From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.5 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_PASS,URIBL_BLOCKED,USER_AGENT_MUTT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1908BC282C5 for ; Thu, 24 Jan 2019 18:31:09 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id DAAD7218A6 for ; Thu, 24 Jan 2019 18:31:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="k/QrPbCi" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726233AbfAXSbI (ORCPT ); Thu, 24 Jan 2019 13:31:08 -0500 Received: from new3-smtp.messagingengine.com ([66.111.4.229]:58687 "EHLO new3-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725916AbfAXSbH (ORCPT ); Thu, 24 Jan 2019 13:31:07 -0500 Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailnew.nyi.internal (Postfix) with ESMTP id 7553618DDA; Thu, 24 Jan 2019 13:31:06 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Thu, 24 Jan 2019 13:31:06 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=1E5OQE laqWyl55TM1nr2npJhAnzXea17O5+Cqxg4gw8=; b=k/QrPbCi7T7406+L9TP50T DbnKQ2EF5mS4nFcG5Ndya7a4KRsBqM/XsFFTIRENYzTkdm3aH+mozqLjPrWaCb80 ULJSjr7RRKDbiXtas8PGVj+UColu+dJRTCM5XL+kySriC66bmTJw72yuDdiZ00fA 3gKdnCvKivWjFtTUE40ZTPVRxW5WJ9ZApsZMagqYWKRg/CHOQB4O2r/8CBwEXD4k KIZR23X07cvWTVDa8BLRgurMmGb7hllRlHay4JwRu8p4ctf3LykVfyRILN3jKOvx mQlfFSqpJghFGhucgd7jchdYfn8460W7eyJEZLNWu5YxpMUK7Fs/TZCOpQ02wKgg == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledriedvgdduudefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfquhhtnecuuegrihhlohhuthemucef tddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenogfuphgrmhfkphculdeftd dtmdenucfjughrpeffhffvuffkfhggtggujggfsehttdertddtredvnecuhfhrohhmpefi rhgvghcumffjuceoghhrvghgkhhhsehlihhnuhigqdhfohhunhgurghtihhonhdrohhrgh eqnecukfhppeekfedrkeeirdekledruddtjeenucfrrghrrghmpehmrghilhhfrhhomhep ghhrvghgsehkrhhorghhrdgtohhmnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from localhost (5356596b.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) by mail.messagingengine.com (Postfix) with ESMTPA id 0554A10281; Thu, 24 Jan 2019 13:31:04 -0500 (EST) Date: Thu, 24 Jan 2019 19:31:03 +0100 From: Greg KH To: Mao Wenan Cc: netdev@vger.kernel.org, eric.dumazet@gmail.com, davem@davemloft.net, stable@vger.kernel.org, edumazet@google.com Subject: Re: [PATCH stable 4.4 06/11] ipv6: defrag: drop non-last frags smaller than min mtu Message-ID: <20190124183103.GA18657@kroah.com> References: <1548209986-83527-1-git-send-email-maowenan@huawei.com> <1548209986-83527-7-git-send-email-maowenan@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1548209986-83527-7-git-send-email-maowenan@huawei.com> User-Agent: Mutt/1.11.2 (2019-01-07) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Wed, Jan 23, 2019 at 10:19:41AM +0800, Mao Wenan wrote: > From: Florian Westphal > > [ Upstream commit 0ed4229b08c13c84a3c301a08defdc9e7f4467e6 ] > > don't bother with pathological cases, they only waste cycles. > IPv6 requires a minimum MTU of 1280 so we should never see fragments > smaller than this (except last frag). > > v3: don't use awkward "-offset + len" > v2: drop IPv4 part, which added same check w. IPV4_MIN_MTU (68). > There were concerns that there could be even smaller frags > generated by intermediate nodes, e.g. on radio networks. > > Cc: Peter Oskolkov > Cc: Eric Dumazet > Signed-off-by: Florian Westphal > Signed-off-by: David S. Miller > Signed-off-by: Mao Wenan > --- > net/ipv6/netfilter/nf_conntrack_reasm.c | 4 ++++ > net/ipv6/reassembly.c | 4 ++++ > 2 files changed, 8 insertions(+) > > diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c > index 9cd8863..c5033a2 100644 > --- a/net/ipv6/netfilter/nf_conntrack_reasm.c > +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c > @@ -602,6 +602,10 @@ struct sk_buff *nf_ct_frag6_gather(struct net *net, struct sk_buff *skb, u32 use > hdr = ipv6_hdr(clone); > fhdr = (struct frag_hdr *)skb_transport_header(clone); > > + if (skb->len - skb_network_offset(skb) < IPV6_MIN_MTU && > + fhdr->frag_off & htons(IP6_MF)) > + return -EINVAL; This backport is incorrect, you should be returning a pointer, right? How did you test this? This should have blown up under test :( I'm going to drop this whole series. Please fix it up and test it properly and then resend. thanks, greg k-h