• Eric Dumazet's avatar
    udp: fix behavior of wrong checksums · c570ec2f
    Eric Dumazet authored
    commit beb39db5 upstream.
    
    We have two problems in UDP stack related to bogus checksums :
    
    1) We return -EAGAIN to application even if receive queue is not empty.
       This breaks applications using edge trigger epoll()
    
    2) Under UDP flood, we can loop forever without yielding to other
       processes, potentially hanging the host, especially on non SMP.
    
    This patch is an attempt to make things better.
    
    We might in the future add extra support for rt applications
    wanting to better control time spent doing a recv() in a hostile
    environment. For example we could validate checksums before queuing
    packets in socket receive queue.
    Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
    Cc: Willem de Bruijn <willemb@google.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
    
    CVE-2015-5364
    CVE-2015-5366
    Signed-off-by: default avatarWilly Tarreau <w@1wt.eu>
    c570ec2f
udp.c 32.4 KB