[v2.7] kernel: udp - fix behavior of wrong checksums (CVE-2015-5364)
udp: fix behavior of wrong checksums>
[ Upstream commit beb39db59d14990e401e235faf66a6b9b31240b0 ]
We have two problems in UDP stack related to bogus checksums :
We return -EAGAIN to application even if receive queue is not empty.
This breaks applications using edge trigger epoll()Under UDP flood, we can loop forever without yielding to other
processes, potentially hanging the host, especially on non SMP.This patch is an attempt to make things better.
We might in the future add extra support for rt applications
wanting to better control time spent doing a recv() in a hostile
environment. For example we could validate checksums before queuing
packets in socket receive queue.
Linux 3.10
commit a3cfde2a311c3679b414b46e29d1a184edf29b0a
Linux 3.14
commit 542744f265e23eca08f14a8748a3cbf5feb56cdf
Linux 3.18
commit ee4ab7d8328b0a505d376b6c08d569778c8689af
Reference:
https://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.10.81
https://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.14.45
https://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.18.17
(from redmine: issue id 4439, created on 2015-07-10, closed on 2017-09-05)
- Relations:
- parent #4438