c
tcp_fastopen.c
BACKPORT: net/tcp-fastopen: Add new API support
2017-11-13 15:18:49 +08:00
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c
tcp_illinois.c
net/tcp/illinois: replace broken algorithm reference link
2018-05-30 07:50:33 +02:00
tcp_input.c
RAVENPLAT-2379:OSS vulnerability found in [boot.img]:[linux_kernel] (CVE-2018-5390) Risk:[] [1/1]
2019-09-17 23:17:53 -07:00
tcp_ipv4.c
Merge 4.9.110 into android-4.9
2018-06-26 09:32:02 +08:00
tcp_lp.c
tcp: fix wraparound issue in tcp_lp
2017-05-14 14:00:21 +02:00
tcp_metrics.c
tcp_minisocks.c
tcp/dccp: block bh before arming time_wait timer
2017-12-16 16:25:46 +01:00
tcp_nv.c
tcp_nv: fix potential integer overflow in tcpnv_acked
2018-05-30 07:50:22 +02:00
tcp_offload.c
gso: validate gso_type in GSO handlers
2018-01-31 12:55:55 +01:00
tcp_output.c
Merge 4.9.103 into android-4.9
2018-05-25 17:06:35 +02:00
tcp_probe.c
tcp: tcp_probe: use spin_lock_bh()
2017-06-17 06:41:49 +02:00
tcp_rate.c
tcp: invalidate rate samples during SACK reneging
2018-01-02 20:35:13 +01:00
tcp_recovery.c
tcp_scalable.c
tcp_timer.c
wifi: add tcp delay ack support [1/1]
2019-07-29 04:09:18 -07:00
tcp_vegas.c
tcp: fix under-evaluated ssthresh in TCP Vegas
2017-12-25 14:23:45 +01:00
tcp_vegas.h
tcp_veno.c
tcp_westwood.c
tcp_yeah.c
tcp: cwnd does not increase in TCP YeAH
2016-09-08 17:16:12 -07:00
tcp.c
wifi: add tcp delay ack support [1/1]
2019-07-29 04:09:18 -07:00
tunnel4.c
udp_diag.c
net: inet: diag: expose the socket mark to privileged processes.
2016-09-08 16:13:09 -07:00
udp_impl.h
udplite: call proper backlog handlers
2016-11-24 15:32:14 -05:00
udp_offload.c
gso: validate gso_type in GSO handlers
2018-01-31 12:55:55 +01:00
udp_tunnel.c
udp.c
Merge 4.9.101 into android-4.9
2018-05-19 14:06:17 +02:00
udplite.c
udplite: call proper backlog handlers
2016-11-24 15:32:14 -05:00
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c
xfrm4_policy.c
Merge 4.9.104 into android-4.9
2018-05-30 13:19:56 +02:00
xfrm4_protocol.c
xfrm4_state.c
xfrm4_tunnel.c