linux/include/net
hannes@stressinduktion.org f60e5990d9 ipv6: protect skb->sk accesses from recursive dereference inside the stack
We should not consult skb->sk for output decisions in xmit recursion
levels > 0 in the stack. Otherwise local socket settings could influence
the result of e.g. tunnel encapsulation process.

ipv6 does not conform with this in three places:

1) ip6_fragment: we do consult ipv6_npinfo for frag_size

2) sk_mc_loop in ipv6 uses skb->sk and checks if we should
   loop the packet back to the local socket

3) ip6_skb_dst_mtu could query the settings from the user socket and
   force a wrong MTU

Furthermore:
In sk_mc_loop we could potentially land in WARN_ON(1) if we use a
PF_PACKET socket ontop of an IPv6-backed vxlan device.

Reuse xmit_recursion as we are currently only interested in protecting
tunnel devices.

Cc: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-06 16:12:49 -04:00
..
9p net/9p: remove a comment about pref member which doesn't exist 2014-11-06 14:59:19 -05:00
bluetooth Bluetooth: Remove mgmt_rp_read_local_oob_ext_data struct 2015-02-02 18:27:56 +01:00
caif caif: fix a signedness bug in cfpkt_iterate() 2015-02-20 17:35:14 -05:00
irda irda: Convert function pointer arrays and uses to const 2014-12-10 15:33:16 -05:00
iucv af_iucv: fix recvmsg by replacing skb_pull() function 2013-04-08 17:16:57 -04:00
netfilter netfilter: restore rule tracing via nfnetlink_log 2015-03-19 11:14:48 +01:00
netns ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
nfc NFC: nci: Move logical connection structure allocation 2015-02-04 09:14:09 +01:00
phonet
sctp switch sctp_user_addto_chunk() and sctp_datamsg_from_user() to passing iov_iter 2014-11-24 05:16:40 -05:00
tc_act net: sched: Introduce connmark action 2015-01-19 16:02:06 -05:00
6lowpan.h ieee802154: 6lowpan: rename process_data and lowpan_process_data 2014-10-27 15:51:16 +01:00
act_api.h net_sched: act: refuse to remove bound action outside 2014-02-12 19:23:32 -05:00
addrconf.h net: ipv6: allow explicitly choosing optimistic addresses 2015-02-05 15:37:41 -08:00
af_ieee802154.h ieee802154: mac802154: remove FSF address 2014-10-25 08:07:30 +02:00
af_rxrpc.h af_rxrpc.h: Remove extern from function prototypes 2013-07-31 17:50:01 -07:00
af_unix.h af_unix: improve STREAM behavior with fragmented memory 2013-08-10 01:16:44 -07:00
af_vsock.h vmci_transport: switch ->enqeue_dgram, ->enqueue_stream and ->dequeue_stream to msghdr 2014-11-24 05:16:42 -05:00
ah.h ipsec: Remove obsolete MAX_AH_AUTH_LEN 2014-09-18 10:54:36 +02:00
arp.h arp: make arp_invalidate static 2013-12-28 17:02:46 -05:00
atmclip.h
ax25.h ax25.h: Remove extern from function prototypes 2013-07-31 17:50:02 -07:00
ax88796.h
bond_3ad.h bonding: cleanup and remove dead code 2015-01-27 17:09:04 -08:00
bond_alb.h net: Move bonding headers under include/net 2014-11-10 13:27:49 -05:00
bond_options.h net: Move bonding headers under include/net 2014-11-10 13:27:49 -05:00
bonding.h net/bonding: Fix potential bad memory access during bonding events 2015-02-09 14:03:53 -08:00
busy_poll.h sched, net: Fixup busy_loop_us_clock() 2014-01-13 17:39:11 +01:00
cfg80211-wext.h
cfg80211.h nl80211: add an attribute to allow delaying the first scheduled scan cycle 2015-01-23 10:30:47 +01:00
cfg802154.h nl802154: introduce support for cca settings 2014-12-19 00:19:23 +01:00
checksum.h net: Fix remcsum in GRO path to not change packet 2015-02-11 15:12:09 -08:00
