From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:40476 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1424632AbdD2G1X (ORCPT ); Sat, 29 Apr 2017 02:27:23 -0400 Subject: Patch "tcp: memset ca_priv data to 0 properly" has been added to the 4.9-stable tree To: weiwan@google.com, andreyknvl@google.com, davem@davemloft.net, edumazet@google.com, gregkh@linuxfoundation.org, ncardwell@google.com, ycheng@google.com Cc: , From: Date: Sat, 29 Apr 2017 08:24:16 +0200 Message-ID: <149344705616115@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled tcp: memset ca_priv data to 0 properly to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: tcp-memset-ca_priv-data-to-0-properly.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From foo@baz Sat Apr 29 08:22:13 CEST 2017 From: Wei Wang Date: Tue, 25 Apr 2017 17:38:02 -0700 Subject: tcp: memset ca_priv data to 0 properly From: Wei Wang [ Upstream commit c1201444075009507a6818de6518e2822b9a87c8 ] Always zero out ca_priv data in tcp_assign_congestion_control() so that ca_priv data is cleared out during socket creation. Also always zero out ca_priv data in tcp_reinit_congestion_control() so that when cc algorithm is changed, ca_priv data is cleared out as well. We should still zero out ca_priv data even in TCP_CLOSE state because user could call connect() on AF_UNSPEC to disconnect the socket and leave it in TCP_CLOSE state and later call setsockopt() to switch cc algorithm on this socket. Fixes: 2b0a8c9ee ("tcp: add CDG congestion control") Reported-by: Andrey Konovalov Signed-off-by: Wei Wang Acked-by: Eric Dumazet Acked-by: Yuchung Cheng Acked-by: Neal Cardwell Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/ipv4/tcp_cong.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) --- a/net/ipv4/tcp_cong.c +++ b/net/ipv4/tcp_cong.c @@ -167,12 +167,8 @@ void tcp_assign_congestion_control(struc } out: rcu_read_unlock(); + memset(icsk->icsk_ca_priv, 0, sizeof(icsk->icsk_ca_priv)); - /* Clear out private data before diag gets it and - * the ca has not been initialized. - */ - if (ca->get_info) - memset(icsk->icsk_ca_priv, 0, sizeof(icsk->icsk_ca_priv)); if (ca->flags & TCP_CONG_NEEDS_ECN) INET_ECN_xmit(sk); else @@ -199,11 +195,10 @@ static void tcp_reinit_congestion_contro tcp_cleanup_congestion_control(sk); icsk->icsk_ca_ops = ca; icsk->icsk_ca_setsockopt = 1; + memset(icsk->icsk_ca_priv, 0, sizeof(icsk->icsk_ca_priv)); - if (sk->sk_state != TCP_CLOSE) { - memset(icsk->icsk_ca_priv, 0, sizeof(icsk->icsk_ca_priv)); + if (sk->sk_state != TCP_CLOSE) tcp_init_congestion_control(sk); - } } /* Manage refcounts on socket close. */ Patches currently in stable-queue which might be from weiwan@google.com are queue-4.9/tcp-memset-ca_priv-data-to-0-properly.patch