evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/net
History
Eric Dumazet 9fa2a49a4a tcp: avoid collapses in tcp_prune_queue() if possible 
[ Upstream commit f4a3313d8e2ca9fd8d8f45e40a2903ba782607e7 ]

Right after a TCP flow is created, receiving tiny out of order
packets allways hit the condition :

if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)
	tcp_clamp_window(sk);

tcp_clamp_window() increases sk_rcvbuf to match sk_rmem_alloc
(guarded by tcp_rmem[2])

Calling tcp_collapse_ofo_queue() in this case is not useful,
and offers a O(N^2) surface attack to malicious peers.

Better not attempt anything before full queue capacity is reached,
forcing attacker to spend lots of resource and allow us to more
easily detect the abuse.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2018-07-27 12:33:58 +02:00
..
6lowpan
9p net/9p: Switch to wait_event_killable() 2017-11-30 08:37:25 +00:00
802
8021q vlan: also check phy_driver ts_info for vlan's real device 2018-04-13 19:50:25 +02:00
appletalk
atm net: atm: Fix potential Spectre v1 2018-05-16 10:06:51 +02:00
ax25 ax25: Fix segfault after sock connection timeout 2017-02-04 09:45:09 +01:00
batman-adv batman-adv: fix packet loss for broadcasted DHCP packets to a server 2018-05-30 07:49:06 +02:00
bluetooth This is the 4.4.139 stable release 2018-07-03 18:23:34 +02:00
bridge This is the 4.4.141 stable release 2018-07-17 12:15:52 +02:00
caif net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx 2017-07-05 14:37:14 +02:00
can can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once 2018-01-31 12:06:08 +01:00
ceph libceph: validate con->state at the top of try_write() 2018-05-02 07:53:42 -07:00
core This is the 4.4.137 stable release 2018-06-13 16:36:26 +02:00
dcb
dccp dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() 2018-06-13 16:15:28 +02:00
decnet dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock 2018-02-25 11:03:38 +01:00
dns_resolver KEYS: DNS: limit the length of option strings 2018-04-29 07:50:04 +02:00
dsa net: dsa: select NET_SWITCHDEV 2017-11-15 17:13:11 +01:00
ethernet net: introduce device min_header_len 2017-02-18 16:39:27 +01:00
hsr net/hsr: fix a warning message 2015-11-23 14:56:15 -05:00
ieee802154 net: ieee802154: fix net_device reference release too early 2018-04-13 19:50:10 +02:00
ipv4 tcp: avoid collapses in tcp_prune_queue() if possible 2018-07-27 12:33:58 +02:00
ipv6 This is the 4.4.141 stable release 2018-07-17 12:15:52 +02:00
ipx ipx: call ipxitf_put() in ioctl error path 2017-05-25 14:30:13 +02:00
irda irda: do not leak initialized list.dev to userspace 2017-08-30 10:19:21 +02:00
iucv net/iucv: Free memory obtained by kzalloc 2018-03-31 18:12:33 +02:00
key af_key: Always verify length of provided sadb_key 2018-06-16 09:54:25 +02:00
l2tp This is the 4.4.133 stable release 2018-05-26 10:12:26 +02:00
l3mdev
lapb
llc llc: properly handle dev_queue_xmit() return value 2018-05-30 07:49:06 +02:00
mac80211 This is the 4.4.132 stable release 2018-05-16 11:32:47 +02:00
mac802154
mpls mpls, nospec: Sanitize array index in mpls_label_ok() 2018-03-11 16:19:47 +01:00
netfilter This is the 4.4.141 stable release 2018-07-17 12:15:52 +02:00
netlabel netlabel: If PF_INET6, check sk_buff ip header version 2018-05-30 07:49:17 +02:00
netlink netlink: fix uninit-value in netlink_sendmsg 2018-05-16 10:06:50 +02:00
netrom
nfc This is the 4.4.134 stable release 2018-05-30 13:25:24 +02:00
openvswitch openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found 2018-05-26 08:48:47 +02:00
packet packet: fix reserve calculation 2018-06-13 16:15:28 +02:00
phonet phonet: properly unshare skbs in phonet_rcv() 2016-01-31 11:29:00 -08:00
rds RDS: IB: Fix null pointer issue 2018-05-30 07:48:56 +02:00
rfkill This is the 4.4.132 stable release 2018-05-16 11:32:47 +02:00
rose
rxrpc rxrpc: check return value of skb_to_sgvec always 2018-04-13 19:50:23 +02:00
sched net_sched: fq: take care of throttled flows before reuse 2018-05-26 08:48:47 +02:00
sctp sctp: delay the authentication for the duplicated cookie-echo chunk 2018-05-26 08:48:49 +02:00
sunrpc rpc_pipefs: fix double-dput() 2018-04-24 09:32:11 +02:00
switchdev switchdev: pass pointer to fib_info instead of copy 2016-06-24 10:18:16 -07:00
tipc tipc: add policy for TIPC_NLA_NET_ADDR 2018-04-29 07:50:06 +02:00
unix net/unix: don't show information about sockets from other namespaces 2017-11-18 11:11:06 +01:00
vmw_vsock vsock: use new wait API for vsock_stream_sendmsg() 2017-11-30 08:37:19 +00:00
wimax
wireless This is the 4.4.133 stable release 2018-05-26 10:12:26 +02:00
x25 net: x25: fix one potential use-after-free issue 2018-04-13 19:50:07 +02:00
xfrm This is the 4.4.139 stable release 2018-07-03 18:23:34 +02:00
compat.c net: support compat 64-bit time in {s,g}etsockopt 2018-05-26 08:48:47 +02:00
Kconfig This is the 4.4.118 stable release 2018-02-26 09:24:57 +01:00
Makefile Revert "net: activity_stats: Add statistics for network transmission activity" 2016-04-25 22:19:46 +05:30
socket.c This is the 4.4.115 stable release 2018-02-03 17:44:38 +01:00
sysctl_net.c net: Use ns_capable_noaudit() when determining net sysctl permissions 2016-09-15 08:27:50 +02:00