From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: stable-review@kernel.org, torvalds@linux-foundation.org,
akpm@linux-foundation.org, alan@lxorguk.ukuu.org.uk,
Herbert Xu <herbert@gondor.hengli.com.au>,
"David S. Miller" <davem@davemloft.net>
Subject: [17/50] gro: Only reset frag0 when skb can be pulled
Date: Fri, 05 Aug 2011 17:03:35 -0700 [thread overview]
Message-ID: <20110806000413.265218331@clark.kroah.org> (raw)
In-Reply-To: <20110806000419.GA28392@kroah.com>
2.6.33-longterm review patch. If anyone has any objections, please let us know.
------------------
From: Herbert Xu <herbert@gondor.apana.org.au>
commit 17dd759c67f21e34f2156abcf415e1f60605a188 upstream.
Currently skb_gro_header_slow unconditionally resets frag0 and
frag0_len. However, when we can't pull on the skb this leaves
the GRO fields in an inconsistent state.
This patch fixes this by only resetting those fields after the
pskb_may_pull test.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
include/linux/netdevice.h | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -1226,9 +1226,12 @@ static inline int skb_gro_header_hard(st
static inline void *skb_gro_header_slow(struct sk_buff *skb, unsigned int hlen,
unsigned int offset)
{
+ if (!pskb_may_pull(skb, hlen))
+ return NULL;
+
NAPI_GRO_CB(skb)->frag0 = NULL;
NAPI_GRO_CB(skb)->frag0_len = 0;
- return pskb_may_pull(skb, hlen) ? skb->data + offset : NULL;
+ return skb->data + offset;
}
static inline void *skb_gro_mac_header(struct sk_buff *skb)
next prev parent reply other threads:[~2011-08-06 0:21 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-06 0:04 [00/50] 2.6.33.17-longterm review Greg KH
2011-08-06 0:03 ` [01/50] ASoC: Fix Blackfin I2S _pointer() implementation return in bounds values Greg KH
2011-08-06 0:03 ` [02/50] [media] v4l2-ioctl.c: prefill tuner type for g_frequency and g/s_tuner Greg KH
2011-08-06 0:03 ` [03/50] [media] pvrusb2: fix g/s_tuner support Greg KH
2011-08-06 0:03 ` [04/50] [media] bttv: fix s_tuner for radio Greg KH
2011-08-06 0:03 ` [05/50] SUNRPC: Fix a race between work-queue and rpc_killall_tasks Greg KH
2011-08-06 0:03 ` [06/50] SUNRPC: Fix use of static variable in rpcb_getport_async Greg KH
2011-08-06 0:03 ` [07/50] si4713-i2c: avoid potential buffer overflow on si4713 Greg KH
2011-08-06 0:03 ` [08/50] hwmon: (asus_atk0110) Fix memory leak Greg KH
2011-08-06 0:03 ` [09/50] hwmon: (max1111) Fix race condition causing NULL pointer exception Greg KH
2011-08-06 0:03 ` [10/50] USB: pl2303: add AdLink ND-6530 USB IDs Greg KH
2011-08-06 0:03 ` [11/50] USB: pl2303.h: checkpatch cleanups Greg KH
2011-08-06 0:03 ` [12/50] USB: serial: add IDs for WinChipHead USB->RS232 adapter Greg KH
2011-08-06 0:03 ` [13/50] bridge: send proper message_age in config BPDU Greg KH
2011-08-06 0:03 ` [14/50] davinci: DM365 EVM: fix video input mux bits Greg KH
2011-08-06 0:03 ` [15/50] libata: fix unexpectedly frozen port after ata_eh_reset() Greg KH
2011-08-06 0:03 ` [16/50] x86: Make Dell Latitude E5420 use reboot=pci Greg KH
2011-08-06 0:03 ` Greg KH [this message]
