linux/net/ipv4
Willem de Bruijn 8a0ed250f9 ip_gre: validate csum_start only on pull
The GRE tunnel device can pull existing outer headers in ipge_xmit.
This is a rare path, apparently unique to this device. The below
commit ensured that pulling does not move skb->data beyond csum_start.

But it has a false positive if ip_summed is not CHECKSUM_PARTIAL and
thus csum_start is irrelevant.

Refine to exclude this. At the same time simplify and strengthen the
test.

Simplify, by moving the check next to the offending pull, making it
more self documenting and removing an unnecessary branch from other
code paths.

Strengthen, by also ensuring that the transport header is correct and
therefore the inner headers will be after skb_reset_inner_headers.
The transport header is set to csum_start in skb_partial_csum_set.

Link: https://lore.kernel.org/netdev/YS+h%2FtqCJJiQei+W@shredder/
Fixes: 1d011c4803 ("ip_gre: add validation for csum_start")
Reported-by: Ido Schimmel <idosch@idosch.org>
Suggested-by: Alexander Duyck <alexander.duyck@gmail.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Reviewed-by: Alexander Duyck <alexanderduyck@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-09-05 18:59:32 +01:00
..
bpfilter
netfilter netfilter: x_tables: handle xt_register_template() returning an error value 2021-08-25 13:06:48 +02:00
af_inet.c bpf: Migrate cgroup_bpf to internal cgroup_bpf_attach_type enum 2021-08-23 17:50:24 -07:00
ah4.c Networking changes for 5.14. 2021-06-30 15:51:09 -07:00
arp.c net: Exempt multicast addresses from five-second neighbor lifetime 2020-11-13 14:24:39 -08:00
bpf_tcp_ca.c bpf: tcp: Allow bpf-tcp-cc to call bpf_(get|set)sockopt 2021-08-25 17:40:35 -07:00
cipso_ipv4.c net: remove the unnecessary check in cipso_v4_doi_free 2021-09-03 13:52:29 +01:00
datagram.c
devinet.c net: add extack arg for link ops 2021-08-04 10:01:26 +01:00
esp4_offload.c xfrm: remove description from xfrm_type struct 2021-06-09 09:38:52 +02:00
esp4.c ipsec: Remove unneeded extra variable in esp4 esp_ssg_unref() 2021-07-20 16:14:23 +02:00
fib_frontend.c net: Use nlmsg_unicast() instead of netlink_unicast() 2021-07-13 09:28:29 -07:00
fib_lookup.h ipv4: Fix spelling mistakes 2021-06-07 14:08:30 -07:00
fib_notifier.c
fib_rules.c
fib_semantics.c net: Remove redundant if statements 2021-08-05 13:27:50 +01:00
fib_trie.c memcg: enable accounting for IP address and routing-related objects 2021-07-20 06:00:38 -07:00
fou.c fou: remove sparse errors 2021-08-31 12:03:33 +01:00
gre_demux.c net: Remove the member netns_ok 2021-05-17 15:29:35 -07:00
gre_offload.c ip_gre: add csum offload support for gre header 2021-01-29 20:39:14 -08:00
icmp.c net: Remove redundant if statements 2021-08-05 13:27:50 +01:00
igmp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-08-13 06:41:22 -07:00
inet_connection_sock.c net-memcg: pass in gfp_t mask to mem_cgroup_charge_skmem() 2021-08-18 11:39:44 +01:00
inet_diag.c net: Use nlmsg_unicast() instead of netlink_unicast() 2021-07-13 09:28:29 -07:00
inet_fragment.c inet: frags: batch fqdir destroy works 2020-12-12 15:08:54 -08:00
inet_hashtables.c tcp: Keep TCP_CLOSE sockets in the reuseport group. 2021-06-15 18:01:05 +02:00
inet_timewait_sock.c
inetpeer.c inetpeer: use div64_ul() and clamp_val() calculate inet_peer_threshold 2021-03-01 13:32:12 -08:00
ip_forward.c
ip_fragment.c
ip_gre.c ip_gre: validate csum_start only on pull 2021-09-05 18:59:32 +01:00
ip_input.c net: use indirect call helpers for dst_input 2021-02-03 14:51:39 -08:00
ip_options.c
ip_output.c net: ipv4: Fix the warning for dereference 2021-08-30 12:47:09 +01:00
ip_sockglue.c net/ipv4/ipv6: Replace one-element arraya with flexible-array members 2021-08-05 11:46:42 +01:00
ip_tunnel_core.c net: ip_tunnel: clean up endianness conversions 2021-01-08 19:25:35 -08:00
ip_tunnel.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-07-31 09:14:46 -07:00
