a7y18lte-ubports/android_kernel_samsung_a7y18lte
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9252298ae9
android_kernel_samsung_a7y1.../net/sched
History
Cong Wang 6eb7abd02e net_sched: keep alloc_hash updated after hash allocation 
[ Upstream commit 0d1c3530e1bd38382edef72591b78e877e0edcd3 ]

In commit 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex")
I moved cp->hash calculation before the first
tcindex_alloc_perfect_hash(), but cp->alloc_hash is left untouched.
This difference could lead to another out of bound access.

cp->alloc_hash should always be the size allocated, we should
update it after this tcindex_alloc_perfect_hash().

Reported-and-tested-by: syzbot+dcc34d54d68ef7d2d53d@syzkaller.appspotmail.com
Reported-and-tested-by: syzbot+c72da7b9ed57cde6fca2@syzkaller.appspotmail.com
Fixes: 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex")
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-07 14:23:30 +02:00
..
act_api.c net: avoid potential infinite loop in tc_ctl_action() 2020-04-07 09:26:21 +02:00
act_bpf.c
act_connmark.c
act_csum.c
act_gact.c
act_ipt.c
act_mirred.c
act_nat.c
act_pedit.c net/sched: act_pedit: fix WARN() in the traffic path 2020-04-07 12:33:38 +02:00
act_police.c
act_simple.c
act_skbedit.c
act_vlan.c
cls_api.c
cls_basic.c
cls_bpf.c
cls_cgroup.c
cls_flow.c
cls_flower.c net: sched: correct flower port blocking 2020-04-07 14:04:39 +02:00
cls_fw.c
cls_route.c net_sched: cls_route: remove the right filter from hashtable 2020-04-07 14:23:28 +02:00
cls_rsvp.c
cls_rsvp.h cls_rsvp: fix rsvp_policy 2020-04-07 13:49:21 +02:00
cls_rsvp6.c
cls_tcindex.c net_sched: keep alloc_hash updated after hash allocation 2020-04-07 14:23:30 +02:00
cls_u32.c net: sched: Fix memory exposure from short TCA_U32_SEL 2020-04-07 09:27:10 +02:00
em_canid.c
em_cmp.c
em_ipset.c
em_meta.c
em_nbyte.c
em_text.c
em_u32.c
ematch.c net_sched: ematch: reject invalid TCF_EM_SIMPLE 2020-04-07 13:45:58 +02:00
Kconfig
Makefile
sch_api.c
sch_atm.c
sch_blackhole.c
sch_cbq.c
sch_choke.c
sch_codel.c
sch_drr.c
sch_dsmark.c
sch_fifo.c
sch_fq_codel.c net/flow_dissector: switch to siphash 2020-04-07 09:29:43 +02:00
sch_fq.c net: fq: add missing attribute validation for orphan mask 2020-04-07 14:11:31 +02:00
sch_generic.c
sch_gred.c
sch_hfsc.c
sch_hhf.c net/flow_dissector: switch to siphash 2020-04-07 09:29:43 +02:00
sch_htb.c
sch_ingress.c
sch_mq.c net: sched: fix tc -s class show no bstats on class with nolock subqueues 2020-04-07 12:43:40 +02:00
sch_mqprio.c net: sched: fix tc -s class show no bstats on class with nolock subqueues 2020-04-07 12:43:40 +02:00
sch_multiq.c net: sched: fix tc -s class show no bstats on class with nolock subqueues 2020-04-07 12:43:40 +02:00
sch_netem.c sch_netem: fix rcu splat in netem_enqueue() 2020-04-07 09:28:38 +02:00
sch_pie.c
sch_plug.c
sch_prio.c net: sched: fix tc -s class show no bstats on class with nolock subqueues 2020-04-07 12:43:40 +02:00
sch_qfq.c
sch_red.c
sch_sfb.c net/flow_dissector: switch to siphash 2020-04-07 09:29:43 +02:00
sch_sfq.c net/flow_dissector: switch to siphash 2020-04-07 09:29:43 +02:00
sch_tbf.c
sch_teql.c