2011-08-06 0:03 ` [18/50] staging: comedi: fix infoleak to userspace Greg KH
2011-08-06 0:03 ` [19/50] usb: musb: restore INDEX register in resume path Greg KH
2011-08-06 0:03 ` [20/50] USB: dummy-hcd needs the has_tt flag Greg KH
2011-08-06 0:03 ` [21/50] ARM: pxa/cm-x300: fix V3020 RTC functionality Greg KH
2011-08-06 0:03 ` [22/50] jme: Fix unmap error (Causing system freeze) Greg KH
2011-08-06 0:03 ` [23/50] [SCSI] libsas: remove expander from dev list on error Greg KH
2011-08-06 0:03 ` [24/50] mac80211: Restart STA timers only on associated state Greg KH
2011-08-06 0:03 ` [25/50] [SCSI] Blacklist Traxdata CDR4120 and IOMEGA Zip drive to avoid lock ups Greg KH
2011-08-06 0:03 ` [26/50] [SCSI] ses: requesting a fault indication Greg KH
2011-08-06 0:03 ` [27/50] [SCSI] fix crash in scsi_dispatch_cmd() Greg KH
2011-08-06 0:03 ` [28/50] [SCSI] pmcraid: reject negative request size Greg KH
2011-08-06 0:03 ` [29/50] kexec, x86: Fix incorrect jump back address if not Greg KH
2011-08-06 0:03 ` [30/50] powerpc/kdump: Fix timeout in crash_kexec_wait_realmode Greg KH
2011-08-06 0:03 ` [31/50] PCI: ARI is a PCIe v2 feature Greg KH
2011-08-06 0:03 ` [32/50] cciss: do not attempt to read from a write-only register Greg KH
2011-08-06 0:03 ` [33/50] geode: reflect mfgpt dependency on mfd Greg KH
2011-08-06 0:03 ` [34/50] xtensa: prevent arbitrary read in ptrace Greg KH
2011-08-06 0:03 ` [35/50] ext3: Fix oops in ext3_try_to_allocate_with_rsv() Greg KH
2011-08-06 0:03 ` [36/50] svcrpc: fix list-corrupting race on nfsd shutdown Greg KH
2011-08-06 0:03 ` [37/50] EHCI: only power off port if over-current is active Greg KH
2011-08-06 0:03 ` [38/50] EHCI: fix direction handling for interrupt data toggles Greg KH
2011-08-06 0:03 ` [39/50] powerpc/pseries/hvconsole: Fix dropped console output Greg KH
2011-08-06 0:03 ` [40/50] x86: Hpet: Avoid the comparator readback penalty Greg KH
2011-08-06 0:03 ` [41/50] x86: HPET: Chose a paranoid safe value for the ETIME check Greg KH
2011-08-06 0:04 ` [42/50] Revert "block: rescan partitions on invalidated devices on -ENOMEDIA Greg KH
2011-08-06 0:04 ` [43/50] gre: fix netns vs proto registration ordering Greg KH
2011-08-06 0:04 ` [44/50] netns xfrm: fixup xfrm6_tunnel error propagation Greg KH
2011-08-06 0:04 ` [45/50] alpha: fix several security issues Greg KH
2011-08-06 0:04 ` [46/50] proc: restrict access to /proc/PID/io Greg KH
2011-08-06 0:04 ` [47/50] ALSA: sound/core/pcm_compat.c: adjust array index Greg KH
2011-08-06 0:04 ` [48/50] dm mpath: fix potential NULL pointer in feature arg processing Greg KH
2011-08-06 0:04 ` [49/50] dm: fix idr leak on module removal Greg KH
2011-08-06 0:04 ` [50/50] drm/i915: Fix typo in DRM_I915_OVERLAY_PUT_IMAGE ioctl Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110806000413.265218331@clark.kroah.org \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=davem@davemloft.net \
--cc=herbert@gondor.hengli.com.au \
--cc=linux-kernel@vger.kernel.org \
--cc=stable-review@kernel.org \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox