linux/net
Xin Long 6c80138773 sctp: process duplicated strreset asoc request correctly
This patch is to fix the replay attack issue for strreset asoc requests.

When a duplicated strreset asoc request is received, reply it with bad
seqno if it's seqno < asoc->strreset_inseq - 2, and reply it with the
result saved in asoc if it's seqno >= asoc->strreset_inseq - 2.

But note that if the result saved in asoc is performed, the sender's next
tsn and receiver's next tsn for the response chunk should be set. It's
safe to get them from asoc. Because if it's changed, which means the peer
has received the response already, the new response with wrong tsn won't
be accepted by peer.

Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-04-18 13:39:50 -04:00
..
6lowpan 6lowpan: Don't set IFF_NO_QUEUE 2017-04-12 22:02:40 +02:00
9p Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-03-03 21:44:35 -08:00
802 Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
8021q netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
appletalk lib/vsprintf.c: remove %Z support 2017-02-27 18:43:47 -08:00
atm neighbour: fix nlmsg_pid in notifications 2017-03-22 10:48:49 -07:00
ax25 net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
batman-adv This feature/cleanup patchset includes the following patches: 2017-04-06 14:37:50 -07:00
bluetooth bluetooth: Do not set IFF_POINTOPOINT 2017-04-12 22:02:41 +02:00
bpf bpf: introduce BPF_PROG_TEST_RUN command 2017-04-01 12:45:57 -07:00
bridge net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
caif sched/headers: Prepare for new header dependencies before moving code to <linux/sched/signal.h> 2017-03-02 08:42:29 +01:00
can net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
ceph libceph: force GFP_NOIO for socket allocations 2017-03-23 12:03:36 +01:00
core net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
dcb net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
dccp dccp: fix memory leak during tear-down of unsuccessful connection request 2017-03-13 22:00:42 -07:00
decnet net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
dns_resolver Merge branch 'WIP.sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-03-03 10:16:38 -08:00
dsa net: dsa: isolate legacy code 2017-04-17 11:03:17 -04:00
ethernet Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2017-02-16 21:25:49 -05:00
hsr netlink: extended ACK reporting 2017-04-13 13:58:20 -04:00
ieee802154 netlink: pass extended ACK struct where available 2017-04-13 13:58:22 -04:00
ife net: Introduce ife encapsulation module 2017-02-03 15:16:45 -05:00
ipv4 net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
ipv6 net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
ipx ktime: Get rid of the union 2016-12-25 17:21:22 +01:00
irda net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
iucv net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
kcm kcm: remove a useless copy_from_user() 2017-04-17 13:28:48 -04:00
key xfrm: remove unused struct xfrm_mgr::id 2017-03-24 07:03:12 +01:00
l2tp l2tp: device MTU setup, tunnel socket needs a lock 2017-04-17 13:01:48 -04:00
l3mdev
lapb Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
llc net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
mac80211 mac80211: unconditionally start new netdev queues with iTXQ support 2017-03-29 14:20:40 +02:00
mac802154 drivers: add explicit interrupt.h includes 2017-03-30 11:05:34 -07:00
mpls net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
ncsi net/ncsi: Improve HNCDSC AEN handler 2016-10-20 11:23:08 -04:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-04-15 21:16:30 -04:00
netlabel netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
netlink netlink: pass extended ACK struct where available 2017-04-13 13:58:22 -04:00
netrom net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
nfc netlink: pass extended ACK struct where available 2017-04-13 13:58:22 -04:00
openvswitch netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
packet net/packet: fix overflow in check for tp_reserve 2017-03-30 11:04:00 -07:00
phonet net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
psample net: Introduce psample, a new genetlink channel for packet sampling 2017-01-24 13:44:28 -05:00
qrtr net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
rds rds: tcp: canonical connection order for all paths with index > 0 2017-04-02 19:41:00 -07:00
rfkill rfkill: remove rfkill-regulator 2017-01-24 11:07:35 +01:00
rose net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
rxrpc rxrpc: Trace client call connection 2017-04-06 11:10:41 +01:00
sched net: rtnetlink: plumb extended ack to doit function 2017-04-17 15:35:38 -04:00
sctp sctp: process duplicated strreset asoc request correctly 2017-04-18 13:39:50 -04:00
smc net/smc: do not use IB_SEND_INLINE together with mapped data 2017-04-11 23:01:14 -04:00
strparser strparser: destroy workqueue on module exit 2017-03-03 20:43:26 -08:00
sunrpc The restriction of NFSv4 to TCP went overboard and also broke the 2017-04-01 10:43:37 -07:00
switchdev netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
tipc netlink: pass extended ACK struct where available 2017-04-13 13:58:22 -04:00
unix af_unix: Use designated initializers 2017-04-06 12:43:04 -07:00
vmw_vsock VSOCK: remove unnecessary ternary operator on return value 2017-03-30 11:07:08 -07:00
wimax genetlink: mark families as __ro_after_init 2016-10-27 16:16:09 -04:00
wireless netlink: pass extended ACK struct where available 2017-04-13 13:58:22 -04:00
x25 net: Work around lockdep limitation in sockets that use sockets 2017-03-09 18:23:27 -08:00
xfrm netlink: pass extended ACK struct where available 2017-04-13 13:58:22 -04:00
Kconfig bpf: make jited programs visible in traces 2017-02-17 13:40:05 -05:00
Makefile bpf: introduce BPF_PROG_TEST_RUN command 2017-04-01 12:45:57 -07:00
compat.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2017-02-22 10:15:09 -08:00
socket.c l2tp: device MTU setup, tunnel socket needs a lock 2017-04-17 13:01:48 -04:00
sysctl_net.c