| #
338985 |
|
27-Sep-2018 |
gordon |
There are various cases where we modify the inp_vflag and inp_inc.inc_flags
fields during a syscall, but don't restore those fields if the operation
fails. This can leave the inp structure in an inconsistent state and cause
various problems.
Restore the inp_vflag and inp_inc.inc_flags fields when the underlying
operation fails and the inp could be in an inconsistent state.
This is a direct commit to the branch as the code is different enough in
the other branches to make it difficult to resolve a merge.
Submitted by: jtl@
Reported by: Jakub Jirasek, Secunia Research at Flexera
Reviewed by: jhb@
Approved by: so
Security: FreeBSD-EN-18:11.listen
Security: CVE-2018-6925
|
| #
277789 |
|
27-Jan-2015 |
bryanv |
MFC r272886:
Add context pointer and source address to the UDP tunnel callback
These are needed for the forthcoming vxlan implementation. The context
pointer means we do not have to use a spare pointer field in the inpcb,
and the source address is required to populate vxlan's forwarding table.
|
| #
274266 |
|
08-Nov-2014 |
bryanv |
MFC r272844:
Add missing UDP multicast receive dtrace probes
|
| #
274265 |
|
08-Nov-2014 |
bryanv |
MFC r272801:
Move the calls to u_tun_func() into udp6_append()
A similar cleanup for UDPv4 was performed in r220620.
|
| #
272754 |
|
08-Oct-2014 |
tuexen |
MFC r272706:
Fix a bug introduced in
https://svnweb.freebsd.org/base?view=revision&revision=272347
|
| #
272664 |
|
06-Oct-2014 |
tuexen |
MFC r272469:
UDP/IPv6 and UDPLite/IPv6 require a checksum. So check for it.
|
| #
272663 |
|
06-Oct-2014 |
tuexen |
MFC r272408:
Check for UDP/IPv6 packets that the length in the UDP header is at least
the minimum. Make the check similar to the one for UDPLite/IPv6.
|
| #
272662 |
|
06-Oct-2014 |
tuexen |
MFC r272404:
Fix the checksum computation for UDPLite/IPv6. This requires the
usage of a function computing the checksum only over a part of the function.
Therefore introduce in6_cksum_partial() and implement in6_cksum() based
on that.
While there, ensure that the UDPLite packet contains at least enough bytes
to contain the header.
|
| #
272661 |
|
06-Oct-2014 |
tuexen |
MFC r272347:
The default for UDPLITE_RECV_CSCOV is zero. RFC 3828 recommend
that this means full checksum coverage for received packets.
If an application is willing to accept packets with partial
coverage, it is expected to use the socket option and provide
the minimum coverage it accepts.
|
| #
272645 |
|
06-Oct-2014 |
tuexen |
MFC r272323:
If the checksum coverage field in the UDPLITE header is the length
of the complete UDPLITE packet, the packet has full checksum coverage.
So fix the condition.
|
| #
272628 |
|
06-Oct-2014 |
tuexen |
MFC r272296:
When plen != ulen, it should only be checked when this is UDP.
The commit is from kevlo and he agreed that I MFC it as part of the
UDPLite fixes.
|
| #
265946 |
|
13-May-2014 |
kevlo |
MFC r264212,r264213,r264248,r265776,r265811,r265909:
- Add support for UDP-Lite protocol (RFC 3828) to IPv4 and IPv6 stacks.
Tested with vlc and a test suite [1].
[1] http://www.erg.abdn.ac.uk/~gerrit/udp-lite/files/udplite_linux.tar.gz
Reviewed by: jhb, glebius, adrian
- Fix a logic bug which prevented the sending of UDP packet with 0 checksum.
- Disable TX checksum offload for UDP-Lite completely. It wasn't used for
partial checksum coverage, but even for full checksum coverage it doesn't
work.
|
| #
277789 |
|
27-Jan-2015 |
bryanv |
MFC r272886:
Add context pointer and source address to the UDP tunnel callback
These are needed for the forthcoming vxlan implementation. The context
pointer means we do not have to use a spare pointer field in the inpcb,
and the source address is required to populate vxlan's forwarding table.
|
| #
274266 |
|
08-Nov-2014 |
bryanv |
MFC r272844:
Add missing UDP multicast receive dtrace probes
|
| #
274265 |
|
08-Nov-2014 |
bryanv |
MFC r272801:
Move the calls to u_tun_func() into udp6_append()
A similar cleanup for UDPv4 was performed in r220620.
|
| #
272754 |
|
08-Oct-2014 |
tuexen |
MFC r272706:
Fix a bug introduced in
https://svnweb.freebsd.org/base?view=revision&revision=272347
|
| #
272664 |
|
06-Oct-2014 |
tuexen |
MFC r272469:
UDP/IPv6 and UDPLite/IPv6 require a checksum. So check for it.
|
| #
272663 |
|
06-Oct-2014 |
tuexen |
MFC r272408:
Check for UDP/IPv6 packets that the length in the UDP header is at least
the minimum. Make the check similar to the one for UDPLite/IPv6.
|
| #
272662 |
|
06-Oct-2014 |
tuexen |
MFC r272404:
Fix the checksum computation for UDPLite/IPv6. This requires the
usage of a function computing the checksum only over a part of the function.
Therefore introduce in6_cksum_partial() and implement in6_cksum() based
on that.
While there, ensure that the UDPLite packet contains at least enough bytes
to contain the header.
|
| #
272661 |
|
06-Oct-2014 |
tuexen |
MFC r272347:
The default for UDPLITE_RECV_CSCOV is zero. RFC 3828 recommend
that this means full checksum coverage for received packets.
If an application is willing to accept packets with partial
coverage, it is expected to use the socket option and provide
the minimum coverage it accepts.
|
| #
272645 |
|
06-Oct-2014 |
tuexen |
MFC r272323:
If the checksum coverage field in the UDPLITE header is the length
of the complete UDPLITE packet, the packet has full checksum coverage.
So fix the condition.
|
| #
272628 |
|
06-Oct-2014 |
tuexen |
MFC r272296:
When plen != ulen, it should only be checked when this is UDP.
The commit is from kevlo and he agreed that I MFC it as part of the
UDPLite fixes.
|
| #
265946 |
|
13-May-2014 |
kevlo |
MFC r264212,r264213,r264248,r265776,r265811,r265909:
- Add support for UDP-Lite protocol (RFC 3828) to IPv4 and IPv6 stacks.
Tested with vlc and a test suite [1].
[1] http://www.erg.abdn.ac.uk/~gerrit/udp-lite/files/udplite_linux.tar.gz
Reviewed by: jhb, glebius, adrian
- Fix a logic bug which prevented the sending of UDP packet with 0 checksum.
- Disable TX checksum offload for UDP-Lite completely. It wasn't used for
partial checksum coverage, but even for full checksum coverage it doesn't
work.
|