Ksawlii/kernel_samsung_a53x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kernel_samsung_a53x/net/smc
History
Guangguan Wang f93714002b net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg 
[ Upstream commit a29e220d3c8edbf0e1beb0f028878a4a85966556 ]

When receiving proposal msg in server, the field iparea_offset
and the field ipv6_prefixes_cnt in proposal msg are from the
remote client and can not be fully trusted. Especially the
field iparea_offset, once exceed the max value, there has the
chance to access wrong address, and crash may happen.

This patch checks iparea_offset and ipv6_prefixes_cnt before using them.

Fixes: e7b7a64a8493 ("smc: support variable CLC proposal messages")
Signed-off-by: Guangguan Wang <guangguan.wang@linux.alibaba.com>
Reviewed-by: Wen Gu <guwen@linux.alibaba.com>
Reviewed-by: D. Wythe <alibuda@linux.alibaba.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-01-15 16:29:41 +01:00
..
af_smc.c net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg 2025-01-15 16:29:41 +01:00
Kconfig Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Makefile Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc.h net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT 2024-11-18 11:43:08 +01:00
smc_cdc.c net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc 2024-11-18 11:43:08 +01:00
smc_cdc.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_clc.c net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg 2025-01-15 16:29:41 +01:00
smc_clc.h net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg 2025-01-15 16:29:41 +01:00
smc_close.c net/smc: put sk reference if close work was canceled 2024-11-18 11:43:08 +01:00
smc_close.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_core.c Revert "net/smc: Allow SMC-D 1MB DMB allocations" 2024-11-24 00:23:56 +01:00
smc_core.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_diag.c net/smc: fix illegal rmb_desc access in SMC-D connection dump 2024-11-18 12:12:59 +01:00
smc_ib.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_ib.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_ism.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_ism.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_llc.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_llc.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_netns.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_pnet.c net/smc: Fix searching in list of known pnetids in smc_pnet_add_pnetid 2024-11-23 23:21:59 +01:00
smc_pnet.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_rx.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_rx.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_tx.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_tx.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_wr.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc_wr.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00