-
Eric Dumazet authored
Jason Wang found that a malicious packet could make skb_flow_dissect() loop forever. We must check that IP header has a valid ihl to avoid this loop. It involves IPIP encapsulation and ihl = 0 to trigger. Given this bug is critical, I cooked a patch before having a fix in upstream kernel. Tested: Compiled/booted Ran some tests on bnx2x and explicitely disabled hardware provided rxhash ethtool -K eth1 rxhash off ethtool -K eth2 rxhash off Google-Bug-Id: 11465355 Effort: net-fixes Change-Id: I813e4dc48cecb05f8edfa218304e1f13fd764323 Signed-off-by:Ed Tam <etam@google.com>
db8bac79
