AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-03-11 17:07:30 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
5f798beaf3
linux_dsm_epyc7002/net/sched
History
Cong Wang 599be01ee5 net_sched: fix an OOB access in cls_tcindex 
As Eric noticed, tcindex_alloc_perfect_hash() uses cp->hash
to compute the size of memory allocation, but cp->hash is
set again after the allocation, this caused an out-of-bound
access.

So we have to move all cp->hash initialization and computation
before the memory allocation. Move cp->mask and cp->shift together
as cp->hash may need them for computation too.

Reported-and-tested-by: syzbot+35d4dea36c387813ed31@syzkaller.appspotmail.com
Fixes: 331b72922c ("net: sched: RCU cls_tcindex")
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: John Fastabend <john.fastabend@gmail.com>
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: Jiri Pirko <jiri@resnulli.us>
Cc: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-02-04 11:41:36 +01:00
..
act_api.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 15:42:43 -08:00
act_bpf.c
act_connmark.c
act_csum.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 15:42:43 -08:00
act_ct.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
act_ctinfo.c net: sched: act_ctinfo: fix memory leak 2020-01-19 16:02:15 +01:00
act_gact.c
act_ife.c net/sched: act_ife: initalize ife->metalist earlier 2020-01-17 10:58:15 +01:00
act_ipt.c
act_meta_mark.c
act_meta_skbprio.c
act_meta_skbtcindex.c
act_mirred.c net/sched: act_mirred: Pull mac prior redir to non mac_header_xmit device 2019-12-27 16:35:32 -08:00
act_mpls.c net: Fixed updating of ethertype in skb_mpls_push() 2019-12-04 17:11:25 -08:00
act_nat.c
act_pedit.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2019-11-22 16:27:24 -08:00
act_police.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 15:42:43 -08:00
act_sample.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 15:42:43 -08:00
act_simple.c net_sched: extend packet counter to 64bit 2019-11-05 18:20:55 -08:00
act_skbedit.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 15:42:43 -08:00
act_skbmod.c
act_tunnel_key.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 15:42:43 -08:00
act_vlan.c Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 15:42:43 -08:00
cls_api.c net_sched: use validated TCA_KIND attribute in tc_new_tfilter() 2020-01-22 21:11:50 +01:00
cls_basic.c net_sched: fix ops->bind_class() implementations 2020-01-27 10:51:43 +01:00
cls_bpf.c net_sched: fix ops->bind_class() implementations 2020-01-27 10:51:43 +01:00
cls_cgroup.c
cls_flow.c
cls_flower.c net_sched: fix ops->bind_class() implementations 2020-01-27 10:51:43 +01:00
cls_fw.c net_sched: fix ops->bind_class() implementations 2020-01-27 10:51:43 +01:00
cls_matchall.c net_sched: fix ops->bind_class() implementations 2020-01-27 10:51:43 +01:00
cls_route.c net_sched: fix ops->bind_class() implementations 2020-01-27 10:51:43 +01:00
cls_rsvp6.c
cls_rsvp.c
cls_rsvp.h cls_rsvp: fix rsvp_policy 2020-02-01 12:25:06 -08:00
cls_tcindex.c net_sched: fix an OOB access in cls_tcindex 2020-02-04 11:41:36 +01:00
cls_u32.c net_sched: fix ops->bind_class() implementations 2020-01-27 10:51:43 +01:00
em_canid.c
em_cmp.c
em_ipset.c
em_ipt.c
em_meta.c net: annotate lockless accesses to sk->sk_max_ack_backlog 2019-11-06 16:14:48 -08:00
em_nbyte.c
em_text.c
em_u32.c
ematch.c net_sched: ematch: reject invalid TCF_EM_SIMPLE 2020-01-27 10:55:26 +01:00
Kconfig net: sched: add Flow Queue PIE packet scheduler 2020-01-23 11:38:31 +01:00
Makefile net: sched: add Flow Queue PIE packet scheduler 2020-01-23 11:38:31 +01:00
sch_api.c net_sched: walk through all child classes in tc_bind_tclass() 2020-01-27 10:52:46 +01:00
sch_atm.c
sch_blackhole.c
sch_cake.c net: sched: use skb_list_walk_safe helper for gso segments 2020-01-14 11:48:41 -08:00
sch_cbq.c
sch_cbs.c
sch_choke.c sch_choke: Use kvcalloc 2020-01-29 11:58:10 +01:00
sch_codel.c
sch_drr.c
sch_dsmark.c
sch_etf.c
sch_ets.c net: sch_ets: Make the ETS qdisc offloadable 2019-12-18 13:32:29 -08:00
sch_fifo.c
sch_fq_codel.c
sch_fq_pie.c net: sched: add Flow Queue PIE packet scheduler 2020-01-23 11:38:31 +01:00
sch_fq.c pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM 2020-01-08 12:40:47 -08:00
sch_generic.c netdev: pass the stuck queue to the timeout handler 2019-12-12 21:38:57 -08:00
sch_gred.c
sch_hfsc.c
sch_hhf.c
sch_htb.c
sch_ingress.c
sch_mq.c net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues 2019-12-03 11:53:55 -08:00
sch_mqprio.c mqprio: Fix out-of-bounds access in mqprio_dump 2019-12-06 11:58:45 -08:00
sch_multiq.c net: sched: fix tc -s class show no bstats on class with nolock subqueues 2019-11-30 10:38:40 -08:00
sch_netem.c
sch_pie.c net: sched: pie: export symbols to be reused by FQ-PIE 2020-01-23 11:38:31 +01:00
sch_plug.c
sch_prio.c net: sch_prio: When ungrafting, replace with FIFO 2020-01-08 12:45:53 -08:00
sch_qfq.c
sch_red.c
sch_sfb.c
sch_sfq.c
sch_skbprio.c
sch_taprio.c taprio: don't reject same mqprio settings 2019-11-19 15:23:15 -08:00
sch_tbf.c net: sched: Make TBF Qdisc offloadable 2020-01-25 10:56:31 +01:00
sch_teql.c