On 2018年01月19日 08:19, Willem de Bruijn wrote:
From: Willem de Bruijn<[email protected]>
Validate gso_type during segmentation as SKB_GSO_DODGY sources
may pass packets where the gso_type does not match the contents.
Syzkaller was able to enter the SCTP gso handler with a packet of
gso_type SKB_GSO_TCPV4.
On entry of transport layer gso handlers, verify that the gso_type
matches the transport protocol.
Fixes: f43798c27684 ("tun: Allow GSO using virtio_net_hdr")
Link:http://lkml.kernel.org/r/<[email protected]>
Reported-by:[email protected]
Signed-off-by: Willem de Bruijn<[email protected]>
Thanks, just two nits:
1) I still suspect the "Fixes" is not accurate, should it be the commit
of sctp offloading?
2) The patch checks for non dodgy packets too so the title is not correct.
