OpenCloudOS-Kernel/net/ipv4
Peter Oskolkov 7969e5c40d ip: discard IPv4 datagrams with overlapping segments.
This behavior is required in IPv6, and there is little need
to tolerate overlapping fragments in IPv4. This change
simplifies the code and eliminates potential DDoS attack vectors.

Tested: ran ip_defrag selftest (not yet available uptream).

Suggested-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Peter Oskolkov <posk@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Florian Westphal <fw@strlen.de>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-08-05 17:16:46 -07:00
..
bpfilter bpfilter: remove trailing newline 2018-07-24 14:10:42 -07:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-07-20 22:28:28 -07:00
Kconfig net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
Makefile net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
af_inet.c net: ipv4: Control SKB reprioritization after forwarding 2018-08-01 09:52:30 -07:00
ah4.c net: use -ENOSPC for transient busy indication 2017-11-03 22:11:17 +08:00
arp.c proc: introduce proc_create_net{,_data} 2018-05-16 07:24:30 +02:00
cipso_ipv4.c tcp/dccp: fix ireq->opt races 2017-10-21 01:33:19 +01:00
datagram.c
devinet.c route: add support for directed broadcast forwarding 2018-07-29 12:37:06 -07:00
esp4.c esp4: remove redundant initialization of pointer esph 2018-02-13 13:59:03 +01:00
esp4_offload.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2018-07-27 09:33:37 -07:00
fib_frontend.c ipv4: remove BUG_ON() from fib_compute_spec_dst 2018-07-28 19:06:12 -07:00
fib_lookup.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fib_notifier.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fib_rules.c net: fib_rules: add extack support 2018-04-23 10:21:24 -04:00
fib_semantics.c net: metrics: add proper netlink validation 2018-06-05 12:29:43 -04:00
fib_trie.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
fou.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-07-03 10:29:26 +09:00
gre_demux.c
gre_offload.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-07-03 10:29:26 +09:00
icmp.c ipv4: ipcm_cookie initializers 2018-07-07 10:58:49 +09:00
igmp.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-02 10:55:32 -07:00
inet_connection_sock.c net: ipv4: remove define INET_CSK_DEBUG and unnecessary EXPORT_SYMBOL 2018-05-10 17:43:55 -04:00
inet_diag.c sock_diag: request _diag module only when the family or proto has been registered 2018-03-12 11:03:42 -04:00
inet_fragment.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-02 10:55:32 -07:00
inet_hashtables.c net/tcp: Fix socket lookups with SO_BINDTODEVICE 2018-06-20 08:03:06 +09:00
inet_timewait_sock.c soreuseport: initialise timewait reuseport field 2018-04-07 22:32:32 -04:00
inetpeer.c inetpeer: fix uninit-value in inet_getpeer 2018-04-09 10:57:35 -04:00
ip_forward.c net: ipv4: Control SKB reprioritization after forwarding 2018-08-01 09:52:30 -07:00
ip_fragment.c ip: discard IPv4 datagrams with overlapping segments. 2018-08-05 17:16:46 -07:00
ip_gre.c ip_gre: remove redundant variables t_hlen 2018-08-01 09:58:15 -07:00
ip_input.c net: ipv4: fix listify ip_rcv_finish in case of forwarding 2018-07-12 16:40:19 -07:00
ip_options.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip_output.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-07-24 19:21:58 -07:00
ip_sockglue.c ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull 2018-07-24 16:35:58 -07:00
ip_tunnel.c ip_tunnel: Fix name string concatenate in __ip_tunnel_create() 2018-06-07 16:27:16 -04:00
ip_tunnel_core.c net/ipv4: Update ip_tunnel_metadata_cnt static key to modern api 2018-05-10 15:13:33 -04:00
ip_vti.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
ipcomp.c
ipconfig.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
ipip.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
ipmr.c net: ipmr: add support for passing full packet on wrong vif 2018-07-13 14:21:16 -07:00
ipmr_base.c rhashtable: split rhashtable.h 2018-06-22 13:43:27 +09:00
metrics.c net: metrics: add proper netlink validation 2018-06-05 12:29:43 -04:00
netfilter.c netfilter: utils: move nf_ip_checksum* from ipv4 to utils 2018-07-16 17:51:48 +02:00
netlink.c ipv4: support sport, dport and ip_proto in RTM_GETROUTE 2018-05-23 15:14:12 -04:00
ping.c net: add helpers checking if socket can be bound to nonlocal address 2018-08-01 09:50:04 -07:00
proc.c ip: discard IPv4 datagrams with overlapping segments. 2018-08-05 17:16:46 -07:00