cipso_ipv4.h cipso: don't use IPCB() to locate the CIPSO IP option 2015-02-11 14:46:37 -05:00
cls_cgroup.h cgroup: clean up cgroup_subsys names and initialization 2014-02-08 10:36:58 -05:00
codel.h net: use ktime_get_ns() and ktime_get_real_ns() helpers 2014-08-22 19:57:23 -07:00
compat.h fold verify_iovec() into copy_msghdr_from_user() 2014-11-19 16:23:49 -05:00
datalink.h net: Move prototype declaration to header file include/net/datalink.h from net/ipx/af_ipx.c 2014-02-09 17:32:50 -08:00
dcbevent.h include/net/: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
dcbnl.h Update setapp/getapp prototypes in dcbnl_rtnl_ops to return int instead of u8 2014-07-17 16:02:29 -07:00
dn_dev.h dn_dev: add support for IFA_FLAGS nl attribute 2013-12-10 21:50:00 -05:00
dn_fib.h decnet (dn*.h): Remove extern from function prototypes 2013-09-20 14:49:32 -04:00
dn_neigh.h decnet (dn*.h): Remove extern from function prototypes 2013-09-20 14:49:32 -04:00
dn_nsp.h decnet (dn*.h): Remove extern from function prototypes 2013-09-20 14:49:32 -04:00
dn_route.h net: Move prototype declaration to appropriate header file from decnet/af_decnet.c 2014-02-09 17:32:49 -08:00
dn.h net: Move prototype declaration to header file include/net/dn.h from net/decnet/af_decnet.c 2014-02-09 17:32:49 -08:00
dsa.h net: dsa: Add support for reading switch registers with ethtool 2014-10-30 14:54:11 -04:00
dsfield.h ipv6: Optimize ipv6_change_dsfield(). 2013-01-09 23:59:53 -08:00
dst_ops.h percpu_counter: add @gfp to percpu_counter_init() 2014-09-08 09:51:29 +09:00
dst.h xfrm: release dst_orig in case of error in xfrm_lookup() 2015-02-12 07:10:56 +01:00
esp.h net: move pskb_put() to core code 2013-11-07 19:28:58 -05:00
ethoc.h net: ethoc: set up MII management bus clock 2014-02-04 20:19:51 -08:00
fib_rules.h fib_rules.h: Remove extern from function prototypes 2013-09-20 14:49:33 -04:00
firewire.h firewire net, ipv4 arp: Extend hardware address and remove driver-level packet inspection. 2013-03-26 12:32:13 -04:00
flow_keys.h flow_keys: n_proto type should be __be16 2015-02-05 00:40:22 -08:00
flow.h ipv4, fib: pass LOOPBACK_IFINDEX instead of 0 to flowi4_iif 2014-04-16 15:05:11 -04:00
flowcache.h flowcache: Make flow cache name space aware 2014-02-12 07:02:11 +01:00
fou.h ip_tunnel: Ops registration for secondary encap (fou, gue) 2014-11-12 15:01:35 -05:00
garp.h garp.h: Remove extern from function prototypes 2013-09-20 14:49:33 -04:00
gen_stats.h net: sched: enable per cpu qstats 2014-09-30 01:02:26 -04:00
genetlink.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-01-27 16:59:56 -08:00
geneve.h openvswitch: Add support for checksums on UDP tunnels. 2015-01-28 23:04:15 -08:00
gre.h gre: Call gso_make_checksum 2014-06-04 22:46:38 -07:00
gro_cells.h ip_tunnel: Create percpu gro_cell 2015-01-18 01:56:32 -05:00
gue.h gue: Protocol constants for remote checksum offload 2014-11-05 16:30:03 -05:00
icmp.h icmp.h: Remove extern from function prototypes 2013-09-20 14:49:33 -04:00
ieee80211_radiotap.h mac80211: propagate STBC / LDPC flags to radiotap 2014-02-06 09:34:58 +01:00
ieee802154_netdev.h ieee802154: rework cca setting 2014-12-19 00:19:23 +01:00
if_inet6.h ipv6: remove aca_lock spinlock from struct ifacaddr6 2014-10-14 13:15:15 -04:00
inet6_connection_sock.h ipv4: add a sock pointer to ip_queue_xmit() 2014-04-15 12:58:34 -04:00
inet6_hashtables.h ipv6: move INET6_MATCH() to include/net/inet6_hashtables.h 2014-11-05 16:59:04 -05:00
