Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/net
History
Thomas Graf ca6ad5d775 tcp: Reallocate headroom if it would overflow csum_start 
[ Upstream commit 50bceae9bd ]

If a TCP retransmission gets partially ACKed and collapsed multiple
times it is possible for the headroom to grow beyond 64K which will
overflow the 16bit skb->csum_start which is based on the start of
the headroom. It has been observed rarely in the wild with IPoIB due
to the 64K MTU.

Verify if the acking and collapsing resulted in a headroom exceeding
what csum_start can cover and reallocate the headroom if so.

A big thank you to Jim Foraker <foraker1@llnl.gov> and the team at
LLNL for helping out with the investigation and testing.

Reported-by: Jim Foraker <foraker1@llnl.gov>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-05-01 09:41:07 -07:00
..
9p 9p: BUG before corrupting memory 2012-06-22 11:37:15 -07:00
802 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-02 17:53:39 -07:00
8021q 8021q: fix a potential use-after-free 2013-04-05 10:04:38 -07:00
appletalk
atm atm: update msg_namelen in vcc_recvmsg() 2013-05-01 09:41:04 -07:00
ax25 ax25: fix info leak via msg_name in ax25_recvmsg() 2013-05-01 09:41:04 -07:00
batman-adv batman-adv: fix random jitter calculation 2013-01-11 09:07:03 -08:00
bluetooth Bluetooth: RFCOMM - Fix missing msg_namelen update in rfcomm_sock_recvmsg() 2013-05-01 09:41:04 -07:00
bridge bridge: set priority of STP packets 2013-02-28 06:59:05 -08:00
caif caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg() 2013-05-01 09:41:04 -07:00
can can: gw: use kmem_cache_free() instead of kfree() 2013-04-12 09:38:47 -07:00
ceph rbd: remove linger unconditionally 2013-01-17 08:51:20 -08:00
core rtnetlink: Call nlmsg_parse() with correct header length 2013-05-01 09:41:07 -07:00
dcb dcbnl: fix various netlink info leaks 2013-03-20 13:05:02 -07:00
dccp inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and dccp_v4/6_request_recv_sock 2013-01-11 09:07:14 -08:00
decnet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
dns_resolver KEYS: Allow special keyrings to be cleared 2012-01-19 14:38:51 +11:00
dsa
econet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ethernet Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ieee802154 6lowpan: Fix endianness issue in is_addr_link_local(). 2013-03-20 13:05:02 -07:00
ipv4 tcp: Reallocate headroom if it would overflow csum_start 2013-05-01 09:41:07 -07:00
ipv6 net IPv6 : Fix broken IPv6 routing table after loopback down-up 2013-05-01 09:41:06 -07:00
ipx
irda irda: Fix missing msg_namelen update in irda_recvmsg_dgram() 2013-05-01 09:41:05 -07:00
iucv iucv: Fix missing msg_namelen update in iucv_sock_recvmsg() 2013-05-01 09:41:05 -07:00
key net/key/af_key.c: add missing kfree_skb 2012-04-13 11:01:44 -04:00
l2tp l2tp: Restore socket refcount when sendmsg succeeds 2013-03-20 13:05:01 -07:00
lapb Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
llc llc: Fix missing msg_namelen update in llc_ui_recvmsg() 2013-05-01 09:41:05 -07:00
mac80211 mac80211: synchronize scan off/on-channel and PS states 2013-02-03 18:24:42 -06:00
netfilter netfilter: Mark SYN/ACK packets as invalid from original direction 2012-11-26 11:37:48 -08:00
netlabel netlabel: correctly list all the static label mappings 2013-03-20 13:05:01 -07:00
netlink thermal: shorten too long mcast group name 2013-04-05 10:04:38 -07:00
netrom netrom: fix invalid use of sizeof in nr_recvmsg() 2013-05-01 09:41:06 -07:00
nfc NFC: llcp: fix info leaks via msg_name in llcp_sock_recvmsg() 2013-05-01 09:41:05 -07:00
openvswitch openvswitch: Reset upper layer protocol info on internal devices. 2012-10-02 10:29:50 -07:00
packet packet: fix leakage of tx_ring memory 2013-02-14 10:49:05 -08:00
phonet phonet: Sort out initiailziation and cleanup code. 2012-04-13 11:01:43 -04:00
rds rds: limit the size allocated by rds_message_alloc() 2013-03-20 13:05:01 -07:00
rfkill device.h: cleanup users outside of linux/include (C files) 2012-03-11 14:27:37 -04:00
rose rose: fix info leak via msg_name in rose_recvmsg() 2013-05-01 09:41:05 -07:00
rxrpc RxRPC: Fix kcalloc parameters swapped 2012-02-14 14:41:55 -05:00
sched cbq: incorrect processing of high limits 2013-05-01 09:41:06 -07:00
sctp sctp: don't break the loop while meeting the active_path so as to find the matched transport 2013-03-28 12:11:53 -07:00
sunrpc SUNRPC: Add barriers to ensure read ordering in rpc_wake_up_task_queue_locked 2013-04-05 10:04:14 -07:00
tipc tipc: fix info leaks via msg_name in recv_msg/recv_stream 2013-05-01 09:41:05 -07:00
unix af_unix: If we don't care about credentials coallesce all messages 2013-05-01 09:41:07 -07:00
wanrouter wanmain: comparing array with NULL 2012-08-09 08:31:51 -07:00
wimax
wireless wireless: allow 40 MHz on world roaming channels 12/13 2012-11-26 11:37:46 -08:00
x25
xfrm xfrm_user: ensure user supplied esn replay window is valid 2012-10-13 05:38:41 +09:00
compat.c net: Fix references to out-of-scope variables in put_cmsg_compat() 2012-08-09 08:31:42 -07:00
Kconfig
Makefile
nonet.c
socket.c net: fix info leak in compat dev_ifconf() 2012-10-02 10:29:37 -07:00
sysctl_net.c sysctl: Modify __register_sysctl_paths to take a set instead of a root and an nsproxy 2012-01-24 16:40:30 -08:00