diff options
| author | Tejaswi Tanikella <tejaswit@codeaurora.org> | 2017-06-20 18:22:19 +0530 |
|---|---|---|
| committer | Tejaswi Tanikella <tejaswit@codeaurora.org> | 2017-06-30 13:28:14 +0530 |
| commit | 41ffaeef9a91513760c19737ca57fdad13077f18 (patch) | |
| tree | 531ddb6f759b936952b845eaeb95030499019026 /net/ipv4/tcp_ipv4.c | |
| parent | 6f56b2a9c8e2ce69e2a98e52d5f1342b25cae44e (diff) | |
ipv4: Drop packets if checksum is invalidated
Conntrack, if enabled, verifies complete checksum on all tcp
packets. If a packet is corrupted, it sets ip_summed field
to CHECKSUM_COMPLETE and checksum valid field to false.
With these changes such packet will be dropped.
Packets that are corrupted can go into userspace even when
the checksum is wrong. The io_vec library pushes the data into
pipe before checking the checksum. If the checksum is wrong,
the copied data is not reverted. Users observe corrupted data
in the application memory due to such corrupted packets.
This fix is to plug one such hole.
This change might be redundant on kernels after v4.9.
Change-Id: Iffface598d0fa2b25fb9c20c7aa6443aab9d8aea
Signed-off-by: Tejaswi Tanikella <tejaswit@codeaurora.org>
Diffstat (limited to 'net/ipv4/tcp_ipv4.c')
| -rw-r--r-- | net/ipv4/tcp_ipv4.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 1660613ddae4..3845ab04a9b4 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1585,6 +1585,12 @@ int tcp_v4_rcv(struct sk_buff *skb) if (!pskb_may_pull(skb, th->doff * 4)) goto discard_it; + /* Assuming a trustworthy entity did the checksum and found the csum + * invalid, drop the packet. + */ + if (skb->ip_summed == CHECKSUM_COMPLETE && skb->csum_valid == 0) + goto csum_error; + /* An explanation is required here, I think. * Packet length and doff are validated by header prediction, * provided case of th->doff==0 is eliminated. |