inet_common.h net-timestamp: make tcp_recvmsg call ipv6_recv_error for AF_INET6 socks 2014-11-26 15:45:04 -05:00
inet_connection_sock.h net: tcp: add key management to congestion control 2015-01-05 22:55:24 -05:00
inet_ecn.h tunnel: fix RFC number in comment for INET_ECN_decapsulate() 2014-05-07 15:30:52 -04:00
inet_frag.h percpu_counter: add @gfp to percpu_counter_init() 2014-09-08 09:51:29 +09:00
inet_hashtables.h net: Use a more standard macro for INET_ADDR_COOKIE 2014-05-14 16:07:23 -04:00
inet_sock.h ip: Add offset parameter to ip_cmsg_recv 2015-01-05 22:44:46 -05:00
inet_timewait_sock.h inet: move ipv6only in sock_common 2014-07-01 23:46:21 -07:00
inetpeer.h inet: remove dead inetpeer sequence code 2014-09-08 16:42:42 -07:00
ip6_checksum.h net: add gro_compute_pseudo functions 2014-08-24 18:09:23 -07:00
ip6_fib.h net: fib6: convert cfg metric to u32 outside of table write lock 2015-01-05 22:55:24 -05:00
ip6_route.h ipv6: protect skb->sk accesses from recursive dereference inside the stack 2015-04-06 16:12:49 -04:00
ip6_tunnel.h tunnels: advertise link netns via netlink 2015-01-19 14:32:03 -05:00
ip_fib.h fib_trie: Push rcu_read_lock/unlock to callers 2014-12-31 18:25:54 -05:00
ip_tunnels.h tunnels: advertise link netns via netlink 2015-01-19 14:32:03 -05:00
ip_vs.h ipvs: Clean up comment style in ip_vs.h 2014-10-02 18:30:58 +02:00
ip.h ipv6: protect skb->sk accesses from recursive dereference inside the stack 2015-04-06 16:12:49 -04:00
ipcomp.h
ipconfig.h
ipv6.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-02-09 14:35:57 -08:00
ipx.h switch ipxrtr_route_packet() from iovec to msghdr 2014-11-24 04:28:49 -05:00
iw_handler.h iw_handler.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
lapb.h lapb.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
lib80211.h lib80211: remove unused print_ssid() 2014-10-14 02:18:27 +02:00
llc_c_ac.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_c_ev.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_c_st.h llc: Make llc_conn_ev_qfyr_t function pointer arrays const 2014-12-10 15:21:24 -05:00
llc_conn.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_if.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_pdu.h net: llc: fix order of evaluation in llc_conn_ac_inc_vr_by_1 2014-01-01 22:22:43 -05:00
llc_s_ac.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_s_ev.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_s_st.h llc: Make llc_sap_action_t function pointer arrays const 2014-12-10 15:21:24 -05:00
llc_sap.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc.h llc: make lock static 2014-01-03 20:56:48 -05:00
mac80211.h mac80111: Add BIP-GMAC-128 and BIP-GMAC-256 ciphers 2015-01-27 11:10:13 +01:00
mac802154.h ieee802154: rework cca setting 2014-12-19 00:19:23 +01:00
mip6.h include/net/: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
mld.h ipv6: mld: answer mldv2 queries with mldv1 reports in mldv1 fallback 2014-09-22 16:23:15 -04:00
mpls.h openvswitch: Add basic MPLS support to kernel 2014-11-05 23:52:33 -08:00
mrp.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-10-01 17:06:14 -04:00
ndisc.h ndisc.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
neighbour.h neigh: remove next ptr from struct neigh_table 2014-12-26 17:07:08 -05:00
net_namespace.h netns: add rtnl cmd to add and get peer netns ids 2015-01-19 14:21:18 -05:00
net_ratelimit.h
netevent.h netevent/netlink.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
