linux-hardened/net/ipv4
Willem de Bruijn c247f0534c ip: fix error queue empty skb handling
When reading from the error queue, msg_name and msg_control are only
populated for some errors. A new exception for empty timestamp skbs
added a false positive on icmp errors without payload.

`traceroute -M udpconn` only displayed gateways that return payload
with the icmp error: the embedded network headers are pulled before
sock_queue_err_skb, leaving an skb with skb->len == 0 otherwise.

Fix this regression by refining when msg_name and msg_control
branches are taken. The solutions for the two fields are independent.

msg_name only makes sense for errors that configure serr->port and
serr->addr_offset. Test the first instead of skb->len. This also fixes
another issue. saddr could hold the wrong data, as serr->addr_offset
is not initialized  in some code paths, pointing to the start of the
network header. It is only valid when serr->port is set (non-zero).

msg_control support differs between IPv4 and IPv6. IPv4 only honors
requests for ICMP and timestamps with SOF_TIMESTAMPING_OPT_CMSG. The
skb->len test can simply be removed, because skb->dev is also tested
and never true for empty skbs. IPv6 honors requests for all errors
aside from local errors and timestamps on empty skbs.

In both cases, make the policy more explicit by moving this logic to
a new function that decides whether to process msg_control and that
optionally prepares the necessary fields in skb->cb[]. After this
change, the IPv4 and IPv6 paths are more similar.

The last case is rxrpc. Here, simply refine to only match timestamps.

Fixes: 49ca0d8bfa ("net-timestamp: no-payload option")

Reported-by: Jan Niehusmann <jan@gondor.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>