protocol.c net: Add sysctl to toggle early demux for tcp and udp 2017-03-24 13:17:07 -07:00
raw.c ip: remove tx_flags from ipcm_cookie and use same logic for v4 and v6 2018-07-07 10:58:49 +09:00
raw_diag.c net: ipv6: add second dif to raw socket lookups 2017-08-07 11:39:22 -07:00
route.c route: add support for directed broadcast forwarding 2018-07-29 12:37:06 -07:00
syncookies.c net/ipv4: disable SMC TCP option with SYN Cookies 2018-03-25 20:53:54 -04:00
sysctl_net_ipv4.c net: ipv4: Notify about changes to ip_forward_update_priority 2018-08-01 09:52:30 -07:00
tcp.c tcp: remove unneeded variable 'err' 2018-08-03 16:52:07 -07:00
tcp_bbr.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-02 10:55:32 -07:00
tcp_bic.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_cdg.c tcp: cdg: make struct tcp_cdg static 2017-10-16 21:24:25 +01:00
tcp_cong.c tcp: Namespace-ify sysctl_tcp_default_congestion_control 2017-11-15 14:09:52 +09:00
tcp_cubic.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_dctcp.c tcp: do not delay ACK in DCTCP upon CE status change 2018-07-20 14:32:23 -07:00
tcp_diag.c net: sock: replace sk_state_load with inet_sk_state_load and remove sk_state_store 2017-12-20 14:00:25 -05:00
tcp_fastopen.c tcp: pause Fast Open globally after third consecutive timeout 2017-12-13 15:51:12 -05:00
tcp_highspeed.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_htcp.c tcp: fix cwnd undo in Reno and HTCP congestion controls 2017-08-06 21:25:10 -07:00
tcp_hybla.c tcp: make undo_cwnd mandatory for congestion modules 2016-11-21 13:20:17 -05:00
tcp_illinois.c net/tcp/illinois: replace broken algorithm reference link 2018-02-28 12:03:47 -05:00
tcp_input.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-02 10:55:32 -07:00
tcp_ipv4.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux 2018-07-20 21:17:12 -07:00
tcp_lp.c tcp: switch TCP TS option (RFC 7323) to 1ms clock 2017-05-17 16:06:01 -04:00
tcp_metrics.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
tcp_minisocks.c tcp: use monotonic timestamps for PAWS 2018-07-12 14:50:40 -07:00
tcp_nv.c tcp_nv: fix potential integer overflow in tcpnv_acked 2018-01-31 10:26:30 -05:00
tcp_offload.c tcp: Don't coalesce decrypted and encrypted SKBs 2018-07-16 00:12:09 -07:00
tcp_output.c tcp: remove set but not used variable 'skb_size' 2018-08-01 09:57:09 -07:00
tcp_rate.c tcp: expose both send and receive intervals for rate sample 2018-07-11 23:01:56 -07:00
tcp_recovery.c tcp: add stat of data packet reordering events 2018-08-01 09:56:10 -07:00
tcp_scalable.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_timer.c tcp: make function tcp_retransmit_stamp() static 2018-07-25 16:35:45 -07:00
tcp_ulp.c net: add a UID to use for ULP socket assignment 2018-02-06 11:39:31 +01:00
tcp_vegas.c tcp: fix under-evaluated ssthresh in TCP Vegas 2017-09-29 06:07:00 +01:00
tcp_vegas.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tcp_veno.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_westwood.c tcp: Revert "tcp: remove CA_ACK_SLOWPATH" 2017-08-30 11:20:08 -07:00
tcp_yeah.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tunnel4.c inet: whitespace cleanup 2018-02-28 11:43:28 -05:00
udp.c ip: remove tx_flags from ipcm_cookie and use same logic for v4 and v6 2018-07-07 10:58:49 +09:00
udp_diag.c udp: fix rx queue len reported by diag and proc interface 2018-06-08 19:55:15 -04:00
udp_impl.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
udp_offload.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-07-03 10:29:26 +09:00
udp_tunnel.c net: add infrastructure to un-offload UDP tunnel port 2017-07-24 13:52:59 -07:00
udplite.c proc: introduce proc_create_net{,_data} 2018-05-16 07:24:30 +02:00
xfrm4_input.c xfrm: Reinject transport-mode packets through tasklet 2017-12-19 08:23:21 +01:00
xfrm4_mode_beet.c networking: make skb_pull & friends return void pointers 2017-06-16 11:48:39 -04:00
xfrm4_mode_transport.c xfrm: Add encapsulation header offsets while SKB is not encrypted 2017-04-14 10:07:39 +02:00
xfrm4_mode_tunnel.c xfrm: Verify MAC header exists before overwriting eth_hdr(skb)->h_proto 2018-03-07 10:54:29 +01:00
xfrm4_output.c net: xfrm: use skb_gso_validate_network_len() to check gso sizes 2018-03-04 17:49:17 -05:00
xfrm4_policy.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
xfrm4_protocol.c xfrm: input: constify xfrm_input_afinfo 2017-02-09 10:22:17 +01:00
xfrm4_state.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm4_tunnel.c