From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Yuchung Cheng <ycheng@google.com>,
Eric Dumazet <edumazet@google.com>,
Soheil Hassas Yeganeh <soheil@google.com>,
Neal Cardwell <ncardwell@google.com>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 4.4 08/53] tcp: avoid fragmenting peculiar skbs in SACK
Date: Mon, 5 Jun 2017 18:17:06 +0200 [thread overview]
Message-ID: <20170605153037.492848016@linuxfoundation.org> (raw)
In-Reply-To: <20170605153037.105331684@linuxfoundation.org>
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Yuchung Cheng <ycheng@google.com>
[ Upstream commit b451e5d24ba6687c6f0e7319c727a709a1846c06 ]
This patch fixes a bug in splitting an SKB during SACK
processing. Specifically if an skb contains multiple
packets and is only partially sacked in the higher sequences,
tcp_match_sack_to_skb() splits the skb and marks the second fragment
as SACKed.
The current code further attempts rounding up the first fragment
to MSS boundaries. But it misses a boundary condition when the
rounded-up fragment size (pkt_len) is exactly skb size. Spliting
such an skb is pointless and causses a kernel warning and aborts
the SACK processing. This patch universally checks such over-split
before calling tcp_fragment to prevent these unnecessary warnings.
Fixes: adb92db857ee ("tcp: Make SACK code to split only at mss boundaries")
Signed-off-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Soheil Hassas Yeganeh <soheil@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/ipv4/tcp_input.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -1134,13 +1134,14 @@ static int tcp_match_skb_to_sack(struct
*/
if (pkt_len > mss) {
unsigned int new_len = (pkt_len / mss) * mss;
- if (!in_sack && new_len < pkt_len) {
+ if (!in_sack && new_len < pkt_len)
new_len += mss;
- if (new_len >= skb->len)
- return 0;
- }
pkt_len = new_len;
}
+
+ if (pkt_len >= skb->len && !in_sack)
+ return 0;
+
err = tcp_fragment(sk, skb, pkt_len, mss, GFP_ATOMIC);
if (err < 0)
return err;
next prev parent reply other threads:[~2017-06-05 16:20 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-05 16:16 [PATCH 4.4 00/53] 4.4.71-stable review Greg Kroah-Hartman
2017-06-05 16:16 ` [PATCH 4.4 01/53] sparc: Fix -Wstringop-overflow warning Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 02/53] dccp/tcp: do not inherit mc_list from parent Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 03/53] ipv6/dccp: do not inherit ipv6_mc_list " Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 04/53] s390/qeth: handle sysfs error during initialization Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 05/53] s390/qeth: unbreak OSM and OSN support Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 06/53] s390/qeth: avoid null pointer dereference on OSN Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 07/53] s390/qeth: add missing hash table initializations Greg Kroah-Hartman
2017-06-06 8:11 ` Julian Wiedmann
2017-06-06 8:52 ` Greg Kroah-Hartman
2017-06-05 16:17 ` Greg Kroah-Hartman [this message]
2017-06-05 16:17 ` [PATCH 4.4 09/53] sctp: fix src address selection if using secondary addresses for ipv6 Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 10/53] sctp: do not inherit ipv6_{mc|ac|fl}_list from parent Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 11/53] tcp: eliminate negative reordering in tcp_clean_rtx_queue Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 12/53] net: Improve handling of failures on link and route dumps Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 13/53] ipv6: Prevent overrun when parsing v6 header options Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 14/53] ipv6: Check ip6_find_1stfragopt() return value properly Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 15/53] bridge: netlink: check vlan_default_pvid range Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 17/53] bridge: start hello_timer when enabling KERNEL_STP in br_stp_start Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 18/53] ipv6: fix out of bound writes in __ip6_append_data() Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 19/53] be2net: Fix offload features for Q-in-Q packets Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 20/53] virtio-net: enable TSO/checksum offloads for Q-in-Q vlans Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 21/53] tcp: avoid fastopen API to be used on AF_UNSPEC Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 22/53] sctp: fix ICMP processing if skb is non-linear Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 23/53] ipv4: add reference counting to metrics Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 24/53] netem: fix skb_orphan_partial() Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 25/53] net: phy: marvell: Limit errata to 88m1101 Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 26/53] vlan: Fix tcp checksum offloads in Q-in-Q vlans Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 27/53] i2c: i2c-tiny-usb: fix buffer not being DMA capable Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 28/53] mmc: sdhci-iproc: suppress spurious interrupt with Multiblock read Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 29/53] HID: wacom: Have wacom_tpc_irq guard against possible NULL dereference Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 30/53] scsi: mpt3sas: Force request partial completion alignment Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 33/53] pcmcia: remove left-over %Z format Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 34/53] ALSA: hda - apply STAC_9200_DELL_M22 quirk for Dell Latitude D430 Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 35/53] slub/memcg: cure the brainless abuse of sysfs attributes Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 36/53] drm/gma500/psb: Actually use VBT mode when it is found Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 37/53] mm/migrate: fix refcount handling when !hugepage_migration_supported() Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 38/53] mlock: fix mlock count can not decrease in race condition Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 39/53] PCI/PM: Add needs_resume flag to avoid suspend complete optimization Greg Kroah-Hartman
2017-06-06 16:19 ` Ben Hutchings
2017-06-07 9:49 ` Greg Kroah-Hartman
2017-06-08 9:58 ` Imre Deak
2017-06-05 16:17 ` [PATCH 4.4 40/53] xfs: Fix missed holes in SEEK_HOLE implementation Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 41/53] xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff() Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 42/53] xfs: fix over-copying of getbmap parameters from userspace Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 43/53] xfs: handle array index overrun in xfs_dir2_leaf_readbuf() Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 44/53] xfs: prevent multi-fsb dir readahead from reading random blocks Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 45/53] xfs: fix up quotacheck buffer list error handling Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 46/53] xfs: support ability to wait on new inodes Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 47/53] xfs: update ag iterator to support " Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 48/53] xfs: wait on new inodes during quotaoff dquot release Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 49/53] xfs: fix indlen accounting error on partial delalloc conversion Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 50/53] xfs: bad assertion for delalloc an extent that start at i_size Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 51/53] xfs: fix unaligned access in xfs_btree_visit_blocks Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 52/53] xfs: in _attrlist_by_handle, copy the cursor back to userspace Greg Kroah-Hartman
2017-06-05 16:17 ` [PATCH 4.4 53/53] xfs: only return -errno or success from attr ->put_listent Greg Kroah-Hartman
2017-06-05 20:35 ` [PATCH 4.4 00/53] 4.4.71-stable review Shuah Khan
2017-06-05 22:07 ` Guenter Roeck
2017-06-06 7:19 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170605153037.492848016@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=ncardwell@google.com \
--cc=soheil@google.com \
--cc=stable@vger.kernel.org \
--cc=ycheng@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).