evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/net
History
Julian Anastasov 4c78631d88 ipvs: do not schedule icmp errors from tunnels 
[ Upstream commit 0261ea1bd1eb0da5c0792a9119b8655cf33c80a3 ]

We can receive ICMP errors from client or from
tunneling real server. While the former can be
scheduled to real server, the latter should
not be scheduled, they are decapsulated only when
existing connection is found.

Fixes: 6044eeffaf ("ipvs: attempt to schedule icmp packets")
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-05-16 19:45:06 +02:00
..
6lowpan 6lowpan: iphc: reset mac_header after decompress to fix panic 2018-10-10 08:52:04 +02:00
9p 9p: do not trust pdu content for stat item size 2019-04-27 09:33:58 +02:00
802
8021q vlan: also check phy_driver ts_info for vlan's real device 2018-04-13 19:50:25 +02:00
appletalk appletalk: Fix use-after-free in atalk_proc_exit 2019-04-27 09:33:59 +02:00
atm net: atm: Fix potential Spectre v1 vulnerabilities 2019-04-27 09:33:59 +02:00
ax25 ax25: fix possible use-after-free 2019-02-23 09:05:14 +01:00
batman-adv batman-adv: fix uninit-value in batadv_interface_tx() 2019-03-23 08:44:17 +01:00
bluetooth Bluetooth: Align minimum encryption key size for LE and BR/EDR connections 2019-05-16 19:45:04 +02:00
bridge netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING 2019-05-16 19:44:57 +02:00
caif net: caif: Add a missing rcu_read_unlock() in caif_flow_cb 2018-09-05 09:18:34 +02:00
can can: bcm: check timer values before ktime conversion 2019-02-06 19:43:04 +01:00
ceph libceph: handle an empty authorize reply 2019-03-23 08:44:18 +01:00
core bpf: reject wrong sized filters earlier 2019-05-16 19:44:52 +02:00
dcb net: dcb: For wild-card lookups, use priority -1, not 0 2018-09-19 22:48:58 +02:00
dccp dccp: do not use ipv6 header for ipv4 flow 2019-04-03 06:23:25 +02:00
decnet dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock 2018-02-25 11:03:38 +01:00
dns_resolver KEYS: DNS: fix parsing multiple options 2018-07-22 14:25:54 +02:00
dsa net: dsa: slave: Don't propagate flag changes on down slave interfaces 2019-02-20 10:13:15 +01:00
ethernet
hsr net/hsr: fix possible crash in add_timer() 2019-03-23 08:44:31 +01:00
ieee802154 inet: frags: fix ip6frag_low_thresh boundary 2019-02-08 11:25:32 +01:00
ipv4 ipv4: ip_do_fragment: Preserve skb_iif during fragmentation 2019-05-16 19:44:59 +02:00
ipv6 ipv6: fix a potential deadlock in do_ipv6_setsockopt() 2019-05-16 19:45:05 +02:00
ipx
irda irda: Only insert new objects into the global database via setsockopt 2018-09-15 09:40:40 +02:00
iucv af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers 2018-11-10 07:41:35 -08:00
key af_key: Always verify length of provided sadb_key 2018-06-16 09:54:25 +02:00
l2tp l2tp: fix infoleak in l2tp_ip6_recvmsg() 2019-03-23 08:44:29 +01:00
l3mdev
lapb
llc llc: do not use sk_eat_skb() 2018-12-01 09:46:34 +01:00
mac80211 mac80211: do not call driver wake_tx_queue op during reconfig 2019-04-27 09:34:02 +02:00
mac802154 net: mac802154: tx: expand tailroom if necessary 2018-09-09 20:04:32 +02:00
mpls mpls, nospec: Sanitize array index in mpls_label_ok() 2018-03-11 16:19:47 +01:00
netfilter ipvs: do not schedule icmp errors from tunnels 2019-05-16 19:45:06 +02:00
netlabel netlabel: check for IPV4MASK in addrinfo_get 2018-10-20 09:52:36 +02:00
netlink netlink: Don't shift on 64 for ngroups 2018-08-09 12:19:28 +02:00
netrom netrom: switch to sock timer API 2019-02-06 19:43:06 +01:00
nfc net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails 2019-03-23 08:44:22 +01:00
openvswitch openvswitch: fix flow actions reallocation 2019-04-27 09:33:54 +02:00
packet packet: validate msg_namelen in send directly 2019-05-16 19:45:00 +02:00
phonet phonet: fix building with clang 2019-03-23 08:44:34 +01:00
rds net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). 2019-04-27 09:33:54 +02:00
rfkill rfkill: gpio: fix memory leak in probe error path 2018-05-16 10:06:51 +02:00
rose net: rose: fix a possible stack overflow 2019-04-03 06:23:25 +02:00
rxrpc rxrpc: check return value of skb_to_sgvec always 2018-04-13 19:50:23 +02:00
sched net_sched: refetch skb protocol for each filter 2019-02-06 19:43:03 +01:00
sctp sctp: initialize _pad of sockaddr_in before copying to user memory 2019-04-27 09:33:55 +02:00
sunrpc sunrpc: don't mark uninitialised items as VALID. 2019-05-16 19:44:44 +02:00
switchdev
tipc tipc: check link name with right length in tipc_nl_compat_link_set 2019-05-16 19:44:52 +02:00
unix missing barriers in some of unix_sock ->addr and ->path accesses 2019-03-23 08:44:31 +01:00
vmw_vsock vsock: cope with memory allocation failure at socket creation time 2019-02-23 09:05:13 +01:00
wimax
wireless cfg80211: size various nl80211 messages correctly 2019-04-03 06:23:25 +02:00
x25 net/x25: fix a race in x25_bind() 2019-03-23 08:44:30 +01:00
xfrm xfrm: refine validation of template and selector families 2019-02-20 10:13:20 +01:00
compat.c sock: Make sock->sk_stamp thread-safe 2019-01-13 10:05:28 +01:00
Kconfig Make DST_CACHE a silent config option 2018-02-25 11:03:37 +01:00
Makefile
socket.c sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names 2019-03-23 08:44:21 +01:00
sysctl_net.c