I'm announcing the release of the 4.4.174 kernel. All users of the 4.4 kernel series must upgrade. Many thanks to Ben Hutchings for this release, it's pretty much just his work here in doing the backporting of networking fixes to help resolve "FragmentSmack" (i.e. CVE-2018-5391). The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/networking/ip-sysctl.txt | 13 Makefile | 2 include/linux/rhashtable.h | 143 ++++++-- include/linux/skbuff.h | 16 include/net/inet_frag.h | 133 +++---- include/net/ip.h | 1 include/net/ipv6.h | 26 - include/uapi/linux/snmp.h | 1 kernel/rcu/tree.c | 2 lib/rhashtable.c | 15 net/core/skbuff.c | 21 + net/ieee802154/6lowpan/6lowpan_i.h | 26 - net/ieee802154/6lowpan/reassembly.c | 148 ++++---- net/ipv4/inet_fragment.c | 389 ++++----------------- net/ipv4/ip_fragment.c | 571 +++++++++++++++++--------------- net/ipv4/proc.c | 7 net/ipv6/netfilter/nf_conntrack_reasm.c | 100 ++--- net/ipv6/proc.c | 5 net/ipv6/reassembly.c | 209 ++++++----- 19 files changed, 867 insertions(+), 961 deletions(-) Alexander Aring (1): net: ieee802154: 6lowpan: fix frag reassembly Ben Hutchings (1): rhashtable: Add rhashtable_lookup() Dan Carpenter (1): ipv4: frags: precedence bug in ip_expire() Dimitris Michailidis (1): net: fix pskb_trim_rcsum_slow() with odd trim offset Eric Dumazet (19): inet: frags: change inet_frags_init_net() return value inet: frags: add a pointer to struct netns_frags inet: frags: refactor ipfrag_init() inet: frags: refactor ipv6_frag_init() inet: frags: refactor lowpan_net_frag_init() rhashtable: add schedule points inet: frags: use rhashtables for reassembly units inet: frags: remove some helpers inet: frags: get rif of inet_frag_evicting() inet: frags: remove inet_frag_maybe_warn_overflow() inet: frags: break the 2GB limit for frags storage inet: frags: do not clone skb in ip_expire() ipv6: frags: rewrite ip6_expire_frag_queue() rhashtable: reorganize struct rhashtable layout inet: frags: reorganize struct netns_frags inet: frags: get rid of ipfrag_skb_cb/FRAG_CB inet: frags: fix ip6frag_low_thresh boundary net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends inet: frags: better deal with smp races Florian Westphal (1): ipv6: defrag: drop non-last frags smaller than min mtu Greg Kroah-Hartman (1): Linux 4.4.174 Michal Kubecek (1): net: ipv4: do not handle duplicate fragments as overlapping Pablo Neira Ayuso (1): rhashtable: add rhashtable_lookup_get_insert_key() Paolo Abeni (1): ipfrag: really prevent allocation on netns exit Paul E. McKenney (1): rcu: Force boolean subscript for expedited stall warnings Peter Oskolkov (5): ip: discard IPv4 datagrams with overlapping segments. net: modify skb_rbtree_purge to return the truesize of all purged skbs. ip: use rb trees for IP frag queue. ip: add helpers to process in-order fragments faster. ip: process in-order fragments efficiently Taehee Yoo (1): ip: frags: fix crash in ip_do_fragment()