netlabel.h netlabel: fix the netlbl_catmap_setlong() dummy function 2014-08-07 20:55:21 -04:00
netlink.h netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
netprio_cgroup.h cgroup: clean up cgroup_subsys names and initialization 2014-02-08 10:36:58 -05:00
netrom.h netrom.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
nexthop.h
nl802154.h nl802154: introduce support for cca settings 2014-12-19 00:19:23 +01:00
p8022.h p8022.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
ping.h ip: stash a pointer to msghdr in struct ping_fakehdr 2015-02-04 01:34:14 -05:00
pkt_cls.h net: sched: remove tcf_proto from ematch calls 2014-10-06 18:02:32 -04:00
pkt_sched.h net: rename vlan_tx_* helpers since "tx" is misleading there 2015-01-13 17:51:08 -05:00
protocol.h net: Eliminate no_check from protosw 2014-05-23 16:28:53 -04:00
psnap.h psnap.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
raw.h raw/rawv6.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
rawv6.h raw/rawv6.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
red.h reciprocal_divide: update/correction of the algorithm 2014-01-21 23:17:20 -08:00
regulatory.h cfg80211: allow wiphy specific regdomain management 2014-12-17 11:49:55 +01:00
request_sock.h inet: includes a sock_common in request_sock 2013-10-10 00:08:07 -04:00
rose.h rose.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
route.h ipv4: per cpu uncached list 2015-01-15 18:26:16 -05:00
rtnetlink.h rtnl: add link netns id to interface messages 2015-01-19 14:21:26 -05:00
sch_generic.h net: sched: fix panic in rate estimators 2015-01-31 17:49:37 -08:00
scm.h scm.h: Remove extern from function prototypes 2013-09-23 01:51:09 -04:00
secure_seq.h inetpeer: get rid of ip_id_count 2014-06-02 11:00:41 -07:00
slhc_vj.h
snmp.h Merge branch 'for-3.18-consistent-ops' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu 2014-10-15 07:48:18 +02:00
sock.h ipv6: protect skb->sk accesses from recursive dereference inside the stack 2015-04-06 16:12:49 -04:00
Space.h drivers: net: Include new header file in sbni.c 2013-12-19 18:51:20 -05:00
stp.h stp.h: Remove extern from function prototypes 2013-09-23 01:51:09 -04:00
switchdev.h swdevice: add new apis to set and del bridge port attributes 2015-02-01 23:16:34 -08:00
tcp_memcontrol.h tcp_memcontrol: Kill struct tcp_memcontrol 2013-10-21 18:43:02 -04:00
tcp_states.h
tcp.h ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
timewait_sock.h
transp_v6.h ipv6: make IPV6_RECVPKTINFO work for ipv4 datagrams 2014-01-19 19:53:18 -08:00
tso.h net: Add a software TSO helper API 2014-05-22 14:57:15 -04:00
udp_tunnel.h udp: Do not require sock in udp_tunnel_xmit_skb 2015-01-24 23:15:40 -08:00
udp.h udp: Generalize skb_udp_segment 2014-10-01 21:35:51 -04:00
udplite.h net: switch memcpy_fromiovec()/memcpy_fromiovecend() users to copy_from_iter() 2015-02-04 01:34:15 -05:00
vsock_addr.h VSOCK: Move af_vsock.h and vsock_addr.h to include/net 2013-07-27 22:14:06 -07:00
vxlan.h vxlan: fix wrong usage of VXLAN_VID_MASK 2015-03-13 13:08:07 -04:00
wext.h wext.h: Remove extern from function prototypes 2013-09-23 16:29:40 -04:00
wimax.h net: treewide: Fix typo found in DocBook/networking.xml 2014-09-05 17:35:28 -07:00
x25.h x25.h: Remove extern from function prototypes 2013-09-23 16:29:41 -04:00
x25device.h
xfrm.h xfrm: configure policy hash table thresholds by netlink 2014-09-02 13:37:56 +02:00