From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Stephen Hemminger <stephen@networkplumber.org>,
Neal Cardwell <ncardwell@google.com>,
Eric Dumazet <eric.dumazet@gmail.com>,
David Laight <David.Laight@ACULAB.COM>,
Doug Leith <doug.leith@nuim.ie>,
Christoph Paasch <christoph.paasch@uclouvain.be>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 3.4 05/23] tcp: Fix integer-overflow in TCP vegas
Date: Fri, 8 Aug 2014 14:34:50 -0700 [thread overview]
Message-ID: <20140808213315.998631140@linuxfoundation.org> (raw)
In-Reply-To: <20140808213315.769217722@linuxfoundation.org>
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Christoph Paasch <christoph.paasch@uclouvain.be>
[ Upstream commit 1f74e613ded11517db90b2bd57e9464d9e0fb161 ]
In vegas we do a multiplication of the cwnd and the rtt. This
may overflow and thus their result is stored in a u64. However, we first
need to cast the cwnd so that actually 64-bit arithmetic is done.
Then, we need to do do_div to allow this to be used on 32-bit arches.
Cc: Stephen Hemminger <stephen@networkplumber.org>
Cc: Neal Cardwell <ncardwell@google.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: David Laight <David.Laight@ACULAB.COM>
Cc: Doug Leith <doug.leith@nuim.ie>
Fixes: 8d3a564da34e (tcp: tcp_vegas cong avoid fix)
Signed-off-by: Christoph Paasch <christoph.paasch@uclouvain.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/ipv4/tcp_vegas.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/net/ipv4/tcp_vegas.c
+++ b/net/ipv4/tcp_vegas.c
@@ -218,7 +218,8 @@ static void tcp_vegas_cong_avoid(struct
* This is:
* (actual rate in segments) * baseRTT
*/
- target_cwnd = tp->snd_cwnd * vegas->baseRTT / rtt;
+ target_cwnd = (u64)tp->snd_cwnd * vegas->baseRTT;
+ do_div(target_cwnd, rtt);
/* Calculate the difference between the window we had,
* and the window we would like to have. This quantity
next prev parent reply other threads:[~2014-08-08 22:14 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-08 21:34 [PATCH 3.4 00/23] 3.4.103-stable review Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 01/23] inetpeer: get rid of ip_id_count Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 02/23] ip: make IP identifiers less predictable Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 03/23] net: sendmsg: fix NULL pointer dereference Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 04/23] tcp: Fix integer-overflows in TCP veno Greg Kroah-Hartman
2014-08-08 21:34 ` Greg Kroah-Hartman [this message]
2014-08-08 21:34 ` [PATCH 3.4 06/23] net: sctp: inherit auth_capable on INIT collisions Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 07/23] macvlan: Initialize vlan_features to turn on offload support Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 08/23] net: Correctly set segment mac_len in skb_segment() Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 09/23] iovec: make sure the caller actually wants anything in memcpy_fromiovecend Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 10/23] sctp: fix possible seqlock seadlock in sctp_packet_transmit() Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 11/23] sparc64: Fix argument sign extension for compat_sys_futex() Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 12/23] sparc64: Make itc_sync_lock raw Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 13/23] sparc64: Handle 32-bit tasks properly in compute_effective_address() Greg Kroah-Hartman
2014-08-08 21:34 ` [PATCH 3.4 14/23] sparc64: Fix top-level fault handling bugs Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 15/23] sparc64: Dont bark so loudly about 32-bit tasks generating 64-bit fault addresses Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 16/23] sparc64: Fix huge TSB mapping on pre-UltraSPARC-III cpus Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 17/23] sparc64: Add membar to Niagara2 memcpy code Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 18/23] sparc64: Do not insert non-valid PTEs into the TSB hash table Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 19/23] sparc64: Guard against flushing openfirmware mappings Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 20/23] bbc-i2c: Fix BBC I2C envctrl on SunBlade 2000 Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 21/23] sunsab: Fix detection of BREAK on sunsab serial console Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 22/23] sparc64: ldc_connect() should not return EINVAL when handshake is in progress Greg Kroah-Hartman
2014-08-08 21:35 ` [PATCH 3.4 23/23] arch/sparc/math-emu/math_32.c: drop stray break operator Greg Kroah-Hartman
2014-08-09 1:01 ` [PATCH 3.4 00/23] 3.4.103-stable review Guenter Roeck
2014-08-09 14:40 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140808213315.998631140@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=David.Laight@ACULAB.COM \
--cc=christoph.paasch@uclouvain.be \
--cc=davem@davemloft.net \
--cc=doug.leith@nuim.ie \
--cc=eric.dumazet@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=ncardwell@google.com \
--cc=stable@vger.kernel.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).