Eric Dumazet 68b87a2b4a tcp: take care of truncations done by sk_filter() ... With syzkaller help, Marco Grassi found a bug in TCP stack, crashing in tcp_collapse() Root cause is that sk_filter() can truncate the incoming skb, but TCP stack was not really expecting this to happen. It probably was expecting a simple DROP or ACCEPT behavior. We first need to make sure no part of TCP header could be removed. Then we need to adjust TCP_SKB_CB(skb)->end_seq Many thanks to syzkaller team and Marco for giving us a reproducer. CRs-Fixed: 1089895 Change-Id: I84185558fa6e80b13d7d0078bda9d75143680941 Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: Marco Grassi <marco.gra@gmail.com> Reported-by: Vladis Dronov <vdronov@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> Git-commit: ac6e780070e30e4c35bd395acfe9191e6268bdd3 Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git [subashab@codeaurora.org: resolve trivial merge conflicts] Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>		2016-11-15 14:54:51 -07:00
..
6lowpan	6lowpan: put mcast compression in an own function	2015-10-21 00:49:25 +02:00
9p	IB/cma: Add support for network namespaces	2015-10-28 12:32:48 -04:00
802
8021q	vlan: Do not put vlan headers back on bridge and macvlan ports	2015-11-17 14:38:35 -05:00
appletalk
atm	atm: deal with setting entry before mkip was called	2015-09-17 22:13:32 -07:00
ax25	AX.25: Close socket connection on session completion	2016-07-11 09:31:12 -07:00
batman-adv	Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4"	2016-08-26 14:34:05 -07:00
bluetooth	Merge remote-tracking branch 'msm-4.4/tmp-2bf7955' into msm-4.4	2016-07-22 16:45:32 -07:00
bridge	Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4	2016-10-21 18:00:55 -07:00
caif	net: rename SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA	2015-12-01 15:45:05 -05:00
can	can: avoid using timeval for uapi	2015-10-13 17:42:34 +02:00
ceph	libceph: don't spam dmesg with stray reply warnings	2016-03-03 15:07:26 -08:00
core	rose: limit sk_filter trim to payload	2016-11-15 14:54:51 -07:00
dcb	net/dcb: make dcbnl.c explicitly non-modular	2015-10-09 07:52:27 -07:00
dccp	tcp/dccp: remove obsolete WARN_ON() in icmp handlers	2016-04-20 15:42:04 +09:00
decnet	Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4"	2016-08-26 14:34:05 -07:00
dns_resolver	net: dns_resolver: convert time_t to time64_t	2015-11-18 16:27:46 -05:00
dsa	net: dsa: use switchdev obj for VLAN add/del ops	2015-11-01 15:56:11 -05:00
ethernet	net: help compiler generate better code in eth_get_headlen	2015-09-28 22:51:15 -07:00
hsr	net/hsr: fix a warning message	2015-11-23 14:56:15 -05:00
ieee802154	net: fix percpu memory leaks	2015-11-02 22:47:14 -05:00
ipc_router	net: ipc_router: fix NULL pointer de-reference issue	2016-09-21 19:06:28 +05:30
ipv4	tcp: take care of truncations done by sk_filter()	2016-11-15 14:54:51 -07:00
ipv6	tcp: take care of truncations done by sk_filter()	2016-11-15 14:54:51 -07:00
ipx
irda	net: add validation for the socket syscall protocol argument	2015-12-14 16:09:30 -05:00
iucv	af_iucv: Validate socket address length in iucv_sock_bind()	2016-03-03 15:07:03 -08:00
key	af_key: fix two typos	2015-10-23 03:05:19 -07:00
l2tp	l2tp: fix configuration passed to setup_udp_tunnel_sock()	2016-06-24 10:18:17 -07:00
l3mdev	net: Add netif_is_l3_slave	2015-10-07 04:27:43 -07:00
lapb
llc	Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4"	2016-08-26 14:34:05 -07:00
mac80211	Merge "Merge remote-tracking branch 'msm4.4/tmp-da9a92f' into msm-4.4"	2016-11-04 22:22:00 -07:00
mac802154	mac802154: llsec: use kzfree	2015-10-21 00:49:24 +02:00
mpls	mpls: find_outdev: check for err ptr in addition to NULL check	2016-04-20 15:42:07 +09:00
netfilter	nf: IDLETIMER: Fix use after free condition during work	2016-11-14 12:08:11 -07:00
netlabel
netlink	Merge remote-tracking branch 'msm4.4/tmp-da9a92f' into msm-4.4	2016-10-28 10:48:35 -07:00
netrom
nfc	net: rename SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA	2015-12-01 15:45:05 -05:00
openvswitch	Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4"	2016-08-26 14:34:05 -07:00
packet	Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4"	2016-08-26 14:34:05 -07:00
phonet	phonet: properly unshare skbs in phonet_rcv()	2016-01-31 11:29:00 -08:00
rds	RDS: fix race condition when sending a message on unbound socket	2015-11-24 17:20:09 -05:00
rfkill	Merge remote-tracking branch 'origin/tmp-917a9a9133a6' into lsk	2016-07-12 11:40:49 -07:00
rmnet_data	net: rmnet_data: Handle buffer bloat for TCP scenarios	2016-11-14 12:49:05 -07:00
rose	rose: limit sk_filter trim to payload	2016-11-15 14:54:51 -07:00
rxrpc	net: rename SOCK_ASYNC_NOSPACE and SOCK_ASYNC_WAITDATA	2015-12-01 15:45:05 -05:00
sched	Merge remote-tracking branch 'msm4.4/tmp-da9a92f' into msm-4.4	2016-10-28 10:48:35 -07:00
sctp	sctp: lack the check for ports in sctp_v6_cmp_addr	2016-04-20 15:41:58 +09:00
sunrpc	Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4"	2016-08-26 14:34:05 -07:00
switchdev	switchdev: pass pointer to fib_info instead of copy	2016-06-24 10:18:16 -07:00
tipc	tipc: fix nametable publication field in nl compat	2016-06-24 10:18:16 -07:00
unix	af_unix: fix hard linked sockets on overlay	2016-07-27 09:47:33 -07:00
vmw_vsock	Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4"	2016-08-26 14:34:05 -07:00
wimax
wireless	Merge "Merge remote-tracking branch 'msm4.4/tmp-da9a92f' into msm-4.4"	2016-11-04 22:22:00 -07:00
x25	Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4"	2016-08-26 14:34:05 -07:00
xfrm	net: Revert upstream changes which break routing in tunnel scenarios	2016-07-21 10:58:54 -06:00
compat.c
Kconfig	Revert "net: activity_stats: Add statistics for network transmission activity"	2016-07-28 19:47:52 -07:00
Makefile	Revert "net: activity_stats: Add statistics for network transmission activity"	2016-07-28 19:47:52 -07:00
socket.c	Merge remote-tracking branch 'msm-4.4/tmp-2bf7955' into msm-4.4	2016-07-22 16:45:32 -07:00
sysctl_net.c	net: sysctl: fix a kmemleak warning	2015-10-23 06:22:08 -07:00