----

Changes
  v1->v2
  - fix local origin test inversion in ip6_datagram_support_cmsg
  - make v4 and v6 code paths more similar by introducing analogous
    ipv4_datagram_support_cmsg
  - fix compile bug in rxrpc
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-03-08 23:01:54 -04:00
..
netfilter netfilter: nf_tables: fix port natting in little endian archs 2014-12-23 15:34:28 +01:00
af_inet.c net: rfs: add hash collision detection 2015-02-08 16:53:57 -08:00
ah4.c ipsec: Remove obsolete MAX_AH_AUTH_LEN 2014-09-18 10:54:36 +02:00
arp.c neigh: remove dynamic neigh table registration support 2014-11-11 15:23:54 -05:00
cipso_ipv4.c cipso: don't use IPCB() to locate the CIPSO IP option 2015-02-11 14:46:37 -05:00
datagram.c net: Save TX flow hash in sock and set in skbuf on xmit 2014-07-07 21:14:21 -07:00
devinet.c net: spelling fixes 2015-02-14 20:36:08 -08:00
esp4.c net: esp: Convert NETDEBUG to pr_info 2014-11-06 15:11:10 -05:00
fib_frontend.c fib_trie: Push rcu_read_lock/unlock to callers 2014-12-31 18:25:54 -05:00
fib_lookup.h fib_trie: Move fib_find_alias to file where it is used 2015-01-25 14:47:16 -08:00
fib_rules.c fib_trie: Push rcu_read_lock/unlock to callers 2014-12-31 18:25:54 -05:00
fib_semantics.c fib_trie: Move fib_find_alias to file where it is used 2015-01-25 14:47:16 -08:00
fib_trie.c fib_trie: Various clean-ups for handling slen 2015-01-25 14:47:16 -08:00
fou.c gue: Use checksum partial with remote checksum offload 2015-02-11 15:12:13 -08:00
geneve.c openvswitch: Add support for checksums on UDP tunnels. 2015-01-28 23:04:15 -08:00
gre_demux.c net: Fix GRE RX to use skb_transport_header for GRE header offset 2014-09-08 15:23:05 -07:00
gre_offload.c gre: Set inner mac header in gro complete 2014-12-05 21:18:34 -08:00
icmp.c ipv4: icmp: use percpu allocation 2015-01-31 17:48:18 -08:00
igmp.c ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs 2014-11-16 16:55:06 -05:00
inet_connection_sock.c ipv4: make ip_local_reserved_ports per netns 2014-05-14 15:31:45 -04:00
inet_diag.c netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
inet_fragment.c net: Convert LIMIT_NETDEBUG to net_dbg_ratelimited 2014-11-11 14:10:31 -05:00
inet_hashtables.c net: use reciprocal_scale() helper 2014-08-23 12:21:21 -07:00
inet_lro.c lro: remove dead code 2013-12-29 16:34:25 -05:00
inet_timewait_sock.c
inetpeer.c inet: remove dead inetpeer sequence code 2014-09-08 16:42:42 -07:00
ip_forward.c ipv4: try to cache dst_entries which would cause a redirect 2015-01-26 17:28:27 -08:00
ip_fragment.c ipv4: ip_check_defrag should not assume that skb_network_offset is zero 2015-03-05 21:43:48 -05:00
ip_gre.c gre/ipip: use be16 variants of netlink functions 2015-02-08 16:28:06 -08:00
ip_input.c net: Fix memory leak if TPROXY used with TCP early demux 2014-01-27 16:22:11 -08:00
ip_options.c ipv4: rename ip_options_echo to __ip_options_echo() 2014-09-28 16:35:42 -04:00
ip_output.c udp: only allow UFO for packets from SOCK_DGRAM sockets 2015-03-02 22:19:29 -05:00
ip_sockglue.c ip: fix error queue empty skb handling 2015-03-08 23:01:54 -04:00
ip_tunnel.c tunnels: advertise link netns via netlink 2015-01-19 14:32:03 -05:00
ip_tunnel_core.c ipv4: fix a potential use after free in ip_tunnel_core.c 2014-10-17 23:45:26 -04:00
ip_vti.c tunnels: advertise link netns via netlink 2015-01-19 14:32:03 -05:00
ipcomp.c ipcomp4: Use the IPsec protocol multiplexer API 2014-02-25 07:04:17 +01:00
ipconfig.c net: ipv4: handle DSA enabled master network devices 2015-01-19 15:45:10 -05:00
ipip.c gre/ipip: use be16 variants of netlink functions 2015-02-08 16:28:06 -08:00
ipmr.c netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
Kconfig net: Move fou_build_header into fou.c and refactor 2014-11-05 16:30:02 -05:00
Makefile net: Add Geneve tunneling protocol driver 2014-10-06 00:32:20 -04:00
netfilter.c netfilter: remove double colon 2014-02-19 11:41:25 +01:00
ping.c net: ping: Return EAFNOSUPPORT when appropriate. 2015-03-04 15:46:51 -05:00
proc.c tcp: helpers to mitigate ACK loops by rate-limiting out-of-window dupacks 2015-02-08 01:03:12 -08:00
protocol.c net: Export inet_offloads and inet6_offloads 2014-09-19 17:15:31 -04:00
raw.c net: switch memcpy_fromiovec()/memcpy_fromiovecend() users to copy_from_iter() 2015-02-04 01:34:15 -05:00
route.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-02-05 14:33:28 -08:00
syncookies.c net: allow setting ecn via routing table 2014-11-04 16:06:09 -05:00
sysctl_net_ipv4.c ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
tcp.c tcp: align tcp_xmit_size_goal() on tcp_tso_autosize() 2015-03-05 22:31:12 -05:00
tcp_bic.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_cong.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-02-05 14:33:28 -08:00
tcp_cubic.c tcp: fix timing issue in CUBIC slope calculation 2015-01-28 22:18:38 -08:00
tcp_dctcp.c net: tcp: add DCTCP congestion control algorithm 2014-09-29 00:13:10 -04:00
tcp_diag.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_fastopen.c tcp: make sure skb is not shared before using skb_get() 2015-02-13 07:11:40 -08:00
tcp_highspeed.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_htcp.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_hybla.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_illinois.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_input.c tcp: fix tcp_should_expand_sndbuf() to use tcp_packets_in_flight() 2015-02-22 23:07:11 -05:00
tcp_ipv4.c ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
tcp_lp.c tcp: remove in_flight parameter from cong_avoid() methods 2014-05-03 19:23:07 -04:00
tcp_memcontrol.c memcg: cleanup static keys decrement 2015-02-12 18:54:10 -08:00
tcp_metrics.c netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
tcp_minisocks.c tcp: mitigate ACK loops for connections as tcp_timewait_sock 2015-02-08 01:03:13 -08:00
tcp_offload.c net: Remove MPLS GSO feature. 2014-11-05 23:52:33 -08:00
tcp_output.c ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
tcp_probe.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_scalable.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_timer.c ipv4: Namespecify TCP PMTU mechanism 2015-02-09 18:45:00 -08:00
tcp_vegas.c tcp: whitespace fixes 2014-09-01 18:12:45 -07:00
tcp_vegas.h
tcp_veno.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tcp_westwood.c net: tcp: split ack slow/fast events from cwnd_event 2014-09-29 00:13:10 -04:00
tcp_yeah.c tcp: stretch ACK fixes prep 2015-01-28 22:18:37 -08:00
tunnel4.c
udp.c ip: Add offset parameter to ip_cmsg_recv 2015-01-05 22:44:46 -05:00
udp_diag.c udp_diag: Fix socket skipping within chain 2015-01-27 00:02:41 -08:00
udp_impl.h
udp_offload.c udp: Set SKB_GSO_UDP_TUNNEL* in UDP GRO path 2015-02-11 15:12:10 -08:00
udp_tunnel.c udp: Do not require sock in udp_tunnel_xmit_skb 2015-01-24 23:15:40 -08:00
udplite.c net: Eliminate no_check from protosw 2014-05-23 16:28:53 -04:00
xfrm4_input.c xfrm4: Add IPsec protocol multiplexer 2014-02-25 07:04:16 +01:00
xfrm4_mode_beet.c ipv4: ERROR: code indent should use tabs where possible 2013-12-26 13:43:21 -05:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c inetpeer: get rid of ip_id_count 2014-06-02 11:00:41 -07:00
xfrm4_output.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-05-24 00:32:30 -04:00
xfrm4_policy.c xfrm: Introduce xfrm_input_afinfo to access the the callbacks properly 2014-03-14 07:28:07 +01:00
xfrm4_protocol.c xfrm4: Remove duplicate semicolon 2014-06-30 07:49:47 +02:00
xfrm4_state.c
xfrm4_tunnel.c