This patchset
* changes IPv4 defrag behavior to match that of IPv6: overlapping
fragments now cause the whole IP datagram to be discarded (suggested
by David Miller): there are no legitimate use cases for overlapping
fragments;
* changes IPv4 defrag queue from a list to a rb tree (suggested
by Eric Dumazet): this change removes a potential attach vector.
Upcoming patches will contain similar changes for IPv6 frag queue,
as well as a comprehensive IP defrag self-test (temporarily delayed).
Peter Oskolkov (3):
ip: discard IPv4 datagrams with overlapping segments.
net: modify skb_rbtree_purge to return the truesize of all purged
skbs.
ip: use rb trees for IP frag queue.
include/linux/skbuff.h | 11 +-
include/net/inet_frag.h | 3 +-
include/uapi/linux/snmp.h | 1 +
net/core/skbuff.c | 6 +-
net/ipv4/inet_fragment.c | 16 +-
net/ipv4/ip_fragment.c | 239 +++++++++++-------------
net/ipv4/proc.c | 1 +
net/ipv6/netfilter/nf_conntrack_reasm.c | 1 +
net/ipv6/reassembly.c | 1 +
9 files changed, 139 insertions(+), 140 deletions(-)
--
2.18.0.597.ga71716f1ad-goog