ip_vti.c ip_tunnel: use ndo_siocdevprivate 2021-07-27 20:11:44 +01:00
ipcomp.c Networking changes for 5.14. 2021-06-30 15:51:09 -07:00
ipconfig.c net: ipconfig: Don't override command-line hostnames or domains 2021-06-02 13:27:03 -07:00
ipip.c ip_tunnel: use ndo_siocdevprivate 2021-07-27 20:11:44 +01:00
ipmr_base.c
ipmr.c ipmr: Fix indentation issue 2021-07-07 20:52:25 -07:00
Kconfig
Makefile bpf: Clean up sockmap related Kconfigs 2021-02-26 12:28:03 -08:00
metrics.c treewide: rename nla_strlcpy to nla_strscpy. 2020-11-16 08:08:54 -08:00
netfilter.c netfilter: Dissect flow after packet mangling 2021-04-18 22:04:16 +02:00
netlink.c
nexthop.c Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6 2021-09-02 11:42:13 +01:00
ping.c net: sock: introduce sk_error_report 2021-06-29 11:28:21 -07:00
proc.c tcp: Add stats for socket migration. 2021-06-23 12:56:08 -07:00
protocol.c net: Remove the member netns_ok 2021-05-17 15:29:35 -07:00
raw_diag.c net: Use nlmsg_unicast() instead of netlink_unicast() 2021-07-13 09:28:29 -07:00
raw.c net: sock: introduce sk_error_report 2021-06-29 11:28:21 -07:00
route.c ipv4: fix endianness issue in inet_rtm_getroute_build_skb() 2021-08-31 12:03:03 +01:00
syncookies.c selinux/stable-5.11 PR 20201214 2020-12-16 11:01:04 -08:00
sysctl_net_ipv4.c net: Introduce net.ipv4.tcp_migrate_req. 2021-06-15 18:01:05 +02:00
tcp_bbr.c tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets 2021-08-11 15:00:15 -07:00
tcp_bic.c
tcp_bpf.c bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats 2021-07-15 19:54:22 +02:00
tcp_cdg.c
tcp_cong.c net: Only allow init netns to set default tcp cong to a restricted algo 2021-05-04 11:58:28 -07:00
tcp_cubic.c tcp: Rename bictcp function prefix to cubictcp 2021-03-26 20:41:51 -07:00
tcp_dctcp.c
tcp_dctcp.h
tcp_diag.c
tcp_fastopen.c tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD 2021-08-16 17:25:49 -07:00
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c
tcp_illinois.c
tcp_input.c tcp: more accurately check DSACKs to grow RACK reordering window 2021-07-27 20:07:21 +01:00
tcp_ipv4.c Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2021-07-31 11:23:26 -07:00
tcp_lp.c ipv4: tcp_lp.c: Couple of typo fixes 2021-03-28 17:31:13 -07:00
tcp_metrics.c fixes-v5.11 2020-12-14 16:40:27 -08:00
tcp_minisocks.c tcp: Add stats for socket migration. 2021-06-23 12:56:08 -07:00
tcp_nv.c
tcp_offload.c net, gro: Set inner transport header offset in tcp/udp GRO hook 2021-08-02 10:20:56 +01:00
tcp_output.c net-memcg: pass in gfp_t mask to mem_cgroup_charge_skmem() 2021-08-18 11:39:44 +01:00
tcp_rate.c
tcp_recovery.c tcp: more accurately check DSACKs to grow RACK reordering window 2021-07-27 20:07:21 +01:00
tcp_scalable.c
tcp_timer.c net: sock: introduce sk_error_report 2021-06-29 11:28:21 -07:00
tcp_ulp.c
tcp_vegas.c tcp: use semicolons rather than commas to separate statements 2020-10-13 17:11:52 -07:00
tcp_vegas.h
tcp_veno.c
tcp_westwood.c
tcp_yeah.c tcp_yeah: check struct yeah size at compile time 2021-06-29 11:54:36 -07:00
tcp.c tcp: enable mid stream window clamp 2021-08-26 18:00:40 -07:00
tunnel4.c net: Remove the member netns_ok 2021-05-17 15:29:35 -07:00
udp_bpf.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-07-23 16:13:06 +01:00
udp_diag.c net: Use nlmsg_unicast() instead of netlink_unicast() 2021-07-13 09:28:29 -07:00
udp_impl.h
udp_offload.c fou: remove sparse errors 2021-08-31 12:03:33 +01:00
udp_tunnel_core.c udp_tunnel: reshuffle NETIF_F_RX_UDP_TUNNEL_PORT checks 2021-01-07 12:53:29 -08:00
udp_tunnel_nic.c
udp_tunnel_stub.c
udp.c bpf: Migrate cgroup_bpf to internal cgroup_bpf_attach_type enum 2021-08-23 17:50:24 -07:00
udplite.c net: Remove the member netns_ok 2021-05-17 15:29:35 -07:00
xfrm4_input.c
xfrm4_output.c
xfrm4_policy.c
xfrm4_protocol.c net: Remove the member netns_ok 2021-05-17 15:29:35 -07:00
xfrm4_state.c
xfrm4_tunnel.c xfrm: remove description from xfrm_type struct 2021-06-09 09:38:52 +02:00